Remove Gemfile.lock

The Gemfile.lock in a gem is only used during development, it is arguably not essential to lock dependencies in development, and having the file causes automatic security scanners to trigger most often that not alerts that are not relevant. I used to keep the file in place in order to get a heads up on current security alerts in general, I guess it would be better if I was doing so independently of this code when the alerts do not actually affect it.
gonzalo-bulnes · Dec 21, 2017 · 25a631e · 25a631e
1 parent ce6279a
commit 25a631e
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 148 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## [Unreleased] - 2017-12-21
+
+## Fixed
+
+- Removed the `Gemfile.lock` - mostly to acknowledge that it was used only in development and is not really needed.
+
 ## [1.15.1] - 2017-01-26
 
 ## Fixed
@@ -268,6 +274,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 This [gist][gist] did refactor the Jose Valim's code into an `ActiveSupport::Concern`.
 
 [gist]: https://gist.github.com/gonzalo-bulnes/7659739
+[Unreleased]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.15.1...master
 [1.15.1]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.15.0...v1.15.1
 [1.15.0]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.14.0...v1.15.0
 [1.14.0]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.13.0...v1.14.0

diff --git a/Gemfile.lock b/Gemfile.lock