Merge pull request #586 from chadlwilson/backport-4-snakeyaml-133

backport (4.x): Bump snakeyaml from 1.31 to 1.33 to resolve CVE-2022-38752 on JRuby
ruby · Sep 27, 2022 · 2c3708e · 2c3708e
2 parents b4bd160 + acbdaf5
commit 2c3708e
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/lib/psych/versions.rb b/lib/psych/versions.rb
@@ -2,9 +2,9 @@
 
 module Psych
   # The version of Psych you are using
-  VERSION = '4.0.5'
+  VERSION = '4.0.6'
 
   if RUBY_ENGINE == 'jruby'
-    DEFAULT_SNAKEYAML_VERSION = '1.31'.freeze
+    DEFAULT_SNAKEYAML_VERSION = '1.33'.freeze
   end
 end