【发布时间】:2018-12-09 19:32:46
【问题描述】:
我在 Heroku 上运行 Rails 已经一年多了,但今天我遇到了一个问题,当我运行 git push heroku master 时,我遇到了一个问题,即不能推送到 Heroku 最新提交,然后如下所示
remote: ! A security vulnerability has been detected in your application.
remote: ! To protect your application you must take action. Your application
remote: ! is currently exposing its credentials via an easy to exploit directory
remote: ! traversal.
remote: !
remote: ! To protect your application you must either upgrade to Sprockets version "3.7.2"
remote: ! or disable dynamic compilation at runtime by setting:
remote: !
remote: ! ```
remote: ! config.assets.compile = true # Disables security vulnerability
remote: ! ```
remote: !
remote: ! To read more about this security vulnerability please refer to this blog post:
remote: ! https://blog.heroku.com/rails-asset-pipeline-vulnerability
remote: !
remote: ! Push rejected, failed to compile Ruby app.
remote:
remote: ! Push failed
remote: Verifying deploy...
remote:
remote: ! Push rejected to project-us.
我尝试在assets.compile 中使用true,但没有任何改变。
我现在能做什么?
【问题讨论】:
-
说看那里的博文blog.heroku.com/rails-asset-pipeline-vulnerability为什么看不到这篇,我觉得看这篇文章你可以找到解决办法,如何问一个好问题stackoverflow.com/help/how-to-ask
-
您能否详细解释一下您对那条消息和链接的博客文章的哪些内容确切地不了解?这样,Heroku 开发人员可以改进措辞,以免其他用户遇到同样的问题。
标签: ruby-on-rails ruby heroku sprockets