@hamelsmu Whenever we get alerts from GitHub’s dependabot about fastpages, — e.g.
Your Dependabot alerts for today..
activesupport vulnerability found in [Gemfile.lock](https://github.com/drscotthawley/devblog3/blob/master/Gemfile.lock)
Remediation
Upgrade activesupport to version 6.0.3.1 or later. For example:
gem "activesupport", ">= 6.0.3.1",
Is it simply a matter of manually editing the Gemfile.lock file as indicated, or would you prefer that we do it some other way, such as pulling from upstream?
EDIT: Oh no. I tried editing by hand on GitHub and seem to have broken it. The last Action shows:
Your lockfile is unreadable. Run `rm Gemfile.lock` and then `bundle install` to
generate a new lockfile.
Lockfile is here. And commit history.
EDIT 2: Following GitHub’s instructions for Pull from upstream yields fatal: refusing to merge unrelated histories
.