有人对我做错了什么或我应该做的事情有任何暗示吗?在更新我的gemfile中的Sprockets之后,我尝试进行推送,但是似乎没有任何作用。我也需要更新链轮轨道吗?即使更新了gemfile,控制台错误似乎也没有改变。这是我得到的错误,即使将链轮更新为推荐的版本后,我什至尝试删除并重新捆绑宝石。
remote: -----> Ruby app detected
remote: -----> Compiling Ruby/Rails
remote: -----> Using Ruby version: ruby-2.4.1
remote: -----> Installing dependencies using bundler 1.15.2
remote: Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment
remote: Warning: the running version of Bundler (1.15.2) is older than the version that created the lockfile (1.16.2). We suggest you upgrade to the latest version of Bundler by running `gem install bundler`.
remote: Fetching gem metadata from https://rails-assets.org/..
remote: Fetching gem metadata from https://rubygems.org/.........
remote: Fetching version metadata from https://rails-assets.org/..
remote: Fetching version metadata from https://rubygems.org/..
remote: Fetching dependency metadata from https://rails-assets.org/..
remote: Fetching dependency metadata from https://rubygems.org/.
remote: Fetching gem metadata from https://rails-assets.org/..
remote: Fetching version metadata from https://rails-assets.org/.
remote: Using rake 12.3.1
remote: Using concurrent-ruby 1.0.5
remote: Using minitest 5.11.3
remote: Using thread_safe 0.3.6
remote: Using builder 3.2.3
remote: Using erubi 1.7.1
remote: Using mini_portile2 2.3.0
remote: Using crass 1.0.4
remote: Using rack 2.0.5
remote: Using nio4r 2.3.1
remote: Using websocket-extensions 0.1.3
remote: Using mini_mime 1.0.0
remote: Using arel 9.0.0
remote: Using mimemagic 0.3.2
remote: Using execjs 2.7.0
remote: Using msgpack 1.2.4
remote: Using rb-fsevent 0.10.3
remote: Using ffi 1.9.25
remote: Using bundler 1.15.2
remote: Using coffee-script-source 1.12.2
remote: Using method_source 0.9.0
remote: Using thor 0.20.0
remote: Using multi_json 1.13.1
remote: Using pg 0.20.0
remote: Using puma 3.11.4
remote: Using rails-assets-particles.js 2.0.0
remote: Using tilt 2.0.8
remote: Using turbolinks-source 5.1.0
remote: Using i18n 1.0.1
remote: Using tzinfo 1.2.5
remote: Using nokogiri 1.8.2
remote: Using rack-test 1.0.0
remote: Using sprockets 3.7.1
remote: Using websocket-driver 0.7.0
remote: Using mail 2.7.0
remote: Using marcel 0.3.2
remote: Using autoprefixer-rails 8.6.2
remote: Using uglifier 4.1.11
remote: Using bootsnap 1.3.0
remote: Using rb-inotify 0.9.10
remote: Using coffee-script 2.4.1
remote: Using turbolinks 5.1.1
remote: Using activesupport 5.2.0
remote: Using loofah 2.2.2
remote: Using rails-dom-testing 2.0.3
remote: Using globalid 0.4.1
remote: Using activemodel 5.2.0
remote: Using jbuilder 2.7.0
remote: Using sass-listen 4.0.0
remote: Using activerecord 5.2.0
remote: Using rails-html-sanitizer 1.0.4
remote: Using sass 3.5.6
remote: Using actionview 5.2.0
remote: Using activejob 5.2.0
remote: Using actionpack 5.2.0
remote: Using bootstrap-sass 3.3.7
remote: Using actioncable 5.2.0
remote: Using actionmailer 5.2.0
remote: Using activestorage 5.2.0
remote: Using railties 5.2.0
remote: Using sprockets-rails 3.2.1
remote: Using coffee-rails 4.2.2
remote: Using jquery-rails 4.3.1
remote: Using jquery-ui-rails 6.0.1
remote: Using rails 5.2.0
remote: Using rails-ujs 0.1.0
remote: Using sass-rails 5.0.7
remote: Bundle complete! 25 Gemfile dependencies, 67 gems now installed.
remote: Gems in the groups development and test were not installed.
remote: Bundled gems are installed into ./vendor/bundle.
remote: Bundle completed (5.93s)
remote: Cleaning up the bundler cache.
remote: Warning: the running version of Bundler (1.15.2) is older than the version that created the lockfile (1.16.2). We suggest you upgrade to the latest version of Bundler by running `gem install bundler`.
remote: The latest bundler is 1.16.2, but you are currently running 1.15.2.
remote: To update, run `gem install bundler`
remote: -----> Installing node-v8.10.0-linux-x64
remote: -----> Detecting rake tasks
remote: -----> Preparing app for Rails asset pipeline
remote: Running: rake assets:precompile
remote: Yarn executable was not detected in the system.
remote: Download Yarn at https://yarnpkg.com/en/docs/install
remote: I, [2018-07-01T05:03:06.512433 #474] INFO -- : Writing /tmp/build_8a91e4f1227e923975e3a79b263ebd6a/public/assets/homepage-6506ef98672650880a9829198532c3ca352e86c99fe090e6ab680341ebabb7a0.css
remote: I, [2018-07-01T05:03:06.512936 #474] INFO -- : Writing /tmp/build_8a91e4f1227e923975e3a79b263ebd6a/public/assets/homepage-6506ef98672650880a9829198532c3ca352e86c99fe090e6ab680341ebabb7a0.css.gz
remote: I, [2018-07-01T05:03:14.402376 #474] INFO -- : Writing /tmp/build_8a91e4f1227e923975e3a79b263ebd6a/public/assets/application-257151e69df1b673bb56ffceccaab1209f0d77eb0251792415b789094e1c1214.css
remote: I, [2018-07-01T05:03:14.403083 #474] INFO -- : Writing /tmp/build_8a91e4f1227e923975e3a79b263ebd6a/public/assets/application-257151e69df1b673bb56ffceccaab1209f0d77eb0251792415b789094e1c1214.css.gz
remote: Asset precompilation completed (10.25s)
remote: Cleaning assets
remote: Running: rake assets:clean
remote: -----> Detecting rails configuration
remote: !
remote: ! A security vulnerability has been detected in your application.
remote: ! To protect your application you must take action. Your application
remote: ! is currently exposing its credentials via an easy to exploit directory
remote: ! traversal.
remote: !
remote: ! To protect your application you must either upgrade to Sprockets version "3.7.2"
remote: ! or disable dynamic compilation at runtime by setting:
remote: !
remote: ! ```
remote: ! config.assets.compile = false # Disables security vulnerability
remote: ! ```
remote: !
remote: ! To read more about this security vulnerability please refer to this blog post:
remote: ! https://blog.heroku.com/rails-asset-pipeline-vulnerability
remote: !
remote: ! Push rejected, failed to compile Ruby app.
remote:
remote: ! Push failed
remote: Verifying deploy...