From c3f7a5f0911211f1cd6c44d2ec100afa70967df4 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Thu, 20 Feb 2020 09:30:17 -0800
Subject: [PATCH] Bump devise-two-factor gem to v3.1.0

This version locks down the Rails dependency version and
fixes Devise's paranoid-mode:
https://github.com/tinfoil/devise-two-factor/pull/138

Full list of changes:
https://github.com/tinfoil/devise-two-factor/compare/v3.0.3..v3.1.0

Closes https://gitlab.com/gitlab-org/gitlab/issues/207413
---
 Gemfile      | 2 +-
 Gemfile.lock | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Gemfile b/Gemfile
index 4c5c885cfc2b..4f543d5938d9 100644
--- a/Gemfile
+++ b/Gemfile
@@ -58,7 +58,7 @@ gem 'akismet', '~> 3.0'
 gem 'invisible_captcha', '~> 0.12.1'
 
 # Two-factor authentication
-gem 'devise-two-factor', '~> 3.0.0'
+gem 'devise-two-factor', '~> 3.1.0'
 gem 'rqrcode-rails3', '~> 0.1.7'
 gem 'attr_encrypted', '~> 3.1.0'
 gem 'u2f', '~> 0.2.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 19b107f41f0f..724021ced7c3 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -229,11 +229,11 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (3.0.0)
-      activesupport
+    devise-two-factor (3.1.0)
+      activesupport (< 6.1)
       attr_encrypted (>= 1.3, < 4, != 2)
       devise (~> 4.0)
-      railties
+      railties (< 6.1)
       rotp (~> 2.0)
     diff-lcs (1.3)
     diff_match_patch (0.1.0)
@@ -1193,7 +1193,7 @@ DEPENDENCIES
   derailed_benchmarks
   device_detector
   devise (~> 4.6)
-  devise-two-factor (~> 3.0.0)
+  devise-two-factor (~> 3.1.0)
   diff_match_patch (~> 0.1.0)
   diffy (~> 3.1.0)
   discordrb-webhooks-blackst0ne (~> 3.3)
-- 
GitLab