Update gems

[sferik]

I updated various gem dependencies.

[rdsubhas]

References rapidftr/tracker#80 - Thanks @sferik this looks awesome!

[sferik]

Cleaned up a few warnings and the build is passing now. Should be good to merge.

[rdsubhas]

@sferik great! Just one thing though - the protect_from_forgery with: :null_session in ApplicationController, while its great for security, it think it may interfere with the Mobile client. I'm merging now but disabling the protect_from_forgery.

A little background: As with many Rails projects, RapidFTR started off with the same controller responding to multiple formats (json/xml/html) for both APIs as well as normal Web UI. Now Web apps will send CSRF/forgery tokens since they submit from a form, but the API clients do not send them since they're directly hitting the endpoint. We are slowly moving all these API requests into their own namespace and controllers (under controllers/api), and then we're planning to enable CSRF protection for the web apps, we have one or two places left.

[sferik]

@rdsubhas I thought protect_from_forgery with: :null_session was safe for API clients. Can you please verify that this breaks the Android app before reverting this change? Either way, it would be nice to have a test for this.

[rdsubhas]

@sferik Yep sure! That's a good suggestion, will do that...