diff --git a/Gemfile b/Gemfile
index bc4e4058aad..5b2f4f99a6a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -153,7 +153,7 @@ gem 'rack-protection' # security
 # in production environments by default.
 # allow everywhere for now cause we are allowing asset debugging in prd
 group :assets do
-  gem 'sass-rails'
+  gem 'sass-rails', '~> 4.0.2'
   gem 'uglifier'
 end
 
diff --git a/Gemfile.lock b/Gemfile.lock
index d4f2aa08e9f..41d039c7d6e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -11,11 +11,11 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (4.0.3)
-      actionpack (= 4.0.3)
+    actionmailer (4.0.4)
+      actionpack (= 4.0.4)
       mail (~> 2.5.4)
-    actionpack (4.0.3)
-      activesupport (= 4.0.3)
+    actionpack (4.0.4)
+      activesupport (= 4.0.4)
       builder (~> 3.1.0)
       erubis (~> 2.7.0)
       rack (~> 1.5.2)
@@ -24,17 +24,17 @@ GEM
       actionpack (>= 4.0.0, < 5.0)
     active_model_serializers (0.8.1)
       activemodel (>= 3.0)
-    activemodel (4.0.3)
-      activesupport (= 4.0.3)
+    activemodel (4.0.4)
+      activesupport (= 4.0.4)
       builder (~> 3.1.0)
-    activerecord (4.0.3)
-      activemodel (= 4.0.3)
+    activerecord (4.0.4)
+      activemodel (= 4.0.4)
       activerecord-deprecated_finders (~> 1.0.2)
-      activesupport (= 4.0.3)
+      activesupport (= 4.0.4)
       arel (~> 4.0.0)
     activerecord-deprecated_finders (1.0.3)
-    activesupport (4.0.3)
-      i18n (~> 0.6, >= 0.6.4)
+    activesupport (4.0.4)
+      i18n (~> 0.6, >= 0.6.9)
       minitest (~> 4.2)
       multi_json (~> 1.3)
       thread_safe (~> 0.1)
@@ -47,7 +47,7 @@ GEM
       activerecord (>= 2.3.0)
       rake (>= 0.8.7)
     arel (4.0.2)
-    atomic (1.1.14)
+    atomic (1.1.16)
     barber (0.4.2)
       ember-source
       execjs
@@ -169,7 +169,7 @@ GEM
     mock_redis (0.11.0)
     moneta (0.7.20)
     msgpack (0.5.8)
-    multi_json (1.8.4)
+    multi_json (1.9.0)
     multi_xml (0.5.5)
     multipart-post (2.0.0)
     mustache (0.99.5)
@@ -247,19 +247,19 @@ GEM
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (4.0.3)
-      actionmailer (= 4.0.3)
-      actionpack (= 4.0.3)
-      activerecord (= 4.0.3)
-      activesupport (= 4.0.3)
+    rails (4.0.4)
+      actionmailer (= 4.0.4)
+      actionpack (= 4.0.4)
+      activerecord (= 4.0.4)
+      activesupport (= 4.0.4)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.0.3)
+      railties (= 4.0.4)
       sprockets-rails (~> 2.0.0)
     rails-observers (0.1.2)
       activemodel (~> 4.0)
-    railties (4.0.3)
-      actionpack (= 4.0.3)
-      activesupport (= 4.0.3)
+    railties (4.0.4)
+      actionpack (= 4.0.4)
+      activesupport (= 4.0.4)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     raindrops (0.13.0)
@@ -307,10 +307,11 @@ GEM
       nokogiri (>= 1.4.2)
     sanitize (2.1.0)
       nokogiri (>= 1.4.4)
-    sass (3.3.2)
-    sass-rails (4.0.1)
+    sass (3.2.16)
+    sass-rails (4.0.2)
       railties (>= 4.0.0, < 5.0)
-      sass (>= 3.1.10)
+      sass (~> 3.2.0)
+      sprockets (~> 2.8, <= 2.11.0)
       sprockets-rails (~> 2.0.0)
     seed-fu-discourse (2.2.0)
       activerecord (>= 3.1, < 4.1)
@@ -367,8 +368,8 @@ GEM
       eventmachine (>= 1.0.0)
       rack (>= 1.0.0)
     thor (0.18.1)
-    thread_safe (0.1.3)
-      atomic
+    thread_safe (0.3.0)
+      atomic (>= 1.1.7, < 2)
     tilt (1.4.1)
     timecop (0.7.1)
     timers (1.1.0)
@@ -376,7 +377,7 @@ GEM
       polyglot
       polyglot (>= 0.3.1)
     trollop (2.0)
-    tzinfo (0.3.38)
+    tzinfo (0.3.39)
     uglifier (2.4.0)
       execjs (>= 0.3.0)
       json (>= 1.8.0)
@@ -463,7 +464,7 @@ DEPENDENCIES
   ruby-readability
   sanitize
   sass
-  sass-rails
+  sass-rails (~> 4.0.2)
   seed-fu-discourse
   shoulda
   sidekiq