From 180280572e358040bfc633d61dee78d162c1d721 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 11 Sep 2021 23:22:31 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-WEBSOCKETEXTENSIONS-570830 --- Gemfile | 2 +- Gemfile.lock | 36 +++++++++++++++++++----------------- 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/Gemfile b/Gemfile index c4af8b4..712488d 100644 --- a/Gemfile +++ b/Gemfile @@ -8,7 +8,7 @@ end # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 5.1.6' +gem 'rails', '~> 5.1.7' # Use sqlite3 as the database for Active Record gem 'sqlite3', '~> 1.3.7' # Use Puma as the app server diff --git a/Gemfile.lock b/Gemfile.lock index 857e0d5..bd9dfdf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -66,11 +66,11 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.1.8) + concurrent-ruby (1.1.9) crass (1.0.6) domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - erubi (1.9.0) + erubi (1.10.0) execjs (2.7.0) faraday (1.3.0) faraday-net_http (~> 1.0) @@ -80,15 +80,15 @@ GEM ffi (1.12.2) figaro (1.1.1) thor (~> 0.14) - globalid (0.4.2) - activesupport (>= 4.2.0) + globalid (0.5.2) + activesupport (>= 5.0) hashie (4.1.0) http-cookie (1.0.3) domain_name (~> 0.5) httparty (0.18.1) mime-types (~> 3.0) multi_xml (>= 0.5.2) - i18n (1.8.9) + i18n (1.8.10) concurrent-ruby (~> 1.0) jbuilder (2.10.0) activesupport (>= 5.0.0) @@ -100,7 +100,7 @@ GEM listen (3.2.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.4.0) + loofah (2.12.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) @@ -109,16 +109,17 @@ GEM mime-types (3.3.1) mime-types-data (~> 3.2015) mime-types-data (3.2021.0225) - mini_mime (1.0.2) - mini_portile2 (2.4.0) + mini_mime (1.1.1) + mini_portile2 (2.6.1) minitest (5.14.4) multi_json (1.15.0) multi_xml (0.6.0) multipart-post (2.1.1) netrc (0.11.0) - nio4r (2.5.2) - nokogiri (1.10.8) - mini_portile2 (~> 2.4.0) + nio4r (2.5.8) + nokogiri (1.12.4) + mini_portile2 (~> 2.6.1) + racc (~> 1.4) oauth2 (1.4.4) faraday (>= 0.8, < 2.0) jwt (>= 1.0, < 3.0) @@ -146,6 +147,7 @@ GEM method_source (~> 0.9.0) public_suffix (4.0.3) puma (3.12.6) + racc (1.5.2) rack (2.2.3) rack-protection (2.1.0) rack @@ -166,7 +168,7 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.3.0) + rails-html-sanitizer (1.4.2) loofah (~> 2.3) railties (5.1.7) actionpack (= 5.1.7) @@ -174,7 +176,7 @@ GEM method_source rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rake (13.0.1) + rake (13.0.6) rb-fsevent (0.10.3) rb-inotify (0.10.1) ffi (~> 1.0) @@ -208,7 +210,7 @@ GEM sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.1) + sprockets-rails (3.2.2) actionpack (>= 4.0) activesupport (>= 4.0) sprockets (>= 3.0.0) @@ -233,7 +235,7 @@ GEM railties (>= 5.0) websocket-driver (0.6.5) websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.4) + websocket-extensions (0.1.5) xpath (3.2.0) nokogiri (~> 1.8) @@ -256,7 +258,7 @@ DEPENDENCIES procore (~> 1.1) pry puma (~> 3.12) - rails (~> 5.1.6) + rails (~> 5.1.7) rest-client sass-rails (~> 5.0) selenium-webdriver @@ -269,4 +271,4 @@ DEPENDENCIES web-console BUNDLED WITH - 2.2.13 + 2.1.4