From 0d791ef294ab58c1b2ce886d40c1f93bda45038f Mon Sep 17 00:00:00 2001 From: snyk-bot <snyk-bot@snyk.io> Date: Wed, 19 Oct 2022 23:11:09 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880 --- Gemfile | 2 +- Gemfile.lock | 66 +++++++++++++++++++++++++--------------------------- 2 files changed, 33 insertions(+), 35 deletions(-) diff --git a/Gemfile b/Gemfile index bb746d683..39909e5e2 100644 --- a/Gemfile +++ b/Gemfile @@ -29,6 +29,6 @@ gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby] # Performance-booster for watching directories on Windows gem "wdm", "~> 0.1.0" if Gem.win_platform? -gem "html-proofer", "~> 3.10" +gem "html-proofer", "~> 3.15", ">= 3.15.3" gem "rake" gem 'kramdown-parser-gfm' diff --git a/Gemfile.lock b/Gemfile.lock index a1dc57860..d1992fc1b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,39 +1,39 @@ GEM remote: https://rubygems.org/ specs: - activesupport (5.2.4.3) + activesupport (5.2.8.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) - addressable (2.7.0) - public_suffix (>= 2.0.2, < 5.0) + addressable (2.8.1) + public_suffix (>= 2.0.2, < 6.0) colorator (1.1.0) - concurrent-ruby (1.1.7) - em-websocket (0.5.1) + concurrent-ruby (1.1.10) + em-websocket (0.5.3) eventmachine (>= 0.12.9) - http_parser.rb (~> 0.6.0) - ethon (0.12.0) - ffi (>= 1.3.0) + http_parser.rb (~> 0) + ethon (0.15.0) + ffi (>= 1.15.0) eventmachine (1.2.7) - execjs (2.7.0) + execjs (2.8.1) extras (0.3.0) forwardable-extended (~> 2.5) - fastimage (2.2.0) - ffi (1.13.1) + fastimage (2.2.6) + ffi (1.15.5) forwardable-extended (2.6.0) - html-proofer (3.15.3) + html-proofer (3.19.4) addressable (~> 2.3) mercenary (~> 0.3) - nokogumbo (~> 2.0) - parallel (~> 1.3) + nokogiri (~> 1.13) + parallel (~> 1.10) rainbow (~> 3.0) typhoeus (~> 1.3) yell (~> 2.0) - http_parser.rb (0.6.0) + http_parser.rb (0.8.0) i18n (0.9.5) concurrent-ruby (~> 1.0) - jekyll (3.9.0) + jekyll (3.9.2) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) @@ -70,7 +70,7 @@ GEM jekyll (>= 3.7, < 5.0) jekyll-watch (2.2.1) listen (~> 3.0) - kramdown (2.3.0) + kramdown (2.4.0) rexml kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) @@ -78,30 +78,28 @@ GEM liquid-tag-parser (1.9.0) extras (~> 0.3) liquid (>= 3.0, < 5.0) - listen (3.2.1) + listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.3.6) - mini_portile2 (2.5.0) - minitest (5.14.1) - nokogiri (1.11.1) - mini_portile2 (~> 2.5.0) + mini_portile2 (2.8.0) + minitest (5.16.3) + nokogiri (1.13.9) + mini_portile2 (~> 2.8.0) racc (~> 1.4) - nokogumbo (2.0.2) - nokogiri (~> 1.8, >= 1.8.4) - parallel (1.19.2) + parallel (1.22.1) pathutil (0.16.2) forwardable-extended (~> 2.6) - public_suffix (4.0.5) - racc (1.5.2) - rack (2.2.3) - rainbow (3.0.0) + public_suffix (5.0.0) + racc (1.6.0) + rack (2.2.4) + rainbow (3.1.1) rake (13.0.1) - rb-fsevent (0.10.4) + rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - rexml (3.2.4) - rouge (3.21.0) + rexml (3.2.5) + rouge (3.30.0) safe_yaml (1.0.5) sass (3.7.4) sass-listen (~> 4.0.0) @@ -114,7 +112,7 @@ GEM thread_safe (0.3.6) typhoeus (1.4.0) ethon (>= 0.9.0) - tzinfo (1.2.7) + tzinfo (1.2.10) thread_safe (~> 0.1) yell (2.2.2) @@ -122,7 +120,7 @@ PLATFORMS ruby DEPENDENCIES - html-proofer (~> 3.10) + html-proofer (~> 3.15, >= 3.15.3) jekyll (~> 3.8) jekyll-assets (~> 3.0, >= 3.0.12) jekyll-redirect-from (~> 0.16.0)