From 8769735420f2cc3bc90152772cc5c9bc7aa2fab3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 7 Jun 2024 01:27:46 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274388 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274386 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-7210237 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-5851458 --- Gemfile | 2 +- Gemfile.lock | 31 ++++++++++++++++--------------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/Gemfile b/Gemfile index 87600f8..8d6dea4 100644 --- a/Gemfile +++ b/Gemfile @@ -28,7 +28,7 @@ gem 'bootsnap', '>= 1.4.4', require: false # gem 'rack-cors' # Allows the use of assets and stuff -gem 'sprockets-rails', '~> 3.4.2', :require => 'sprockets/railtie' +gem 'sprockets-rails', '~> 3.5.0', :require => 'sprockets/railtie' group :development, :test do # gem 'rswag', '~> 2.5' diff --git a/Gemfile.lock b/Gemfile.lock index a46a303..9dd58eb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,13 +75,13 @@ GEM bcrypt (3.1.18) bootsnap (1.15.0) msgpack (~> 1.2) - builder (3.2.4) + builder (3.3.0) byebug (11.1.3) choice (0.2.0) cloudinary (1.25.0) aws_cf_signer rest-client (>= 2.0.0) - concurrent-ruby (1.2.2) + concurrent-ruby (1.3.1) crass (1.0.6) date (3.3.3) docile (1.4.0) @@ -101,13 +101,13 @@ GEM httparty (0.21.0) mini_mime (>= 1.0.0) multi_xml (>= 0.5.2) - i18n (1.14.1) + i18n (1.14.5) concurrent-ruby (~> 1.0) jwt (2.6.0) listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.21.3) + loofah (2.22.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) mail (2.8.1) @@ -121,7 +121,7 @@ GEM mime-types-data (~> 3.2015) mime-types-data (3.2022.0105) mini_mime (1.1.2) - minitest (5.18.1) + minitest (5.23.1) msgpack (1.6.0) multi_xml (0.6.0) net-imap (0.3.6) @@ -135,13 +135,13 @@ GEM net-protocol netrc (0.11.0) nio4r (2.5.9) - nokogiri (1.15.2-x86_64-linux) + nokogiri (1.16.5-x86_64-linux) racc (~> 1.4) pg (1.4.5) puma (5.6.5) nio4r (~> 2.0) - racc (1.7.1) - rack (2.2.7) + racc (1.8.0) + rack (2.2.9) rack-cors (1.1.1) rack (>= 2.0.0) rack-test (2.1.0) @@ -160,8 +160,9 @@ GEM activesupport (= 7.0.5.1) bundler (>= 1.15.0) railties (= 7.0.5.1) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) rails-erd (1.6.1) activerecord (>= 4.2) @@ -198,12 +199,12 @@ GEM simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) spring (4.0.0) - sprockets (4.2.0) + sprockets (4.2.1) concurrent-ruby (~> 1.0) rack (>= 2.2.4, < 4) - sprockets-rails (3.4.2) - actionpack (>= 5.2) - activesupport (>= 5.2) + sprockets-rails (3.5.0) + actionpack (>= 6.1) + activesupport (>= 6.1) sprockets (>= 3.0.0) thor (1.2.2) timeout (0.4.0) @@ -240,7 +241,7 @@ DEPENDENCIES simplecov (~> 0.21.2) simplecov_json_formatter (~> 0.1.2) spring (~> 4.0.0) - sprockets-rails (~> 3.4.2) + sprockets-rails (~> 3.5.0) tzinfo-data (~> 1.2021.5) RUBY VERSION