Skip to content
Permalink
Browse files

Update rubyzip. (#5404)

* Update rubyzip. Fixes security issue

* Update API max-depth to prevent random API errors and allow
introspection queries.
  • Loading branch information...
oriolgual committed Oct 8, 2019
1 parent aec0334 commit 9c72f70a8a469a406d7580a26793f8deee7ae2b9
@@ -109,7 +109,7 @@ PATH
rails-i18n (~> 5.0)
rectify (~> 0.13.0)
redis (~> 4.1)
rubyzip (~> 1.2, >= 1.2.2)
rubyzip (~> 2.0)
sassc (~> 1.12, >= 1.12.1)
sassc-rails (~> 1.3)
social-share-button (~> 1.2, >= 1.2.1)
@@ -184,7 +184,7 @@ PATH
decidim-comments (= 0.19.0.dev)
decidim-core (= 0.19.0.dev)
diffy (~> 3.3)
doc2text (~> 0.4.0)
doc2text (~> 0.4.2)
kaminari (~> 1.1)
ransack (~> 2.1.1)
redcarpet (~> 3.4)
@@ -311,8 +311,7 @@ GEM
actionpack (>= 3.0)
cells (>= 4.1.6, < 5.0.0)
charlock_holmes (0.7.6)
childprocess (2.0.0)
rake (< 13.0)
childprocess (3.0.0)
coercible (1.0.0)
descendants_tracker (~> 0.0.1)
coffee-rails (5.0.0)
@@ -353,9 +352,9 @@ GEM
devise (>= 4.0.0)
diff-lcs (1.3)
diffy (3.3.0)
doc2text (0.4.1)
nokogiri (~> 1.8, >= 1.8.2)
rubyzip (~> 1.2, >= 1.2.2)
doc2text (0.4.2)
nokogiri (~> 1.10.0)
rubyzip (~> 2.0.0)
docile (1.3.2)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
@@ -383,7 +382,7 @@ GEM
railties (>= 3.0.0)
faker (1.9.3)
i18n (>= 0.7)
faraday (0.15.4)
faraday (0.17.0)
multipart-post (>= 1.2, < 3)
ffi (1.9.25)
file_validators (2.3.0)
@@ -399,7 +398,7 @@ GEM
activesupport (>= 4.1, < 6.0)
railties (>= 4.1, < 6.0)
tzinfo (~> 1.2, >= 1.2.2)
geocoder (1.5.1)
geocoder (1.5.2)
globalid (0.4.2)
activesupport (>= 4.2.0)
graphiql-rails (1.4.11)
@@ -503,8 +502,8 @@ GEM
nokogiri (1.10.4)
mini_portile2 (~> 2.4.0)
oauth (0.5.4)
oauth2 (1.4.1)
faraday (>= 0.8, < 0.16.0)
oauth2 (1.4.2)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
@@ -590,7 +589,7 @@ GEM
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
rainbow (3.0.0)
rake (12.3.3)
rake (13.0.0)
ransack (2.1.1)
actionpack (>= 5.0)
activerecord (>= 5.0)
@@ -662,7 +661,7 @@ GEM
ruby-ole (1.2.12.2)
ruby-progressbar (1.10.1)
ruby_dep (1.5.0)
rubyzip (1.2.3)
rubyzip (2.0.0)
safe_yaml (1.0.5)
sass (3.4.25)
sassc (1.12.1)
@@ -676,9 +675,9 @@ GEM
sprockets-rails
tilt
searchlight (4.1.0)
selenium-webdriver (3.142.4)
childprocess (>= 0.5, < 3.0)
rubyzip (~> 1.2, >= 1.2.2)
selenium-webdriver (3.142.6)
childprocess (>= 0.5, < 4.0)
rubyzip (>= 1.2.2)
simplecov (0.17.1)
docile (~> 1.1)
json (>= 1.8, < 3)
@@ -8,7 +8,7 @@ module Api
mutation MutationType

default_max_page_size 50
max_depth 10
max_depth 15
max_complexity 300

orphan_types(Api.orphan_types)
@@ -59,7 +59,7 @@ Gem::Specification.new do |s|
s.add_dependency "rails-i18n", "~> 5.0"
s.add_dependency "rectify", "~> 0.13.0"
s.add_dependency "redis", "~> 4.1"
s.add_dependency "rubyzip", "~> 1.2", ">= 1.2.2"
s.add_dependency "rubyzip", "~> 2.0"
s.add_dependency "sassc", "~> 1.12", ">= 1.12.1"
s.add_dependency "sassc-rails", "~> 1.3"
s.add_dependency "social-share-button", "~> 1.2", ">= 1.2.1"
@@ -104,7 +104,7 @@ PATH
rails-i18n (~> 5.0)
rectify (~> 0.13.0)
redis (~> 4.1)
rubyzip (~> 1.2, >= 1.2.2)
rubyzip (~> 2.0)
sassc (~> 1.12, >= 1.12.1)
sassc-rails (~> 1.3)
social-share-button (~> 1.2, >= 1.2.1)
@@ -179,7 +179,7 @@ PATH
decidim-comments (= 0.19.0.dev)
decidim-core (= 0.19.0.dev)
diffy (~> 3.3)
doc2text (~> 0.4.0)
doc2text (~> 0.4.2)
kaminari (~> 1.1)
ransack (~> 2.1.1)
redcarpet (~> 3.4)
@@ -306,8 +306,7 @@ GEM
actionpack (>= 3.0)
cells (>= 4.1.6, < 5.0.0)
charlock_holmes (0.7.6)
childprocess (2.0.0)
rake (< 13.0)
childprocess (3.0.0)
coercible (1.0.0)
descendants_tracker (~> 0.0.1)
coffee-rails (5.0.0)
@@ -348,9 +347,9 @@ GEM
devise (>= 4.0.0)
diff-lcs (1.3)
diffy (3.3.0)
doc2text (0.4.1)
nokogiri (~> 1.8, >= 1.8.2)
rubyzip (~> 1.2, >= 1.2.2)
doc2text (0.4.2)
nokogiri (~> 1.10.0)
rubyzip (~> 2.0.0)
docile (1.3.2)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
@@ -378,7 +377,7 @@ GEM
railties (>= 3.0.0)
faker (1.9.3)
i18n (>= 0.7)
faraday (0.15.4)
faraday (0.17.0)
multipart-post (>= 1.2, < 3)
ffi (1.9.25)
file_validators (2.3.0)
@@ -394,7 +393,7 @@ GEM
activesupport (>= 4.1, < 6.0)
railties (>= 4.1, < 6.0)
tzinfo (~> 1.2, >= 1.2.2)
geocoder (1.5.1)
geocoder (1.5.2)
globalid (0.4.2)
activesupport (>= 4.2.0)
graphiql-rails (1.4.11)
@@ -498,8 +497,8 @@ GEM
nokogiri (1.10.4)
mini_portile2 (~> 2.4.0)
oauth (0.5.4)
oauth2 (1.4.1)
faraday (>= 0.8, < 0.16.0)
oauth2 (1.4.2)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
@@ -585,7 +584,7 @@ GEM
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
rainbow (3.0.0)
rake (12.3.3)
rake (13.0.0)
ransack (2.1.1)
actionpack (>= 5.0)
activerecord (>= 5.0)
@@ -657,7 +656,7 @@ GEM
ruby-ole (1.2.12.2)
ruby-progressbar (1.10.1)
ruby_dep (1.5.0)
rubyzip (1.2.3)
rubyzip (2.0.0)
safe_yaml (1.0.5)
sass (3.4.25)
sassc (1.12.1)
@@ -671,9 +670,9 @@ GEM
sprockets-rails
tilt
searchlight (4.1.0)
selenium-webdriver (3.142.4)
childprocess (>= 0.5, < 3.0)
rubyzip (~> 1.2, >= 1.2.2)
selenium-webdriver (3.142.6)
childprocess (>= 0.5, < 4.0)
rubyzip (>= 1.2.2)
simplecov (0.17.1)
docile (~> 1.1)
json (>= 1.8, < 3)
@@ -26,7 +26,7 @@ Gem::Specification.new do |s|
s.add_dependency "decidim-comments", Decidim::Proposals.version
s.add_dependency "decidim-core", Decidim::Proposals.version
s.add_dependency "diffy", "~> 3.3"
s.add_dependency "doc2text", "~> 0.4.0"
s.add_dependency "doc2text", "~> 0.4.2"
s.add_dependency "kaminari", "~> 1.1"
s.add_dependency "ransack", "~> 2.1.1"
s.add_dependency "redcarpet", "~> 3.4"
@@ -109,7 +109,7 @@ PATH
rails-i18n (~> 5.0)
rectify (~> 0.13.0)
redis (~> 4.1)
rubyzip (~> 1.2, >= 1.2.2)
rubyzip (~> 2.0)
sassc (~> 1.12, >= 1.12.1)
sassc-rails (~> 1.3)
social-share-button (~> 1.2, >= 1.2.1)
@@ -184,7 +184,7 @@ PATH
decidim-comments (= 0.19.0.dev)
decidim-core (= 0.19.0.dev)
diffy (~> 3.3)
doc2text (~> 0.4.0)
doc2text (~> 0.4.2)
kaminari (~> 1.1)
ransack (~> 2.1.1)
redcarpet (~> 3.4)
@@ -311,8 +311,7 @@ GEM
actionpack (>= 3.0)
cells (>= 4.1.6, < 5.0.0)
charlock_holmes (0.7.6)
childprocess (2.0.0)
rake (< 13.0)
childprocess (3.0.0)
coercible (1.0.0)
descendants_tracker (~> 0.0.1)
coffee-rails (5.0.0)
@@ -353,9 +352,9 @@ GEM
devise (>= 4.0.0)
diff-lcs (1.3)
diffy (3.3.0)
doc2text (0.4.1)
nokogiri (~> 1.8, >= 1.8.2)
rubyzip (~> 1.2, >= 1.2.2)
doc2text (0.4.2)
nokogiri (~> 1.10.0)
rubyzip (~> 2.0.0)
docile (1.3.2)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
@@ -383,7 +382,7 @@ GEM
railties (>= 3.0.0)
faker (1.9.3)
i18n (>= 0.7)
faraday (0.15.4)
faraday (0.17.0)
multipart-post (>= 1.2, < 3)
ffi (1.9.25)
file_validators (2.3.0)
@@ -399,7 +398,7 @@ GEM
activesupport (>= 4.1, < 6.0)
railties (>= 4.1, < 6.0)
tzinfo (~> 1.2, >= 1.2.2)
geocoder (1.5.1)
geocoder (1.5.2)
globalid (0.4.2)
activesupport (>= 4.2.0)
graphiql-rails (1.4.11)
@@ -503,8 +502,8 @@ GEM
nokogiri (1.10.4)
mini_portile2 (~> 2.4.0)
oauth (0.5.4)
oauth2 (1.4.1)
faraday (>= 0.8, < 0.16.0)
oauth2 (1.4.2)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
@@ -590,7 +589,7 @@ GEM
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
rainbow (3.0.0)
rake (12.3.3)
rake (13.0.0)
ransack (2.1.1)
actionpack (>= 5.0)
activerecord (>= 5.0)
@@ -662,7 +661,7 @@ GEM
ruby-ole (1.2.12.2)
ruby-progressbar (1.10.1)
ruby_dep (1.5.0)
rubyzip (1.2.3)
rubyzip (2.0.0)
safe_yaml (1.0.5)
sass (3.4.25)
sassc (1.12.1)
@@ -676,9 +675,9 @@ GEM
sprockets-rails
tilt
searchlight (4.1.0)
selenium-webdriver (3.142.4)
childprocess (>= 0.5, < 3.0)
rubyzip (~> 1.2, >= 1.2.2)
selenium-webdriver (3.142.6)
childprocess (>= 0.5, < 4.0)
rubyzip (>= 1.2.2)
simplecov (0.17.1)
docile (~> 1.1)
json (>= 1.8, < 3)

0 comments on commit 9c72f70

Please sign in to comment.
You can’t perform that action at this time.