Update for CVE-2019-8331 (#243)

fastlane · Mar 8, 2019 · 96b09aa · 96b09aa
1 parent d315775
commit 96b09aa
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 20 deletions.
diff --git a/Gemfile b/Gemfile
@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-# ruby '2.2.3'
+# ruby '2.3.3'
 
 # Updated for CVE-2018-16476: https://nvd.nist.gov/vuln/detail/CVE-2018-16476.
 gem 'activejob', '>= 4.2.11'
@@ -24,9 +24,9 @@ gem "loofah", ">= 2.2.3"
 
 gem 'jquery-rails'
 
-gem 'fastlane', '>= 2.104.0', '< 3.0.0'
+gem 'fastlane', '>= 2.117.1', '< 3.0.0'
 
-gem 'bootstrap-sass', '~> 3.3.5'
+gem 'bootstrap-sass', '~> 3.4.1'
 
 # nokogiri 1.8.1 seems to be problematic
 gem 'nokogiri', '>= 1.8.1', '< 2.0.0'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -39,18 +39,18 @@ GEM
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    addressable (2.5.2)
+    addressable (2.6.0)
       public_suffix (>= 2.0.2, < 4.0)
     arel (7.1.4)
     atomos (0.1.3)
-    autoprefixer-rails (9.4.2)
+    autoprefixer-rails (9.4.10.1)
       execjs
     babosa (1.0.2)
     binding_of_caller (0.8.0)
       debug_inspector (>= 0.0.1)
-    bootstrap-sass (3.3.7)
+    bootstrap-sass (3.4.1)
       autoprefixer-rails (>= 5.2.1)
-      sass (>= 3.3.4)
+      sassc (>= 2.0.0)
     builder (3.2.3)
     byebug (10.0.2)
     claide (1.0.2)
@@ -70,10 +70,11 @@ GEM
     debug_inspector (0.0.3)
     declarative (0.0.10)
     declarative-option (0.1.0)
+    digest-crc (0.4.1)
     domain_name (0.5.20180417)
       unf (>= 0.0.5, < 1.0.0)
     dotenv (2.5.0)
-    emoji_regex (0.1.1)
+    emoji_regex (1.0.1)
     erubis (2.7.0)
     excon (0.62.0)
     execjs (2.7.0)
@@ -82,25 +83,26 @@ GEM
     faraday-cookie_jar (0.0.6)
       faraday (>= 0.7.4)
       http-cookie (~> 1.0.0)
-    faraday_middleware (0.12.2)
+    faraday_middleware (0.13.1)
       faraday (>= 0.7.4, < 1.0)
     fastimage (2.1.5)
-    fastlane (2.109.1)
+    fastlane (2.117.1)
       CFPropertyList (>= 2.3, < 4.0.0)
       addressable (>= 2.3, < 3.0.0)
       babosa (>= 1.0.2, < 2.0.0)
-      bundler (>= 1.12.0, < 2.0.0)
+      bundler (>= 1.12.0, < 3.0.0)
       colored
       commander-fastlane (>= 4.4.6, < 5.0.0)
       dotenv (>= 2.1.1, < 3.0.0)
-      emoji_regex (~> 0.1)
+      emoji_regex (>= 0.1, < 2.0)
       excon (>= 0.45.0, < 1.0.0)
       faraday (~> 0.9)
       faraday-cookie_jar (~> 0.0.6)
       faraday_middleware (~> 0.9)
       fastimage (>= 2.1.0, < 3.0.0)
       gh_inspector (>= 1.1.2, < 2.0.0)
       google-api-client (>= 0.21.2, < 0.24.0)
+      google-cloud-storage (>= 1.15.0, < 2.0.0)
       highline (>= 1.7.2, < 2.0.0)
       json (< 3.0.0)
       mini_magick (~> 4.5.1)
@@ -133,6 +135,15 @@ GEM
       representable (~> 3.0)
       retriable (>= 2.0, < 4.0)
       signet (~> 0.9)
+    google-cloud-core (1.3.0)
+      google-cloud-env (~> 1.0)
+    google-cloud-env (1.0.5)
+      faraday (~> 0.11)
+    google-cloud-storage (1.16.0)
+      digest-crc (~> 0.4)
+      google-api-client (~> 0.23)
+      google-cloud-core (~> 1.2)
+      googleauth (>= 0.6.2, < 0.10.0)
     googleauth (0.6.7)
       faraday (~> 0.12)
       jwt (>= 1.4, < 3.0)
@@ -151,7 +162,7 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
-    json (2.1.0)
+    json (2.2.0)
     jwt (2.1.0)
     loofah (2.2.3)
       crass (~> 1.0.2)
@@ -176,7 +187,7 @@ GEM
     nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
     os (1.0.0)
-    plist (3.4.0)
+    plist (3.5.0)
     public_suffix (2.0.5)
     puma (3.12.0)
     rack (2.0.6)
@@ -232,6 +243,9 @@ GEM
       sprockets (>= 2.8, < 4.0)
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
+    sassc (2.0.1)
+      ffi (~> 1.9)
+      rake
     security (0.1.3)
     signet (0.11.0)
       addressable (~> 2.3)
@@ -257,7 +271,7 @@ GEM
     thor (0.20.3)
     thread_safe (0.3.6)
     tilt (2.0.9)
-    tty-cursor (0.6.0)
+    tty-cursor (0.6.1)
     tty-screen (0.6.5)
     tty-spinner (0.9.0)
       tty-cursor (~> 0.6.0)
@@ -269,7 +283,7 @@ GEM
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.7.5)
-    unicode-display_width (1.4.0)
+    unicode-display_width (1.5.0)
     web-console (2.3.0)
       activemodel (>= 4.0)
       binding_of_caller (>= 0.7.2)
@@ -279,7 +293,7 @@ GEM
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.3)
     word_wrap (1.0.0)
-    xcodeproj (1.7.0)
+    xcodeproj (1.8.1)
       CFPropertyList (>= 2.3.3, < 4.0)
       atomos (~> 0.1.3)
       claide (>= 1.0.2, < 2.0)
@@ -295,11 +309,11 @@ PLATFORMS
 
 DEPENDENCIES
   activejob (>= 4.2.11)
-  bootstrap-sass (~> 3.3.5)
+  bootstrap-sass (~> 3.4.1)
   byebug
   coffee-rails (~> 4.1.0)
   dotenv
-  fastlane (>= 2.104.0, < 3.0.0)
+  fastlane (>= 2.117.1, < 3.0.0)
   http_accept_language (~> 2.0.5)
   jquery-rails
   loofah (>= 2.2.3)
@@ -314,4 +328,4 @@ DEPENDENCIES
   web-console (~> 2.0)
 
 BUNDLED WITH
-   1.17.1
+   2.0.1