From 4656cef30fd4adcb8a908b468366a8f8325277c9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 4 Apr 2023 19:22:56 +0000 Subject: [PATCH] fix: docs/Gemfile & docs/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-FFI-22037 - https://snyk.io/vuln/SNYK-RUBY-JEKYLL-451462 - https://snyk.io/vuln/SNYK-RUBY-JSON-560838 - https://snyk.io/vuln/SNYK-RUBY-KRAMDOWN-585939 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1055008 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1293239 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1583442 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1726792 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20277 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20299 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20367 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20368 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20432 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-22013 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-22014 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2413994 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2620374 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630623 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630898 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2840634 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3357692 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3357693 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-459107 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-534637 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-72433 - https://snyk.io/vuln/SNYK-RUBY-RAKE-552000 - https://snyk.io/vuln/SNYK-RUBY-REDCARPET-1059089 - https://snyk.io/vuln/SNYK-RUBY-SANITIZE-22024 - https://snyk.io/vuln/SNYK-RUBY-YAJLRUBY-22002 - https://snyk.io/vuln/SNYK-RUBY-YAJLRUBY-2441253 --- docs/Gemfile | 12 ++--- docs/Gemfile.lock | 124 ++++++++++++++++++++++++++++------------------ 2 files changed, 82 insertions(+), 54 deletions(-) diff --git a/docs/Gemfile b/docs/Gemfile index f144584eff350..6850c36ad31fb 100644 --- a/docs/Gemfile +++ b/docs/Gemfile @@ -1,29 +1,29 @@ source 'https://rubygems.org' -gem 'rake' +gem 'rake', '>= 12.3.3' # jekyll, which builds it all # 3.0 includes sass processing -gem 'jekyll', '~>3.1' +gem 'jekyll', '~> 3.9', '>= 3.9.0' # Jekyll extensions gem 'jekyll-redirect-from' gem 'jekyll-paginate' # JSON -gem 'json' +gem 'json', '>= 2.3.0' # For `rake watch` gem 'rb-fsevent' # For markdown header cleanup -gem 'sanitize', '~>2.0' +gem 'sanitize', '~> 4.6', '>= 4.6.3' # Markdown -gem 'redcarpet' +gem 'redcarpet', '>= 3.5.1' # Syntax highlighting -gem 'pygments.rb' +gem 'pygments.rb', '>= 1.0.0' # Avoid having to poll for changes on Windows gem 'wdm', '>= 0.1.0' if Gem.win_platform? \ No newline at end of file diff --git a/docs/Gemfile.lock b/docs/Gemfile.lock index e882cb6df037b..db748d309e1b3 100644 --- a/docs/Gemfile.lock +++ b/docs/Gemfile.lock @@ -1,67 +1,95 @@ GEM remote: https://rubygems.org/ specs: - colorator (0.1) - ffi (1.9.14) - ffi (1.9.14-x64-mingw32) - jekyll (3.1.6) - colorator (~> 0.1) + addressable (2.8.2) + public_suffix (>= 2.0.2, < 6.0) + colorator (1.1.0) + concurrent-ruby (1.2.2) + crass (1.0.6) + em-websocket (0.5.3) + eventmachine (>= 0.12.9) + http_parser.rb (~> 0) + eventmachine (1.2.7) + eventmachine (1.2.7-x64-mingw32) + ffi (1.15.5) + ffi (1.15.5-x64-mingw32) + forwardable-extended (2.6.0) + http_parser.rb (0.8.0) + i18n (1.12.0) + concurrent-ruby (~> 1.0) + jekyll (3.9.3) + addressable (~> 2.4) + colorator (~> 1.0) + em-websocket (~> 0.5) + i18n (>= 0.7, < 2) jekyll-sass-converter (~> 1.0) - jekyll-watch (~> 1.1) - kramdown (~> 1.3) - liquid (~> 3.0) + jekyll-watch (~> 2.0) + kramdown (>= 1.17, < 3) + liquid (~> 4.0) mercenary (~> 0.3.3) - rouge (~> 1.7) + pathutil (~> 0.9) + rouge (>= 1.7, < 4) safe_yaml (~> 1.0) jekyll-paginate (1.1.0) - jekyll-redirect-from (0.11.0) - jekyll (>= 2.0) - jekyll-sass-converter (1.4.0) + jekyll-redirect-from (0.16.0) + jekyll (>= 3.3, < 5.0) + jekyll-sass-converter (1.5.2) sass (~> 3.4) - jekyll-watch (1.4.0) - listen (~> 3.0, < 3.1) - json (2.0.1) - kramdown (1.11.1) - liquid (3.0.6) - listen (3.0.8) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) + jekyll-watch (2.2.1) + listen (~> 3.0) + json (2.6.3) + kramdown (2.4.0) + rexml + liquid (4.0.4) + listen (3.8.0) + rb-fsevent (~> 0.10, >= 0.10.3) + rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.3.6) - mini_portile2 (2.1.0) - nokogiri (1.6.8) - mini_portile2 (~> 2.1.0) - pkg-config (~> 1.1.7) - nokogiri (1.6.8-x64-mingw32) - mini_portile2 (~> 2.1.0) - pkg-config (~> 1.1.7) - pkg-config (1.1.7) - posix-spawn (0.3.11) - pygments.rb (0.6.3) - posix-spawn (~> 0.3.6) - yajl-ruby (~> 1.2.0) - rake (11.2.2) - rb-fsevent (0.9.7) - rb-inotify (0.9.7) - ffi (>= 0.5.0) - redcarpet (3.3.4) - rouge (1.11.1) - safe_yaml (1.0.4) - sanitize (2.1.0) + mini_portile2 (2.8.1) + nokogiri (1.14.2) + mini_portile2 (~> 2.8.0) + racc (~> 1.4) + nokogiri (1.14.2-x64-mingw32) + racc (~> 1.4) + nokogumbo (1.5.0) + nokogiri + pathutil (0.16.2) + forwardable-extended (~> 2.6) + public_suffix (5.0.1) + pygments.rb (2.3.1) + racc (1.6.2) + rake (13.0.6) + rb-fsevent (0.11.2) + rb-inotify (0.10.1) + ffi (~> 1.0) + redcarpet (3.6.0) + rexml (3.2.5) + rouge (3.30.0) + safe_yaml (1.0.5) + sanitize (4.6.6) + crass (~> 1.0.2) nokogiri (>= 1.4.4) - sass (3.4.22) - yajl-ruby (1.2.1) + nokogumbo (~> 1.4) + sass (3.7.4) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) PLATFORMS ruby x64-mingw32 DEPENDENCIES - jekyll (~> 3.1) + jekyll (~> 3.9, >= 3.9.0) jekyll-paginate jekyll-redirect-from - json - pygments.rb - rake + json (>= 2.3.0) + pygments.rb (>= 1.0.0) + rake (>= 12.3.3) rb-fsevent - redcarpet - sanitize (~> 2.0) + redcarpet (>= 3.5.1) + sanitize (~> 4.6, >= 4.6.3) + +BUNDLED WITH + 2.1.4