From 0101edfecee6b61d8d378ac1608005a7700d869a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 9 Mar 2023 05:15:47 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 --- Gemfile | 2 +- Gemfile.lock | 46 +++++++++++++++++++++++----------------------- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/Gemfile b/Gemfile index 6e1b308..8657d22 100644 --- a/Gemfile +++ b/Gemfile @@ -55,7 +55,7 @@ gem 'country_select' gem 'daemons' gem 'date_validator' gem 'devise' -gem 'devise_ichain_authenticatable', '>= 0.3.0' +gem 'devise_ichain_authenticatable', '>= 0.3.2' gem 'git' gem 'kaminari' # Newer prawn lost the template support in Document diff --git a/Gemfile.lock b/Gemfile.lock index 9f402c9..b609b18 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -96,7 +96,7 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.2.0) + concurrent-ruby (1.2.2) countries (5.3.1) unaccent (~> 0.3) country_select (8.0.1) @@ -117,7 +117,7 @@ GEM delayed_job_active_record (4.1.7) activerecord (>= 3.0, < 8.0) delayed_job (>= 3.0, < 5) - devise (4.8.1) + devise (4.9.0) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0) @@ -127,7 +127,7 @@ GEM devise (>= 2.2) diff-lcs (1.5.0) docile (1.4.0) - erubi (1.11.0) + erubi (1.12.0) exception_notification (4.4.3) actionmailer (>= 4.0, < 7) activesupport (>= 4.0, < 7) @@ -136,9 +136,9 @@ GEM git (1.13.1) addressable (~> 2.8) rchardet (~> 1.8) - globalid (1.0.1) + globalid (1.1.0) activesupport (>= 5.0) - haml (6.0.12) + haml (6.1.1) temple (>= 0.8.2) thor tilt @@ -173,8 +173,8 @@ GEM activerecord kaminari-core (= 1.2.2) kaminari-core (1.2.2) - launchy (2.5.0) - addressable (~> 2.7) + launchy (2.5.2) + addressable (~> 2.8) letter_opener (1.8.1) launchy (>= 2.2, < 3) letter_opener_web (1.4.1) @@ -198,14 +198,14 @@ GEM mini_portile2 (2.8.1) mini_racer (0.6.3) libv8-node (~> 16.10.0.0) - minitest (5.17.0) + minitest (5.18.0) nio4r (2.5.8) - nokogiri (1.13.10) + nokogiri (1.14.2) mini_portile2 (~> 2.8.0) racc (~> 1.4) orm_adapter (0.5.0) parallel (1.22.1) - parser (3.2.0.0) + parser (3.2.1.1) ast (~> 2.4.1) pdf-reader (1.4.1) Ascii85 (~> 1.0.0) @@ -226,8 +226,8 @@ GEM public_suffix (5.0.1) puma (6.0.2) nio4r (~> 2.0) - racc (1.6.1) - rack (2.2.6.2) + racc (1.6.2) + rack (2.2.6.3) rack-test (2.0.2) rack (>= 1.3) rails (5.1.7) @@ -245,7 +245,7 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.4.4) + rails-html-sanitizer (1.5.0) loofah (~> 2.19, >= 2.19.1) rails-i18n (5.1.3) i18n (>= 0.7, < 2) @@ -270,17 +270,17 @@ GEM rchardet (1.8.0) rdoc (6.3.3) redcarpet (3.6.0) - regexp_parser (2.6.1) + regexp_parser (2.7.0) responders (3.0.1) actionpack (>= 5.0) railties (>= 5.0) rexml (3.2.5) - rspec-core (3.12.0) + rspec-core (3.12.1) rspec-support (~> 3.12.0) - rspec-expectations (3.12.0) + rspec-expectations (3.12.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-mocks (3.12.0) + rspec-mocks (3.12.3) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) rspec-rails (4.1.2) @@ -306,7 +306,7 @@ GEM rubocop (>= 0.68.1) ruby-graphviz (1.2.5) rexml - ruby-progressbar (1.11.0) + ruby-progressbar (1.13.0) ruby-rc4 (0.1.5) ruby-vips (2.1.4) ffi (~> 1.12) @@ -342,9 +342,9 @@ GEM simplecov-html (0.12.3) simplecov-lcov (0.8.0) simplecov_json_formatter (0.1.4) - sprockets (4.1.1) + sprockets (4.2.0) concurrent-ruby (~> 1.0) - rack (> 1, < 3) + rack (>= 2.2.4, < 4) sprockets-rails (3.2.2) actionpack (>= 4.0) activesupport (>= 4.0) @@ -365,10 +365,10 @@ GEM state_machines-yard (0.0.1) state_machines-graphviz yard - temple (0.9.1) + temple (0.10.0) thor (1.2.1) thread_safe (0.3.6) - tilt (2.0.11) + tilt (2.1.0) ttfunk (1.0.3) tzinfo (1.2.11) thread_safe (~> 0.1) @@ -412,7 +412,7 @@ DEPENDENCIES date_validator delayed_job_active_record devise - devise_ichain_authenticatable (>= 0.3.0) + devise_ichain_authenticatable (>= 0.3.2) exception_notification git haml-rails