From e4d6177a1d5f5ca65e71bc3a27de7fe951df4cba Mon Sep 17 00:00:00 2001 From: Joel Hawksley Date: Mon, 13 May 2024 14:51:18 -0600 Subject: [PATCH] Update dependencies (#2837) --- .changeset/olive-wasps-call.md | 5 +++++ Gemfile | 1 - Gemfile.lock | 24 ++++++++++---------- demo/Gemfile.lock | 40 ++++++++++++++++++---------------- 4 files changed, 37 insertions(+), 33 deletions(-) create mode 100644 .changeset/olive-wasps-call.md diff --git a/.changeset/olive-wasps-call.md b/.changeset/olive-wasps-call.md new file mode 100644 index 0000000000..8d037b26b2 --- /dev/null +++ b/.changeset/olive-wasps-call.md @@ -0,0 +1,5 @@ +--- +"@primer/view-components": patch +--- + +Update Ruby dependencies to address upstream security notices diff --git a/Gemfile b/Gemfile index bd313842bc..75a26d61f7 100644 --- a/Gemfile +++ b/Gemfile @@ -48,7 +48,6 @@ end # development dependencies group :development do gem "allocation_stats", "~> 0.1" - gem "allocation_tracer", "~> 0.6.3" gem "benchmark-ips", "~> 2.13.0" gem "capybara", "~> 3.39.2" gem "cuprite", "~> 0.15" diff --git a/Gemfile.lock b/Gemfile.lock index d1a9e975b7..f70b9525c9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -40,19 +40,18 @@ GEM addressable (2.8.6) public_suffix (>= 2.0.2, < 6.0) allocation_stats (0.1.5) - allocation_tracer (0.6.3) ansi (1.5.0) ast (2.4.2) base64 (0.2.0) benchmark-ips (2.13.0) - better_html (2.0.2) + better_html (2.1.1) actionview (>= 6.0) activesupport (>= 6.0) ast (~> 2.0) erubi (~> 1.4) parser (>= 2.4) smart_properties - bigdecimal (3.1.7) + bigdecimal (3.1.8) bootsnap (1.18.3) msgpack (~> 1.2) builder (3.2.4) @@ -100,11 +99,11 @@ GEM hashdiff (1.1.0) htmlbeautifier (1.4.3) htmlentities (4.3.4) - i18n (1.14.4) + i18n (1.14.5) concurrent-ruby (~> 1.0) io-console (0.7.2) - irb (1.12.0) - rdoc + irb (1.13.1) + rdoc (>= 4.0.0) reline (>= 0.4.2) json (2.7.2) kramdown (2.4.0) @@ -138,11 +137,11 @@ GEM ruby2_keywords (>= 0.0.5) msgpack (1.7.2) mutex_m (0.2.0) - nio4r (2.7.0) - nokogiri (1.15.6) + nio4r (2.7.3) + nokogiri (1.16.5) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.15.6-x86_64-linux) + nokogiri (1.16.5-x86_64-linux) racc (~> 1.4) octicons (19.9.0) parallel (1.24.0) @@ -158,7 +157,7 @@ GEM puma (6.4.2) nio4r (~> 2.0) racc (1.7.3) - rack (3.0.10) + rack (3.0.11) rack-cors (2.0.2) rack (>= 2.0.0) rack-proxy (0.7.7) @@ -194,7 +193,7 @@ GEM psych (>= 4.0.0) redcarpet (3.6.0) regexp_parser (2.9.1) - reline (0.5.3) + reline (0.5.6) io-console (~> 0.5) rexml (3.2.6) rouge (4.2.1) @@ -228,7 +227,7 @@ GEM ruby-progressbar (1.13.0) ruby2_keywords (0.0.5) rubyzip (2.3.2) - selenium-webdriver (4.19.0) + selenium-webdriver (4.20.1) base64 (~> 0.2) rexml (~> 3.2, >= 3.2.5) rubyzip (>= 1.2.2, < 3.0) @@ -293,7 +292,6 @@ DEPENDENCIES activemodel (= 7.1.1) activesupport (= 7.1.1) allocation_stats (~> 0.1) - allocation_tracer (~> 0.6.3) benchmark-ips (~> 2.13.0) bootsnap (>= 1.4.2) capybara (~> 3.39.2) diff --git a/demo/Gemfile.lock b/demo/Gemfile.lock index c25dd8513b..481b73d092 100644 --- a/demo/Gemfile.lock +++ b/demo/Gemfile.lock @@ -64,8 +64,7 @@ GEM css_parser (1.17.1) addressable docker-remote (0.8.0) - domain_name (0.5.20190701) - unf (>= 0.0.5, < 1.0.0) + domain_name (0.6.20240107) drb (2.2.1) dry-inflector (0.3.0) ejson (1.4.1) @@ -97,15 +96,18 @@ GEM faraday-rack (1.0.0) faraday-retry (1.0.3) ffi (1.16.3) - ffi-compiler (1.0.1) - ffi (>= 1.0.0) + ffi-compiler (1.3.2) + ffi (>= 1.15.5) rake foreman (0.88.1) gli (2.21.1) globalid (1.2.1) activesupport (>= 6.1) - googleauth (1.8.1) - faraday (>= 0.17.3, < 3.a) + google-cloud-env (2.1.1) + faraday (>= 1.0, < 3.a) + googleauth (1.11.0) + faraday (>= 1.0, < 3.a) + google-cloud-env (~> 2.1) jwt (>= 1.4, < 3.0) multi_json (~> 1.11) os (>= 0.9, < 2.0) @@ -121,11 +123,12 @@ GEM railties (>= 6.0.0) htmlbeautifier (1.4.3) htmlentities (4.3.4) - http (5.1.1) + http (5.2.0) addressable (~> 2.8) + base64 (~> 0.1) http-cookie (~> 1.0) http-form_data (~> 2.2) - llhttp-ffi (~> 0.4.0) + llhttp-ffi (~> 0.5.0) http-accept (1.7.0) http-cookie (1.0.5) domain_name (~> 0.5) @@ -142,7 +145,8 @@ GEM reline (>= 0.4.2) jsonpath (1.1.5) multi_json - jwt (2.7.1) + jwt (2.8.1) + base64 kind-rb (0.1.0-arm64-darwin) kind-rb (0.1.0-x86_64-darwin) kind-rb (0.1.0-x86_64-linux) @@ -195,7 +199,7 @@ GEM listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - llhttp-ffi (0.4.0) + llhttp-ffi (0.5.0) ffi-compiler (~> 1.0) rake (~> 13.0) loofah (2.22.0) @@ -215,9 +219,9 @@ GEM zeitwerk (~> 2.5) marcel (1.0.4) method_source (1.1.0) - mime-types (3.5.1) + mime-types (3.5.2) mime-types-data (~> 3.2015) - mime-types-data (3.2023.1003) + mime-types-data (3.2024.0507) minitest (5.22.3) ms_rest (0.7.6) concurrent-ruby (~> 1.0) @@ -230,7 +234,7 @@ GEM ms_rest (~> 0.7.6) msgpack (1.7.2) multi_json (1.15.0) - multipart-post (2.3.0) + multipart-post (2.4.1) mutex_m (0.2.0) netrc (0.11.0) nio4r (2.7.3) @@ -241,7 +245,8 @@ GEM nokogiri (1.16.5-x86_64-linux) racc (~> 1.4) octicons (19.9.0) - oj (3.16.1) + oj (3.16.3) + bigdecimal (>= 3.0) os (1.1.4) pry (0.14.2) coderay (~> 1.1) @@ -297,7 +302,7 @@ GEM netrc (~> 0.8) rouge (3.30.0) ruby2_keywords (0.0.5) - signet (0.18.0) + signet (0.19.0) addressable (~> 2.8) faraday (>= 0.17.5, < 3.a) jwt (>= 1.5, < 3.0) @@ -313,7 +318,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - statsd-instrument (3.5.12) + statsd-instrument (3.7.0) stimulus-rails (1.3.3) railties (>= 6.0.0) stringio (3.1.0) @@ -325,9 +330,6 @@ GEM railties (>= 6.0.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unf (0.1.4) - unf_ext - unf_ext (0.0.8.2) view_component (3.12.1) activesupport (>= 5.2.0, < 8.0) concurrent-ruby (~> 1.0)