Skip to content

Commit

Permalink
Security fixes: Updated haml, and json
Browse files Browse the repository at this point in the history
  • Loading branch information
@sashazykov
sashazykov committed Nov 15, 2020
1 parent ca57954 commit 52418d9
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 34 deletions.
4 changes: 2 additions & 2 deletions Gemfile
View file
Expand Up @@ -15,7 +15,7 @@ gem 'devise', '~> 4.7.3'
gem 'devise-i18n'
gem 'dusen', '~> 0.6.1'
gem 'easy_gravatar'
gem 'haml-rails', '~> 0.5.3'
gem 'haml-rails', '~> 1.0'
gem 'http_accept_language'
gem 'i18n-js'
gem 'jbuilder', '~> 1.5.3'
Expand Down Expand Up @@ -56,7 +56,7 @@ end

group :development, :test do
gem 'factory_girl_rails', '~> 4.3.0'
gem 'rspec-rails', '~> 3.5.0'
gem 'rspec-rails', '~> 4.0'
gem 'sqlite3', '~> 1.3.11'
end

Expand Down
72 changes: 40 additions & 32 deletions Gemfile.lock
View file
Expand Up @@ -145,7 +145,7 @@ GEM
warden (~> 1.2.3)
devise-i18n (0.11.0)
diff-lcs (1.4.4)
docile (1.1.5)
docile (1.3.2)
domain_name (0.5.25)
unf (>= 0.0.5, < 1.0.0)
dusen (0.6.1)
Expand All @@ -167,16 +167,23 @@ GEM
gherkin (5.1.0)
globalid (0.4.2)
activesupport (>= 4.2.0)
haml (4.0.5)
haml (5.2.0)
temple (>= 0.8.0)
tilt
haml-rails (0.5.3)
haml-rails (1.0.0)
actionpack (>= 4.0.1)
activesupport (>= 4.0.1)
haml (>= 3.1, < 5.0)
haml (>= 4.0.6, < 6.0)
html2haml (>= 1.0.1)
railties (>= 4.0.1)
hashdiff (0.3.7)
hashie (4.1.0)
hike (1.2.3)
html2haml (2.2.0)
erubis (~> 2.7.0)
haml (>= 4.0, < 6)
nokogiri (>= 1.6.0)
ruby_parser (~> 3.5)
http-cookie (1.0.2)
domain_name (~> 0.5)
http_accept_language (2.0.2)
Expand All @@ -193,7 +200,7 @@ GEM
jquery-turbolinks (2.0.1)
railties (>= 3.1.0)
turbolinks
json (1.8.6)
json (2.3.1)
jwt (2.2.2)
kaminari (1.2.1)
activesupport (>= 4.1.0)
Expand Down Expand Up @@ -290,8 +297,7 @@ GEM
rake (13.0.1)
rbnacl (4.0.2)
ffi
rdoc (4.1.1)
json (~> 1.4)
rdoc (6.2.1)
redis (3.3.0)
ref (2.0.0)
regexp_parser (1.8.2)
Expand All @@ -308,23 +314,25 @@ GEM
activemodel (>= 3.0)
activesupport (>= 3.0)
rspec-mocks (>= 2.99, < 4.0)
rspec-core (3.5.4)
rspec-support (~> 3.5.0)
rspec-expectations (3.5.0)
rspec-core (3.10.0)
rspec-support (~> 3.10.0)
rspec-expectations (3.10.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.5.0)
rspec-mocks (3.5.0)
rspec-support (~> 3.10.0)
rspec-mocks (3.10.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.5.0)
rspec-rails (3.5.2)
actionpack (>= 3.0)
activesupport (>= 3.0)
railties (>= 3.0)
rspec-core (~> 3.5.0)
rspec-expectations (~> 3.5.0)
rspec-mocks (~> 3.5.0)
rspec-support (~> 3.5.0)
rspec-support (3.5.0)
rspec-support (~> 3.10.0)
rspec-rails (4.0.1)
actionpack (>= 4.2)
activesupport (>= 4.2)
railties (>= 4.2)
rspec-core (~> 3.9)
rspec-expectations (~> 3.9)
rspec-mocks (~> 3.9)
rspec-support (~> 3.9)
rspec-support (3.10.0)
ruby_parser (3.15.0)
sexp_processor (~> 4.9)
safe_yaml (1.0.4)
sass (3.2.13)
sass-rails (4.0.1)
Expand All @@ -334,20 +342,19 @@ GEM
sawyer (0.8.1)
addressable (>= 2.3.5, < 2.6)
faraday (~> 0.8, < 1.0)
sdoc (0.4.0)
json (~> 1.8)
rdoc (~> 4.0, < 5.0)
sdoc (2.0.2)
rdoc (>= 5.0)
sexp_processor (4.15.1)
shoulda-matchers (3.1.1)
activesupport (>= 4.0.0)
sidekiq (4.0.2)
concurrent-ruby (~> 1.0)
connection_pool (~> 2.2, >= 2.2.0)
redis (~> 3.2, >= 3.2.1)
simplecov (0.15.1)
docile (~> 1.1.0)
json (>= 1.8, < 3)
simplecov-html (~> 0.10.0)
simplecov-html (0.10.2)
simplecov (0.19.1)
docile (~> 1.1)
simplecov-html (~> 0.11)
simplecov-html (0.12.3)
sprockets (2.12.5)
hike (~> 1.2)
multi_json (~> 1.0)
Expand All @@ -361,6 +368,7 @@ GEM
sshkit (1.12.0)
net-scp (>= 1.1.2)
net-ssh (>= 2.8.0)
temple (0.8.2)
therubyracer (0.12.3)
libv8 (~> 3.16.14.15)
ref
Expand Down Expand Up @@ -410,7 +418,7 @@ DEPENDENCIES
dusen (~> 0.6.1)
easy_gravatar
factory_girl_rails (~> 4.3.0)
haml-rails (~> 0.5.3)
haml-rails (~> 1.0)
http_accept_language
i18n-js
jbuilder (~> 1.5.3)
Expand All @@ -430,7 +438,7 @@ DEPENDENCIES
render_csv
rest-client
rspec-activemodel-mocks
rspec-rails (~> 3.5.0)
rspec-rails (~> 4.0)
sass-rails (~> 4.0.0)
sawyer (~> 0.8.0)
sdoc
Expand Down

0 comments on commit 52418d9

Please sign in to comment.