Merge pull request #4110 from envato/dependencies

Apply security patches for dependencies

.ruby-version

@@ -1 +1 @@
-3.2.2
+3.2.4

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:3.2.2-slim
+FROM ruby:3.2.4-slim
 
 # Install dependencies
 RUN \

Gemfile

@@ -5,7 +5,12 @@ ruby File.read('.ruby-version').strip
 
 # gems that have rails engines are are always needed
 group :preload do
-  gem 'rails', '~> 6.1.7.7'
+  rails_version = '~> 6.1.7'
+  gem 'railties', rails_version
+  gem 'actioncable', rails_version
+  gem 'actionmailer', rails_version
+  gem 'activerecord', rails_version
+
   gem 'dotenv'
   gem 'connection_pool'
   gem 'marco-polo' # TODO: https://github.com/arches/marco-polo/pull/16
@@ -77,6 +82,7 @@ group :sqlite do
 end
 
 group :assets do
+  gem 'sprockets-rails'
   gem 'sprockets', '~> 3.7'
   gem 'sass-rails'
   gem 'uglifier'

Gemfile.lock

@@ -216,13 +216,6 @@ GEM
       activesupport (= 6.1.7.7)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activejob (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activestorage (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
-      mail (>= 2.7.1)
     actionmailer (6.1.7.7)
       actionpack (= 6.1.7.7)
       actionview (= 6.1.7.7)
@@ -237,12 +230,6 @@ GEM
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activestorage (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
-      nokogiri (>= 1.8.5)
     actionview (6.1.7.7)
       activesupport (= 6.1.7.7)
       builder (~> 3.1)
@@ -259,13 +246,6 @@ GEM
     activerecord (6.1.7.7)
       activemodel (= 6.1.7.7)
       activesupport (= 6.1.7.7)
-    activestorage (6.1.7.7)
-      actionpack (= 6.1.7.7)
-      activejob (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
-      marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
     activesupport (6.1.7.7)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
@@ -325,7 +305,7 @@ GEM
     bundler-audit (0.9.1)
       bundler (>= 1.2.0, < 3)
       thor (~> 1.0)
-    byebug (8.2.5)
+    byebug (11.1.3)
     chef-utils (18.4.2)
       concurrent-ruby
     coderay (1.1.3)
@@ -440,17 +420,16 @@ GEM
       nokogiri (>= 1.12.0)
     mail (2.7.1)
       mini_mime (>= 0.1.1)
-    marcel (1.0.3)
     marco-polo (2.0.3)
       railties (>= 6)
     maxitest (3.7.0)
       minitest (>= 5.0.0, < 5.15.0)
-    method_source (1.0.0)
+    method_source (1.1.0)
     mime-types (3.5.2)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2024.0206)
     mini_mime (1.1.5)
-    mini_portile2 (2.8.5)
+    mini_portile2 (2.8.7)
     minitest (5.14.4)
     minitest-rails (6.1.1)
       minitest (~> 5.10)
@@ -481,16 +460,16 @@ GEM
     netrc (0.11.0)
     newrelic_rpm (9.7.1)
     nio4r (2.7.0)
-    nokogiri (1.16.2)
+    nokogiri (1.16.5)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.16.2-aarch64-linux)
+    nokogiri (1.16.5-aarch64-linux)
       racc (~> 1.4)
-    nokogiri (1.16.2-arm64-darwin)
+    nokogiri (1.16.5-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.2-x86_64-darwin)
+    nokogiri (1.16.5-x86_64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.2-x86_64-linux)
+    nokogiri (1.16.5-x86_64-linux)
       racc (~> 1.4)
     oauth2 (2.0.9)
       faraday (>= 0.17.3, < 3.0)
@@ -534,9 +513,9 @@ GEM
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    pry-byebug (3.3.0)
-      byebug (~> 8.0)
-      pry (~> 0.10)
+    pry-byebug (3.10.1)
+      byebug (~> 11.0)
+      pry (>= 0.13, < 0.15)
     pry-rails (0.3.9)
       pry (>= 0.10.4)
     pry-rescue (1.6.0)
@@ -549,7 +528,7 @@ GEM
     puma (5.6.8)
       nio4r (~> 2.0)
     pyu-ruby-sasl (0.0.3.3)
-    racc (1.7.3)
+    racc (1.8.0)
     rack (2.2.8.1)
     rack-mini-profiler (3.3.0)
       rack (>= 1.2.0)
@@ -558,21 +537,6 @@ GEM
       rack (~> 2.2, >= 2.2.4)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (6.1.7.7)
-      actioncable (= 6.1.7.7)
-      actionmailbox (= 6.1.7.7)
-      actionmailer (= 6.1.7.7)
-      actionpack (= 6.1.7.7)
-      actiontext (= 6.1.7.7)
-      actionview (= 6.1.7.7)
-      activejob (= 6.1.7.7)
-      activemodel (= 6.1.7.7)
-      activerecord (= 6.1.7.7)
-      activestorage (= 6.1.7.7)
-      activesupport (= 6.1.7.7)
-      bundler (>= 1.15.0)
-      railties (= 6.1.7.7)
-      sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -602,7 +566,8 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rexml (3.2.6)
+    rexml (3.2.8)
+      strscan (>= 3.0.9)
     rollbar (2.27.1)
     rollbar-user_informer (0.1.0)
       rollbar (~> 2.15)
@@ -673,6 +638,7 @@ GEM
     sqlite3 (1.6.9-x86_64-darwin)
     sqlite3 (1.6.9-x86_64-linux)
     stackprof (0.2.12)
+    strscan (3.1.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     thor (1.3.1)
@@ -713,7 +679,10 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  actioncable (~> 6.1.7)
+  actionmailer (~> 6.1.7)
   active_hash
+  activerecord (~> 6.1.7)
   ansible
   ar_multi_threaded_transactional_tests
   attr_encrypted
@@ -776,7 +745,6 @@ DEPENDENCIES
   pry-stack_explorer
   puma (~> 5.6.7)
   rack-mini-profiler
-  rails (~> 6.1.7.7)
   rails-assets-bootstrap-select!
   rails-assets-jquery!
   rails-assets-jquery-cookie!
@@ -788,6 +756,7 @@ DEPENDENCIES
   rails-assets-underscore!
   rails-assets-x-editable!
   rails-controller-testing
+  railties (~> 6.1.7)
   rubocop
   rubocop-rails
   samson_airbrake!
@@ -821,6 +790,7 @@ DEPENDENCIES
   single_cov
   soft_deletion
   sprockets (~> 3.7)
+  sprockets-rails
   sqlite3
   stackprof
   uglifier
@@ -830,7 +800,7 @@ DEPENDENCIES
   webmock
 
 RUBY VERSION
-   ruby 3.2.2p53
+   ruby 3.2.4p170
 
 BUNDLED WITH
-   2.5.6
+   2.5.11