From 98f49de8d6f456e8db7cd6092d220d61118a4881 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 3 Jun 2020 07:24:11 +0000 Subject: [PATCH] fix: alpha-blog/Gemfile & alpha-blog/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-WEBSOCKETEXTENSIONS-570830 --- alpha-blog/Gemfile | 2 +- alpha-blog/Gemfile.lock | 40 +++++++++++++++++++--------------------- 2 files changed, 20 insertions(+), 22 deletions(-) diff --git a/alpha-blog/Gemfile b/alpha-blog/Gemfile index af3b0b6..0b28982 100644 --- a/alpha-blog/Gemfile +++ b/alpha-blog/Gemfile @@ -7,7 +7,7 @@ end ruby '2.5.1' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 5.1.6' +gem 'rails', '~> 5.1.7' # Use sqlite3 as the database for Active Record #Use bcrypt for password on user ActiveModel diff --git a/alpha-blog/Gemfile.lock b/alpha-blog/Gemfile.lock index 427db4d..23c2204 100644 --- a/alpha-blog/Gemfile.lock +++ b/alpha-blog/Gemfile.lock @@ -51,7 +51,7 @@ GEM sass (>= 3.3.4) bootstrap-will_paginate (1.0.0) will_paginate - builder (3.2.3) + builder (3.2.4) byebug (11.0.1) capybara (2.18.0) addressable @@ -69,15 +69,15 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.1.5) - crass (1.0.4) + concurrent-ruby (1.1.6) + crass (1.0.6) docile (1.3.2) - erubi (1.8.0) + erubi (1.9.0) execjs (2.7.0) ffi (1.11.1) globalid (0.4.2) activesupport (>= 4.2.0) - i18n (1.6.0) + i18n (1.8.2) concurrent-ruby (~> 1.0) jbuilder (2.9.1) activesupport (>= 4.2.0) @@ -91,27 +91,27 @@ GEM rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) ruby_dep (~> 1.2) - loofah (2.2.3) + loofah (2.5.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) - method_source (0.9.2) + method_source (1.0.0) mini_mime (1.0.2) mini_portile2 (2.4.0) - minitest (5.11.3) + minitest (5.14.1) minitest-reporters (1.4.2) ansi builder minitest (>= 5.0) ruby-progressbar - nio4r (2.4.0) - nokogiri (1.10.3) + nio4r (2.5.2) + nokogiri (1.10.9) mini_portile2 (~> 2.4.0) pg (1.1.4) public_suffix (3.1.1) puma (3.12.1) - rack (2.0.7) + rack (2.2.2) rack-test (1.1.0) rack (>= 1.0, < 3) rails (5.1.7) @@ -133,8 +133,8 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.0.4) - loofah (~> 2.2, >= 2.2.2) + rails-html-sanitizer (1.3.0) + loofah (~> 2.3) rails_12factor (0.0.3) rails_serve_static_assets rails_stdout_logging @@ -146,7 +146,7 @@ GEM method_source rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rake (12.3.2) + rake (12.3.3) rb-fsevent (0.10.3) rb-inotify (0.10.0) ffi (~> 1.0) @@ -189,13 +189,13 @@ GEM therubyracer (0.12.3) libv8 (~> 3.16.14.15) ref - thor (0.20.3) + thor (1.0.1) thread_safe (0.3.6) tilt (2.0.9) turbolinks (5.2.0) turbolinks-source (~> 5.2) turbolinks-source (5.2.0) - tzinfo (1.2.5) + tzinfo (1.2.7) thread_safe (~> 0.1) uglifier (4.1.20) execjs (>= 0.3.0, < 3) @@ -206,7 +206,7 @@ GEM railties (>= 5.0) websocket-driver (0.6.5) websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.4) + websocket-extensions (0.1.5) will_paginate (3.1.5) xpath (3.2.0) nokogiri (~> 1.8) @@ -228,7 +228,7 @@ DEPENDENCIES minitest-reporters pg puma (~> 3.7) - rails (~> 5.1.6) + rails (~> 5.1.7) rails-controller-testing rails_12factor redis (~> 4.0) @@ -240,7 +240,6 @@ DEPENDENCIES sqlite3 therubyracer turbolinks (~> 5) - tzinfo-data uglifier (>= 1.3.0) web-console (>= 3.3.0) will_paginate (= 3.1.5) @@ -249,5 +248,4 @@ RUBY VERSION ruby 2.5.1p57 BUNDLED WITH - 2.0.2 - + 1.17.3