From 40795a45df6a6388a80d0e54a1b52729e7015ce5 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 4 Apr 2024 17:54:34 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274386 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274388 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 --- Gemfile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Gemfile b/Gemfile index 451dba63d..171a92134 100644 --- a/Gemfile +++ b/Gemfile @@ -2,7 +2,7 @@ source "https://rubygems.org" #don't upgrade -gem "rails", "6.0.0" +gem "rails", "7.0.8.1" ruby "2.6.5" @@ -12,14 +12,14 @@ gem "coffee-rails" gem "execjs" gem "foreman" gem "jquery-fileupload-rails" -gem "jquery-rails" +gem "jquery-rails", ">= 4.4.0" gem "minitest" gem "powder" # Pow related gem gem "pry-rails" # not in dev group in case running via prod/staging @ a training gem "puma" gem "rails-perftest" gem "rake" -gem "responders" #For Rails 4.2 # LOCKED DOWN +gem "responders" , ">= 3.0.1" #For Rails 4.2 # LOCKED DOWN gem "ruby-prof" gem "sassc-rails" gem "simplecov", require: false, group: :test @@ -34,25 +34,25 @@ gem "unicorn" # gem 'mailcatcher' group :development, :mysql do - gem "better_errors" + gem "better_errors", ">= 2.6.0" gem "binding_of_caller" gem "bundler-audit" gem "guard-livereload" gem "guard-rspec" gem "guard-shell" gem "pry" - gem "rack-livereload" + gem "rack-livereload", ">= 0.5.1" gem "rb-fsevent" gem "rubocop-github" gem "travis-lint" end group :development, :test, :mysql do - gem "capybara" + gem "capybara", ">= 3.30.0" gem "database_cleaner" gem "launchy" gem "poltergeist" - gem "rspec-rails", '4.0.0.beta3' # 4/26/2019: LOCKED DOWN + gem "rspec-rails", "4.0.0" # 4/26/2019: LOCKED DOWN gem "test-unit" end