From 3f0f58f8de39e18b772ccdcd7531651ec84b42e0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 28 Feb 2022 00:07:56 +0000 Subject: [PATCH] fix: house-master/Gemfile & house-master/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2413994 --- house-master/Gemfile | 6 +- house-master/Gemfile.lock | 204 +++++++++++++++++++------------------- 2 files changed, 107 insertions(+), 103 deletions(-) mode change 100755 => 100644 house-master/Gemfile mode change 100755 => 100644 house-master/Gemfile.lock diff --git a/house-master/Gemfile b/house-master/Gemfile old mode 100755 new mode 100644 index 024689dc..73c4d587 --- a/house-master/Gemfile +++ b/house-master/Gemfile @@ -15,11 +15,11 @@ group :development do end # Use SCSS for stylesheets -gem 'sass-rails', '~> 5.0' +gem 'sass-rails', '~> 5.0', '>= 5.0.7' # Use Uglifier as compressor for JavaScript assets gem 'uglifier', '>= 1.3.0' # Use CoffeeScript for .coffee assets and views -gem 'coffee-rails', '~> 4.1.0' +gem 'coffee-rails', '~> 4.1.1' # Use jquery as the JavaScript library gem 'jquery-rails' # Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks @@ -44,6 +44,6 @@ gem 'activeadmin' group :development, :test do gem 'pry-rails' gem 'awesome_print' - gem 'rspec-rails', '~> 3.0' + gem 'rspec-rails', '~> 3.8', '>= 3.8.0' gem 'factory_bot_rails' end diff --git a/house-master/Gemfile.lock b/house-master/Gemfile.lock old mode 100755 new mode 100644 index 730da692..6a7f3adb --- a/house-master/Gemfile.lock +++ b/house-master/Gemfile.lock @@ -1,26 +1,26 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (4.2.10) - actionpack (= 4.2.10) - actionview (= 4.2.10) - activejob (= 4.2.10) + actionmailer (4.2.11.3) + actionpack (= 4.2.11.3) + actionview (= 4.2.11.3) + activejob (= 4.2.11.3) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.10) - actionview (= 4.2.10) - activesupport (= 4.2.10) + actionpack (4.2.11.3) + actionview (= 4.2.11.3) + activesupport (= 4.2.11.3) rack (~> 1.6) rack-test (~> 0.6.2) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.10) - activesupport (= 4.2.10) + actionview (4.2.11.3) + activesupport (= 4.2.11.3) builder (~> 3.1) erubis (~> 2.7.0) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activeadmin (1.3.1) + activeadmin (1.4.3) arbre (>= 1.1.1) coffee-rails formtastic (~> 3.1) @@ -32,28 +32,29 @@ GEM ransack (>= 1.8.7) sass (~> 3.1) sprockets (< 4.1) - activejob (4.2.10) - activesupport (= 4.2.10) + activejob (4.2.11.3) + activesupport (= 4.2.11.3) globalid (>= 0.3.0) - activemodel (4.2.10) - activesupport (= 4.2.10) + activemodel (4.2.11.3) + activesupport (= 4.2.11.3) builder (~> 3.1) - activerecord (4.2.10) - activemodel (= 4.2.10) - activesupport (= 4.2.10) + activerecord (4.2.11.3) + activemodel (= 4.2.11.3) + activesupport (= 4.2.11.3) arel (~> 6.0) - activesupport (4.2.10) + activesupport (4.2.11.3) i18n (~> 0.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) - arbre (1.1.1) - activesupport (>= 3.0.0) + arbre (1.5.0) + activesupport (>= 3.0.0, < 7.1) + ruby2_keywords (>= 0.0.2, < 1.0) arel (6.0.4) autoprefixer-rails (9.1.4) execjs awesome_print (1.8.0) - bcrypt (3.1.12) + bcrypt (3.1.16) bootstrap (4.0.0) autoprefixer-rails (>= 6.0.3) popper_js (>= 1.12.9, < 2) @@ -61,7 +62,7 @@ GEM bootstrap-sass (3.3.7) autoprefixer-rails (>= 5.2.1) sass (>= 3.3.4) - builder (3.2.3) + builder (3.2.4) byebug (10.0.2) coderay (1.1.2) coffee-rails (4.1.1) @@ -71,22 +72,22 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.0.5) - crass (1.0.4) - devise (4.5.0) + concurrent-ruby (1.1.9) + crass (1.0.6) + devise (4.8.1) bcrypt (~> 3.0) orm_adapter (~> 0.1) - railties (>= 4.1.0, < 6.0) + railties (>= 4.1.0) responders warden (~> 1.2.3) - diff-lcs (1.3) + diff-lcs (1.5.0) erubis (2.7.0) - execjs (2.7.0) - factory_bot (4.11.0) - activesupport (>= 3.0.0) - factory_bot_rails (4.11.0) - factory_bot (~> 4.11.0) - railties (>= 3.0.0) + execjs (2.8.1) + factory_bot (5.2.0) + activesupport (>= 4.2.0) + factory_bot_rails (5.2.0) + factory_bot (~> 5.2.0) + railties (>= 4.2.0) faker (1.9.1) i18n (>= 0.7) faraday (0.12.2) @@ -96,8 +97,8 @@ GEM sassc (>= 1.11) formtastic (3.1.5) actionpack (>= 3.2.13) - formtastic_i18n (0.6.0) - globalid (0.4.1) + formtastic_i18n (0.7.0) + globalid (0.4.2) activesupport (>= 4.2.0) has_scope (0.7.2) actionpack (>= 4.1) @@ -110,37 +111,38 @@ GEM has_scope (~> 0.6) railties (>= 4.2, < 5.3) responders - jquery-rails (4.3.3) + jquery-rails (4.4.0) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) jwt (1.5.6) - kaminari (1.1.1) + kaminari (1.2.2) activesupport (>= 4.1.0) - kaminari-actionview (= 1.1.1) - kaminari-activerecord (= 1.1.1) - kaminari-core (= 1.1.1) - kaminari-actionview (1.1.1) + kaminari-actionview (= 1.2.2) + kaminari-activerecord (= 1.2.2) + kaminari-core (= 1.2.2) + kaminari-actionview (1.2.2) actionview - kaminari-core (= 1.1.1) - kaminari-activerecord (1.1.1) + kaminari-core (= 1.2.2) + kaminari-activerecord (1.2.2) activerecord - kaminari-core (= 1.1.1) - kaminari-core (1.1.1) - loofah (2.2.2) + kaminari-core (= 1.2.2) + kaminari-core (1.2.2) + loofah (2.14.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) - mail (2.7.0) + mail (2.7.1) mini_mime (>= 0.1.1) method_source (0.9.0) - mini_mime (1.0.1) - mini_portile2 (2.3.0) - minitest (5.11.3) + mini_mime (1.1.2) + mini_portile2 (2.8.0) + minitest (5.15.0) multi_json (1.13.1) multi_xml (0.6.0) multipart-post (2.0.0) - nokogiri (1.8.4) - mini_portile2 (~> 2.3.0) + nokogiri (1.13.3) + mini_portile2 (~> 2.8.0) + racc (~> 1.4) oauth2 (1.4.0) faraday (>= 0.8, < 0.13) jwt (~> 1.0) @@ -163,71 +165,73 @@ GEM method_source (~> 0.9.0) pry-rails (0.3.6) pry (>= 0.10.4) - rack (1.6.10) + racc (1.6.0) + rack (1.6.13) rack-protection (1.5.5) rack rack-test (0.6.3) rack (>= 1.0) - rails (4.2.10) - actionmailer (= 4.2.10) - actionpack (= 4.2.10) - actionview (= 4.2.10) - activejob (= 4.2.10) - activemodel (= 4.2.10) - activerecord (= 4.2.10) - activesupport (= 4.2.10) + rails (4.2.11.3) + actionmailer (= 4.2.11.3) + actionpack (= 4.2.11.3) + actionview (= 4.2.11.3) + activejob (= 4.2.11.3) + activemodel (= 4.2.11.3) + activerecord (= 4.2.11.3) + activesupport (= 4.2.11.3) bundler (>= 1.3.0, < 2.0) - railties (= 4.2.10) + railties (= 4.2.11.3) sprockets-rails - rails-deprecated_sanitizer (1.0.3) + rails-deprecated_sanitizer (1.0.4) activesupport (>= 4.2.0.alpha) rails-dom-testing (1.0.9) activesupport (>= 4.2.0, < 5.0) nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.0.4) - loofah (~> 2.2, >= 2.2.2) + rails-html-sanitizer (1.4.2) + loofah (~> 2.3) rails_12factor (0.0.3) rails_serve_static_assets rails_stdout_logging rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (4.2.10) - actionpack (= 4.2.10) - activesupport (= 4.2.10) + railties (4.2.11.3) + actionpack (= 4.2.11.3) + activesupport (= 4.2.11.3) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rake (12.3.1) - ransack (1.8.9) - actionpack (>= 3.0, <= 5.1.1) - activerecord (>= 3.0, <= 5.1.1) - activesupport (>= 3.0, <= 5.1.1) + rake (13.0.6) + ransack (1.8.10) + actionpack (>= 3.0, < 5.2) + activerecord (>= 3.0, < 5.2) + activesupport (>= 3.0, < 5.2) i18n - rb-fsevent (0.10.3) - rb-inotify (0.9.10) - ffi (>= 0.5.0, < 2) - responders (2.4.0) - actionpack (>= 4.2.0, < 5.3) - railties (>= 4.2.0, < 5.3) - rspec-core (3.8.0) - rspec-support (~> 3.8.0) - rspec-expectations (3.8.1) + rb-fsevent (0.11.1) + rb-inotify (0.10.1) + ffi (~> 1.0) + responders (2.4.1) + actionpack (>= 4.2.0, < 6.0) + railties (>= 4.2.0, < 6.0) + rspec-core (3.9.3) + rspec-support (~> 3.9.3) + rspec-expectations (3.9.4) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.8.0) - rspec-mocks (3.8.0) + rspec-support (~> 3.9.0) + rspec-mocks (3.9.1) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.8.0) - rspec-rails (3.8.0) + rspec-support (~> 3.9.0) + rspec-rails (3.9.1) actionpack (>= 3.0) activesupport (>= 3.0) railties (>= 3.0) - rspec-core (~> 3.8.0) - rspec-expectations (~> 3.8.0) - rspec-mocks (~> 3.8.0) - rspec-support (~> 3.8.0) - rspec-support (3.8.0) + rspec-core (~> 3.9.0) + rspec-expectations (~> 3.9.0) + rspec-mocks (~> 3.9.0) + rspec-support (~> 3.9.0) + rspec-support (3.9.4) + ruby2_keywords (0.0.5) ruby_http_client (3.3.0) - sass (3.5.7) + sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) @@ -251,15 +255,15 @@ GEM sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.1) + sprockets-rails (3.2.2) actionpack (>= 4.0) activesupport (>= 4.0) sprockets (>= 3.0.0) sqlite3 (1.3.13) - thor (0.20.0) + thor (1.2.1) thread_safe (0.3.6) - tilt (2.0.8) - tzinfo (1.2.5) + tilt (2.0.10) + tzinfo (1.2.9) thread_safe (~> 0.1) uglifier (4.1.18) execjs (>= 0.3.0, < 3) @@ -275,7 +279,7 @@ DEPENDENCIES bootstrap (~> 4.0.0.alpha6) bootstrap-sass byebug - coffee-rails (~> 4.1.0) + coffee-rails (~> 4.1.1) devise factory_bot_rails faker @@ -287,11 +291,11 @@ DEPENDENCIES pry-rails rails (~> 4.2.10) rails_12factor - rspec-rails (~> 3.0) - sass-rails (~> 5.0) + rspec-rails (~> 3.8, >= 3.8.0) + sass-rails (~> 5.0, >= 5.0.7) sendgrid-ruby sqlite3 uglifier (>= 1.3.0) BUNDLED WITH - 1.16.2 + 1.17.3