From 775b990b7772e6e12135c4b49d282c3012088a26 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 4 Apr 2023 14:23:33 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1016639 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1080916 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1290051 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1290052 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1290053 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2320175 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2400638 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2803847 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237231 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237232 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-2803851 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-632514 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-1080913 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-2960802 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-3237236 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-3237239 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESTORAGE-2420035 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 - https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242 - https://snyk.io/vuln/SNYK-RUBY-GLOBALID-3237234 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168318 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168649 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1055008 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1293239 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1726792 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2413994 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2620374 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630623 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630898 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2840634 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880 - https://snyk.io/vuln/SNYK-RUBY-PUMA-1291014 - https://snyk.io/vuln/SNYK-RUBY-PUMA-1730572 - https://snyk.io/vuln/SNYK-RUBY-PUMA-2400629 - https://snyk.io/vuln/SNYK-RUBY-PUMA-2437090 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848599 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848600 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233 - https://snyk.io/vuln/SNYK-RUBY-RAILS-1071903 - https://snyk.io/vuln/SNYK-RUBY-RAILS-1567785 - https://snyk.io/vuln/SNYK-RUBY-RAILS-5291540 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-2935879 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648 - https://snyk.io/vuln/SNYK-RUBY-TZINFO-2958048 --- Gemfile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index 5945d9e..e9225be 100644 --- a/Gemfile +++ b/Gemfile @@ -4,11 +4,11 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '2.6.0' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 6.0.3', '>= 6.0.3.2' +gem 'rails', '~> 6.1.7', '>= 6.1.7.3' # Use postgresql as the database for Active Record gem 'pg', '>= 0.18', '< 2.0' # Use Puma as the app server -gem 'puma', '~> 4.3', '>= 4.3.5' +gem 'puma', '~> 4.3', '>= 4.3.12' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder # gem 'jbuilder', '~> 2.7' # Use Redis adapter to run Action Cable in production @@ -45,12 +45,12 @@ gem 'docker-postgres-rails', '~> 0.0.1' gem 'jwt' gem 'bcrypt', '~> 3.1.7' -gem 'active_model_serializers', '>= 0.10.10' +gem 'active_model_serializers', '>= 0.10.12' group :development, :test do gem 'rspec-rails', '~> 3.9', '>= 3.9.1' gem 'database_cleaner' - gem 'factory_bot_rails', '>= 5.2.0' + gem 'factory_bot_rails', '>= 6.1.0' gem 'faker' end @@ -62,7 +62,7 @@ group :development, :test do gem 'rswag-specs', '>= 2.3.1' end -gem 'kaminari', '>= 1.1.1' +gem 'kaminari', '>= 1.2.1' gem 'lograge', '>= 0.11.2' gem 'logstash-event'