From 211e8bb309c08c2044b3334655763351e0e73770 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 15 Jul 2024 05:48:48 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-RDOC-6476871 --- Gemfile | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/Gemfile b/Gemfile index b934261..a51a0e1 100644 --- a/Gemfile +++ b/Gemfile @@ -2,26 +2,26 @@ source 'https://rubygems.org' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '6.0.3.5' +gem 'rails', '5.0.0' # Use mysql as the database for Active Record gem 'mysql2', '~> 0.3.18' # Use SCSS for stylesheets -gem 'sass-rails', '~> 5.0', '>= 5.0.8' +gem 'sass-rails', '~> 5.0', '>= 5.0.5' # Use Uglifier as compressor for JavaScript assets gem 'uglifier', '>= 1.3.0' # Use CoffeeScript for .coffee assets and views -gem 'coffee-rails', '~> 4.2.2' +gem 'coffee-rails', '~> 4.1.1' # See https://github.com/rails/execjs#readme for more supported runtimes gem 'therubyracer', platforms: :ruby # Use jquery as the JavaScript library -gem 'jquery-rails', '>= 4.0.5' +gem 'jquery-rails', '>= 4.1.0' # Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks -gem 'turbolinks', '>= 2.5.3' +gem 'turbolinks', '>= 2.5.4' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder gem 'jbuilder', '~> 2.0' # bundle exec rake doc:rails generates the API under doc/api. -gem 'sdoc', '~> 0.4.0', group: :doc +gem 'sdoc', '~> 1.0.0', group: :doc # Use ActiveModel has_secure_password # gem 'bcrypt', '~> 3.1.7' @@ -39,26 +39,26 @@ end group :development do # Access an IRB console on exception pages or by using <%= console %> in views - gem 'web-console', '~> 2.2', '>= 2.2.1' + gem 'web-console', '~> 2.3', '>= 2.3.0' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring gem 'spring' - gem 'better_errors' + gem 'better_errors', '>= 2.2.0' end gem 'bootstrap', git: 'https://github.com/twbs/bootstrap-rubygem' -gem 'react-rails', '~> 1.3.1' -gem 'devise', '~> 4.7.0' +gem 'react-rails', '~> 1.3.2' +gem 'devise', '~> 4.0.0' gem 'active_model_serializers', '~> 0.9.3' gem 'capistrano', '~> 3.1.0' gem 'capistrano-bundler', '~> 1.1.2' gem 'capistrano-rails', '~> 1.1.1' gem 'capistrano-rbenv', github: "capistrano/rbenv" -gem 'html-pipeline', '~> 2.2', '>= 2.2.2' +gem 'html-pipeline', '~> 2.2', '>= 2.2.3' gem 'github-linguist', '~> 4.7' gem 'gemoji', '~> 2.1' gem 'github-markdown', '~> 0.6.9' -gem 'sanitize', '~> 4.0' -gem 'html-pipeline-rouge_filter' +gem 'sanitize', '~> 4.0', '>= 4.0.1' +gem 'html-pipeline-rouge_filter', '>= 1.0.3'