[Snyk] Security upgrade omniauth-rails_csrf_protection from 1.0.1 to …

…1.0.2 (#5804) * fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 * Update Gemfile.lock --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>
bigbluebutton · Jun 24, 2024 · 1137c06 · 1137c06
1 parent 63b263f
commit 1137c06
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/Gemfile b/Gemfile
@@ -26,7 +26,7 @@ gem 'jwt'
 gem 'mini_magick', '>= 4.9.5'
 gem 'omniauth', '~> 2.1.2'
 gem 'omniauth_openid_connect', '>= 0.6.1'
-gem 'omniauth-rails_csrf_protection', '~> 1.0.1'
+gem 'omniauth-rails_csrf_protection', '~> 1.0.2'
 gem 'pagy', '~> 6.0', '>= 6.0.0'
 gem 'pg'
 gem 'puma', '~> 5.6'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -286,7 +286,7 @@ GEM
       hashie (>= 3.4.6)
       rack (>= 2.2.3)
       rack-protection
-    omniauth-rails_csrf_protection (1.0.1)
+    omniauth-rails_csrf_protection (1.0.2)
       actionpack (>= 4.2)
       omniauth (~> 2.0)
     omniauth_openid_connect (0.7.1)
@@ -529,7 +529,7 @@ DEPENDENCIES
   lograge (~> 0.14.0)
   mini_magick (>= 4.9.5)
   omniauth (~> 2.1.2)
-  omniauth-rails_csrf_protection (~> 1.0.1)
+  omniauth-rails_csrf_protection (~> 1.0.2)
   omniauth_openid_connect (>= 0.6.1)
   pagy (~> 6.0, >= 6.0.0)
   pg