Skip to content

Commit

Permalink
fix: Gemfile & Gemfile.lock to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-REXML-7814166
  • Loading branch information
@snyk-bot
snyk-bot committed Aug 24, 2024
1 parent a1b9e5b commit 1a5f696
Show file tree
Hide file tree
Showing 2 changed files with 95 additions and 84 deletions.
20 changes: 10 additions & 10 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ gem 'clamby', '~> 1.6.10'
gem 'cssbundling-rails', '>= 1.3.3'
gem 'data_migrate', '>= 9.4.0'
gem 'dotenv-rails'
gem 'google-cloud-storage', '~> 1.44', require: false
gem 'google-cloud-storage', '~> 1.45', '>= 1.45.0', require: false
gem 'hcaptcha'
gem 'hiredis', '~> 0.6.0'
gem 'i18n-language-mapping'
Expand All @@ -40,12 +40,12 @@ group :development, :test do
end

group :development do
gem 'rubocop', '~> 1.26', require: false
gem 'rubocop-capybara', '~> 2.19.0', require: false
gem 'rubocop-factory_bot', '~> 2.24.0', require: false
gem 'rubocop-performance', '~> 1.13', require: false
gem 'rubocop-rails', '~> 2.18', '>= 2.18.0', require: false
gem 'rubocop-rspec', '~> 2.9.0', require: false
gem 'rubocop', '~> 1.56', '>= 1.56.2', require: false
gem 'rubocop-capybara', '~> 2.20.0', require: false
gem 'rubocop-factory_bot', '~> 2.25.0', require: false
gem 'rubocop-performance', '~> 1.17', '>= 1.17.0', require: false
gem 'rubocop-rails', '~> 2.21', '>= 2.21.0', require: false
gem 'rubocop-rspec', '~> 2.10.0', require: false
gem 'web-console', '>= 4.2.1'
end

Expand All @@ -55,10 +55,10 @@ group :test do
gem 'factory_bot_rails', '>= 6.4.3'
gem 'faker'
gem 'rspec-rails', '>= 6.0.4'
gem 'selenium-webdriver'
gem 'selenium-webdriver', '>= 4.8.1'
gem 'shoulda-matchers', '~> 5.0'
gem 'webdrivers'
gem 'webmock'
gem 'webdrivers', '>= 5.3.0'
gem 'webmock', '>= 3.19.0'
end

group :production do
Expand Down
159 changes: 85 additions & 74 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,8 +85,8 @@ GEM
minitest (>= 5.1)
mutex_m
tzinfo (~> 2.0)
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
aes_key_wrap (1.1.0)
ast (2.4.2)
attr_required (1.0.1)
Expand All @@ -106,7 +106,7 @@ GEM
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
aws-eventstream (~> 1, >= 1.0.2)
base64 (0.1.1)
base64 (0.2.0)
bcrypt (3.1.18)
bigbluebutton-api-ruby (1.9.1)
childprocess (>= 1.0.1)
Expand Down Expand Up @@ -135,9 +135,10 @@ GEM
activesupport
childprocess (4.1.0)
clamby (1.6.10)
concurrent-ruby (1.3.3)
concurrent-ruby (1.3.4)
connection_pool (2.4.1)
crack (0.4.5)
crack (1.0.0)
bigdecimal
rexml
crass (1.0.6)
cssbundling-rails (1.3.3)
Expand Down Expand Up @@ -166,50 +167,51 @@ GEM
railties (>= 5.0.0)
faker (3.1.1)
i18n (>= 1.8.11, < 2)
faraday (2.9.0)
faraday (2.10.1)
faraday-net_http (>= 2.0, < 3.2)
logger
faraday-follow_redirects (0.3.0)
faraday (>= 1, < 3)
faraday-net_http (3.1.0)
faraday-net_http (3.1.1)
net-http
ffi (1.15.5)
globalid (1.2.1)
activesupport (>= 6.1)
google-apis-core (0.11.0)
google-apis-core (0.15.1)
addressable (~> 2.5, >= 2.5.1)
googleauth (>= 0.16.2, < 2.a)
httpclient (>= 2.8.1, < 3.a)
googleauth (~> 1.9)
httpclient (>= 2.8.3, < 3.a)
mini_mime (~> 1.0)
mutex_m
representable (~> 3.0)
retriable (>= 2.0, < 4.a)
rexml
webrick
google-apis-iamcredentials_v1 (0.17.0)
google-apis-core (>= 0.11.0, < 2.a)
google-apis-storage_v1 (0.19.0)
google-apis-core (>= 0.9.0, < 2.a)
google-cloud-core (1.6.0)
google-cloud-env (~> 1.0)
google-apis-iamcredentials_v1 (0.21.0)
google-apis-core (>= 0.15.0, < 2.a)
google-apis-storage_v1 (0.43.0)
google-apis-core (>= 0.15.0, < 2.a)
google-cloud-core (1.7.1)
google-cloud-env (>= 1.0, < 3.a)
google-cloud-errors (~> 1.0)
google-cloud-env (1.6.0)
faraday (>= 0.17.3, < 3.0)
google-cloud-errors (1.3.1)
google-cloud-storage (1.44.0)
google-cloud-env (2.1.1)
faraday (>= 1.0, < 3.a)
google-cloud-errors (1.4.0)
google-cloud-storage (1.52.0)
addressable (~> 2.8)
digest-crc (~> 0.4)
google-apis-iamcredentials_v1 (~> 0.1)
google-apis-storage_v1 (~> 0.19.0)
google-apis-core (~> 0.13)
google-apis-iamcredentials_v1 (~> 0.18)
google-apis-storage_v1 (~> 0.38)
google-cloud-core (~> 1.6)
googleauth (>= 0.16.2, < 2.a)
googleauth (~> 1.9)
mini_mime (~> 1.0)
googleauth (1.6.0)
faraday (>= 0.17.3, < 3.a)
googleauth (1.11.0)
faraday (>= 1.0, < 3.a)
google-cloud-env (~> 2.1)
jwt (>= 1.4, < 3.0)
memoist (~> 0.16)
multi_json (~> 1.11)
os (>= 0.9, < 2.0)
signet (>= 0.16, < 2.a)
hashdiff (1.0.1)
hashdiff (1.1.1)
hashie (5.0.0)
hcaptcha (7.1.0)
json
Expand All @@ -231,7 +233,7 @@ GEM
jmespath (1.6.2)
jsbundling-rails (1.2.2)
railties (>= 6.0.0)
json (2.6.3)
json (2.7.2)
json-jwt (1.16.6)
activesupport (>= 4.2)
aes_key_wrap
Expand All @@ -240,8 +242,10 @@ GEM
faraday (~> 2.0)
faraday-follow_redirects
jsonapi-renderer (0.2.2)
jwt (2.7.0)
jwt (2.8.2)
base64
language_server-protocol (3.17.0.3)
logger (1.6.0)
lograge (0.14.0)
actionpack (>= 4)
activesupport (>= 4)
Expand All @@ -257,11 +261,10 @@ GEM
net-smtp
marcel (1.0.4)
matrix (0.4.2)
memoist (0.16.2)
mini_magick (4.12.0)
mini_mime (1.1.5)
mini_portile2 (2.8.7)
minitest (5.23.1)
minitest (5.25.1)
msgpack (1.6.0)
multi_json (1.15.0)
mutex_m (0.2.0)
Expand All @@ -277,10 +280,10 @@ GEM
net-smtp (0.5.0)
net-protocol
nio4r (2.7.3)
nokogiri (1.16.5)
nokogiri (1.16.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
nokogiri (1.16.5-x86_64-linux)
nokogiri (1.16.7-x86_64-linux)
racc (~> 1.4)
omniauth (2.1.2)
hashie (>= 3.4.6)
Expand All @@ -307,17 +310,17 @@ GEM
webfinger (~> 2.0)
os (1.1.4)
pagy (6.0.4)
parallel (1.23.0)
parser (3.2.2.3)
parallel (1.26.3)
parser (3.3.4.2)
ast (~> 2.4.1)
racc
pg (1.4.5)
psych (5.1.2)
stringio
public_suffix (5.0.3)
public_suffix (6.0.1)
puma (5.6.8)
nio4r (~> 2.0)
racc (1.8.0)
racc (1.8.1)
rack (2.2.9)
rack-oauth2 (2.2.0)
activesupport
Expand Down Expand Up @@ -370,7 +373,7 @@ GEM
rdoc (6.7.0)
psych (>= 4.0.0)
redis (4.8.0)
regexp_parser (2.8.1)
regexp_parser (2.9.2)
reline (0.5.9)
io-console (~> 0.5)
remote_syslog_logger (1.0.4)
Expand All @@ -382,7 +385,8 @@ GEM
request_store (1.5.1)
rack (>= 1.4)
retriable (3.1.2)
rexml (3.2.6)
rexml (3.3.6)
strscan
rspec-core (3.12.2)
rspec-support (~> 3.12.0)
rspec-expectations (3.12.3)
Expand All @@ -400,44 +404,44 @@ GEM
rspec-mocks (~> 3.12)
rspec-support (~> 3.12)
rspec-support (3.12.1)
rubocop (1.56.1)
base64 (~> 0.1.1)
rubocop (1.65.1)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.2.2.3)
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
regexp_parser (>= 2.4, < 3.0)
rexml (>= 3.2.5, < 4.0)
rubocop-ast (>= 1.28.1, < 2.0)
rubocop-ast (>= 1.31.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.29.0)
parser (>= 3.2.1.0)
rubocop-capybara (2.19.0)
rubocop-ast (1.32.1)
parser (>= 3.3.1.0)
rubocop-capybara (2.20.0)
rubocop (~> 1.41)
rubocop-factory_bot (2.25.1)
rubocop (~> 1.41)
rubocop-factory_bot (2.24.0)
rubocop (~> 1.33)
rubocop-performance (1.16.0)
rubocop (>= 1.7.0, < 2.0)
rubocop-ast (>= 0.4.0)
rubocop-rails (2.20.2)
rubocop-performance (1.21.1)
rubocop (>= 1.48.1, < 2.0)
rubocop-ast (>= 1.31.1, < 2.0)
rubocop-rails (2.26.0)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 1.33.0, < 2.0)
rubocop-rspec (2.9.0)
rubocop (>= 1.52.0, < 2.0)
rubocop-ast (>= 1.31.1, < 2.0)
rubocop-rspec (2.10.0)
rubocop (~> 1.19)
ruby-progressbar (1.13.0)
ruby-vips (2.1.4)
ffi (~> 1.12)
rubyzip (2.3.2)
selenium-webdriver (4.8.0)
selenium-webdriver (4.10.0)
rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2, < 3.0)
websocket (~> 1.0)
shoulda-matchers (5.3.0)
activesupport (>= 5.2.0)
signet (0.17.0)
signet (0.19.0)
addressable (~> 2.8)
faraday (>= 0.17.5, < 3.a)
jwt (>= 1.5, < 3.0)
Expand All @@ -450,6 +454,7 @@ GEM
activesupport (>= 6.1)
sprockets (>= 3.0.0)
stringio (3.1.0)
strscan (3.1.0)
swd (2.0.2)
activesupport (>= 3)
attr_required (>= 0.0.5)
Expand All @@ -462,7 +467,7 @@ GEM
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
uber (0.1.0)
unicode-display_width (2.4.2)
unicode-display_width (2.5.0)
uri (0.13.0)
validate_email (0.1.6)
activemodel (>= 3.0)
Expand All @@ -475,20 +480,20 @@ GEM
activemodel (>= 6.0.0)
bindex (>= 0.4.0)
railties (>= 6.0.0)
webdrivers (5.2.0)
webdrivers (5.3.1)
nokogiri (~> 1.6)
rubyzip (>= 1.3.0)
selenium-webdriver (~> 4.0)
selenium-webdriver (~> 4.0, < 4.11)
webfinger (2.1.2)
activesupport
faraday (~> 2.0)
faraday-follow_redirects
webmock (3.18.1)
webmock (3.23.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
webrick (1.8.1)
websocket (1.2.9)
websocket (1.2.11)
websocket-driver (0.7.6)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
Expand Down Expand Up @@ -518,7 +523,7 @@ DEPENDENCIES
factory_bot (>= 6.4.1)
factory_bot_rails (>= 6.4.3)
faker
google-cloud-storage (~> 1.44)
google-cloud-storage (~> 1.45, >= 1.45.0)
hcaptcha
hiredis (~> 0.6.0)
i18n-language-mapping
Expand All @@ -538,16 +543,22 @@ DEPENDENCIES
redis (~> 4.0)
remote_syslog_logger
rspec-rails (>= 6.0.4)
rubocop (~> 1.26)
rubocop-capybara (~> 2.19.0)
rubocop-factory_bot (~> 2.24.0)
rubocop-performance (~> 1.13)
rubocop-rails (~> 2.18, >= 2.18.0)
rubocop-rspec (~> 2.9.0)
selenium-webdriver
rubocop (~> 1.56, >= 1.56.2)
rubocop-capybara (~> 2.20.0)
rubocop-factory_bot (~> 2.25.0)
rubocop-performance (~> 1.17, >= 1.17.0)
rubocop-rails (~> 2.21, >= 2.21.0)
rubocop-rspec (~> 2.10.0)
selenium-webdriver (>= 4.8.1)
shoulda-matchers (~> 5.0)
sprockets-rails (>= 3.5.0)
tzinfo-data
web-console (>= 4.2.1)
webdrivers
webmock
webdrivers (>= 5.3.0)
webmock (>= 3.19.0)

RUBY VERSION
ruby 3.0.0p0

BUNDLED WITH
2.2.3

0 comments on commit 1a5f696

Please sign in to comment.