Skip to content

Commit 0e345af

Browse files
kigsterkigster
committed
Adding bundle audit and updating gems
1 parent 51447be commit 0e345af

File tree

3 files changed

+76
-34
lines changed

3 files changed

+76
-34
lines changed

.github/workflows/audit.yml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
# .github/workflows/main.yaml
2+
name: "TicketBooth CI: Audit"
3+
4+
on:
5+
push:
6+
branches: [ main ]
7+
pull_request:
8+
branches: [ main ]
9+
10+
jobs:
11+
main:
12+
name: Bundle Audit
13+
runs-on: ubuntu-latest
14+
steps:
15+
- run: sudo apt-get update -yqq
16+
- run: sudo apt-get install -yqq netcat libpq-dev
17+
18+
- uses: actions/checkout@v4
19+
20+
- uses: ruby/setup-ruby@v1
21+
with:
22+
ruby-version: '3.3.5'
23+
bundler-cache: true
24+
25+
- name: Bundle Audit
26+
run: |
27+
gem install bundle-audit -N
28+
bundle audit

Gemfile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ ruby File.read('.ruby-version')
77
# Use main development branch of Rails
88
gem 'data_migrate'
99
gem 'rails', '=8.0.0.beta1'
10+
gem 'rails-html-sanitizer'
1011

1112
# Unclear if we need to require it explicitly
1213
# gem 'activesupport', '=7.1.3.2'
@@ -77,7 +78,7 @@ gem 'haml-rails'
7778
gem 'annotate'
7879
gem 'attribute_normalizer'
7980
gem 'awesome_print'
80-
gem 'carrierwave'
81+
gem 'carrierwave', '~> 2'
8182
gem 'dalli'
8283
gem 'devise'
8384
gem 'mini_magick'

Gemfile.lock

Lines changed: 46 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -125,11 +125,14 @@ GEM
125125
capistrano-slackify (2.10.3)
126126
capistrano (>= 3.2.0)
127127
multi_json
128-
carrierwave (1.3.4)
129-
activemodel (>= 4.0.0)
130-
activesupport (>= 4.0.0)
131-
mime-types (>= 1.16)
132-
ssrf_filter (~> 1.0, < 1.1.0)
128+
carrierwave (2.2.6)
129+
activemodel (>= 5.0.0)
130+
activesupport (>= 5.0.0)
131+
addressable (~> 2.6)
132+
image_processing (~> 1.1)
133+
marcel (~> 1.0.0)
134+
mini_mime (>= 0.1.3)
135+
ssrf_filter (~> 1.0)
133136
codecov (0.2.12)
134137
json
135138
simplecov
@@ -151,7 +154,7 @@ GEM
151154
data_migrate (11.2.0)
152155
activerecord (>= 6.1)
153156
railties (>= 6.1)
154-
date (3.4.0)
157+
date (3.4.1)
155158
debug (1.9.2)
156159
irb (~> 1.10)
157160
reline (>= 0.3.8)
@@ -174,6 +177,12 @@ GEM
174177
railties (>= 5.0.0)
175178
faker (3.5.1)
176179
i18n (>= 1.8.11, < 2)
180+
ffi (1.17.0-aarch64-linux-gnu)
181+
ffi (1.17.0-arm-linux-gnu)
182+
ffi (1.17.0-arm64-darwin)
183+
ffi (1.17.0-x86-linux-gnu)
184+
ffi (1.17.0-x86_64-darwin)
185+
ffi (1.17.0-x86_64-linux-gnu)
177186
flatpickr (4.6.13.1)
178187
foreman (0.88.1)
179188
globalid (1.2.1)
@@ -191,7 +200,10 @@ GEM
191200
hashie (5.0.0)
192201
i18n (1.14.6)
193202
concurrent-ruby (~> 1.0)
194-
io-console (0.7.2)
203+
image_processing (1.13.0)
204+
mini_magick (>= 4.9.5, < 5)
205+
ruby-vips (>= 2.0.17, < 3)
206+
io-console (0.8.0)
195207
irb (1.14.1)
196208
rdoc (>= 4.0.0)
197209
reline (>= 0.4.2)
@@ -200,9 +212,9 @@ GEM
200212
activesupport (>= 5.0.0)
201213
jsbundling-rails (1.3.1)
202214
railties (>= 6.0.0)
203-
json (2.8.2)
215+
json (2.9.0)
204216
language_server-protocol (3.17.0.3)
205-
logger (1.6.1)
217+
logger (1.6.2)
206218
lograge (0.14.0)
207219
actionpack (>= 4)
208220
activesupport (>= 4)
@@ -218,13 +230,9 @@ GEM
218230
net-pop
219231
net-smtp
220232
marcel (1.0.4)
221-
mime-types (3.6.0)
222-
logger
223-
mime-types-data (~> 3.2015)
224-
mime-types-data (3.2024.1105)
225-
mini_magick (5.0.1)
233+
mini_magick (4.13.2)
226234
mini_mime (1.1.5)
227-
minitest (5.25.2)
235+
minitest (5.25.4)
228236
msgpack (1.7.5)
229237
multi_json (1.15.0)
230238
net-imap (0.5.1)
@@ -242,19 +250,19 @@ GEM
242250
net-protocol
243251
net-ssh (7.3.0)
244252
net_http_unix (0.2.2)
245-
newrelic_rpm (9.16.0)
253+
newrelic_rpm (9.16.1)
246254
nio4r (2.7.4)
247-
nokogiri (1.16.7-aarch64-linux)
255+
nokogiri (1.16.8-aarch64-linux)
248256
racc (~> 1.4)
249-
nokogiri (1.16.7-arm-linux)
257+
nokogiri (1.16.8-arm-linux)
250258
racc (~> 1.4)
251-
nokogiri (1.16.7-arm64-darwin)
259+
nokogiri (1.16.8-arm64-darwin)
252260
racc (~> 1.4)
253-
nokogiri (1.16.7-x86-linux)
261+
nokogiri (1.16.8-x86-linux)
254262
racc (~> 1.4)
255-
nokogiri (1.16.7-x86_64-darwin)
263+
nokogiri (1.16.8-x86_64-darwin)
256264
racc (~> 1.4)
257-
nokogiri (1.16.7-x86_64-linux)
265+
nokogiri (1.16.8-x86_64-linux)
258266
racc (~> 1.4)
259267
orm_adapter (0.5.0)
260268
ostruct (0.6.1)
@@ -272,7 +280,8 @@ GEM
272280
railties (>= 7.0.0)
273281
protected_attributes_continued (1.9.0)
274282
activemodel (>= 5.0)
275-
psych (5.2.0)
283+
psych (5.2.1)
284+
date
276285
stringio
277286
public_suffix (6.0.1)
278287
puma (6.5.0)
@@ -306,9 +315,9 @@ GEM
306315
activesupport (>= 5.0.0)
307316
minitest
308317
nokogiri (>= 1.6)
309-
rails-html-sanitizer (1.6.0)
318+
rails-html-sanitizer (1.6.1)
310319
loofah (~> 2.21)
311-
nokogiri (~> 1.14)
320+
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
312321
railties (8.0.0.beta1)
313322
actionpack (= 8.0.0.beta1)
314323
activesupport (= 8.0.0.beta1)
@@ -359,15 +368,15 @@ GEM
359368
rspec-expectations (~> 3.13)
360369
rspec-mocks (~> 3.13)
361370
rspec-support (~> 3.13)
362-
rspec-support (3.13.1)
363-
rubocop (1.69.0)
371+
rspec-support (3.13.2)
372+
rubocop (1.69.1)
364373
json (~> 2.3)
365374
language_server-protocol (>= 3.17.0)
366375
parallel (~> 1.10)
367376
parser (>= 3.3.0.2)
368377
rainbow (>= 2.2.2, < 4.0)
369-
regexp_parser (>= 2.4, < 3.0)
370-
rubocop-ast (>= 1.36.1, < 2.0)
378+
regexp_parser (>= 2.9.3, < 3.0)
379+
rubocop-ast (>= 1.36.2, < 2.0)
371380
ruby-progressbar (~> 1.7)
372381
unicode-display_width (>= 2.4.0, < 4.0)
373382
rubocop-ast (1.36.2)
@@ -393,7 +402,10 @@ GEM
393402
rubocop-rspec (3.2.0)
394403
rubocop (~> 1.61)
395404
ruby-progressbar (1.13.0)
396-
securerandom (0.3.2)
405+
ruby-vips (2.2.2)
406+
ffi (~> 1.12)
407+
logger
408+
securerandom (0.4.0)
397409
simplecov (0.22.0)
398410
docile (~> 1.1)
399411
simplecov-html (~> 0.11)
@@ -406,7 +418,7 @@ GEM
406418
net-sftp (>= 2.1.2)
407419
net-ssh (>= 2.8.0)
408420
ostruct
409-
ssrf_filter (1.0.8)
421+
ssrf_filter (1.2.0)
410422
stimulus-rails (1.3.4)
411423
railties (>= 6.0.0)
412424
stringio (3.1.2)
@@ -426,7 +438,7 @@ GEM
426438
unicode-emoji (~> 4.0, >= 4.0.4)
427439
unicode-emoji (4.0.4)
428440
uri (1.0.2)
429-
useragent (0.16.10)
441+
useragent (0.16.11)
430442
vcr (6.3.1)
431443
base64
432444
ventable (1.3.1)
@@ -474,7 +486,7 @@ DEPENDENCIES
474486
capistrano-rake
475487
capistrano-rbenv
476488
capistrano-slackify (~> 2.10)
477-
carrierwave
489+
carrierwave (~> 2)
478490
codecov
479491
colorize
480492
country_select
@@ -507,6 +519,7 @@ DEPENDENCIES
507519
puma (>= 6)
508520
puma-status
509521
rails (= 8.0.0.beta1)
522+
rails-html-sanitizer
510523
rake
511524
redis
512525
relaxed-rubocop

0 commit comments

Comments
 (0)