fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-7462086
kigster · Jul 17, 2024 · f3db230 · f3db230
1 parent 0cd8385
commit f3db230
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/Gemfile b/Gemfile
@@ -11,7 +11,7 @@ gem 'matrix'
 gem 'prawn'
 gem 'prawn-table', github: 'prawnpdf/prawn-table'
 gem 'pygments.rb'
-gem 'rexml'
+gem 'rexml', '>= 3.3.2'
 gem 'rghost'
 gem 'rouge'
 gem 'specific_install'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -151,14 +151,16 @@ GEM
     pygments.rb (2.4.1)
     rainbow (3.1.1)
     rake (13.2.1)
-    rexml (3.2.6)
+    rexml (3.3.2)
+      strscan
     rghost (0.9.9)
     rouge (4.2.1)
     ruby-rc4 (0.1.5)
     sawyer (0.9.2)
       addressable (>= 2.3.5)
       faraday (>= 0.17.3, < 3)
     specific_install (0.3.8)
+    strscan (3.1.0)
     text-hyphen (1.5.0)
     timers (4.3.5)
     traces (0.11.1)
@@ -170,6 +172,7 @@ GEM
 
 PLATFORMS
   arm64-darwin-21
+  ruby
   x86_64-darwin-21
   x86_64-darwin-22
   x86_64-linux
@@ -184,7 +187,7 @@ DEPENDENCIES
   prawn
   prawn-table!
   pygments.rb
-  rexml
+  rexml (>= 3.3.2)
   rghost
   rouge
   specific_install