fix: Gemfile.lock & Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-SPROCKETS-22032
2018-06-21 05:27:11 +00:00
parent 9fbe7ec115
commit 818012fa91
2 changed files with 14 additions and 14 deletions
--- a/4
+++ b/4
@ -25,10 +25,10 @@ gem 'rails', '4.2.10'
 gem 'rails-i18n'
 gem 'ransack'
 gem 'rubytree'
-gem 'sass-rails'
+gem 'sass-rails', '>= 5.0.7'
 gem 'sdoc', group: :doc
 gem 'slim-rails'
-gem 'bootstrap_pagedown'
+gem 'bootstrap_pagedown', '>= 1.1.0'
 gem 'pagedown-rails'
 gem 'sorcery'
 gem 'thread_safe'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -108,7 +108,7 @@ GEM
    concurrent-ruby (1.0.5)
    concurrent-ruby-ext (1.0.5)
      concurrent-ruby (= 1.0.5)
-    crass (1.0.3)
+    crass (1.0.4)
    d3-rails (4.13.0)
      railties (>= 3.1)
    database_cleaner (1.6.2)
@ -135,7 +135,7 @@ GEM
    faye-websocket (0.10.7)
      eventmachine (>= 0.12.0)
      websocket-driver (>= 0.5.1)
-    ffi (1.9.23)
+    ffi (1.9.25)
    forgery (0.7.0)
    globalid (0.4.1)
      activesupport (>= 4.2.0)
@ -161,7 +161,7 @@ GEM
    json (2.1.0)
    jwt (1.5.6)
    kramdown (1.16.2)
-    loofah (2.2.0)
+    loofah (2.2.2)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
    mail (2.7.0)
@ -181,7 +181,7 @@ GEM
    net-ssh (4.2.0)
    netrc (0.11.0)
    newrelic_rpm (4.8.0.341)
-    nokogiri (1.8.2)
+    nokogiri (1.8.3)
      mini_portile2 (~> 2.3.0)
    nyan-cat-formatter (0.12.0)
      rspec (>= 2.99, >= 2.14.2, < 4)
@ -211,7 +211,7 @@ GEM
    puma (3.11.3)
    pundit (1.1.0)
      activesupport (>= 3.0.0)
-    rack (1.6.9)
+    rack (1.6.10)
    rack-mini-profiler (0.10.7)
      rack (>= 1.2.0)
    rack-test (0.6.3)
@ -233,8 +233,8 @@ GEM
      activesupport (>= 4.2.0, < 5.0)
      nokogiri (~> 1.6)
      rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.3)
+    rails-html-sanitizer (1.0.4)
-      loofah (~> 2.0)
+      loofah (~> 2.2, >= 2.2.2)
    rails-i18n (4.0.9)
      i18n (~> 0.7)
      railties (~> 4.0)
@ -244,7 +244,7 @@ GEM
      rake (>= 0.8.7)
      thor (>= 0.18.1, < 2.0)
    rainbow (3.0.0)
-    rake (12.3.0)
+    rake (12.3.1)
    ransack (1.8.7)
      actionpack (>= 3.0)
      activerecord (>= 3.0)
@ -296,7 +296,7 @@ GEM
      json (~> 2.1)
      structured_warnings (~> 0.3)
    rubyzip (1.2.1)
-    sass (3.5.5)
+    sass (3.5.6)
      sass-listen (~> 4.0.0)
    sass-listen (4.0.0)
      rb-fsevent (~> 0.9, >= 0.9.4)
@ -330,7 +330,7 @@ GEM
      oauth2 (~> 1.0, >= 0.8.0)
    spring (2.0.2)
      activesupport (>= 4.2)
-    sprockets (3.7.1)
+    sprockets (3.7.2)
      concurrent-ruby (~> 1.0)
      rack (> 1, < 3)
    sprockets-rails (3.2.1)
@ -383,7 +383,7 @@ DEPENDENCIES
  better_errors
  binding_of_caller
  bootstrap-will_paginate
-  bootstrap_pagedown
+  bootstrap_pagedown (>= 1.1.0)
  byebug
  capistrano
  capistrano-rails
@ -430,7 +430,7 @@ DEPENDENCIES
  rubocop-rspec
  rubytree
  rubyzip
-  sass-rails
+  sass-rails (>= 5.0.7)
  sdoc
  simplecov
  slim-rails