fix: Gemfile & Gemfile.lock to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-173783 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-173784 - https://snyk.io/vuln/SNYK-RUBY-RAILTIES-173785
This commit is contained in:
snyk-bot
26
Gemfile
26
Gemfile
@ -5,11 +5,11 @@ gem 'bootstrap-will_paginate'
|
|||||||
gem 'carrierwave'
|
gem 'carrierwave'
|
||||||
gem 'concurrent-ruby'
|
gem 'concurrent-ruby'
|
||||||
gem 'docker-api', require: 'docker'
|
gem 'docker-api', require: 'docker'
|
||||||
gem 'factory_bot_rails'
|
gem 'factory_bot_rails', '>= 5.0.1'
|
||||||
gem 'forgery'
|
gem 'forgery'
|
||||||
gem 'highline'
|
gem 'highline'
|
||||||
gem 'jbuilder'
|
gem 'jbuilder'
|
||||||
gem 'jquery-rails'
|
gem 'jquery-rails', '>= 4.3.3'
|
||||||
gem 'ims-lti', '< 2.0.0'
|
gem 'ims-lti', '< 2.0.0'
|
||||||
gem 'kramdown'
|
gem 'kramdown'
|
||||||
gem 'newrelic_rpm'
|
gem 'newrelic_rpm'
|
||||||
@ -17,14 +17,14 @@ gem 'pg'
|
|||||||
gem 'pry-byebug'
|
gem 'pry-byebug'
|
||||||
gem 'puma'
|
gem 'puma'
|
||||||
gem 'pundit'
|
gem 'pundit'
|
||||||
gem 'rails', '5.2.2'
|
gem 'rails', '5.2.2.1'
|
||||||
gem 'rails-i18n'
|
gem 'rails-i18n', '>= 5.1.3'
|
||||||
gem 'i18n-js'
|
gem 'i18n-js'
|
||||||
gem 'ransack'
|
gem 'ransack', '>= 2.1.1'
|
||||||
gem 'rubytree'
|
gem 'rubytree'
|
||||||
gem 'sass-rails'
|
gem 'sass-rails', '>= 5.0.7'
|
||||||
gem 'slim-rails'
|
gem 'slim-rails', '>= 3.2.0'
|
||||||
gem 'pagedown-bootstrap-rails'
|
gem 'pagedown-bootstrap-rails', '>= 2.1.4'
|
||||||
gem 'sorcery'
|
gem 'sorcery'
|
||||||
gem 'turbolinks'
|
gem 'turbolinks'
|
||||||
gem 'uglifier'
|
gem 'uglifier'
|
||||||
@ -32,12 +32,12 @@ gem 'tubesock', git: 'https://github.com/gosukiwi/tubesock', branch: 'patch-1' #
|
|||||||
gem 'faye-websocket'
|
gem 'faye-websocket'
|
||||||
gem 'eventmachine', '1.0.9.1' # explicitly added, this is used by faye-websocket, newer versions might crash or
|
gem 'eventmachine', '1.0.9.1' # explicitly added, this is used by faye-websocket, newer versions might crash or
|
||||||
gem 'nokogiri'
|
gem 'nokogiri'
|
||||||
gem 'webpacker'
|
gem 'webpacker', '>= 4.0.2'
|
||||||
gem 'rest-client'
|
gem 'rest-client'
|
||||||
gem 'rubyzip'
|
gem 'rubyzip'
|
||||||
gem 'mnemosyne-ruby'
|
gem 'mnemosyne-ruby'
|
||||||
gem 'whenever', require: false
|
gem 'whenever', require: false
|
||||||
gem 'rails-timeago'
|
gem 'rails-timeago', '>= 2.17.1'
|
||||||
|
|
||||||
group :development, :staging do
|
group :development, :staging do
|
||||||
gem 'bootsnap', require: false
|
gem 'bootsnap', require: false
|
||||||
@ -52,7 +52,7 @@ group :development, :staging do
|
|||||||
gem 'rack-mini-profiler'
|
gem 'rack-mini-profiler'
|
||||||
gem 'rubocop', require: false
|
gem 'rubocop', require: false
|
||||||
gem 'rubocop-rspec'
|
gem 'rubocop-rspec'
|
||||||
gem 'web-console'
|
gem 'web-console', '>= 3.7.0'
|
||||||
end
|
end
|
||||||
|
|
||||||
group :development, :test, :staging do
|
group :development, :test, :staging do
|
||||||
@ -60,7 +60,7 @@ group :development, :test, :staging do
|
|||||||
end
|
end
|
||||||
|
|
||||||
group :test do
|
group :test do
|
||||||
gem 'rails-controller-testing'
|
gem 'rails-controller-testing', '>= 1.0.4'
|
||||||
gem 'autotest-rails'
|
gem 'autotest-rails'
|
||||||
gem 'capybara'
|
gem 'capybara'
|
||||||
gem 'selenium-webdriver'
|
gem 'selenium-webdriver'
|
||||||
@ -68,6 +68,6 @@ group :test do
|
|||||||
gem 'database_cleaner'
|
gem 'database_cleaner'
|
||||||
gem 'nyan-cat-formatter'
|
gem 'nyan-cat-formatter'
|
||||||
gem 'rspec-autotest'
|
gem 'rspec-autotest'
|
||||||
gem 'rspec-rails'
|
gem 'rspec-rails', '>= 3.8.2'
|
||||||
gem 'simplecov', require: false
|
gem 'simplecov', require: false
|
||||||
end
|
end
|
||||||
|
|||||||
102
Gemfile.lock
102
Gemfile.lock
@ -11,43 +11,43 @@ GEM
|
|||||||
remote: https://rubygems.org/
|
remote: https://rubygems.org/
|
||||||
specs:
|
specs:
|
||||||
ZenTest (4.11.2)
|
ZenTest (4.11.2)
|
||||||
actioncable (5.2.2)
|
actioncable (5.2.2.1)
|
||||||
actionpack (= 5.2.2)
|
actionpack (= 5.2.2.1)
|
||||||
nio4r (~> 2.0)
|
nio4r (~> 2.0)
|
||||||
websocket-driver (>= 0.6.1)
|
websocket-driver (>= 0.6.1)
|
||||||
actionmailer (5.2.2)
|
actionmailer (5.2.2.1)
|
||||||
actionpack (= 5.2.2)
|
actionpack (= 5.2.2.1)
|
||||||
actionview (= 5.2.2)
|
actionview (= 5.2.2.1)
|
||||||
activejob (= 5.2.2)
|
activejob (= 5.2.2.1)
|
||||||
mail (~> 2.5, >= 2.5.4)
|
mail (~> 2.5, >= 2.5.4)
|
||||||
rails-dom-testing (~> 2.0)
|
rails-dom-testing (~> 2.0)
|
||||||
actionpack (5.2.2)
|
actionpack (5.2.2.1)
|
||||||
actionview (= 5.2.2)
|
actionview (= 5.2.2.1)
|
||||||
activesupport (= 5.2.2)
|
activesupport (= 5.2.2.1)
|
||||||
rack (~> 2.0)
|
rack (~> 2.0)
|
||||||
rack-test (>= 0.6.3)
|
rack-test (>= 0.6.3)
|
||||||
rails-dom-testing (~> 2.0)
|
rails-dom-testing (~> 2.0)
|
||||||
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
||||||
actionview (5.2.2)
|
actionview (5.2.2.1)
|
||||||
activesupport (= 5.2.2)
|
activesupport (= 5.2.2.1)
|
||||||
builder (~> 3.1)
|
builder (~> 3.1)
|
||||||
erubi (~> 1.4)
|
erubi (~> 1.4)
|
||||||
rails-dom-testing (~> 2.0)
|
rails-dom-testing (~> 2.0)
|
||||||
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
||||||
activejob (5.2.2)
|
activejob (5.2.2.1)
|
||||||
activesupport (= 5.2.2)
|
activesupport (= 5.2.2.1)
|
||||||
globalid (>= 0.3.6)
|
globalid (>= 0.3.6)
|
||||||
activemodel (5.2.2)
|
activemodel (5.2.2.1)
|
||||||
activesupport (= 5.2.2)
|
activesupport (= 5.2.2.1)
|
||||||
activerecord (5.2.2)
|
activerecord (5.2.2.1)
|
||||||
activemodel (= 5.2.2)
|
activemodel (= 5.2.2.1)
|
||||||
activesupport (= 5.2.2)
|
activesupport (= 5.2.2.1)
|
||||||
arel (>= 9.0)
|
arel (>= 9.0)
|
||||||
activestorage (5.2.2)
|
activestorage (5.2.2.1)
|
||||||
actionpack (= 5.2.2)
|
actionpack (= 5.2.2.1)
|
||||||
activerecord (= 5.2.2)
|
activerecord (= 5.2.2.1)
|
||||||
marcel (~> 0.3.1)
|
marcel (~> 0.3.1)
|
||||||
activesupport (5.2.2)
|
activesupport (5.2.2.1)
|
||||||
concurrent-ruby (~> 1.0, >= 1.0.2)
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
||||||
i18n (>= 0.7, < 2)
|
i18n (>= 0.7, < 2)
|
||||||
minitest (~> 5.1)
|
minitest (~> 5.1)
|
||||||
@ -112,7 +112,7 @@ GEM
|
|||||||
ffi (~> 1.0, >= 1.0.11)
|
ffi (~> 1.0, >= 1.0.11)
|
||||||
chronic (0.10.2)
|
chronic (0.10.2)
|
||||||
coderay (1.1.2)
|
coderay (1.1.2)
|
||||||
concurrent-ruby (1.1.4)
|
concurrent-ruby (1.1.5)
|
||||||
crass (1.0.4)
|
crass (1.0.4)
|
||||||
database_cleaner (1.7.0)
|
database_cleaner (1.7.0)
|
||||||
debug_inspector (0.0.3)
|
debug_inspector (0.0.3)
|
||||||
@ -231,18 +231,18 @@ GEM
|
|||||||
rack
|
rack
|
||||||
rack-test (1.1.0)
|
rack-test (1.1.0)
|
||||||
rack (>= 1.0, < 3)
|
rack (>= 1.0, < 3)
|
||||||
rails (5.2.2)
|
rails (5.2.2.1)
|
||||||
actioncable (= 5.2.2)
|
actioncable (= 5.2.2.1)
|
||||||
actionmailer (= 5.2.2)
|
actionmailer (= 5.2.2.1)
|
||||||
actionpack (= 5.2.2)
|
actionpack (= 5.2.2.1)
|
||||||
actionview (= 5.2.2)
|
actionview (= 5.2.2.1)
|
||||||
activejob (= 5.2.2)
|
activejob (= 5.2.2.1)
|
||||||
activemodel (= 5.2.2)
|
activemodel (= 5.2.2.1)
|
||||||
activerecord (= 5.2.2)
|
activerecord (= 5.2.2.1)
|
||||||
activestorage (= 5.2.2)
|
activestorage (= 5.2.2.1)
|
||||||
activesupport (= 5.2.2)
|
activesupport (= 5.2.2.1)
|
||||||
bundler (>= 1.3.0)
|
bundler (>= 1.3.0)
|
||||||
railties (= 5.2.2)
|
railties (= 5.2.2.1)
|
||||||
sprockets-rails (>= 2.0.0)
|
sprockets-rails (>= 2.0.0)
|
||||||
rails-controller-testing (1.0.4)
|
rails-controller-testing (1.0.4)
|
||||||
actionpack (>= 5.0.1.x)
|
actionpack (>= 5.0.1.x)
|
||||||
@ -259,9 +259,9 @@ GEM
|
|||||||
rails-timeago (2.17.1)
|
rails-timeago (2.17.1)
|
||||||
actionpack (>= 3.1)
|
actionpack (>= 3.1)
|
||||||
activesupport (>= 3.1)
|
activesupport (>= 3.1)
|
||||||
railties (5.2.2)
|
railties (5.2.2.1)
|
||||||
actionpack (= 5.2.2)
|
actionpack (= 5.2.2.1)
|
||||||
activesupport (= 5.2.2)
|
activesupport (= 5.2.2.1)
|
||||||
method_source
|
method_source
|
||||||
rake (>= 0.8.7)
|
rake (>= 0.8.7)
|
||||||
thor (>= 0.19.0, < 2.0)
|
thor (>= 0.19.0, < 2.0)
|
||||||
@ -418,7 +418,7 @@ DEPENDENCIES
|
|||||||
database_cleaner
|
database_cleaner
|
||||||
docker-api
|
docker-api
|
||||||
eventmachine (= 1.0.9.1)
|
eventmachine (= 1.0.9.1)
|
||||||
factory_bot_rails
|
factory_bot_rails (>= 5.0.1)
|
||||||
faye-websocket
|
faye-websocket
|
||||||
forgery
|
forgery
|
||||||
headless
|
headless
|
||||||
@ -426,43 +426,43 @@ DEPENDENCIES
|
|||||||
i18n-js
|
i18n-js
|
||||||
ims-lti (< 2.0.0)
|
ims-lti (< 2.0.0)
|
||||||
jbuilder
|
jbuilder
|
||||||
jquery-rails
|
jquery-rails (>= 4.3.3)
|
||||||
kramdown
|
kramdown
|
||||||
listen
|
listen
|
||||||
mnemosyne-ruby
|
mnemosyne-ruby
|
||||||
newrelic_rpm
|
newrelic_rpm
|
||||||
nokogiri
|
nokogiri
|
||||||
nyan-cat-formatter
|
nyan-cat-formatter
|
||||||
pagedown-bootstrap-rails
|
pagedown-bootstrap-rails (>= 2.1.4)
|
||||||
pg
|
pg
|
||||||
pry-byebug
|
pry-byebug
|
||||||
puma
|
puma
|
||||||
pundit
|
pundit
|
||||||
rack-mini-profiler
|
rack-mini-profiler
|
||||||
rails (= 5.2.2)
|
rails (= 5.2.2.1)
|
||||||
rails-controller-testing
|
rails-controller-testing (>= 1.0.4)
|
||||||
rails-i18n
|
rails-i18n (>= 5.1.3)
|
||||||
rails-timeago
|
rails-timeago (>= 2.17.1)
|
||||||
ransack
|
ransack (>= 2.1.1)
|
||||||
rest-client
|
rest-client
|
||||||
rspec-autotest
|
rspec-autotest
|
||||||
rspec-rails
|
rspec-rails (>= 3.8.2)
|
||||||
rubocop
|
rubocop
|
||||||
rubocop-rspec
|
rubocop-rspec
|
||||||
rubytree
|
rubytree
|
||||||
rubyzip
|
rubyzip
|
||||||
sass-rails
|
sass-rails (>= 5.0.7)
|
||||||
selenium-webdriver
|
selenium-webdriver
|
||||||
simplecov
|
simplecov
|
||||||
slim-rails
|
slim-rails (>= 3.2.0)
|
||||||
sorcery
|
sorcery
|
||||||
spring
|
spring
|
||||||
tubesock!
|
tubesock!
|
||||||
turbolinks
|
turbolinks
|
||||||
uglifier
|
uglifier
|
||||||
web-console
|
web-console (>= 3.7.0)
|
||||||
webpacker
|
webpacker (>= 4.0.2)
|
||||||
whenever
|
whenever
|
||||||
|
|
||||||
BUNDLED WITH
|
BUNDLED WITH
|
||||||
1.17.2
|
1.17.3
|
||||||
|
|||||||
Reference in New Issue
Block a user