fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242
2021-07-14 07:06:11 +00:00 · 2021-07-14 07:06:11 +00:00 · 7b12fea822
commit 7b12fea822
parent 849a696148
2 changed files with 40 additions and 35 deletions
--- a/6
+++ b/6
@ -7,7 +7,7 @@ gem 'sqlite3'
 gem 'sinatra-activerecord'
 gem 'sinatra-contrib', require: false
 gem 'sinatra-flash'
-gem 'validate_url'
+gem 'validate_url', '>= 1.0.2'

 gem 'slim'

@ -20,10 +20,10 @@ gem 'tzinfo-data'

 group :development do
  gem 'rspec'
-  gem 'poltergeist'
+  gem 'poltergeist', '>= 1.16.0'
  gem 'factory_girl'
  gem 'database_cleaner'
-  gem 'launchy'
+  gem 'launchy', '>= 2.4.3'
  gem 'pry'
  gem 'rerun'
  gem 'rake'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -12,8 +12,8 @@ GEM
      i18n (~> 0.7)
      minitest (~> 5.1)
      tzinfo (~> 1.1)
-    addressable (2.5.2)
-      public_suffix (>= 2.0.2, < 4.0)
+    addressable (2.8.0)
+      public_suffix (>= 2.0.2, < 5.0)
    arel (8.0.0)
    aws-sdk (2.10.53)
      aws-sdk-resources (= 2.10.53)
@ -25,55 +25,60 @@ GEM
    aws-sigv4 (1.0.2)
    backports (3.8.0)
    bigdecimal (1.3.2)
-    capybara (2.15.1)
+    capybara (3.35.3)
      addressable
      mini_mime (>= 0.1.3)
-      nokogiri (>= 1.3.3)
-      rack (>= 1.0.0)
-      rack-test (>= 0.5.4)
-      xpath (~> 2.0)
+      nokogiri (~> 1.8)
+      rack (>= 1.6.0)
+      rack-test (>= 0.6.3)
+      regexp_parser (>= 1.5, < 3.0)
+      xpath (~> 3.2)
    cliver (0.3.2)
    coderay (1.1.2)
-    concurrent-ruby (1.0.5)
+    concurrent-ruby (1.1.9)
    database_cleaner (1.6.1)
    diff-lcs (1.3)
    dotenv (2.2.1)
    factory_girl (4.8.0)
      activesupport (>= 3.0.0)
    ffi (1.9.18)
-    i18n (0.8.6)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
    jmespath (1.3.1)
-    launchy (2.4.3)
-      addressable (~> 2.3)
+    launchy (2.5.0)
+      addressable (~> 2.7)
    listen (3.1.5)
      rb-fsevent (~> 0.9, >= 0.9.4)
      rb-inotify (~> 0.9, >= 0.9.7)
      ruby_dep (~> 1.2)
    method_source (0.9.0)
-    mini_mime (0.1.4)
-    mini_portile2 (2.3.0)
-    minitest (5.10.3)
+    mini_mime (1.1.0)
+    mini_portile2 (2.5.3)
+    minitest (5.14.4)
    multi_json (1.12.2)
    mustermann (1.0.1)
-    nokogiri (1.8.1)
-      mini_portile2 (~> 2.3.0)
-    poltergeist (1.16.0)
-      capybara (~> 2.1)
+    nokogiri (1.11.7)
+      mini_portile2 (~> 2.5.0)
+      racc (~> 1.4)
+    poltergeist (1.18.1)
+      capybara (>= 2.1, < 4)
      cliver (~> 0.3.1)
      websocket-driver (>= 0.2.0)
    pry (0.11.1)
      coderay (~> 1.1.0)
      method_source (~> 0.9.0)
-    public_suffix (3.0.0)
-    rack (2.0.3)
+    public_suffix (4.0.6)
+    racc (1.5.2)
+    rack (2.2.3)
    rack-protection (2.0.0)
      rack
-    rack-test (0.7.0)
+    rack-test (1.1.0)
      rack (>= 1.0, < 3)
    rake (12.1.0)
    rb-fsevent (0.10.2)
    rb-inotify (0.9.10)
      ffi (>= 0.5.0, < 2)
+    regexp_parser (2.1.1)
    rerun (0.11.0)
      listen (~> 3.0)
    rspec (3.6.0)
@ -114,18 +119,18 @@ GEM
    temple (0.8.0)
    thread_safe (0.3.6)
    tilt (2.0.8)
-    tzinfo (1.2.3)
+    tzinfo (1.2.9)
      thread_safe (~> 0.1)
    tzinfo-data (1.2017.2)
      tzinfo (>= 1.0.0)
-    validate_url (1.0.2)
+    validate_url (1.0.13)
      activemodel (>= 3.0.0)
-      addressable
-    websocket-driver (0.7.0)
+      public_suffix
+    websocket-driver (0.7.5)
      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.2)
-    xpath (2.1.0)
-      nokogiri (~> 1.3)
+    websocket-extensions (0.1.5)
+    xpath (3.2.0)
+      nokogiri (~> 1.8)

 PLATFORMS
  ruby
@ -137,8 +142,8 @@ DEPENDENCIES
  database_cleaner
  dotenv
  factory_girl
-  launchy
-  poltergeist
+  launchy (>= 2.4.3)
+  poltergeist (>= 1.16.0)
  pry
  rake
  rerun
@ -150,7 +155,7 @@ DEPENDENCIES
  slim
  sqlite3
  tzinfo-data
-  validate_url
+  validate_url (>= 1.0.2)

 BUNDLED WITH
-   1.15.3
+   1.17.3