From d9ec998a12a731bc71130ebf4ccf8e1fe9aa09a8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 25 May 2020 23:51:30 -0400 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598 --- Gemfile.lock | 61 +++++++++++++++++++++++++++------------------------- 1 file changed, 32 insertions(+), 29 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 4e535d1..c5097d3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,20 +1,20 @@ GEM remote: https://rubygems.org/ specs: - activemodel (5.1.4) - activesupport (= 5.1.4) - activerecord (5.1.4) - activemodel (= 5.1.4) - activesupport (= 5.1.4) - arel (~> 8.0) - activesupport (5.1.4) + activemodel (5.2.4.3) + activesupport (= 5.2.4.3) + activerecord (5.2.4.3) + activemodel (= 5.2.4.3) + activesupport (= 5.2.4.3) + arel (>= 9.0) + activesupport (5.2.4.3) concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (~> 0.7) + i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) - addressable (2.5.2) - public_suffix (>= 2.0.2, < 4.0) - arel (8.0.0) + addressable (2.7.0) + public_suffix (>= 2.0.2, < 5.0) + arel (9.0.0) aws-sdk (2.10.53) aws-sdk-resources (= 2.10.53) aws-sdk-core (2.10.53) @@ -34,14 +34,15 @@ GEM xpath (~> 2.0) cliver (0.3.2) coderay (1.1.2) - concurrent-ruby (1.0.5) + concurrent-ruby (1.1.6) database_cleaner (1.6.1) diff-lcs (1.3) dotenv (2.2.1) - factory_girl (4.8.0) + factory_girl (4.9.0) activesupport (>= 3.0.0) ffi (1.9.18) - i18n (0.8.6) + i18n (1.8.2) + concurrent-ruby (~> 1.0) jmespath (1.3.1) launchy (2.4.3) addressable (~> 2.3) @@ -52,9 +53,10 @@ GEM method_source (0.9.0) mini_mime (0.1.4) mini_portile2 (2.3.0) - minitest (5.10.3) + minitest (5.14.1) multi_json (1.12.2) - mustermann (1.0.1) + mustermann (1.1.1) + ruby2_keywords (~> 0.0.1) nokogiri (1.8.1) mini_portile2 (~> 2.3.0) poltergeist (1.16.0) @@ -64,8 +66,8 @@ GEM pry (0.11.1) coderay (~> 1.1.0) method_source (~> 0.9.0) - public_suffix (3.0.0) - rack (2.0.3) + public_suffix (4.0.5) + rack (2.2.2) rack-protection (2.0.0) rack rack-test (0.7.0) @@ -89,14 +91,15 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.6.0) rspec-support (3.6.0) + ruby2_keywords (0.0.2) ruby_dep (1.5.0) sinatra (2.0.0) mustermann (~> 1.0) rack (~> 2.0) rack-protection (= 2.0.0) tilt (~> 2.0) - sinatra-activerecord (2.0.13) - activerecord (>= 3.2) + sinatra-activerecord (2.0.18) + activerecord (>= 4.1) sinatra (>= 1.0) sinatra-contrib (2.0.0) backports (>= 2.0) @@ -113,14 +116,14 @@ GEM sqlite3 (1.3.13) temple (0.8.0) thread_safe (0.3.6) - tilt (2.0.8) - tzinfo (1.2.3) + tilt (2.0.10) + tzinfo (1.2.7) thread_safe (~> 0.1) tzinfo-data (1.2017.2) tzinfo (>= 1.0.0) - validate_url (1.0.2) + validate_url (1.0.11) activemodel (>= 3.0.0) - addressable + public_suffix websocket-driver (0.7.0) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.2) @@ -131,12 +134,12 @@ PLATFORMS ruby DEPENDENCIES - activerecord + activerecord (>= 5.2.4.3) aws-sdk (~> 2) bigdecimal database_cleaner dotenv - factory_girl + factory_girl (>= 4.8.0) launchy poltergeist pry @@ -144,13 +147,13 @@ DEPENDENCIES rerun rspec sinatra - sinatra-activerecord + sinatra-activerecord (>= 2.0.13) sinatra-contrib sinatra-flash slim sqlite3 tzinfo-data - validate_url + validate_url (>= 1.0.2) BUNDLED WITH - 1.15.3 + 1.17.3