fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-538324
This commit is contained in:
snyk-bot 2019-12-24 03:51:49 +00:00
parent 849a696148
commit f38b1a4f7c
2 changed files with 60 additions and 57 deletions

10
Gemfile
View file

@ -1,12 +1,12 @@
source 'https://rubygems.org'
gem 'activerecord'
gem 'sinatra'
gem 'sinatra', '>= 2.0.0'
gem 'sqlite3'
gem 'sinatra-activerecord'
gem 'sinatra-contrib', require: false
gem 'sinatra-flash'
gem 'sinatra-activerecord', '>= 2.0.13'
gem 'sinatra-contrib', '>= 2.0.0', require: false
gem 'sinatra-flash', '>= 0.3.0'
gem 'validate_url'
gem 'slim'
@ -20,7 +20,7 @@ gem 'tzinfo-data'
group :development do
gem 'rspec'
gem 'poltergeist'
gem 'poltergeist', '>= 1.16.0'
gem 'factory_girl'
gem 'database_cleaner'
gem 'launchy'

View file

@ -1,20 +1,20 @@
GEM
remote: https://rubygems.org/
specs:
activemodel (5.1.4)
activesupport (= 5.1.4)
activerecord (5.1.4)
activemodel (= 5.1.4)
activesupport (= 5.1.4)
arel (~> 8.0)
activesupport (5.1.4)
activemodel (5.2.4.1)
activesupport (= 5.2.4.1)
activerecord (5.2.4.1)
activemodel (= 5.2.4.1)
activesupport (= 5.2.4.1)
arel (>= 9.0)
activesupport (5.2.4.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (~> 0.7)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.5.2)
public_suffix (>= 2.0.2, < 4.0)
arel (8.0.0)
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
arel (9.0.0)
aws-sdk (2.10.53)
aws-sdk-resources (= 2.10.53)
aws-sdk-core (2.10.53)
@ -23,25 +23,27 @@ GEM
aws-sdk-resources (2.10.53)
aws-sdk-core (= 2.10.53)
aws-sigv4 (1.0.2)
backports (3.8.0)
backports (3.15.0)
bigdecimal (1.3.2)
capybara (2.15.1)
capybara (3.29.0)
addressable
mini_mime (>= 0.1.3)
nokogiri (>= 1.3.3)
rack (>= 1.0.0)
rack-test (>= 0.5.4)
xpath (~> 2.0)
nokogiri (~> 1.8)
rack (>= 1.6.0)
rack-test (>= 0.6.3)
regexp_parser (~> 1.5)
xpath (~> 3.2)
cliver (0.3.2)
coderay (1.1.2)
concurrent-ruby (1.0.5)
concurrent-ruby (1.1.5)
database_cleaner (1.6.1)
diff-lcs (1.3)
dotenv (2.2.1)
factory_girl (4.8.0)
activesupport (>= 3.0.0)
ffi (1.9.18)
i18n (0.8.6)
i18n (1.7.0)
concurrent-ruby (~> 1.0)
jmespath (1.3.1)
launchy (2.4.3)
addressable (~> 2.3)
@ -50,30 +52,31 @@ GEM
rb-inotify (~> 0.9, >= 0.9.7)
ruby_dep (~> 1.2)
method_source (0.9.0)
mini_mime (0.1.4)
mini_portile2 (2.3.0)
minitest (5.10.3)
multi_json (1.12.2)
mustermann (1.0.1)
nokogiri (1.8.1)
mini_portile2 (~> 2.3.0)
poltergeist (1.16.0)
capybara (~> 2.1)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.13.0)
multi_json (1.14.1)
mustermann (1.0.3)
nokogiri (1.10.7)
mini_portile2 (~> 2.4.0)
poltergeist (1.18.1)
capybara (>= 2.1, < 4)
cliver (~> 0.3.1)
websocket-driver (>= 0.2.0)
pry (0.11.1)
coderay (~> 1.1.0)
method_source (~> 0.9.0)
public_suffix (3.0.0)
rack (2.0.3)
rack-protection (2.0.0)
public_suffix (4.0.1)
rack (2.0.8)
rack-protection (2.0.7)
rack
rack-test (0.7.0)
rack-test (1.1.0)
rack (>= 1.0, < 3)
rake (12.1.0)
rb-fsevent (0.10.2)
rb-inotify (0.9.10)
ffi (>= 0.5.0, < 2)
regexp_parser (1.6.0)
rerun (0.11.0)
listen (~> 3.0)
rspec (3.6.0)
@ -90,21 +93,21 @@ GEM
rspec-support (~> 3.6.0)
rspec-support (3.6.0)
ruby_dep (1.5.0)
sinatra (2.0.0)
sinatra (2.0.7)
mustermann (~> 1.0)
rack (~> 2.0)
rack-protection (= 2.0.0)
rack-protection (= 2.0.7)
tilt (~> 2.0)
sinatra-activerecord (2.0.13)
sinatra-activerecord (2.0.14)
activerecord (>= 3.2)
sinatra (>= 1.0)
sinatra-contrib (2.0.0)
backports (>= 2.0)
sinatra-contrib (2.0.7)
backports (>= 2.8.2)
multi_json
mustermann (~> 1.0)
rack-protection (= 2.0.0)
sinatra (= 2.0.0)
tilt (>= 1.3, < 3)
rack-protection (= 2.0.7)
sinatra (= 2.0.7)
tilt (~> 2.0)
sinatra-flash (0.3.0)
sinatra (>= 1.0.0)
slim (3.0.8)
@ -113,19 +116,19 @@ GEM
sqlite3 (1.3.13)
temple (0.8.0)
thread_safe (0.3.6)
tilt (2.0.8)
tzinfo (1.2.3)
tilt (2.0.10)
tzinfo (1.2.5)
thread_safe (~> 0.1)
tzinfo-data (1.2017.2)
tzinfo (>= 1.0.0)
validate_url (1.0.2)
activemodel (>= 3.0.0)
addressable
websocket-driver (0.7.0)
websocket-driver (0.7.1)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.2)
xpath (2.1.0)
nokogiri (~> 1.3)
websocket-extensions (0.1.4)
xpath (3.2.0)
nokogiri (~> 1.8)
PLATFORMS
ruby
@ -138,19 +141,19 @@ DEPENDENCIES
dotenv
factory_girl
launchy
poltergeist
poltergeist (>= 1.16.0)
pry
rake
rerun
rspec
sinatra
sinatra-activerecord
sinatra-contrib
sinatra-flash
sinatra (>= 2.0.0)
sinatra-activerecord (>= 2.0.13)
sinatra-contrib (>= 2.0.0)
sinatra-flash (>= 0.3.0)
slim
sqlite3
tzinfo-data
validate_url
BUNDLED WITH
1.15.3
1.17.3