From 1bb418eb0e11fb99db829e85086a1a83c1bee449 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 Nov 2023 14:52:49 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-CARRIERWAVE-6095123 --- Gemfile | 2 +- Gemfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 1d23cfed2..b46e5eeab 100644 --- a/Gemfile +++ b/Gemfile @@ -51,7 +51,7 @@ gem 'acts-as-list' gem 'aws-sdk-rails', '>= 3.8.0' gem 'aws-sdk-s3' gem 'caracal', '>= 1.4.1' -gem 'carrierwave', '>= 2.2.1' +gem 'carrierwave', '>= 3.0.5' gem 'devise', '>= 4.8.1' gem 'fog-aws', '>= 3.15.0' gem "jbuilder" diff --git a/Gemfile.lock b/Gemfile.lock index 45c08d3cd..35002f0e6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -173,7 +173,7 @@ GEM nokogiri (~> 1.6) rubyzip (~> 1.1) tilt (>= 1.4) - carrierwave (3.0.4) + carrierwave (3.0.5) activemodel (>= 6.0.0) activesupport (>= 6.0.0) addressable (~> 2.6) @@ -582,7 +582,7 @@ DEPENDENCIES bundler-audit capybara caracal (>= 1.4.1) - carrierwave (>= 2.2.1) + carrierwave (>= 3.0.5) database_cleaner devise (>= 4.8.1) dotenv-rails @@ -635,4 +635,4 @@ RUBY VERSION ruby 3.1.4p223 BUNDLED WITH - 2.3.12 + 2.3.26