Skip to content
This repository has been archived by the owner on Jun 28, 2024. It is now read-only.

Commit

Permalink
fix: Gemfile & Gemfile.lock to reduce vulnerabilities
Browse files Browse the repository at this point in the history
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-REXML-6861566
  • Loading branch information
snyk-bot committed May 17, 2024
1 parent 1b3ad5f commit 7a00efe
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 58 deletions.
8 changes: 4 additions & 4 deletions Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -42,13 +42,13 @@ group :test, :development, :ci do
gem 'pry'
# Pinning teaspoon to 1.1.5 because of sprockets-rails 2.3.3
gem 'teaspoon', '1.1.5'
gem "overcommit"
gem 'rubocop'
gem "overcommit", ">= 0.59.0"
gem 'rubocop', '>= 1.18.0'
gem 'teaspoon-jasmine'
gem 'simplecov', :require => false
gem 'minitest'
gem 'rails_best_practices'
gem 'webmock', '~> 3.11.3'
gem 'webmock', '~> 3.12.0'
gem 'vcr'
gem 'bundler-audit'
gem 'colorize'
Expand Down Expand Up @@ -94,4 +94,4 @@ gem 'browser'
gem "reverse_markdown", "~> 2.0"
gem "tinymce-rails"

gem "devise_saml_authenticatable"
gem "devise_saml_authenticatable", ">= 1.7.0"
118 changes: 64 additions & 54 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -83,15 +83,16 @@ GEM
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.8.0)
public_suffix (>= 2.0.2, < 5.0)
addressable (2.8.6)
public_suffix (>= 2.0.2, < 6.0)
airbrussh (1.4.0)
sshkit (>= 1.6.1, != 1.7.0)
apipie-rails (0.5.18)
rails (>= 4.1)
arel (9.0.0)
ast (2.4.2)
bcrypt (3.1.16)
bcrypt (3.1.20)
bigdecimal (3.1.8)
brakeman (5.0.4)
browser (5.3.1)
bson (4.12.1)
Expand Down Expand Up @@ -127,18 +128,19 @@ GEM
coffee-script-source (1.12.2)
colorize (0.8.1)
commonjs (0.2.7)
concurrent-ruby (1.1.10)
crack (0.4.5)
concurrent-ruby (1.2.3)
crack (1.0.0)
bigdecimal
rexml
crass (1.0.6)
daemons (1.4.0)
devise (4.8.0)
devise (4.9.4)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
devise_saml_authenticatable (1.6.3)
devise_saml_authenticatable (1.9.1)
devise (> 2.0.0)
ruby-saml (~> 1.7)
docile (1.4.0)
Expand All @@ -148,7 +150,7 @@ GEM
railties (>= 4.2)
doorkeeper-mongodb (4.2.0)
doorkeeper (>= 4.4, < 5.0)
erubi (1.11.0)
erubi (1.12.0)
erubis (2.7.0)
ethon (0.15.0)
ffi (>= 1.15.0)
Expand All @@ -164,20 +166,21 @@ GEM
multi_json
sprockets (>= 2.0.3)
tilt
hashdiff (1.0.1)
hashdiff (1.1.0)
highline (1.7.10)
htmlentities (4.3.4)
http-accept (1.7.0)
http-cookie (1.0.4)
domain_name (~> 0.5)
i18n (1.12.0)
i18n (1.14.5)
concurrent-ruby (~> 1.0)
iniparse (1.5.0)
jquery-rails (4.4.0)
rails-dom-testing (>= 1, < 3)
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
json (2.5.1)
language_server-protocol (3.17.0.3)
less (2.6.0)
commonjs (~> 0.2.7)
less-rails (5.0.0)
Expand All @@ -186,26 +189,26 @@ GEM
sprockets (~> 3.0)
libv8 (3.16.14.19)
log4r (1.1.10)
loofah (2.19.0)
loofah (2.22.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
nokogiri (>= 1.12.0)
macaddr (1.7.2)
systemu (~> 2.6.5)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (1.0.2)
maruku (0.7.3)
memoist (0.9.3)
method_source (1.0.0)
method_source (1.1.0)
mime-types (3.3.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2021.0225)
mimemagic (0.4.3)
nokogiri (~> 1)
rake
mini_mime (1.1.2)
mini_portile2 (2.8.0)
minitest (5.16.3)
mini_portile2 (2.8.6)
minitest (5.23.0)
mongo (2.14.0)
bson (>= 4.8.2, < 5.0.0)
mongoid (7.1.8)
Expand All @@ -221,30 +224,31 @@ GEM
netrc (0.11.0)
newrelic_rpm (7.1.0)
nio4r (2.5.8)
nokogiri (1.13.10)
mini_portile2 (~> 2.8.0)
nokogiri (1.15.6)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
non-stupid-digest-assets (1.0.9)
sprockets (>= 2.0)
oj (3.11.7)
orm_adapter (0.5.0)
overcommit (0.58.0)
childprocess (>= 0.6.3, < 5)
overcommit (0.63.0)
childprocess (>= 0.6.3, < 6)
iniparse (~> 1.4)
rexml (~> 3.2)
parallel (1.20.1)
parser (3.0.1.1)
parallel (1.24.0)
parser (3.3.1.0)
ast (~> 2.4.1)
racc
pry (0.13.1)
coderay (~> 1.1)
method_source (~> 1.0)
pry-byebug (3.9.0)
byebug (~> 11.0)
pry (~> 0.13.0)
public_suffix (4.0.6)
racc (1.6.0)
rack (2.2.4)
rack-test (2.0.2)
public_suffix (5.0.5)
racc (1.7.3)
rack (2.2.9)
rack-test (2.1.0)
rack (>= 1.3)
rails (5.2.8.1)
actioncable (= 5.2.8.1)
Expand All @@ -263,11 +267,13 @@ GEM
actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1)
activesupport (>= 5.0.1.rc1)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
rails-dom-testing (2.2.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.4.3)
loofah (~> 2.3)
rails-html-sanitizer (1.6.0)
loofah (~> 2.21)
nokogiri (~> 1.14)
rails_best_practices (1.21.0)
activesupport
code_analyzer (>= 0.5.2)
Expand All @@ -282,39 +288,42 @@ GEM
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
rainbow (3.0.0)
rake (13.0.6)
rainbow (3.1.1)
rake (13.2.1)
ref (2.0.0)
regexp_parser (2.1.1)
regexp_parser (2.9.2)
require_all (3.0.0)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
responders (3.1.1)
actionpack (>= 5.2)
railties (>= 5.2)
rest-client (2.1.0)
http-accept (>= 1.7.0, < 2.0)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
reverse_markdown (2.0.0)
nokogiri
rexml (3.2.5)
rexml (3.2.8)
strscan (>= 3.0.9)
roo (2.8.3)
nokogiri (~> 1)
rubyzip (>= 1.3.0, < 3.0.0)
rubocop (1.17.0)
rubocop (1.63.5)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.0.0.0)
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
rexml
rubocop-ast (>= 1.7.0, < 2.0)
rexml (>= 3.2.5, < 4.0)
rubocop-ast (>= 1.31.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 3.0)
rubocop-ast (1.7.0)
parser (>= 3.0.1.1)
ruby-progressbar (1.11.0)
ruby-saml (1.12.2)
nokogiri (>= 1.10.5)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.31.3)
parser (>= 3.3.1.0)
ruby-progressbar (1.13.0)
ruby-saml (1.16.0)
nokogiri (>= 1.13.10)
rexml
rubyzip (1.3.0)
rvm1-capistrano3 (1.4.0)
Expand All @@ -340,6 +349,7 @@ GEM
sshkit (1.21.2)
net-scp (>= 1.1.2)
net-ssh (>= 2.8.0)
strscan (3.1.0)
systemu (2.6.5)
teaspoon (1.1.5)
railties (>= 3.2.5, < 6)
Expand All @@ -352,27 +362,27 @@ GEM
daemons (~> 1.0, >= 1.0.9)
eventmachine (~> 1.0, >= 1.0.4)
rack (>= 1, < 3)
thor (1.2.1)
thor (1.3.1)
thread_safe (0.3.6)
tilt (2.0.10)
tinymce-rails (5.8.1)
railties (>= 3.1.1)
typhoeus (1.4.0)
ethon (>= 0.9.0)
tzinfo (1.2.10)
tzinfo (1.2.11)
thread_safe (~> 0.1)
uglifier (4.1.20)
execjs (>= 0.3.0, < 3)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.7)
unicode-display_width (2.0.0)
unicode-display_width (2.5.0)
uuid (2.3.9)
macaddr (~> 1.0)
vcr (6.0.0)
warden (1.2.9)
rack (>= 2.0.9)
webmock (3.11.3)
webmock (3.12.2)
addressable (>= 2.3.6)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
Expand All @@ -398,7 +408,7 @@ DEPENDENCIES
colorize
cqm-parsers!
devise
devise_saml_authenticatable
devise_saml_authenticatable (>= 1.7.0)
doorkeeper (~> 4.4.0)
doorkeeper-mongodb (~> 4.2.0)
exception_notification!
Expand All @@ -414,7 +424,7 @@ DEPENDENCIES
newrelic_rpm
non-stupid-digest-assets
oj
overcommit
overcommit (>= 0.59.0)
pry
pry-byebug
rails (= 5.2.8.1)
Expand All @@ -424,7 +434,7 @@ DEPENDENCIES
rest-client
reverse_markdown (~> 2.0)
roo (~> 2.7)
rubocop
rubocop (>= 1.18.0)
rubyzip (>= 1.3.0)
rvm1-capistrano3
selenium-webdriver
Expand All @@ -439,7 +449,7 @@ DEPENDENCIES
tinymce-rails
uglifier (~> 4.1.20)
vcr
webmock (~> 3.11.3)
webmock (~> 3.12.0)
zip-zip

BUNDLED WITH
Expand Down

0 comments on commit 7a00efe

Please sign in to comment.