fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RMAGICK-6039897
TrailBuddies · Nov 2, 2023 · 2be8f23 · 2be8f23
1 parent db5dbea
commit 2be8f23
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/Gemfile b/Gemfile
@@ -55,7 +55,7 @@ gem 'tzinfo-data', '~> 1.2021.5', platforms: [:mingw, :mswin, :x64_mingw, :jruby
 gem 'jwt', '~> 2.3'
 gem 'rack-cors', '~> 1.1.1'
 
-gem 'rmagick', '~> 4.2.4'
+gem 'rmagick', '~> 5.3.0'
 gem 'cloudinary', '~> 1.22'
 gem 'httparty', '~> 0.21', '>= 0.21.0'
 

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -138,6 +138,7 @@ GEM
     nokogiri (1.15.2-x86_64-linux)
       racc (~> 1.4)
     pg (1.4.5)
+    pkg-config (1.5.5)
     puma (5.6.5)
       nio4r (~> 2.0)
     racc (1.7.1)
@@ -188,7 +189,8 @@ GEM
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
     rexml (3.2.5)
-    rmagick (4.2.6)
+    rmagick (5.3.0)
+      pkg-config (~> 1.4)
     ruby-graphviz (1.2.5)
       rexml
     simplecov (0.21.2)
@@ -236,7 +238,7 @@ DEPENDENCIES
   rack-cors (~> 1.1.1)
   rails (~> 7.0.5, >= 7.0.5.1)
   rails-erd (~> 1.6.1)
-  rmagick (~> 4.2.4)
+  rmagick (~> 5.3.0)
   simplecov (~> 0.21.2)
   simplecov_json_formatter (~> 0.1.2)
   spring (~> 4.0.0)