From 48fb9bed7b689af1bad5bb09ab09c232ab482b60 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 26 Feb 2020 06:58:01 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159 --- Gemfile | 2 +- Gemfile.lock | 36 +++++++++++++++++++----------------- 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/Gemfile b/Gemfile index 2f6a1d3..c23d690 100644 --- a/Gemfile +++ b/Gemfile @@ -16,6 +16,6 @@ group :development do gem "shoulda", ">= 0" gem "rdoc", "~> 3.12" gem "bundler", "~> 1.0" - gem "juwelier", "~> 2.1.0" + gem "juwelier", "~> 2.1.3" gem "simplecov", ">= 0" end diff --git a/Gemfile.lock b/Gemfile.lock index 63f8e42..692eede 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -11,9 +11,9 @@ GEM i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) - addressable (2.6.0) - public_suffix (>= 2.0.2, < 4.0) - builder (3.2.3) + addressable (2.7.0) + public_suffix (>= 2.0.2, < 5.0) + builder (3.2.4) concurrent-ruby (1.1.4) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) @@ -32,9 +32,10 @@ GEM faraday multi_json excon (0.62.0) - faraday (0.15.4) + faraday (0.17.3) multipart-post (>= 1.2, < 3) - git (1.5.0) + git (1.6.0) + rchardet (~> 1.8) github_api (0.18.2) addressable (~> 2.4) descendants_tracker (~> 0.0.4) @@ -42,7 +43,7 @@ GEM hashie (~> 3.5, >= 3.5.2) oauth2 (~> 1.0) hashie (3.6.0) - highline (2.0.1) + highline (2.0.3) i18n (1.5.3) concurrent-ruby (~> 1.0) json (1.8.6) @@ -56,24 +57,25 @@ GEM rake rdoc semver - jwt (2.1.0) + jwt (2.2.1) mini_portile2 (2.4.0) minitest (5.11.3) - multi_json (1.13.1) + multi_json (1.14.1) multi_xml (0.6.0) - multipart-post (2.0.0) - nokogiri (1.10.1) + multipart-post (2.1.1) + nokogiri (1.10.8) mini_portile2 (~> 2.4.0) - oauth2 (1.4.1) - faraday (>= 0.8, < 0.16.0) + oauth2 (1.4.4) + faraday (>= 0.8, < 2.0) jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) rack (>= 1.2, < 3) pg (1.1.4) - public_suffix (3.0.3) - rack (2.0.6) - rake (12.3.2) + public_suffix (4.0.3) + rack (2.2.2) + rake (13.0.1) + rchardet (1.8.0) rdoc (3.12.2) json (~> 1.4) semver (1.0.1) @@ -102,11 +104,11 @@ DEPENDENCIES elasticsearch-model elasticsearch-rails excon - juwelier (~> 2.1.0) + juwelier (~> 2.1.3) pg rdoc (~> 3.12) shoulda simplecov BUNDLED WITH - 1.17.2 + 1.17.3