fix(security): patch rack rack-cors nokogiri httparty dependency vuln…

…erabilities (#662)
ForestAdmin · Mar 11, 2024 · f05e93e · f05e93e
1 parent 6add008
commit f05e93e
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 13 deletions.
diff --git a/Gemfile b/Gemfile
@@ -31,7 +31,7 @@ gem 'groupdate', '5.2.2'
 gem 'useragent'
 gem 'jwt'
 gem 'bcrypt'
-gem 'httparty', '0.18.1'
+gem 'httparty', '0.21.0'
 gem 'ipaddress', '0.8.3'
 gem 'openid_connect', '1.4.2'
 gem 'json'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -107,8 +107,8 @@ GEM
       activesupport (>= 6.1)
     groupdate (5.2.2)
       activesupport (>= 5)
-    httparty (0.18.1)
-      mime-types (~> 3.0)
+    httparty (0.21.0)
+      mini_mime (>= 1.0.0)
       multi_xml (>= 0.5.2)
     httpclient (2.8.3)
     i18n (1.12.0)
@@ -133,11 +133,8 @@ GEM
       net-smtp
     marcel (1.0.4)
     method_source (1.0.0)
-    mime-types (3.4.1)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2022.0105)
     mini_mime (1.1.2)
-    mini_portile2 (2.8.1)
+    mini_portile2 (2.8.5)
     minitest (5.17.0)
     multi_xml (0.6.0)
     net-http (0.4.1)
@@ -152,8 +149,8 @@ GEM
     net-smtp (0.3.3)
       net-protocol
     nio4r (2.7.0)
-    nokogiri (1.14.0)
-      mini_portile2 (~> 2.8.0)
+    nokogiri (1.16.2)
+      mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     openid_connect (1.4.2)
       activemodel
@@ -167,9 +164,9 @@ GEM
       validate_url
       webfinger (~> 1.2)
     public_suffix (5.0.1)
-    racc (1.6.2)
-    rack (2.2.5)
-    rack-cors (1.1.1)
+    racc (1.7.3)
+    rack (2.2.8.1)
+    rack-cors (2.0.2)
       rack (>= 2.0.0)
     rack-oauth2 (1.21.3)
       activesupport
@@ -273,7 +270,7 @@ DEPENDENCIES
   forest_liana!
   forestadmin-jsonapi-serializers
   groupdate (= 5.2.2)
-  httparty (= 0.18.1)
+  httparty (= 0.21.0)
   ipaddress (= 0.8.3)
   json
   json-jwt (>= 1.16)