From 8817c55c1e7bdd412cc89af4bf2b53265b4ac1e2 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 19 Jan 2023 17:18:27 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242 --- Gemfile | 2 +- Gemfile.lock | 73 ++++++++++++++++++++++++++++------------------------ 2 files changed, 41 insertions(+), 34 deletions(-) diff --git a/Gemfile b/Gemfile index 486d604c589a33..a2cfca0c5f1655 100644 --- a/Gemfile +++ b/Gemfile @@ -24,4 +24,4 @@ gem "wdm", "~> 0.1.0" if Gem.win_platform? gem "html-proofer", '>=3.3.1' -gem "eip_validator", ">=0.8.2" +gem "eip_validator", ">= 0.8.2" diff --git a/Gemfile.lock b/Gemfile.lock index 265e48d8c8d53e..acc694705ff196 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,16 +1,16 @@ GEM remote: https://rubygems.org/ specs: - activemodel (6.0.3.1) - activesupport (= 6.0.3.1) - activesupport (6.0.3.1) + activemodel (6.0.6.1) + activesupport (= 6.0.6.1) + activesupport (6.0.6.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) zeitwerk (~> 2.2, >= 2.2.2) - addressable (2.8.0) - public_suffix (>= 2.0.2, < 5.0) + addressable (2.8.1) + public_suffix (>= 2.0.2, < 6.0) coffee-script (2.4.1) coffee-script-source execjs @@ -18,22 +18,24 @@ GEM colorator (1.1.0) commonmarker (0.17.13) ruby-enum (~> 0.5) - concurrent-ruby (1.1.6) - dnsruby (1.61.3) - addressable (~> 2.5) + concurrent-ruby (1.1.10) + dnsruby (1.61.9) + simpleidn (~> 0.1) eip_validator (0.8.2) activemodel front_matter_parser (~> 0.1.1) - em-websocket (0.5.1) + em-websocket (0.5.3) eventmachine (>= 0.12.9) - http_parser.rb (~> 0.6.0) - ethon (0.12.0) - ffi (>= 1.3.0) + http_parser.rb (~> 0) + ethon (0.16.0) + ffi (>= 1.15.0) eventmachine (1.2.7) - execjs (2.7.0) - faraday (1.0.1) - multipart-post (>= 1.2, < 3) - ffi (1.12.2) + execjs (2.8.1) + faraday (2.7.3) + faraday-net_http (>= 2.0, < 3.1) + ruby2_keywords (>= 0.0.4) + faraday-net_http (3.0.2) + ffi (1.15.5) forwardable-extended (2.6.0) front_matter_parser (0.1.1) gemoji (3.0.1) @@ -86,7 +88,7 @@ GEM octokit (~> 4.0) public_suffix (~> 3.0) typhoeus (~> 1.3) - html-pipeline (2.13.0) + html-pipeline (2.14.3) activesupport (>= 2) nokogiri (>= 1.4) html-proofer (3.15.3) @@ -97,7 +99,7 @@ GEM rainbow (~> 3.0) typhoeus (~> 1.3) yell (~> 2.0) - http_parser.rb (0.6.0) + http_parser.rb (0.8.0) i18n (0.9.5) concurrent-ruby (~> 1.0) jekyll (3.8.7) @@ -207,7 +209,7 @@ GEM jekyll (>= 3.0, < 5.0) kramdown (1.17.0) liquid (4.0.3) - listen (3.2.1) + listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.3.6) @@ -216,38 +218,40 @@ GEM jekyll (>= 3.5, < 5.0) jekyll-feed (~> 0.9) jekyll-seo-tag (~> 2.1) - minitest (5.14.1) - multipart-post (2.1.1) - nokogiri (1.13.10) + minitest (5.17.0) + nokogiri (1.14.0) mini_portile2 (~> 2.8.0) racc (~> 1.4) nokogumbo (2.0.2) nokogiri (~> 1.8, >= 1.8.4) - octokit (4.18.0) - faraday (>= 0.9) - sawyer (~> 0.8.0, >= 0.5.3) + octokit (4.25.1) + faraday (>= 1, < 3) + sawyer (~> 0.9) parallel (1.19.1) pathutil (0.16.2) forwardable-extended (~> 2.6) public_suffix (3.1.1) racc (1.6.2) rainbow (3.0.0) - rb-fsevent (0.10.4) + rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) rouge (3.19.0) - ruby-enum (0.8.0) + ruby-enum (0.9.0) i18n - rubyzip (2.3.0) + ruby2_keywords (0.0.5) + rubyzip (2.3.2) safe_yaml (1.0.5) sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - sawyer (0.8.2) + sawyer (0.9.2) addressable (>= 2.3.5) - faraday (> 0.8, < 2.0) + faraday (>= 0.17.3, < 3) + simpleidn (0.2.1) + unf (~> 0.1.4) terminal-table (1.8.0) unicode-display_width (~> 1.1, >= 1.1.1) thread_safe (0.3.6) @@ -255,9 +259,12 @@ GEM ethon (>= 0.9.0) tzinfo (1.2.10) thread_safe (~> 0.1) - unicode-display_width (1.7.0) + unf (0.1.4) + unf_ext + unf_ext (0.0.8.2) + unicode-display_width (1.8.0) yell (2.2.2) - zeitwerk (2.3.0) + zeitwerk (2.6.6) PLATFORMS ruby @@ -271,4 +278,4 @@ DEPENDENCIES tzinfo-data BUNDLED WITH - 1.17.2 + 1.17.3