[Snyk] Security upgrade rspec-rails from 5.1.2 to 8.0.0 by acid-chicken · Pull Request #170 · 346design/mastodon

acid-chicken · 2025-05-04T05:51:51Z

⚠️

Warning

Failed to update the Gemfile.lock, please update manually before merging.

	Issue	Score
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-3168647	626
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-LOOFAH-3168317	589
	Uncontrolled Recursion SNYK-RUBY-LOOFAH-3168649	589
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-RAILSHTMLSANITIZER-3168646	589
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIVESUPPORT-3360028	519
	Cross-site Scripting (XSS) SNYK-RUBY-LOOFAH-3168318	519
	Improper Input Validation SNYK-RUBY-ACTIONPACK-7210237	484
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-3168316	484
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIONPACK-3237231	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIONPACK-3237232	479
	Exposure of Data Element to Wrong Session SNYK-RUBY-ACTIONPACK-6274388	479
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIVESUPPORT-3237242	479
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIONPACK-5741907	449
	Information Exposure SNYK-RUBY-ACTIVESUPPORT-5851458	429
	Information Exposure SNYK-RUBY-RAILTIES-5851410	429
	Cross-site Scripting (XSS) SNYK-RUBY-RAILSHTMLSANITIZER-3168648	424

Important

Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

Learn how to fix vulnerabilities with free interactive lessons:

Provide feedback