From 395059cab27fdf1b24f6d1fcb8bb54be3eddc107 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 13 Sep 2019 00:42:26 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-DEVISE-465098 --- Gemfile | 2 +- Gemfile.lock | 112 +++++++++++++++++++++++++++++---------------------- 2 files changed, 65 insertions(+), 49 deletions(-) diff --git a/Gemfile b/Gemfile index 569fc12..6eb4306 100644 --- a/Gemfile +++ b/Gemfile @@ -25,7 +25,7 @@ gem 'token_phrase' gem 'meta-tags', require: 'meta_tags' -gem 'activeadmin' +gem 'activeadmin', '>= 0.6.0' gem 'glow' gem 'twitter-bootstrap-rails' diff --git a/Gemfile.lock b/Gemfile.lock index a01c8e3..264ee40 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -14,18 +14,17 @@ GEM rack-cache (~> 1.2) rack-test (~> 0.6.1) sprockets (~> 2.2.1) - activeadmin (0.6.0) - arbre (>= 1.0.1) - bourbon (>= 1.0.0) - devise (>= 1.1.2) - fastercsv - formtastic (>= 2.0.0) - inherited_resources (>= 1.3.1) - jquery-rails (>= 1.0.0) - kaminari (>= 0.13.0) - meta_search (>= 0.9.2) - rails (>= 3.0.0) - sass (>= 3.1.0) + activeadmin (0.6.6) + arbre (~> 1.0) + bourbon (>= 1.0.0, < 4) + devise (>= 1.5.4, < 4) + formtastic (~> 2.0) + inherited_resources (~> 1.3) + jquery-rails (>= 1.0.0, < 3) + kaminari (~> 0.13, != 0.15.0) + meta_search (~> 1.0) + rails (>= 3.0.0, < 4) + sass (~> 3.1) activemodel (3.2.13) activesupport (= 3.2.13) builder (~> 3.0.0) @@ -41,12 +40,12 @@ GEM i18n (= 0.6.1) multi_json (~> 1.0) addressable (2.3.5) - arbre (1.0.1) + arbre (1.2.1) activesupport (>= 3.0.0) - arel (3.0.2) - bcrypt-ruby (3.0.1) - bourbon (3.1.8) - sass (>= 3.2.0) + arel (3.0.3) + bcrypt (3.1.13) + bourbon (3.2.4) + sass (~> 3.2) thor builder (3.0.4) certified (0.1.1) @@ -58,31 +57,37 @@ GEM coffee-script-source execjs coffee-script-source (1.6.2) - devise (2.2.4) - bcrypt-ruby (~> 3.0) + devise (3.5.10) + bcrypt (~> 3.0) orm_adapter (~> 0.1) - railties (~> 3.1) - warden (~> 1.2.1) + railties (>= 3.2.6, < 5) + responders + thread_safe (~> 0.1) + warden (~> 1.2.3) diff-lcs (1.2.4) erubis (2.7.0) execjs (1.4.0) multi_json (~> 1.0) faraday (0.8.7) multipart-post (~> 1.1) - fastercsv (1.5.5) - formtastic (2.2.1) + ffi (1.11.1) + formtastic (2.3.1) actionpack (>= 3.0) glow (0.0.12) jquery-rails rails (>= 3.0.0, < 4.0.0) haml (4.0.3) tilt - has_scope (0.5.1) + has_scope (0.6.0) + actionpack (>= 3.2, < 5) + activesupport (>= 3.2, < 5) hike (1.2.3) i18n (0.6.1) - inherited_resources (1.4.0) - has_scope (~> 0.5.0) - responders (~> 0.9) + inherited_resources (1.7.2) + actionpack (>= 3.2, < 5.2.x) + has_scope (~> 0.6) + railties (>= 3.2, < 5.2.x) + responders journey (1.0.4) jquery-minicolors-rails (0.0.3) jquery-rails @@ -90,8 +95,8 @@ GEM jquery-rails (2.3.0) railties (>= 3.0, < 5.0) thor (>= 0.14, < 2.0) - json (1.8.0) - kaminari (0.14.1) + json (1.8.6) + kaminari (0.17.0) actionpack (>= 3.0.0) activesupport (>= 3.0.0) launchy (2.3.0) @@ -99,7 +104,7 @@ GEM letter_opener (1.1.2) launchy (~> 2.2) libv8 (3.16.14.7) - mail (2.5.4) + mail (2.5.5) mime-types (~> 1.16) treetop (~> 1.4.8) meta-tags (1.5.0) @@ -110,11 +115,11 @@ GEM activesupport (~> 3.1) polyamorous (~> 0.5.0) method_source (0.8.1) - mime-types (1.23) - multi_json (1.7.7) + mime-types (1.25.1) + multi_json (1.13.1) multipart-post (1.2.0) newrelic_rpm (3.6.4.122) - orm_adapter (0.4.0) + orm_adapter (0.5.0) pg (0.15.1) pg_search (0.6.4) activerecord (>= 3.1) @@ -122,17 +127,17 @@ GEM arel polyamorous (0.5.0) activerecord (~> 3.0) - polyglot (0.3.3) + polyglot (0.3.5) pry (0.9.12.2) coderay (~> 1.0.5) method_source (~> 0.8) slop (~> 3.4) - rack (1.4.5) - rack-cache (1.2) + rack (1.4.7) + rack-cache (1.9.0) rack (>= 0.4) - rack-ssl (1.3.3) + rack-ssl (1.3.4) rack - rack-test (0.6.2) + rack-test (0.6.3) rack (>= 1.0) rack-timeout (0.0.4) rails (3.2.13) @@ -150,16 +155,19 @@ GEM rake (>= 0.8.7) rdoc (~> 3.4) thor (>= 0.14.6, < 2.0) - rake (10.1.0) + rake (12.3.3) ransack (0.7.2) actionpack (~> 3.0) activerecord (~> 3.0) polyamorous (~> 0.5.0) + rb-fsevent (0.10.3) + rb-inotify (0.10.0) + ffi (~> 1.0) rdoc (3.12.2) json (~> 1.4) ref (1.0.5) - responders (0.9.3) - railties (~> 3.1) + responders (1.1.2) + railties (>= 3.2, < 4.2) rspec-core (2.13.1) rspec-expectations (2.13.0) diff-lcs (>= 1.1.3, < 2.0) @@ -171,7 +179,11 @@ GEM rspec-core (~> 2.13.0) rspec-expectations (~> 2.13.0) rspec-mocks (~> 2.13.0) - sass (3.2.9) + sass (3.7.4) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) sass-rails (3.2.6) railties (~> 3.2.0) sass (>= 3.1.10) @@ -179,7 +191,7 @@ GEM simple_oauth (0.2.0) slop (3.4.5) spring (1.1.3) - sprockets (2.2.2) + sprockets (2.2.3) hike (~> 1.2) multi_json (~> 1.0) rack (~> 1.0) @@ -188,10 +200,11 @@ GEM therubyracer (0.12.1) libv8 (~> 3.16.14.0) ref - thor (0.18.1) + thor (0.20.3) + thread_safe (0.3.6) tilt (1.4.1) token_phrase (1.0.4) - treetop (1.4.14) + treetop (1.4.15) polyglot polyglot (>= 0.3.1) twitter (4.8.1) @@ -203,18 +216,18 @@ GEM execjs rails (>= 3.1) railties (>= 3.1) - tzinfo (0.3.37) + tzinfo (0.3.55) uglifier (2.1.1) execjs (>= 0.3.0) multi_json (~> 1.0, >= 1.0.2) - warden (1.2.1) + warden (1.2.7) rack (>= 1.0) PLATFORMS ruby DEPENDENCIES - activeadmin + activeadmin (>= 0.6.0) certified coffee-rails (~> 3.2.1) glow @@ -241,3 +254,6 @@ DEPENDENCIES twitter twitter-bootstrap-rails uglifier (>= 1.0.3) + +BUNDLED WITH + 1.17.3