Skip to content

Commit

Permalink
fix: Gemfile & Gemfile.lock to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577227
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577228
  • Loading branch information
@snyk-bot
snyk-bot committed Aug 2, 2024
1 parent f55451e commit 16ac84e
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 29 deletions.
8 changes: 4 additions & 4 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ group :development, :test do
gem 'byebug', platform: :mri # Call 'byebug' anywhere in the code to stop execution and get a debugger console
gem 'rb-readline'
gem 'rspec-rails', '~> 3.5'
gem 'rubocop', '~> 1.19.0' # Enforce ruby code style
gem 'rubocop-rails', '~> 2.12'
gem 'rubocop-rspec', '~> 2.5'
gem 'rubocop', '~> 1.20.0' # Enforce ruby code style
gem 'rubocop-rails', '~> 2.15', '>= 2.15.0'
gem 'rubocop-rspec', '~> 2.11', '>= 2.11.0'
gem 'simplecov', require: false # determine code coverage of tests
end

Expand All @@ -39,5 +39,5 @@ group :development do
end

group :test do
gem 'webmock' # used by vcr gem
gem 'webmock' , '>= 3.19.0' # used by vcr gem
end
55 changes: 30 additions & 25 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,16 @@ GEM
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.8.4)
public_suffix (>= 2.0.2, < 6.0)
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
arel (9.0.0)
ast (2.4.2)
bigdecimal (3.1.8)
builder (3.2.4)
byebug (11.1.3)
concurrent-ruby (1.2.2)
crack (0.4.5)
concurrent-ruby (1.3.3)
crack (1.0.0)
bigdecimal
rexml
crass (1.0.6)
diff-lcs (1.5.0)
Expand All @@ -70,8 +72,8 @@ GEM
ffi (1.9.25)
globalid (1.1.0)
activesupport (>= 5.0)
hashdiff (1.0.1)
i18n (1.14.1)
hashdiff (1.1.0)
i18n (1.14.5)
concurrent-ruby (~> 1.0)
io-wait (0.3.0)
jbuilder (2.11.5)
Expand All @@ -92,7 +94,7 @@ GEM
method_source (1.0.0)
mini_mime (1.1.2)
mini_portile2 (2.6.1)
minitest (5.15.0)
minitest (5.24.1)
multipart-post (2.3.0)
net-imap (0.2.2)
digest
Expand All @@ -112,16 +114,16 @@ GEM
nokogiri (1.12.5)
mini_portile2 (~> 2.6.1)
racc (~> 1.4)
parallel (1.23.0)
parser (3.2.2.3)
parallel (1.25.1)
parser (3.3.4.0)
ast (~> 2.4.1)
racc
pg (0.21.0)
public_suffix (4.0.7)
public_suffix (5.1.1)
puma (4.3.12)
nio4r (~> 2.0)
racc (1.7.1)
rack (2.2.7)
racc (1.8.1)
rack (2.2.9)
rack-test (2.1.0)
rack (>= 1.3)
rails (5.2.8.1)
Expand Down Expand Up @@ -154,10 +156,11 @@ GEM
rb-inotify (0.10.1)
ffi (~> 1.0)
rb-readline (0.5.5)
regexp_parser (2.8.1)
regexp_parser (2.9.2)
request_store (1.5.1)
rack (>= 1.4)
rexml (3.2.5)
rexml (3.3.4)
strscan
rspec-core (3.9.3)
rspec-support (~> 3.9.3)
rspec-expectations (3.9.4)
Expand All @@ -175,7 +178,7 @@ GEM
rspec-mocks (~> 3.9.0)
rspec-support (~> 3.9.0)
rspec-support (3.9.4)
rubocop (1.19.1)
rubocop (1.20.0)
parallel (~> 1.10)
parser (>= 3.0.0.0)
rainbow (>= 2.2.2, < 4.0)
Expand All @@ -184,13 +187,13 @@ GEM
rubocop-ast (>= 1.9.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 3.0)
rubocop-ast (1.17.0)
parser (>= 3.1.1.0)
rubocop-rails (2.14.2)
rubocop-ast (1.31.3)
parser (>= 3.3.1.0)
rubocop-rails (2.15.2)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 1.7.0, < 2.0)
rubocop-rspec (2.10.0)
rubocop-rspec (2.11.1)
rubocop (~> 1.19)
ruby-progressbar (1.13.0)
simplecov (0.22.0)
Expand Down Expand Up @@ -222,8 +225,8 @@ GEM
timeout (0.3.2)
tzinfo (1.2.11)
thread_safe (~> 0.1)
unicode-display_width (2.4.2)
webmock (3.18.1)
unicode-display_width (2.5.0)
webmock (3.23.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
Expand All @@ -248,12 +251,14 @@ DEPENDENCIES
rails (~> 5.2)
rb-readline
rspec-rails (~> 3.5)
rubocop (~> 1.19.0)
rubocop-rails (~> 2.12)
rubocop-rspec (~> 2.5)
rubocop (~> 1.20.0)
rubocop-rails (~> 2.15, >= 2.15.0)
rubocop-rspec (~> 2.11, >= 2.11.0)
simplecov
spring
spring-watcher-listen (~> 2.0.0)
strong_migrations (~> 0.3)
webmock
webmock (>= 3.19.0)

BUNDLED WITH
2.1.4

0 comments on commit 16ac84e

Please sign in to comment.