From 7b58d83a1c8e5b527bc0f8c6e02624e242f53e41 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 May 2024 16:43:47 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639 --- Gemfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index ae5b641..5587830 100644 --- a/Gemfile +++ b/Gemfile @@ -1,14 +1,14 @@ source 'https://rubygems.org' -gem 'dotenv-rails' # Use dotenv to load environment variables +gem 'dotenv-rails' , '>= 3.0.0' # Use dotenv to load environment variables gem 'excon-rails' gem 'faraday', '~> 0.9.2' # simple http requests gem 'ffi', '~> 1.9.24' # CVS-2018-1000201 -gem 'jbuilder', '~> 2.5' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder +gem 'jbuilder', '~> 2.12', '>= 2.12.0' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder gem 'newrelic_rpm', '~> 4.5' # NewRelic Application Performance Monitoring gem 'pg', '~> 0.18' # Use postgresql as the database for Active Record gem 'puma', '~> 4.3' # Use Puma as the app server -gem 'rails', '~> 5.2' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' +gem 'rails', '~> 6.0', '>= 6.0.0' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' gem 'strong_migrations', '~> 0.3' # Catch unsafe migrations at dev time # Use Redis adapter to run Action Cable in production # gem 'redis', '~> 3.0' @@ -24,7 +24,7 @@ gem 'strong_migrations', '~> 0.3' # Catch unsafe migrations at dev time group :development, :test do gem 'byebug', platform: :mri # Call 'byebug' anywhere in the code to stop execution and get a debugger console gem 'rb-readline' - gem 'rspec-rails', '~> 3.5' + gem 'rspec-rails', '~> 4.0', '>= 4.0.0' gem 'rubocop', '~> 1.19.0' # Enforce ruby code style gem 'rubocop-rails', '~> 2.12' gem 'rubocop-rspec', '~> 2.5'