From 4e8326c9bf1a5892f3d152a15f13119f8c190bce Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Oct 2023 00:46:06 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-5851458 - https://snyk.io/vuln/SNYK-RUBY-GLOBALID-3237234 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168318 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168649 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-474102 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1055008 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1293239 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1726792 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2413994 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2620374 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630623 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630898 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2840634 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-459107 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-534637 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848599 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848600 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233 - https://snyk.io/vuln/SNYK-RUBY-RACK-538324 - https://snyk.io/vuln/SNYK-RUBY-RACK-569066 - https://snyk.io/vuln/SNYK-RUBY-RACK-572377 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-2935879 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648 - https://snyk.io/vuln/SNYK-RUBY-TZINFO-2958048 --- Gemfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index c4026f7..79d7dfa 100644 --- a/Gemfile +++ b/Gemfile @@ -4,20 +4,20 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '2.5.1' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 5.2.3' +gem 'rails', '~> 7.1.0' # Use sqlite3 as the database for Active Record gem 'sqlite3' # Use Puma as the app server gem 'puma', '~> 3.11' # Use SCSS for stylesheets -gem 'sass-rails', '~> 5.0' +gem 'sass-rails', '~> 5.0', '>= 5.0.8' # Use Uglifier as compressor for JavaScript assets gem 'uglifier', '>= 1.3.0' # See https://github.com/rails/execjs#readme for more supported runtimes # gem 'mini_racer', platforms: :ruby # Use CoffeeScript for .coffee assets and views -gem 'coffee-rails', '~> 4.2' +gem 'coffee-rails', '~> 5.0', '>= 5.0.0' # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks gem 'turbolinks', '~> 5' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder @@ -43,7 +43,7 @@ end group :development do # Access an interactive console on exception pages or by calling 'console' anywhere in the code. - gem 'web-console', '>= 3.3.0' + gem 'web-console', '>= 4.0.0' gem 'listen', '>= 3.0.5', '< 3.2' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring gem 'spring'