From eb32e8ae202d69eccc34774592710646a4586df7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Jun 2025 05:17:36 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-2960802 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848599 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1293239 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056551 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056552 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056553 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056554 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056555 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639 - https://snyk.io/vuln/SNYK-RUBY-RAKE-552000 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732769 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732779 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-534637 - https://snyk.io/vuln/SNYK-RUBY-RACK-10074187 - https://snyk.io/vuln/SNYK-RUBY-RACK-9398129 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-569599 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-569600 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-560837 - https://snyk.io/vuln/SNYK-RUBY-RACK-572377 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2840634 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2413994 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-459107 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-2803851 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1290052 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-1080913 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-3237239 - https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168649 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1726792 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2620374 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630623 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630898 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848600 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-569066 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646 - https://snyk.io/vuln/SNYK-RUBY-TZINFO-2958048 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1290051 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-569601 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2400638 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-474102 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510795 - https://snyk.io/vuln/SNYK-RUBY-RACK-8720151 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220162 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220268 - https://snyk.io/vuln/SNYK-RUBY-RACK-9058602 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-2935879 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168318 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2803847 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237231 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237232 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274388 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233 - https://snyk.io/vuln/SNYK-RUBY-RACK-538324 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510789 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-5741907 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-632514 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-5851458 - https://snyk.io/vuln/SNYK-RUBY-RAILTIES-5851410 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9789079 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1055008 - https://snyk.io/vuln/SNYK-RUBY-RACK-10074188 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8496389 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8453714 --- Gemfile | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Gemfile b/Gemfile index bd21667..ee4bd92 100644 --- a/Gemfile +++ b/Gemfile @@ -7,18 +7,18 @@ ruby ::File.read('.ruby-version').split('-').last # Application Dependencies gem 'activesupport' gem 'puma' -gem 'sinatra', require: false -gem 'sinatra-contrib' +gem 'sinatra', '>= 2.0.6', require: false +gem 'sinatra-contrib', '>= 2.0.6' gem 'sinatra-flash' # Settings gem 'config' # Datastore Dependencies -gem 'actionpack', require: false +gem 'actionpack', '>= 7.1.0', require: false gem 'activerecord' gem 'pg' -gem 'standalone_migrations' +gem 'standalone_migrations', '>= 7.1.3' # Rake & Job Dependencies gem 'bundler-audit' @@ -26,15 +26,15 @@ gem 'progressbar' gem 'rake' group :development, :test do - gem 'capybara' - gem 'factory_bot' + gem 'capybara', '>= 3.27.0' + gem 'factory_bot', '>= 5.1.0' gem 'faker' - gem 'rack-test' - gem 'racksh' + gem 'rack-test', '>= 2.0.0' + gem 'racksh', '>= 1.0.1' gem 'rspec' gem 'rspec-json_expectations' gem 'rubocop', require: false gem 'rubocop-performance' - gem 'shoulda' + gem 'shoulda', '>= 4.0.0' gem 'simplecov', require: false end