From 042cfbeb1f2bf936ecb8a50117142dfda3827a1a Mon Sep 17 00:00:00 2001 From: Anton Georgiev <antobinary@users.noreply.github.com> Date: Wed, 11 Oct 2023 14:19:24 -0400 Subject: [PATCH] [Snyk] Fix for 1 vulnerabilities (#5442) * fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 * Update Gemfile.lock --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com> --- Gemfile | 4 ++-- Gemfile.lock | 16 ++++++++-------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Gemfile b/Gemfile index 592a2c02..04f52710 100644 --- a/Gemfile +++ b/Gemfile @@ -5,14 +5,14 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '>= 3.0' -gem 'active_model_serializers' +gem 'active_model_serializers', '>= 0.10.14' gem 'active_storage_validations', '>= 1.0.4' gem 'aws-sdk-s3', require: false gem 'bcrypt', '~> 3.1.7' gem 'bigbluebutton-api-ruby', '1.9.1' gem 'bootsnap', require: false gem 'cssbundling-rails', '>= 1.3.3' -gem 'data_migrate', '>= 9.1.0' +gem 'data_migrate', '>= 9.2.0' gem 'dotenv-rails' gem 'google-cloud-storage', '~> 1.44', require: false gem 'hcaptcha' diff --git a/Gemfile.lock b/Gemfile.lock index ac27fb6f..d7f07432 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -46,9 +46,9 @@ GEM erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - active_model_serializers (0.10.13) - actionpack (>= 4.1, < 7.1) - activemodel (>= 4.1, < 7.1) + active_model_serializers (0.10.14) + actionpack (>= 4.1) + activemodel (>= 4.1) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) active_storage_validations (1.0.4) @@ -130,9 +130,9 @@ GEM crass (1.0.6) cssbundling-rails (1.3.3) railties (>= 6.0.0) - data_migrate (9.1.1) - activerecord (>= 6.0) - railties (>= 6.0) + data_migrate (9.2.0) + activerecord (>= 6.1) + railties (>= 6.1) date (3.3.3) debug (1.7.1) irb (>= 1.5.0) @@ -470,7 +470,7 @@ PLATFORMS x86_64-linux DEPENDENCIES - active_model_serializers + active_model_serializers (>= 0.10.14) active_storage_validations (>= 1.0.4) aws-sdk-s3 bcrypt (~> 3.1.7) @@ -478,7 +478,7 @@ DEPENDENCIES bootsnap capybara cssbundling-rails (>= 1.3.3) - data_migrate (>= 9.1.0) + data_migrate (>= 9.2.0) debug dotenv-rails factory_bot_rails -- GitLab