Skip to content
This repository was archived by the owner on May 13, 2025. It is now read-only.

Commit f5f121c

Browse files
snyk-botsnyk-bot
committed
fix: Gemfile & Gemfile.lock to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8454495
1 parent 1aaa752 commit f5f121c

File tree

2 files changed

+29
-43
lines changed

2 files changed

+29
-43
lines changed

Gemfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,6 @@ end
4343
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
4444
gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]
4545
gem "twilio-ruby", "~> 5.55"
46-
gem "bootstrap", "~> 5.3"
46+
gem "bootstrap", "~> 5.3", ">= 5.3.2"
4747

4848
gem "retriable", "~> 3.1"

Gemfile.lock

Lines changed: 28 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -66,18 +66,17 @@ GEM
6666
i18n (>= 1.6, < 2)
6767
minitest (>= 5.1)
6868
tzinfo (~> 2.0)
69-
autoprefixer-rails (10.4.13.0)
69+
autoprefixer-rails (10.4.19.0)
7070
execjs (~> 2)
7171
bindex (0.8.1)
7272
bootsnap (1.16.0)
7373
msgpack (~> 1.2)
74-
bootstrap (5.3.1)
74+
bootstrap (5.3.3)
7575
autoprefixer-rails (>= 9.1.0)
7676
popper_js (>= 2.11.8, < 3)
77-
sassc-rails (>= 2.0.0)
78-
builder (3.2.4)
77+
builder (3.3.0)
7978
byebug (11.1.3)
80-
concurrent-ruby (1.2.2)
79+
concurrent-ruby (1.3.4)
8180
coveralls (0.8.23)
8281
json (>= 1.8, < 3)
8382
simplecov (~> 0.16.1)
@@ -92,8 +91,8 @@ GEM
9291
dotenv-rails (2.8.1)
9392
dotenv (= 2.8.1)
9493
railties (>= 3.2)
95-
erubi (1.12.0)
96-
execjs (2.8.1)
94+
erubi (1.13.0)
95+
execjs (2.10.0)
9796
faraday (1.4.2)
9897
faraday-em_http (~> 1.0)
9998
faraday-em_synchrony (~> 1.0)
@@ -107,10 +106,10 @@ GEM
107106
faraday-excon (1.1.0)
108107
faraday-net_http (1.0.1)
109108
faraday-net_http_persistent (1.1.0)
110-
ffi (1.15.5)
109+
ffi (1.17.0)
111110
globalid (1.1.0)
112111
activesupport (>= 5.0)
113-
i18n (1.14.1)
112+
i18n (1.14.6)
114113
concurrent-ruby (~> 1.0)
115114
jbuilder (2.11.5)
116115
actionview (>= 5.0.0)
@@ -120,7 +119,7 @@ GEM
120119
listen (3.8.0)
121120
rb-fsevent (~> 0.10, >= 0.10.3)
122121
rb-inotify (~> 0.9, >= 0.9.10)
123-
loofah (2.21.3)
122+
loofah (2.23.1)
124123
crass (~> 1.0.2)
125124
nokogiri (>= 1.12.0)
126125
mail (2.8.1)
@@ -129,10 +128,9 @@ GEM
129128
net-pop
130129
net-smtp
131130
marcel (1.0.2)
132-
method_source (1.0.0)
131+
method_source (1.1.0)
133132
mini_mime (1.1.2)
134-
mini_portile2 (2.8.4)
135-
minitest (5.19.0)
133+
minitest (5.25.4)
136134
msgpack (1.6.0)
137135
multipart-post (2.1.1)
138136
net-imap (0.3.4)
@@ -145,15 +143,21 @@ GEM
145143
net-smtp (0.3.3)
146144
net-protocol
147145
nio4r (2.5.9)
148-
nokogiri (1.15.4)
149-
mini_portile2 (~> 2.8.2)
146+
nokogiri (1.16.8-arm64-darwin)
147+
racc (~> 1.4)
148+
nokogiri (1.16.8-x64-mingw32)
149+
racc (~> 1.4)
150+
nokogiri (1.16.8-x86_64-darwin)
151+
racc (~> 1.4)
152+
nokogiri (1.16.8-x86_64-linux)
150153
racc (~> 1.4)
151154
pg (1.5.4)
155+
pg (1.5.4-x64-mingw32)
152156
popper_js (2.11.8)
153157
puma (6.3.1)
154158
nio4r (~> 2.0)
155-
racc (1.7.1)
156-
rack (2.2.8)
159+
racc (1.8.1)
160+
rack (2.2.10)
157161
rack-mini-profiler (3.1.1)
158162
rack (>= 1.2.0)
159163
rack-proxy (0.7.6)
@@ -182,17 +186,17 @@ GEM
182186
activesupport (>= 5.0.0)
183187
minitest
184188
nokogiri (>= 1.6)
185-
rails-html-sanitizer (1.6.0)
189+
rails-html-sanitizer (1.6.1)
186190
loofah (~> 2.21)
187-
nokogiri (~> 1.14)
191+
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
188192
railties (7.0.4.3)
189193
actionpack (= 7.0.4.3)
190194
activesupport (= 7.0.4.3)
191195
method_source
192196
rake (>= 12.2)
193197
thor (~> 1.0)
194198
zeitwerk (~> 2.5)
195-
rake (13.0.6)
199+
rake (13.2.1)
196200
rb-fsevent (0.11.2)
197201
rb-inotify (0.10.1)
198202
ffi (~> 1.0)
@@ -215,35 +219,17 @@ GEM
215219
rspec-support (~> 3.12)
216220
rspec-support (3.12.0)
217221
ruby2_keywords (0.0.4)
218-
sassc (2.4.0)
219-
ffi (~> 1.9)
220-
sassc (2.4.0-x64-mingw32)
221-
ffi (~> 1.9)
222-
sassc-rails (2.1.2)
223-
railties (>= 4.0.0)
224-
sassc (>= 2.0)
225-
sprockets (> 3.0)
226-
sprockets-rails
227-
tilt
228222
semantic_range (3.0.0)
229223
simplecov (0.16.1)
230224
docile (~> 1.1)
231225
json (>= 1.8, < 3)
232226
simplecov-html (~> 0.10.0)
233227
simplecov-html (0.10.2)
234228
spring (4.1.1)
235-
sprockets (4.2.0)
236-
concurrent-ruby (~> 1.0)
237-
rack (>= 2.2.4, < 4)
238-
sprockets-rails (3.4.2)
239-
actionpack (>= 5.2)
240-
activesupport (>= 5.2)
241-
sprockets (>= 3.0.0)
242229
sync (0.5.0)
243230
term-ansicolor (1.7.1)
244231
tins (~> 1.0)
245-
thor (1.2.2)
246-
tilt (2.2.0)
232+
thor (1.3.2)
247233
timeout (0.3.2)
248234
tins (1.28.0)
249235
sync
@@ -271,7 +257,7 @@ GEM
271257
websocket-driver (0.7.5)
272258
websocket-extensions (>= 0.1.0)
273259
websocket-extensions (0.1.5)
274-
zeitwerk (2.6.11)
260+
zeitwerk (2.6.18)
275261

276262
PLATFORMS
277263
universal-darwin-19
@@ -280,7 +266,7 @@ PLATFORMS
280266

281267
DEPENDENCIES
282268
bootsnap (>= 1.4.4)
283-
bootstrap (~> 5.3)
269+
bootstrap (~> 5.3, >= 5.3.2)
284270
byebug
285271
coveralls
286272
dotenv-rails
@@ -304,4 +290,4 @@ RUBY VERSION
304290
ruby 3.0.0p0
305291

306292
BUNDLED WITH
307-
2.2.6
293+
2.2.3

0 commit comments

Comments
 (0)