From 2d800e5d6f7b9d1f719841193eb860820116bb44 Mon Sep 17 00:00:00 2001 From: David Powell Date: Fri, 31 May 2019 10:39:26 +1000 Subject: [PATCH] Update "vulnerable" gems --- Gemfile | 8 +++++++- Gemfile.lock | 34 ++++++++++++++++++++-------------- 2 files changed, 27 insertions(+), 15 deletions(-) diff --git a/Gemfile b/Gemfile index 8112c0f..297deb6 100644 --- a/Gemfile +++ b/Gemfile @@ -14,7 +14,13 @@ gem 'jquery-rails' gem 'turbolinks', '~> 5' gem 'jbuilder', '~> 2.5' gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby] -gem 'bootstrap-sass' + +gem "bootstrap-sass", ">= 3.4.1" +gem "nokogiri", ">= 1.8.5" +gem "rack", ">= 2.0.6" +gem "loofah", ">= 2.2.3" + + gem "font-awesome-rails" gem 'bootstrap-social-rails' diff --git a/Gemfile.lock b/Gemfile.lock index d2695da..29545a4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -41,7 +41,7 @@ GEM airbrussh (1.3.0) sshkit (>= 1.6.1, != 1.7.0) arel (7.1.4) - autoprefixer-rails (8.6.5) + autoprefixer-rails (9.5.1.1) execjs better_errors (2.4.0) coderay (>= 1.0.0) @@ -50,9 +50,9 @@ GEM bindex (0.5.0) binding_of_caller (0.8.0) debug_inspector (>= 0.0.1) - bootstrap-sass (3.3.7) + bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) - sass (>= 3.3.4) + sassc (>= 2.0.0) bootstrap-social-rails (4.12.0) railties (>= 3.1) browser-timezone-rails (1.0.1) @@ -93,7 +93,7 @@ GEM execjs (2.7.0) faraday (0.12.2) multipart-post (>= 1.2, < 3) - ffi (1.9.25) + ffi (1.11.1) font-awesome-rails (4.7.0.4) railties (>= 3.2, < 6.0) globalid (0.4.1) @@ -133,14 +133,14 @@ GEM listen (3.0.8) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - loofah (2.2.2) + loofah (2.2.3) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.0) mini_mime (>= 0.1.1) method_source (0.9.0) mini_mime (1.0.0) - mini_portile2 (2.3.0) + mini_portile2 (2.4.0) minitest (5.11.3) multi_json (1.13.1) multi_xml (0.6.0) @@ -149,8 +149,8 @@ GEM net-ssh (>= 2.6.5) net-ssh (5.0.2) nio4r (2.3.1) - nokogiri (1.8.4) - mini_portile2 (~> 2.3.0) + nokogiri (1.10.3) + mini_portile2 (~> 2.4.0) oauth (0.5.4) oauth2 (1.4.0) faraday (>= 0.8, < 0.13) @@ -175,7 +175,7 @@ GEM omniauth-oauth (~> 1.1) rack puma (3.11.4) - rack (2.0.5) + rack (2.0.7) rack-test (0.6.3) rack (>= 1.0) rails (5.0.7) @@ -204,11 +204,11 @@ GEM thor (>= 0.18.1, < 2.0) rake (12.3.1) rb-fsevent (0.10.3) - rb-inotify (0.9.10) - ffi (>= 0.5.0, < 2) + rb-inotify (0.10.0) + ffi (~> 1.0) ruby_parser (3.11.0) sexp_processor (~> 4.9) - sass (3.5.6) + sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) @@ -219,6 +219,9 @@ GEM sprockets (>= 2.8, < 4.0) sprockets-rails (>= 2.0, < 4.0) tilt (>= 1.1, < 3) + sassc (2.0.1) + ffi (~> 1.9) + rake sexp_processor (4.11.0) simple_form (4.0.1) actionpack (>= 5.0) @@ -265,7 +268,7 @@ PLATFORMS DEPENDENCIES better_errors binding_of_caller - bootstrap-sass + bootstrap-sass (>= 3.4.1) bootstrap-social-rails browser-timezone-rails byebug @@ -283,10 +286,13 @@ DEPENDENCIES jquery-rails jquery-tablesorter listen (~> 3.0.5) + loofah (>= 2.2.3) + nokogiri (>= 1.8.5) omniauth omniauth-google-oauth2 omniauth-twitter puma (~> 3.0) + rack (>= 2.0.6) rails (~> 5.0.2) rails_layout sass-rails (~> 5.0) @@ -303,4 +309,4 @@ RUBY VERSION ruby 2.4.0p0 BUNDLED WITH - 1.14.6 + 2.0.1