diff --git a/.ruby-version b/.ruby-version index e75da3e..59aa62c 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.3.6 +2.4.5 diff --git a/CHANGELOG.md b/CHANGELOG.md index 16c2045..bbc1e09 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ # Unreleased +* Updated Ruby version to 2.4.5 and Rails version to 4.2.11 +* Updated activejob, loofah, nokogiri and rack to prevent security issues. * Update nokogiri, rack-cors, sprockets to stable versions ([#226](https://github.com/fs/rails-base-api/pull/226)) * Update Ruby to 2.3.6, update loofah gem diff --git a/Gemfile b/Gemfile index f214d12..e345312 100644 --- a/Gemfile +++ b/Gemfile @@ -1,9 +1,9 @@ source "https://rubygems.org" -ruby "2.3.6" +ruby "2.4.5" # the most important stuff -gem "rails", "4.2.8" +gem "rails", "4.2.11" gem "pg" gem "rails-api" gem "rails_api_format", git: "https://github.com/fs/rails-api-format.git" diff --git a/Gemfile.lock b/Gemfile.lock index 06b91fb..4853d2f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -18,36 +18,36 @@ GIT GEM remote: https://rubygems.org/ specs: - actionmailer (4.2.8) - actionpack (= 4.2.8) - actionview (= 4.2.8) - activejob (= 4.2.8) + actionmailer (4.2.11) + actionpack (= 4.2.11) + actionview (= 4.2.11) + activejob (= 4.2.11) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.8) - actionview (= 4.2.8) - activesupport (= 4.2.8) + actionpack (4.2.11) + actionview (= 4.2.11) + activesupport (= 4.2.11) rack (~> 1.6) rack-test (~> 0.6.2) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.8) - activesupport (= 4.2.8) + actionview (4.2.11) + activesupport (= 4.2.11) builder (~> 3.1) erubis (~> 2.7.0) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (4.2.8) - activesupport (= 4.2.8) + activejob (4.2.11) + activesupport (= 4.2.11) globalid (>= 0.3.0) - activemodel (4.2.8) - activesupport (= 4.2.8) + activemodel (4.2.11) + activesupport (= 4.2.11) builder (~> 3.1) - activerecord (4.2.8) - activemodel (= 4.2.8) - activesupport (= 4.2.8) + activerecord (4.2.11) + activemodel (= 4.2.11) + activesupport (= 4.2.11) arel (~> 6.0) - activesupport (4.2.8) + activesupport (4.2.11) i18n (~> 0.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) @@ -79,10 +79,10 @@ GEM bundler (~> 1.2) thor (~> 0.18) byebug (6.0.2) - concurrent-ruby (1.0.5) + concurrent-ruby (1.1.4) crack (0.4.2) safe_yaml (~> 1.0.0) - crass (1.0.3) + crass (1.0.4) daemons (1.1.9) database_cleaner (1.2.0) decent_exposure (3.0.0) @@ -116,14 +116,15 @@ GEM dotenv (>= 0.7) thor (>= 0.13.6) github-markdown (0.6.6) - globalid (0.3.7) - activesupport (>= 4.1.0) + globalid (0.4.1) + activesupport (>= 4.2.0) haml (4.0.5) tilt health_check (2.2.1) rails (>= 4.0) highline (1.6.21) - i18n (0.8.1) + i18n (0.9.5) + concurrent-ruby (~> 1.0) interactor (3.1.0) json (1.8.6) json_spec (1.1.4) @@ -136,61 +137,59 @@ GEM addressable (~> 2.3) letter_opener (1.2.0) launchy (~> 2.2) - loofah (2.2.2) + loofah (2.2.3) crass (~> 1.0.2) nokogiri (>= 1.5.9) - mail (2.6.4) - mime-types (>= 1.16, < 4) + mail (2.7.1) + mini_mime (>= 0.1.1) mail_safe (0.3.1) actionmailer (>= 1.3.6) - mime-types (3.1) - mime-types-data (~> 3.2015) - mime-types-data (3.2016.0521) - mini_portile2 (2.3.0) - minitest (5.10.1) + mini_mime (1.0.1) + mini_portile2 (2.4.0) + minitest (5.11.3) multi_json (1.12.1) mustache (0.99.8) - nokogiri (1.8.4) - mini_portile2 (~> 2.3.0) + nokogiri (1.9.1) + mini_portile2 (~> 2.4.0) orm_adapter (0.5.0) parallel (1.12.1) parser (2.5.0.5) ast (~> 2.4.0) pg (0.17.1) powerpack (0.1.1) - rack (1.6.10) + rack (1.6.11) rack-cors (1.0.2) rack-test (0.6.3) rack (>= 1.0) - rails (4.2.8) - actionmailer (= 4.2.8) - actionpack (= 4.2.8) - actionview (= 4.2.8) - activejob (= 4.2.8) - activemodel (= 4.2.8) - activerecord (= 4.2.8) - activesupport (= 4.2.8) + rails (4.2.11) + actionmailer (= 4.2.11) + actionpack (= 4.2.11) + actionview (= 4.2.11) + activejob (= 4.2.11) + activemodel (= 4.2.11) + activerecord (= 4.2.11) + activesupport (= 4.2.11) bundler (>= 1.3.0, < 2.0) - railties (= 4.2.8) + railties (= 4.2.11) sprockets-rails rails-api (0.4.1) actionpack (>= 3.2.11) railties (>= 3.2.11) rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.8) - activesupport (>= 4.2.0.beta, < 5.0) + rails-dom-testing (1.0.9) + activesupport (>= 4.2.0, < 5.0) nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) rails-html-sanitizer (1.0.4) loofah (~> 2.2, >= 2.2.2) - railties (4.2.8) - actionpack (= 4.2.8) - activesupport (= 4.2.8) + railties (4.2.11) + actionpack (= 4.2.11) + activesupport (= 4.2.11) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) rainbow (3.0.0) - rake (11.3.0) + rake (12.3.2) responders (2.1.1) railties (>= 4.2.0, < 5.1) rollbar (2.12.0) @@ -237,7 +236,7 @@ GEM safe_yaml (1.0.2) sass (3.3.4) seedbank (0.3.0) - sexp_processor (4.4.3) + sexp_processor (4.11.0) shoulda-matchers (2.8.0) activesupport (>= 3.0.0) simple_token_authentication (1.10.0) @@ -258,7 +257,7 @@ GEM sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.0) + sprockets-rails (3.2.1) actionpack (>= 4.0) activesupport (>= 4.0) sprockets (>= 3.0.0) @@ -268,10 +267,10 @@ GEM daemons (>= 1.0.9) eventmachine (>= 1.0.0) rack (>= 1.0.0) - thor (0.19.4) + thor (0.20.3) thread_safe (0.3.6) tilt (2.0.1) - tzinfo (1.2.2) + tzinfo (1.2.5) thread_safe (~> 0.1) unicode-display_width (1.3.0) uniform_notifier (1.9.0) @@ -307,7 +306,7 @@ DEPENDENCIES mail_safe pg rack-cors - rails (= 4.2.8) + rails (= 4.2.11) rails-api rails_api_format! responders @@ -325,7 +324,7 @@ DEPENDENCIES webmock RUBY VERSION - ruby 2.3.6p384 + ruby 2.4.5p335 BUNDLED WITH - 1.16.3 + 1.17.2 diff --git a/README.md b/README.md index e137cb4..dcb436d 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ This simple application includes ruby/rails technology which we use at FlatStack for new REST API projects. -Application currently based on Rails 4 stable branch and Ruby 2.3.6 +Application currently based on Rails 4.2.11 and Ruby 2.4.5 ## API