From 33de1cf786d5d346d3d907b5d967615f4a56361e Mon Sep 17 00:00:00 2001 From: snyk-test Date: Wed, 12 Jun 2019 06:40:55 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-JQUERYUIRAILS-449592 --- Gemfile | 2 +- Gemfile.lock | 46 +++++++++++++++++++++++++--------------------- 2 files changed, 26 insertions(+), 22 deletions(-) mode change 100755 => 100644 Gemfile mode change 100755 => 100644 Gemfile.lock diff --git a/Gemfile b/Gemfile old mode 100755 new mode 100644 index 68d1136..60dac1f --- a/Gemfile +++ b/Gemfile @@ -15,7 +15,7 @@ gem 'coffee-rails', '~> 4.1.0' gem 'pry-rails' # Use jquery as the JavaScript library gem 'jquery-rails' -gem 'jquery-ui-rails' +gem 'jquery-ui-rails', '>= 6.0.0' # include highchatrs and highstock library gem "highstocks-rails" diff --git a/Gemfile.lock b/Gemfile.lock old mode 100755 new mode 100644 index 813702a..51b950c --- a/Gemfile.lock +++ b/Gemfile.lock @@ -54,7 +54,7 @@ GEM bootswatch-rails (3.2.4) railties (>= 3.1) buftok (0.2.0) - builder (3.2.2) + builder (3.2.3) byebug (3.5.1) columnize (~> 0.8) debugger-linecache (~> 1.2) @@ -68,6 +68,8 @@ GEM execjs coffee-script-source (1.9.1) columnize (0.9.0) + concurrent-ruby (1.1.5) + crass (1.0.4) debug_inspector (0.0.2) debugger-linecache (1.2.0) descendants_tracker (0.0.4) @@ -113,7 +115,8 @@ GEM http (0.5.1) http_parser.rb http_parser.rb (0.6.0) - i18n (0.7.0) + i18n (0.9.5) + concurrent-ruby (~> 1.0) jbuilder (2.2.8) activesupport (>= 3.0.0, < 5) multi_json (~> 1.2) @@ -121,14 +124,15 @@ GEM rails-dom-testing (~> 1.0) railties (>= 4.2.0) thor (>= 0.14, < 2.0) - jquery-ui-rails (5.0.3) + jquery-ui-rails (6.0.1) railties (>= 3.2.16) - json (1.8.2) + json (1.8.6) jwt (1.3.0) listen (3.0.3) rb-fsevent (>= 0.9.3) rb-inotify (>= 0.9) - loofah (2.0.1) + loofah (2.2.3) + crass (~> 1.0.2) nokogiri (>= 1.5.9) lumberjack (1.0.9) mail (2.6.3) @@ -137,14 +141,14 @@ GEM thread_safe (~> 0.3, >= 0.3.1) method_source (0.8.2) mime-types (2.4.3) - mini_portile (0.6.2) - minitest (5.5.1) + mini_portile2 (2.4.0) + minitest (5.11.3) multi_json (1.10.1) multi_xml (0.5.5) multipart-post (2.0.0) nenv (0.2.0) - nokogiri (1.6.6.2) - mini_portile (~> 0.6.0) + nokogiri (1.10.3) + mini_portile2 (~> 2.4.0) notiffany (0.0.7) nenv (~> 0.1) shellany (~> 0.0) @@ -180,7 +184,7 @@ GEM pry (>= 0.9.10) quoth (0.0.1) nokogiri - rack (1.6.0) + rack (1.6.11) rack-livereload (0.3.16) rack rack-test (0.6.3) @@ -198,12 +202,12 @@ GEM sprockets-rails rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.5) - activesupport (>= 4.2.0.beta, < 5.0) - nokogiri (~> 1.6.0) + rails-dom-testing (1.0.9) + activesupport (>= 4.2.0, < 5.0) + nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.0.1) - loofah (~> 2.0) + rails-html-sanitizer (1.0.4) + loofah (~> 2.2, >= 2.2.2) rails_12factor (0.0.3) rails_serve_static_assets rails_stdout_logging @@ -214,7 +218,7 @@ GEM activesupport (= 4.2.0) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rake (10.4.2) + rake (12.3.2) rb-fsevent (0.9.5) rb-inotify (0.9.5) ffi (>= 0.5.0) @@ -243,8 +247,8 @@ GEM actionpack (>= 3.0) activesupport (>= 3.0) sprockets (>= 2.8, < 4.0) - thor (0.19.1) - thread_safe (0.3.4) + thor (0.20.3) + thread_safe (0.3.6) tilt (1.4.1) turbolinks (2.5.3) coffee-rails @@ -259,7 +263,7 @@ GEM json (~> 1.8) memoizable (~> 0.4.0) simple_oauth (~> 0.2.0) - tzinfo (1.2.2) + tzinfo (1.2.5) thread_safe (~> 0.1) uglifier (2.7.0) execjs (>= 0.3.0) @@ -290,7 +294,7 @@ DEPENDENCIES highstocks-rails jbuilder (~> 2.0) jquery-rails - jquery-ui-rails + jquery-ui-rails (>= 6.0.0) omniauth omniauth-facebook omniauth-twitter (~> 1.1.0) @@ -310,4 +314,4 @@ DEPENDENCIES wikiquote BUNDLED WITH - 1.11.0 + 1.17.2