From 5a9c6f553d17023d0e333c847f3de781db092242 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Oct 2023 14:42:50 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ERUBIS-20482 - https://snyk.io/vuln/SNYK-RUBY-I18N-72582 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 --- Gemfile | 2 +- Gemfile.lock | 141 ++++++++++++++++++++++++++++++++++----------------- 2 files changed, 96 insertions(+), 47 deletions(-) diff --git a/Gemfile b/Gemfile index 8d77792..fc07867 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true # A sample Gemfile source "https://rubygems.org" -gem 'actionmailer', '3.2.14' +gem 'actionmailer', '7.1.0' diff --git a/Gemfile.lock b/Gemfile.lock index 6b3180b..8944c6b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,56 +1,105 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (3.2.14) - actionpack (= 3.2.14) - mail (~> 2.5.4) - actionpack (3.2.14) - activemodel (= 3.2.14) - activesupport (= 3.2.14) - builder (~> 3.0.0) - erubis (~> 2.7.0) - journey (~> 1.0.4) - rack (~> 1.4.5) - rack-cache (~> 1.2) - rack-test (~> 0.6.1) - sprockets (~> 2.2.1) - activemodel (3.2.14) - activesupport (= 3.2.14) - builder (~> 3.0.0) - activesupport (3.2.14) - i18n (~> 0.6, >= 0.6.4) - multi_json (~> 1.0) - builder (3.0.4) - erubis (2.7.0) - hike (1.2.3) - i18n (0.7.0) - journey (1.0.4) - mail (2.5.4) - mime-types (~> 1.16) - treetop (~> 1.4.8) - mime-types (1.25.1) - multi_json (1.12.1) - polyglot (0.3.5) - rack (1.4.7) - rack-cache (1.6.1) - rack (>= 0.4) - rack-test (0.6.3) - rack (>= 1.0) - sprockets (2.2.3) - hike (~> 1.2) - multi_json (~> 1.0) - rack (~> 1.0) - tilt (~> 1.1, != 1.3.0) - tilt (1.4.1) - treetop (1.4.15) - polyglot - polyglot (>= 0.3.1) + actionmailer (7.1.0) + actionpack (= 7.1.0) + actionview (= 7.1.0) + activejob (= 7.1.0) + activesupport (= 7.1.0) + mail (~> 2.5, >= 2.5.4) + net-imap + net-pop + net-smtp + rails-dom-testing (~> 2.2) + actionpack (7.1.0) + actionview (= 7.1.0) + activesupport (= 7.1.0) + nokogiri (>= 1.8.5) + rack (>= 2.2.4) + rack-session (>= 1.0.1) + rack-test (>= 0.6.3) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actionview (7.1.0) + activesupport (= 7.1.0) + builder (~> 3.1) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + activejob (7.1.0) + activesupport (= 7.1.0) + globalid (>= 0.3.6) + activesupport (7.1.0) + base64 + bigdecimal + concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb + i18n (>= 1.6, < 2) + minitest (>= 5.1) + mutex_m + tzinfo (~> 2.0) + base64 (0.1.1) + bigdecimal (3.1.4) + builder (3.2.4) + concurrent-ruby (1.2.2) + connection_pool (2.4.1) + crass (1.0.6) + date (3.3.3) + drb (2.1.1) + ruby2_keywords + erubi (1.12.0) + globalid (1.2.1) + activesupport (>= 6.1) + i18n (1.14.1) + concurrent-ruby (~> 1.0) + loofah (2.21.3) + crass (~> 1.0.2) + nokogiri (>= 1.12.0) + mail (2.8.1) + mini_mime (>= 0.1.1) + net-imap + net-pop + net-smtp + mini_mime (1.1.5) + mini_portile2 (2.8.4) + minitest (5.20.0) + mutex_m (0.1.2) + net-imap (0.4.0) + date + net-protocol + net-pop (0.1.2) + net-protocol + net-protocol (0.2.1) + timeout + net-smtp (0.4.0) + net-protocol + nokogiri (1.15.4) + mini_portile2 (~> 2.8.2) + racc (~> 1.4) + racc (1.7.1) + rack (3.0.8) + rack-session (2.0.0) + rack (>= 3.0.0) + rack-test (2.1.0) + rack (>= 1.3) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest + nokogiri (>= 1.6) + rails-html-sanitizer (1.6.0) + loofah (~> 2.21) + nokogiri (~> 1.14) + ruby2_keywords (0.0.5) + timeout (0.4.0) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) PLATFORMS ruby DEPENDENCIES - actionmailer (= 3.2.14) + actionmailer (= 7.1.0) BUNDLED WITH - 1.13.6 + 1.17.3