From b481a6e6ea47541de11dc5371b29d2016589cf82 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 3 Oct 2025 09:50:58 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-13052974 - https://snyk.io/vuln/SNYK-RUBY-REXML-13110060 --- Gemfile | 62 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/Gemfile b/Gemfile index 9d247a50907..b0bbc6a46d3 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source "https://rubygems.org" -gem "rails", "6.0.5.1" +gem "rails", "6.0.6" gem "acts-as-taggable-on", "~> 9.0.1" gem "acts_as_votable", "~> 0.13.2" @@ -11,35 +11,35 @@ gem "audited", "~> 5.0.2" gem "autoprefixer-rails", "~> 8.2.0" gem "cancancan", "~> 3.4.0" gem "caxlsx", "~> 3.2.0" -gem "caxlsx_rails", "~> 0.6.3" +gem "caxlsx_rails", "~> 0.6.4" gem "ckeditor", "~> 4.3.0" gem "cocoon", "~> 1.2.15" gem "daemons", "~> 1.4.1" gem "dalli", "~> 2.7.11" gem "delayed_job_active_record", "~> 4.1.7" -gem "devise", "~> 4.8.1" -gem "devise-security", "~> 0.16.0" +gem "devise", "~> 4.9.0" +gem "devise-security", "~> 0.17.0" gem "file_validators", "~> 3.0.0" gem "font-awesome-sass", "~> 5.15.1" # Remember to update vendor/assets/images/fontawesome when updating this gem -gem "foundation-rails", "~> 6.6.2.0" +gem "foundation-rails", "~> 6.9.0.0" gem "foundation_rails_helper", "~> 4.0.1" -gem "globalize", "~> 6.2.1" +gem "globalize", "~> 6.3.0" gem "globalize-accessors", "~> 0.3.0" -gem "graphiql-rails", "~> 1.8.0" +gem "graphiql-rails", "~> 1.9.0" gem "graphql", "~> 1.12.14" gem "groupdate", "~> 6.1.0" gem "image_processing", "~> 1.12.2" gem "initialjs-rails", "~> 0.2.0.9" -gem "invisible_captcha", "~> 2.0.0" +gem "invisible_captcha", "~> 2.1.0" gem "jquery-fileupload-rails" -gem "jquery-rails", "~> 4.5.0" -gem "jquery-ui-rails", "~> 6.0.1" +gem "jquery-rails", "~> 4.5.1" +gem "jquery-ui-rails", "~> 7.0.0" gem "kaminari", "~> 1.2.2" gem "mini_magick", "~> 4.11.0" -gem "omniauth", "~> 2.1.0" -gem "omniauth-facebook", "~> 9.0.0" -gem "omniauth-google-oauth2", "~> 1.0.1" -gem "omniauth-rails_csrf_protection", "~> 1.0.1" +gem "omniauth", "~> 2.1.1" +gem "omniauth-facebook", "~> 10.0.0" +gem "omniauth-google-oauth2", "~> 1.1.0" +gem "omniauth-rails_csrf_protection", "~> 1.0.2" gem "omniauth-twitter", "~> 1.4.0" gem "paranoia", "~> 2.6.0" gem "pg", "~> 1.4.3" @@ -47,13 +47,13 @@ gem "pg_search", "~> 2.3.6" gem "puma", "~> 4.3.12" gem "recipient_interceptor", "~> 0.3.1" gem "redcarpet", "~> 3.5.1" -gem "responders", "~> 3.0.1" +gem "responders", "~> 3.1.0" gem "rinku", "~> 2.0.6", require: "rails_rinku" gem "sassc-rails", "~> 2.1.2" -gem "savon", "~> 2.13.0" +gem "savon", "~> 2.13.1" gem "sitemap_generator", "~> 6.3.0" gem "social-share-button", "~> 1.2.4" -gem "sprockets", "~> 4.1.1" +gem "sprockets", "~> 4.2.0" gem "translator-text", "~> 0.1.0" gem "turbolinks", "~> 5.2.1" gem "turnout", "~> 2.5.0" @@ -72,22 +72,22 @@ end group :development, :test do gem "bullet", "~> 7.0.3" gem "byebug", "~> 11.1.3" - gem "factory_bot_rails", "~> 6.2.0" + gem "factory_bot_rails", "~> 6.3.0" gem "faker", "~> 2.22.0" - gem "i18n-tasks", "~> 0.9.37" + gem "i18n-tasks", "~> 1.0.0" gem "knapsack_pro", "~> 3.3.1" gem "launchy", "~> 2.5.0" - gem "letter_opener_web", "~> 2.0.0" + gem "letter_opener_web", "~> 3.0.0" gem "spring", "~> 2.1.1" gem "spring-commands-rspec", "~> 1.0.4" end group :test do - gem "capybara", "~> 3.37.1" - gem "capybara-webmock", "~> 0.6.0" + gem "capybara", "~> 3.38.0" + gem "capybara-webmock", "~> 0.7.0" gem "coveralls", "~> 0.8.23", require: false gem "email_spec", "~> 2.2.0" - gem "rspec-rails", "~> 5.1.2" + gem "rspec-rails", "~> 6.0.0" gem "selenium-webdriver", "~> 3.142" gem "webdrivers", "~> 4.7.0" end @@ -98,21 +98,21 @@ group :development do gem "capistrano-rails", "~> 1.6.2", require: false gem "capistrano3-delayed-job", "~> 1.7.6" gem "capistrano3-puma", "~> 5.2.0" - gem "erb_lint", "~> 0.0.37", require: false + gem "erb_lint", "~> 0.1.0", require: false gem "github_changelog_generator", "~> 1.15.2" gem "mdl", "~> 0.11.0", require: false gem "pronto", "~> 0.11.0", require: false - gem "pronto-erb_lint", "~> 0.1.5", require: false + gem "pronto-erb_lint", "~> 0.1.6", require: false gem "pronto-eslint", "~> 0.11.0", require: false - gem "pronto-rubocop", "~> 0.11.2", require: false + gem "pronto-rubocop", "~> 0.11.3", require: false gem "pronto-scss", "~> 0.11.0", require: false - gem "rubocop", "~> 1.35.1", require: false - gem "rubocop-performance", "~> 1.11.4", require: false - gem "rubocop-rails", "~> 2.15.2", require: false - gem "rubocop-rspec", "~> 2.4.0", require: false + gem "rubocop", "~> 1.66.0", require: false + gem "rubocop-performance", "~> 1.11.5", require: false + gem "rubocop-rails", "~> 2.16.0", require: false + gem "rubocop-rspec", "~> 2.5.0", require: false gem "rvm1-capistrano3", "~> 1.4.0", require: false gem "scss_lint", "~> 0.59.0", require: false - gem "web-console", "~> 4.2.0" + gem "web-console", "~> 4.2.1" end eval_gemfile "./Gemfile_custom"