From b6131c98ee50b62f73325778bc187a99de2c8dd1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 15 Feb 2025 20:48:56 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-8720151 --- Gemfile | 2 +- Gemfile.lock | 255 +++++++++++++++++++++++++-------------------------- 2 files changed, 124 insertions(+), 133 deletions(-) diff --git a/Gemfile b/Gemfile index 5e1127e..88494b3 100644 --- a/Gemfile +++ b/Gemfile @@ -3,4 +3,4 @@ source 'https://rubygems.org/' #ruby-gemset=gui ruby ">= 2.1.4" -gem 'activeadmin', '0.5.1' +gem 'activeadmin', '2.0.0' diff --git a/Gemfile.lock b/Gemfile.lock index ace1c90..b653394 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,157 +1,148 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (3.2.22.5) - actionpack (= 3.2.22.5) - mail (~> 2.5.4) - actionpack (3.2.22.5) - activemodel (= 3.2.22.5) - activesupport (= 3.2.22.5) - builder (~> 3.0.0) - erubis (~> 2.7.0) - journey (~> 1.0.4) - rack (~> 1.4.5) - rack-cache (~> 1.2) - rack-test (~> 0.6.1) - sprockets (~> 2.2.1) - activeadmin (0.5.1) - arbre (>= 1.0.1) - bourbon (>= 1.0.0) - devise (>= 1.1.2) - fastercsv - formtastic (>= 2.0.0) - inherited_resources (>= 1.3.1) - jquery-rails (>= 1.0.0) - kaminari (>= 0.13.0) - meta_search (>= 0.9.2) - rails (>= 3.0.0) - sass (>= 3.1.0) - activemodel (3.2.22.5) - activesupport (= 3.2.22.5) - builder (~> 3.0.0) - activerecord (3.2.22.5) - activemodel (= 3.2.22.5) - activesupport (= 3.2.22.5) - arel (~> 3.0.2) - tzinfo (~> 0.3.29) - activeresource (3.2.22.5) - activemodel (= 3.2.22.5) - activesupport (= 3.2.22.5) - activesupport (3.2.22.5) - i18n (~> 0.6, >= 0.6.4) - multi_json (~> 1.0) - arbre (1.1.1) - activesupport (>= 3.0.0) - arel (3.0.3) - bcrypt (3.1.12) - bourbon (5.0.1) + actionpack (5.2.8.1) + actionview (= 5.2.8.1) + activesupport (= 5.2.8.1) + rack (~> 2.0, >= 2.0.8) + rack-test (>= 0.6.3) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.0.2) + actionview (5.2.8.1) + activesupport (= 5.2.8.1) + builder (~> 3.1) + erubi (~> 1.4) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.0.3) + activeadmin (2.0.0) + arbre (~> 1.2, >= 1.2.1) + formtastic (~> 3.1) + formtastic_i18n (~> 0.4) + inherited_resources (~> 1.7) + jquery-rails (~> 4.2) + kaminari (~> 1.0, >= 1.0.1) + railties (>= 5.0, < 6.0) + ransack (~> 2.1, >= 2.1.1) sass (~> 3.4) - thor (~> 0.19) - builder (3.0.4) - concurrent-ruby (1.0.5) - devise (3.5.10) - bcrypt (~> 3.0) - orm_adapter (~> 0.1) - railties (>= 3.2.6, < 5) - responders - thread_safe (~> 0.1) - warden (~> 1.2.3) - erubis (2.7.0) - fastercsv (1.5.5) - ffi (1.9.25) + sprockets (>= 3.0, < 4.1) + sprockets-es6 (~> 0.9, >= 0.9.2) + activemodel (5.2.8.1) + activesupport (= 5.2.8.1) + activerecord (5.2.8.1) + activemodel (= 5.2.8.1) + activesupport (= 5.2.8.1) + arel (>= 9.0) + activesupport (5.2.8.1) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 0.7, < 2) + minitest (~> 5.1) + tzinfo (~> 1.1) + arbre (1.7.0) + activesupport (>= 3.0.0) + ruby2_keywords (>= 0.0.2) + arel (9.0.0) + babel-source (5.8.35) + babel-transpiler (0.7.0) + babel-source (>= 4.0, < 6) + execjs (~> 2.0) + builder (3.3.0) + concurrent-ruby (1.3.5) + crass (1.0.6) + erubi (1.13.1) + execjs (2.10.0) + ffi (1.17.1) formtastic (3.1.5) actionpack (>= 3.2.13) - has_scope (0.6.0) - actionpack (>= 3.2, < 5) - activesupport (>= 3.2, < 5) - hike (1.2.3) - i18n (0.9.5) + formtastic_i18n (0.7.0) + has_scope (0.8.2) + actionpack (>= 5.2) + activesupport (>= 5.2) + i18n (1.14.7) concurrent-ruby (~> 1.0) - inherited_resources (1.7.2) - actionpack (>= 3.2, < 5.2.x) + inherited_resources (1.13.1) + actionpack (>= 5.2, < 7.1) has_scope (~> 0.6) - railties (>= 3.2, < 5.2.x) - responders - journey (1.0.4) - jquery-rails (3.1.5) - railties (>= 3.0, < 5.0) + railties (>= 5.2, < 7.1) + responders (>= 2, < 4) + jquery-rails (4.6.0) + rails-dom-testing (>= 1, < 3) + railties (>= 4.2.0) thor (>= 0.14, < 2.0) - json (1.8.6) - kaminari (0.17.0) - actionpack (>= 3.0.0) - activesupport (>= 3.0.0) - mail (2.5.5) - mime-types (~> 1.16) - treetop (~> 1.4.8) - meta_search (1.1.3) - actionpack (~> 3.1) - activerecord (~> 3.1) - activesupport (~> 3.1) - polyamorous (~> 0.5.0) - mime-types (1.25.1) - multi_json (1.13.1) - orm_adapter (0.5.0) - polyamorous (0.5.0) - activerecord (~> 3.0) - polyglot (0.3.5) - rack (1.4.7) - rack-cache (1.8.0) - rack (>= 0.4) - rack-ssl (1.3.4) - rack - rack-test (0.6.3) - rack (>= 1.0) - rails (3.2.22.5) - actionmailer (= 3.2.22.5) - actionpack (= 3.2.22.5) - activerecord (= 3.2.22.5) - activeresource (= 3.2.22.5) - activesupport (= 3.2.22.5) - bundler (~> 1.0) - railties (= 3.2.22.5) - railties (3.2.22.5) - actionpack (= 3.2.22.5) - activesupport (= 3.2.22.5) - rack-ssl (~> 1.3.2) + kaminari (1.2.2) + activesupport (>= 4.1.0) + kaminari-actionview (= 1.2.2) + kaminari-activerecord (= 1.2.2) + kaminari-core (= 1.2.2) + kaminari-actionview (1.2.2) + actionview + kaminari-core (= 1.2.2) + kaminari-activerecord (1.2.2) + activerecord + kaminari-core (= 1.2.2) + kaminari-core (1.2.2) + loofah (2.24.0) + crass (~> 1.0.2) + nokogiri (>= 1.12.0) + method_source (1.1.0) + mini_portile2 (2.8.8) + minitest (5.25.4) + nokogiri (1.15.7) + mini_portile2 (~> 2.8.2) + racc (~> 1.4) + racc (1.8.1) + rack (2.2.11) + rack-test (2.2.0) + rack (>= 1.3) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest + nokogiri (>= 1.6) + rails-html-sanitizer (1.6.2) + loofah (~> 2.21) + nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) + railties (5.2.8.1) + actionpack (= 5.2.8.1) + activesupport (= 5.2.8.1) + method_source rake (>= 0.8.7) - rdoc (~> 3.4) - thor (>= 0.14.6, < 2.0) - rake (12.3.1) - rb-fsevent (0.10.3) - rb-inotify (0.9.10) - ffi (>= 0.5.0, < 2) - rdoc (3.12.2) - json (~> 1.4) - responders (1.1.2) - railties (>= 3.2, < 4.2) - sass (3.5.6) + thor (>= 0.19.0, < 2.0) + rake (13.2.1) + ransack (2.5.0) + activerecord (>= 5.2.4) + activesupport (>= 5.2.4) + i18n + rb-fsevent (0.11.2) + rb-inotify (0.11.1) + ffi (~> 1.0) + responders (3.1.1) + actionpack (>= 5.2) + railties (>= 5.2) + ruby2_keywords (0.0.5) + sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - sprockets (2.2.3) - hike (~> 1.2) - multi_json (~> 1.0) - rack (~> 1.0) - tilt (~> 1.1, != 1.3.0) - thor (0.20.0) + sprockets (4.0.3) + concurrent-ruby (~> 1.0) + rack (> 1, < 3) + sprockets-es6 (0.9.2) + babel-source (>= 5.8.11) + babel-transpiler + sprockets (>= 3.0.0) + thor (1.3.2) thread_safe (0.3.6) - tilt (1.4.1) - treetop (1.4.15) - polyglot - polyglot (>= 0.3.1) - tzinfo (0.3.54) - warden (1.2.7) - rack (>= 1.0) + tzinfo (1.2.11) + thread_safe (~> 0.1) PLATFORMS ruby DEPENDENCIES - activeadmin (= 0.5.1) + activeadmin (= 2.0.0) RUBY VERSION ruby 2.1.4p265 BUNDLED WITH - 1.16.2 + 1.17.3