From ee5a2097fb2646d4550094219113e14a91153e9a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 15 Mar 2023 08:56:08 -0700 Subject: [PATCH 1/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 9c57c15..9e89d9e 100644 --- a/Gemfile +++ b/Gemfile @@ -9,7 +9,7 @@ gem 'dm-sqlite-adapter' gem 'bcrypt' gem 'authy' gem 'http-cookie' -gem 'activesupport' +gem 'activesupport', '>= 6.1.7.3' gem 'dotenv' group :test, :development do From 91ec47d23945aaa46d7d58dff18f254f65a71529 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 15 Mar 2023 08:56:08 -0700 Subject: [PATCH 2/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 --- Gemfile.lock | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 953b676..716f89f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,11 +1,11 @@ GEM remote: https://rubygems.org/ specs: - activesupport (5.1.5) + activesupport (7.0.4.3) concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (~> 0.7) - minitest (~> 5.1) - tzinfo (~> 1.1) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) authy (2.7.2) @@ -13,7 +13,7 @@ GEM bcrypt (3.1.11) bcrypt-ruby (3.1.5) bcrypt (>= 3.1.3) - concurrent-ruby (1.0.5) + concurrent-ruby (1.2.2) data_mapper (1.2.0) dm-aggregates (~> 1.2.0) dm-constraints (~> 1.2.0) @@ -74,11 +74,11 @@ GEM http-cookie (1.0.3) domain_name (~> 0.5) httpclient (2.8.3) - i18n (0.9.5) + i18n (1.12.0) concurrent-ruby (~> 1.0) json (1.8.6) json_pure (1.8.6) - minitest (5.11.3) + minitest (5.18.0) multi_json (1.13.1) public_suffix (3.0.2) rack (1.6.9) @@ -107,10 +107,9 @@ GEM sqlite3 (1.3.13) stringex (1.5.1) temple (0.8.0) - thread_safe (0.3.6) tilt (2.0.8) - tzinfo (1.2.5) - thread_safe (~> 0.1) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) unf (0.1.4) unf_ext unf_ext (0.0.7.5) @@ -120,7 +119,7 @@ PLATFORMS ruby DEPENDENCIES - activesupport + activesupport (>= 6.1.7.3) authy bcrypt data_mapper @@ -137,4 +136,4 @@ DEPENDENCIES sqlite3 BUNDLED WITH - 1.16.1 + 1.17.3