From fccef1f9b4b5a8b7fcc17a04a835f023f290aaf8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 11 Oct 2023 16:35:23 +0000 Subject: [PATCH 1/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 --- Gemfile | 2 +- Gemfile.lock | 11 +++++++---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index 0bd715c0..ce759f53 100644 --- a/Gemfile +++ b/Gemfile @@ -87,7 +87,7 @@ group :test do end group :production do - gem 'lograge', '~> 0.13.0' + gem 'lograge', '~> 0.14.0' gem 'remote_syslog_logger' end diff --git a/Gemfile.lock b/Gemfile.lock index e6a36cba..38c34cae 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -215,12 +215,12 @@ GEM rake (~> 13.0) lodash-rails (4.17.21) railties (>= 3.1) - lograge (0.13.0) + lograge (0.14.0) actionpack (>= 4) activesupport (>= 4) railties (>= 4) request_store (~> 1.0) - loofah (2.21.3) + loofah (2.21.4) crass (~> 1.0.2) nokogiri (>= 1.12.0) mail (2.8.1) @@ -423,7 +423,7 @@ GEM websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.11) + zeitwerk (2.6.12) PLATFORMS ruby @@ -448,7 +448,7 @@ DEPENDENCIES jwt (~> 2.2.2) listen (~> 3.0.5) lodash-rails - lograge (~> 0.13.0) + lograge (~> 0.14.0) minitest-stub_any_instance oauth (~> 0.5.1) oauthenticator (~> 1.4, >= 1.4.1) @@ -474,3 +474,6 @@ DEPENDENCIES tzinfo-data web-console (>= 4.2.1) webmock + +BUNDLED WITH + 2.1.4 From 796cd54f18580c26fef7821c15cc25ef4c01586e Mon Sep 17 00:00:00 2001 From: Jesus Federico Date: Fri, 24 Nov 2023 13:21:10 -0500 Subject: [PATCH 2/2] Update Gemfile.lock --- Gemfile.lock | 3 --- 1 file changed, 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 38c34cae..f10c05c3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -474,6 +474,3 @@ DEPENDENCIES tzinfo-data web-console (>= 4.2.1) webmock - -BUNDLED WITH - 2.1.4