fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274386 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274388 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 - https://snyk.io/vuln/SNYK-RUBY-YARD-6305193
quran · Apr 4, 2024 · 00c2466 · 00c2466
1 parent b6b44ba
commit 00c2466
Show file tree

Hide file tree

Showing 2 changed files with 172 additions and 164 deletions.
diff --git a/Gemfile b/Gemfile
@@ -5,7 +5,7 @@ ruby '3.1.0'
 
 git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
-gem 'rails', '~> 7.0.2', '>= 7.0.2.3'
+gem 'rails', '~> 7.0.8', '>= 7.0.8.1'
 
 # Use postgresql as the database for Active Record
 gem 'pg', '>= 0.18', '< 2.0'
@@ -34,7 +34,7 @@ gem 'pagy'
 gem 'oj'
 gem 'oj_mimic_json'
 
-gem 'rails-html-sanitizer', '>= 1.4.4'
+gem 'rails-html-sanitizer', '>= 1.5.0'
 
 # This is to run the rake task for importing in parallel
 # Will provide a progress bar as the import happens
@@ -44,7 +44,7 @@ gem 'parallel', require: false
 gem 'puma', '~> 4.3', '>= 4.3.12'
 
 # enable cors
-gem 'rack-cors'
+gem 'rack-cors', '>= 2.0.0'
 
 # compresses Rack responses using Google's Brotli compression algorithm
 gem 'rack-brotli'
@@ -57,15 +57,15 @@ gem 'sentry-raven', group: [:production]
 group :development, :test do
   gem 'pry-rails'
   gem 'apollo-tracing'
-  gem 'solargraph'
+  gem 'solargraph', '>= 0.45.0'
 end
 
 group :development do
   gem 'byebug', platform: :mri
   gem 'ruby-progressbar'
   gem 'benchmark-ips', require: false
   gem 'bullet'
-  gem 'derailed_benchmarks'
+  gem 'derailed_benchmarks', '>= 2.1.2'
 
   # run some pre commit hooks
   gem 'pre-commit', require: false
@@ -80,11 +80,11 @@ group :development do
 end
 
 group :test, :development do
-  gem 'rspec-rails', '= 5.0.2'
+  gem 'rspec-rails', '= 5.0.3'
   gem 'shoulda-matchers', '~> 5.1.0'
   gem 'simplecov', require: false
-  gem 'factory_bot_rails', '>= 6.2.0'
-  gem 'rubocop-rails_config', '>= 1.9.1'
+  gem 'factory_bot_rails', '>= 6.3.0'
+  gem 'rubocop-rails_config', '>= 1.9.2'
   gem 'rubocop-rspec', '>= 2.1.0'
   gem 'json-schema-rspec'
 end