From 552651737a74810a6da48984af3498429d0f82f6 Mon Sep 17 00:00:00 2001 From: Javier Julio Date: Tue, 3 Dec 2024 10:47:17 -0500 Subject: [PATCH] Update outdated dependencies This resolves many rails-html-sanitizer security reports --- Gemfile.lock | 63 ++++++++++++++++++---------------- gemfiles/rails_70/Gemfile.lock | 10 +++--- gemfiles/rails_71/Gemfile.lock | 29 ++++++++-------- gemfiles/rails_72/Gemfile.lock | 43 +++++++++++------------ 4 files changed, 75 insertions(+), 70 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 292bb49..4b241da 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -102,7 +102,7 @@ GEM concurrent-ruby (1.3.4) connection_pool (2.4.1) crass (1.0.6) - date (3.4.0) + date (3.4.1) diff-lcs (1.5.1) docile (1.4.1) drb (2.2.1) @@ -111,13 +111,13 @@ GEM activesupport (>= 6.1) i18n (1.14.6) concurrent-ruby (~> 1.0) - io-console (0.7.2) + io-console (0.8.0) irb (1.14.1) rdoc (>= 4.0.0) reline (>= 0.4.2) - json (2.8.1) + json (2.9.0) language_server-protocol (3.17.0.3) - logger (1.6.1) + logger (1.6.2) loofah (2.23.1) crass (~> 1.0.2) nokogiri (>= 1.12.0) @@ -130,8 +130,8 @@ GEM matrix (0.4.2) method_source (1.1.0) mini_mime (1.1.5) - mini_portile2 (2.8.7) - minitest (5.25.1) + mini_portile2 (2.8.8) + minitest (5.25.2) net-imap (0.5.1) date net-protocol @@ -142,25 +142,26 @@ GEM net-smtp (0.5.0) net-protocol nio4r (2.7.4) - nokogiri (1.16.7) + nokogiri (1.16.8) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.16.7-aarch64-linux) + nokogiri (1.16.8-aarch64-linux) racc (~> 1.4) - nokogiri (1.16.7-arm64-darwin) + nokogiri (1.16.8-arm64-darwin) racc (~> 1.4) - nokogiri (1.16.7-x86_64-darwin) + nokogiri (1.16.8-x86_64-darwin) racc (~> 1.4) - nokogiri (1.16.7-x86_64-linux) + nokogiri (1.16.8-x86_64-linux) racc (~> 1.4) parallel (1.26.3) parser (3.3.6.0) ast (~> 2.4.1) racc - pry (0.14.2) + pry (0.15.0) coderay (~> 1.1) method_source (~> 1.0) - psych (5.2.0) + psych (5.2.1) + date stringio public_suffix (6.0.1) racc (1.8.1) @@ -169,7 +170,7 @@ GEM rack (>= 3.0.0) rack-test (2.1.0) rack (>= 1.3) - rackup (2.2.0) + rackup (2.2.1) rack (>= 3) rails (8.0.0) actioncable (= 8.0.0) @@ -189,9 +190,9 @@ GEM activesupport (>= 5.0.0) minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.6.0) + rails-html-sanitizer (1.6.1) loofah (~> 2.21) - nokogiri (~> 1.14) + nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) railties (8.0.0) actionpack (= 8.0.0) activesupport (= 8.0.0) @@ -202,10 +203,10 @@ GEM zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.2.1) - rdoc (6.7.0) + rdoc (6.8.1) psych (>= 4.0.0) - regexp_parser (2.9.2) - reline (0.5.11) + regexp_parser (2.9.3) + reline (0.5.12) io-console (~> 0.5) rexml (3.3.9) rspec (3.13.0) @@ -228,30 +229,30 @@ GEM rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) - rspec-support (3.13.1) - rubocop (1.68.0) + rspec-support (3.13.2) + rubocop (1.69.1) json (~> 2.3) language_server-protocol (>= 3.17.0) parallel (~> 1.10) parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 2.4, < 3.0) - rubocop-ast (>= 1.32.2, < 2.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.36.2, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.34.1) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.36.2) parser (>= 3.3.1.0) rubocop-capybara (2.21.0) rubocop (~> 1.41) rubocop-packaging (0.5.2) rubocop (>= 1.33, < 2.0) - rubocop-performance (1.22.1) + rubocop-performance (1.23.0) rubocop (>= 1.48.1, < 2.0) rubocop-ast (>= 1.31.1, < 2.0) rubocop-rspec (3.2.0) rubocop (~> 1.61) ruby-progressbar (1.13.0) - securerandom (0.3.1) + securerandom (0.4.0) simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) @@ -266,8 +267,10 @@ GEM timeout (0.4.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.6.0) - uri (1.0.1) + unicode-display_width (3.1.2) + unicode-emoji (~> 4.0, >= 4.0.4) + unicode-emoji (4.0.4) + uri (1.0.2) useragent (0.16.10) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) @@ -301,4 +304,4 @@ DEPENDENCIES simplecov-cobertura BUNDLED WITH - 2.5.23 + 2.5.22 diff --git a/gemfiles/rails_70/Gemfile.lock b/gemfiles/rails_70/Gemfile.lock index 17134ee..29706cb 100644 --- a/gemfiles/rails_70/Gemfile.lock +++ b/gemfiles/rails_70/Gemfile.lock @@ -91,7 +91,7 @@ GEM thor (>= 0.14.6) concurrent-ruby (1.3.4) crass (1.0.6) - date (3.4.0) + date (3.4.1) diff-lcs (1.5.1) docile (1.4.1) erubi (1.13.0) @@ -112,7 +112,7 @@ GEM method_source (1.1.0) mini_mime (1.1.5) mini_portile2 (2.8.8) - minitest (5.25.1) + minitest (5.25.2) net-imap (0.5.1) date net-protocol @@ -171,7 +171,7 @@ GEM thor (~> 1.0) zeitwerk (~> 2.5) rake (13.2.1) - regexp_parser (2.9.2) + regexp_parser (2.9.3) rexml (3.3.9) rspec (3.13.0) rspec-core (~> 3.13.0) @@ -193,7 +193,7 @@ GEM rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) - rspec-support (3.13.1) + rspec-support (3.13.2) simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) @@ -235,4 +235,4 @@ DEPENDENCIES zeitwerk (~> 2.6.18) BUNDLED WITH - 2.5.23 + 2.5.22 diff --git a/gemfiles/rails_71/Gemfile.lock b/gemfiles/rails_71/Gemfile.lock index 82aad94..52c29d9 100644 --- a/gemfiles/rails_71/Gemfile.lock +++ b/gemfiles/rails_71/Gemfile.lock @@ -107,7 +107,7 @@ GEM concurrent-ruby (1.3.4) connection_pool (2.4.1) crass (1.0.6) - date (3.4.0) + date (3.4.1) diff-lcs (1.5.1) docile (1.4.1) drb (2.2.1) @@ -116,11 +116,11 @@ GEM activesupport (>= 6.1) i18n (1.14.6) concurrent-ruby (~> 1.0) - io-console (0.7.2) + io-console (0.8.0) irb (1.14.1) rdoc (>= 4.0.0) reline (>= 0.4.2) - logger (1.6.1) + logger (1.6.2) loofah (2.23.1) crass (~> 1.0.2) nokogiri (>= 1.12.0) @@ -134,8 +134,8 @@ GEM method_source (1.1.0) mini_mime (1.1.5) mini_portile2 (2.8.8) - minitest (5.25.1) - mutex_m (0.2.0) + minitest (5.25.2) + mutex_m (0.3.0) net-imap (0.5.1) date net-protocol @@ -157,10 +157,11 @@ GEM racc (~> 1.4) nokogiri (1.16.8-x86_64-linux) racc (~> 1.4) - pry (0.14.2) + pry (0.15.0) coderay (~> 1.1) method_source (~> 1.0) - psych (5.2.0) + psych (5.2.1) + date stringio public_suffix (6.0.1) racc (1.8.1) @@ -169,7 +170,7 @@ GEM rack (>= 3.0.0) rack-test (2.1.0) rack (>= 1.3) - rackup (2.2.0) + rackup (2.2.1) rack (>= 3) rails (7.1.5) actioncable (= 7.1.5) @@ -201,10 +202,10 @@ GEM thor (~> 1.0, >= 1.2.2) zeitwerk (~> 2.6) rake (13.2.1) - rdoc (6.7.0) + rdoc (6.8.1) psych (>= 4.0.0) - regexp_parser (2.9.2) - reline (0.5.11) + regexp_parser (2.9.3) + reline (0.5.12) io-console (~> 0.5) rexml (3.3.9) rspec (3.13.0) @@ -227,8 +228,8 @@ GEM rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) - rspec-support (3.13.1) - securerandom (0.3.1) + rspec-support (3.13.2) + securerandom (0.4.0) simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) @@ -271,4 +272,4 @@ DEPENDENCIES zeitwerk (~> 2.6.18) BUNDLED WITH - 2.5.23 + 2.5.22 diff --git a/gemfiles/rails_72/Gemfile.lock b/gemfiles/rails_72/Gemfile.lock index 28ebcc8..e040f3a 100644 --- a/gemfiles/rails_72/Gemfile.lock +++ b/gemfiles/rails_72/Gemfile.lock @@ -101,7 +101,7 @@ GEM concurrent-ruby (1.3.4) connection_pool (2.4.1) crass (1.0.6) - date (3.4.0) + date (3.4.1) diff-lcs (1.5.1) docile (1.4.1) drb (2.2.1) @@ -110,11 +110,11 @@ GEM activesupport (>= 6.1) i18n (1.14.6) concurrent-ruby (~> 1.0) - io-console (0.7.2) + io-console (0.8.0) irb (1.14.1) rdoc (>= 4.0.0) reline (>= 0.4.2) - logger (1.6.1) + logger (1.6.2) loofah (2.23.1) crass (~> 1.0.2) nokogiri (>= 1.12.0) @@ -127,8 +127,8 @@ GEM matrix (0.4.2) method_source (1.1.0) mini_mime (1.1.5) - mini_portile2 (2.8.7) - minitest (5.25.1) + mini_portile2 (2.8.8) + minitest (5.25.2) net-imap (0.5.1) date net-protocol @@ -139,21 +139,22 @@ GEM net-smtp (0.5.0) net-protocol nio4r (2.7.4) - nokogiri (1.16.7) + nokogiri (1.16.8) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.16.7-aarch64-linux) + nokogiri (1.16.8-aarch64-linux) racc (~> 1.4) - nokogiri (1.16.7-arm64-darwin) + nokogiri (1.16.8-arm64-darwin) racc (~> 1.4) - nokogiri (1.16.7-x86_64-darwin) + nokogiri (1.16.8-x86_64-darwin) racc (~> 1.4) - nokogiri (1.16.7-x86_64-linux) + nokogiri (1.16.8-x86_64-linux) racc (~> 1.4) - pry (0.14.2) + pry (0.15.0) coderay (~> 1.1) method_source (~> 1.0) - psych (5.2.0) + psych (5.2.1) + date stringio public_suffix (6.0.1) racc (1.8.1) @@ -162,7 +163,7 @@ GEM rack (>= 3.0.0) rack-test (2.1.0) rack (>= 1.3) - rackup (2.2.0) + rackup (2.2.1) rack (>= 3) rails (7.2.2) actioncable (= 7.2.2) @@ -182,9 +183,9 @@ GEM activesupport (>= 5.0.0) minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.6.0) + rails-html-sanitizer (1.6.1) loofah (~> 2.21) - nokogiri (~> 1.14) + nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) railties (7.2.2) actionpack (= 7.2.2) activesupport (= 7.2.2) @@ -194,10 +195,10 @@ GEM thor (~> 1.0, >= 1.2.2) zeitwerk (~> 2.6) rake (13.2.1) - rdoc (6.7.0) + rdoc (6.8.1) psych (>= 4.0.0) - regexp_parser (2.9.2) - reline (0.5.11) + regexp_parser (2.9.3) + reline (0.5.12) io-console (~> 0.5) rexml (3.3.9) rspec (3.13.0) @@ -220,8 +221,8 @@ GEM rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) - rspec-support (3.13.1) - securerandom (0.3.1) + rspec-support (3.13.2) + securerandom (0.4.0) simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) @@ -265,4 +266,4 @@ DEPENDENCIES zeitwerk (~> 2.6.18) BUNDLED WITH - 2.5.23 + 2.5.22