From 13f91128edab7213660178dd06f2574ebd06b36c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 23 Aug 2024 07:29:22 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-7814166 --- Gemfile | 6 ++--- Gemfile.lock | 70 ++++++++++++++++++++++++++-------------------------- 2 files changed, 38 insertions(+), 38 deletions(-) diff --git a/Gemfile b/Gemfile index ee7f04e79..27e190d74 100644 --- a/Gemfile +++ b/Gemfile @@ -1,5 +1,5 @@ source "https://rubygems.org" -gem "jekyll", "~> 4.1.1" +gem "jekyll", "~> 4.2.0" gem "minima", "~> 2.0" # If you want to use GitHub Pages, remove the "gem "jekyll"" above and @@ -8,9 +8,9 @@ gem "minima", "~> 2.0" # If you have any plugins, put them here! group :jekyll_plugins do - gem 'jekyll-octicons', '~> 10.0' + gem 'jekyll-octicons', '~> 10.1', '>= 10.1.0' gem 'jekyll-seo-tag' - gem "jekyll-feed", "~> 0.15.0" + gem "jekyll-feed", "~> 0.15.1" end # Windows does not include zoneinfo files, so bundle the tzinfo-data gem diff --git a/Gemfile.lock b/Gemfile.lock index a410a8177..b4a441567 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,92 +1,92 @@ GEM remote: https://rubygems.org/ specs: - addressable (2.8.1) - public_suffix (>= 2.0.2, < 6.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) colorator (1.1.0) - concurrent-ruby (1.1.10) - em-websocket (0.5.1) + concurrent-ruby (1.3.4) + em-websocket (0.5.3) eventmachine (>= 0.12.9) - http_parser.rb (~> 0.6.0) + http_parser.rb (~> 0) eventmachine (1.2.7) - ffi (1.13.1) + ffi (1.17.0) forwardable-extended (2.6.0) - http_parser.rb (0.6.0) - i18n (1.12.0) + http_parser.rb (0.8.0) + i18n (1.14.5) concurrent-ruby (~> 1.0) - jekyll (4.1.1) + jekyll (4.2.2) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) i18n (~> 1.0) jekyll-sass-converter (~> 2.0) jekyll-watch (~> 2.0) - kramdown (~> 2.1) + kramdown (~> 2.3) kramdown-parser-gfm (~> 1.0) liquid (~> 4.0) mercenary (~> 0.4.0) pathutil (~> 0.9) rouge (~> 3.0) safe_yaml (~> 1.0) - terminal-table (~> 1.8) - jekyll-feed (0.15.0) + terminal-table (~> 2.0) + jekyll-feed (0.15.1) jekyll (>= 3.7, < 5.0) - jekyll-octicons (10.0.0) + jekyll-octicons (10.1.0) jekyll (>= 3.6, < 5.0) - octicons (= 10.0.0) - jekyll-sass-converter (2.1.0) + octicons (= 10.1.0) + jekyll-sass-converter (2.2.0) sassc (> 2.0.1, < 3.0) jekyll-seo-tag (2.8.0) jekyll (>= 3.8, < 5.0) jekyll-watch (2.2.1) listen (~> 3.0) - kramdown (2.3.1) + kramdown (2.4.0) rexml kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) - liquid (4.0.3) - listen (3.7.1) + liquid (4.0.4) + listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.4.0) - mini_portile2 (2.8.1) + mini_portile2 (2.8.7) minima (2.5.1) jekyll (>= 3.5, < 5.0) jekyll-feed (~> 0.9) jekyll-seo-tag (~> 2.1) - nokogiri (1.14.3) - mini_portile2 (~> 2.8.0) + nokogiri (1.15.6) + mini_portile2 (~> 2.8.2) racc (~> 1.4) - octicons (10.0.0) + octicons (10.1.0) nokogiri (>= 1.6.3.1) pathutil (0.16.2) forwardable-extended (~> 2.6) - public_suffix (4.0.6) - racc (1.6.2) - rb-fsevent (0.10.4) - rb-inotify (0.10.1) + public_suffix (5.1.1) + racc (1.8.1) + rb-fsevent (0.11.2) + rb-inotify (0.11.1) ffi (~> 1.0) - rexml (3.2.8) - strscan (>= 3.0.9) - rouge (3.22.0) + rexml (3.3.6) + strscan + rouge (3.30.0) safe_yaml (1.0.5) sassc (2.4.0) ffi (~> 1.9) strscan (3.1.0) - terminal-table (1.8.0) + terminal-table (2.0.0) unicode-display_width (~> 1.1, >= 1.1.1) - unicode-display_width (1.7.0) + unicode-display_width (1.8.0) PLATFORMS ruby DEPENDENCIES - jekyll (~> 4.1.1) - jekyll-feed (~> 0.15.0) - jekyll-octicons (~> 10.0) + jekyll (~> 4.2.0) + jekyll-feed (~> 0.15.1) + jekyll-octicons (~> 10.1, >= 10.1.0) jekyll-seo-tag minima (~> 2.0) tzinfo-data BUNDLED WITH - 2.1.4 \ No newline at end of file + 2.1.4