From 5f9cbe5783a58a801bfe5ae863e575837e1519cd Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 7 Jul 2021 22:55:15 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242
---
 Gemfile      | 12 ++++----
 Gemfile.lock | 84 ++++++++++++++++++++++++++++++++++++----------------
 2 files changed, 64 insertions(+), 32 deletions(-)

diff --git a/Gemfile b/Gemfile
index 2e5a35f..9b130e4 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,17 +1,17 @@
 source 'https://rubygems.org'
 
-gem 'jekyll', '~> 3.9'
+gem 'jekyll', '~> 3.9', '>= 3.9.0'
 
 group :jekyll_plugins do
   # gem "github-pages", '>= 209'
-  gem "jekyll-gist", '~> 1.5.0'
-  gem "jekyll-sitemap", '~> 1.4.0'
+  gem "jekyll-gist", "~> 1.5.0"
+  gem "jekyll-sitemap", "~> 1.4.0"
   # gem "jekyll-feed", '~> 0.15.1'
-  gem "jekyll-seo-tag", '~> 2.6.1'
-  gem "jekyll-relative-links", '~> 0.6.1'
+  gem "jekyll-seo-tag", "~> 2.6.1"
+  gem "jekyll-relative-links", "~> 0.6.1"
   # gem "jekyll-paginate-v2"
   # gem "jekyll-toc"
-  gem "jekyll-assets"
+  gem "jekyll-assets", ">= 2.4.0"
   # gem "jekyll-paginate", '~> 1.1.0'
 end
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 48d502a..10050c0 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,12 +1,17 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.7.0)
+    activesupport (5.2.6)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    addressable (2.8.0)
       public_suffix (>= 2.0.2, < 5.0)
     autoprefixer-rails (10.1.0.0)
       execjs
     colorator (1.1.0)
-    concurrent-ruby (1.1.7)
+    concurrent-ruby (1.1.9)
     em-websocket (0.5.2)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0.6.0)
@@ -14,16 +19,30 @@ GEM
     execjs (2.7.0)
     extras (0.3.0)
       forwardable-extended (~> 2.5)
-    faraday (1.1.0)
+    faraday (1.5.0)
+      faraday-em_http (~> 1.0)
+      faraday-em_synchrony (~> 1.0)
+      faraday-excon (~> 1.1)
+      faraday-httpclient (~> 1.0.1)
+      faraday-net_http (~> 1.0)
+      faraday-net_http_persistent (~> 1.1)
+      faraday-patron (~> 1.0)
       multipart-post (>= 1.2, < 3)
-      ruby2_keywords
-    fastimage (2.2.0)
-    ffi (1.13.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-em_http (1.0.0)
+    faraday-em_synchrony (1.0.0)
+    faraday-excon (1.1.0)
+    faraday-httpclient (1.0.1)
+    faraday-net_http (1.0.1)
+    faraday-net_http_persistent (1.1.0)
+    faraday-patron (1.0.0)
+    fastimage (2.2.4)
+    ffi (1.15.3)
     forwardable-extended (2.6.0)
     http_parser.rb (0.6.0)
     i18n (0.9.5)
       concurrent-ruby (~> 1.0)
-    jekyll (3.9.0)
+    jekyll (3.9.1)
       addressable (~> 2.4)
       colorator (~> 1.0)
       em-websocket (~> 0.5)
@@ -36,18 +55,24 @@ GEM
       pathutil (~> 0.9)
       rouge (>= 1.7, < 4)
       safe_yaml (~> 1.0)
-    jekyll-assets (2.4.0)
-      concurrent-ruby (~> 1.0)
+    jekyll-assets (3.0.12)
+      activesupport (~> 5.0)
+      execjs (~> 2.7)
       extras (~> 0.2)
       fastimage (~> 2.0, >= 1.8)
-      jekyll (~> 3.1, >= 3.0)
-      pathutil (>= 0.8)
-      rack (~> 1.6)
-      sprockets (~> 3.3, < 3.8)
+      jekyll (>= 3.5, < 4.0)
+      jekyll-sanity (~> 1.2)
+      liquid-tag-parser (~> 1.0)
+      nokogiri (~> 1.8)
+      pathutil (~> 0.16)
+      sprockets (>= 3.3, < 4.1.beta)
     jekyll-gist (1.5.0)
       octokit (~> 4.2)
     jekyll-relative-links (0.6.1)
       jekyll (>= 3.3, < 5.0)
+    jekyll-sanity (1.6.0)
+      jekyll (>= 3.1, < 5.0)
+      pathutil (~> 0.16)
     jekyll-sass-converter (1.5.2)
       sass (~> 3.4)
     jekyll-seo-tag (2.6.1)
@@ -56,32 +81,36 @@ GEM
       jekyll (>= 3.7, < 5.0)
     jekyll-watch (2.2.1)
       listen (~> 3.0)
-    kramdown (2.3.0)
+    kramdown (2.3.1)
       rexml
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
     liquid (4.0.3)
-    listen (3.3.3)
+    liquid-tag-parser (1.9.0)
+      extras (~> 0.3)
+      liquid (>= 3.0, < 5.0)
+    listen (3.5.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     mercenary (0.3.6)
     mini_portile2 (2.4.0)
+    minitest (5.14.4)
     multipart-post (2.1.1)
     nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
-    octokit (4.19.0)
+    octokit (4.21.0)
       faraday (>= 0.9)
       sawyer (~> 0.8.0, >= 0.5.3)
     pathutil (0.16.2)
       forwardable-extended (~> 2.6)
-    public_suffix (3.1.1)
-    rack (1.6.13)
-    rb-fsevent (0.10.4)
+    public_suffix (4.0.6)
+    rack (2.2.3)
+    rb-fsevent (0.11.0)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rexml (3.2.4)
-    rouge (3.23.0)
-    ruby2_keywords (0.0.2)
+    rexml (3.2.5)
+    rouge (3.26.0)
+    ruby2_keywords (0.0.4)
     safe_yaml (1.0.5)
     sass (3.7.4)
       sass-listen (~> 4.0.0)
@@ -91,9 +120,12 @@ GEM
     sawyer (0.8.2)
       addressable (>= 2.3.5)
       faraday (> 0.8, < 2.0)
-    sprockets (3.7.2)
+    sprockets (4.0.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
+    thread_safe (0.3.6)
+    tzinfo (1.2.9)
+      thread_safe (~> 0.1)
     uglifier (4.2.0)
       execjs (>= 0.3.0, < 3)
 
@@ -102,8 +134,8 @@ PLATFORMS
 
 DEPENDENCIES
   autoprefixer-rails
-  jekyll (~> 3.9)
-  jekyll-assets
+  jekyll (~> 3.9, >= 3.9.0)
+  jekyll-assets (>= 2.4.0)
   jekyll-gist (~> 1.5.0)
   jekyll-relative-links (~> 0.6.1)
   jekyll-seo-tag (~> 2.6.1)
@@ -113,4 +145,4 @@ DEPENDENCIES
   uglifier
 
 BUNDLED WITH
-   2.1.2
+   2.1.4