fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
bigbluebutton · Jan 22, 2024 · 00d4e78 · 00d4e78
1 parent 0e30582
commit 00d4e78
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 16 deletions.
diff --git a/Gemfile b/Gemfile
@@ -12,7 +12,7 @@ gem 'bcrypt', '~> 3.1.7'
 gem 'bigbluebutton-api-ruby', '1.9.1'
 gem 'bootsnap', require: false
 gem 'clamby', '~> 1.6.10'
-gem 'cssbundling-rails', '>= 1.3.3'
+gem 'cssbundling-rails', '>= 1.4.0'
 gem 'data_migrate', '>= 9.2.0'
 gem 'dotenv-rails'
 gem 'google-cloud-storage', '~> 1.44', require: false

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -115,7 +115,7 @@ GEM
       rack (>= 1.6.11)
       rubyzip (>= 1.3.0)
       xml-simple (~> 1.1)
-    bigdecimal (3.1.4)
+    bigdecimal (3.1.6)
     bindata (2.4.15)
     bindex (0.8.1)
     bootsnap (1.16.0)
@@ -134,12 +134,12 @@ GEM
       activesupport
     childprocess (4.1.0)
     clamby (1.6.10)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
     crack (0.4.5)
       rexml
     crass (1.0.6)
-    cssbundling-rails (1.3.3)
+    cssbundling-rails (1.4.0)
       railties (>= 6.0.0)
     data_migrate (9.2.0)
       activerecord (>= 6.1)
@@ -221,10 +221,10 @@ GEM
     image_processing (1.12.2)
       mini_magick (>= 4.9.5, < 5)
       ruby-vips (>= 2.0.17, < 3)
-    io-console (0.6.0)
-    irb (1.9.1)
+    io-console (0.7.2)
+    irb (1.11.1)
       rdoc
-      reline (>= 0.3.8)
+      reline (>= 0.4.2)
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
@@ -260,7 +260,7 @@ GEM
     mini_magick (4.12.0)
     mini_mime (1.1.5)
     mini_portile2 (2.8.5)
-    minitest (5.20.0)
+    minitest (5.21.2)
     msgpack (1.6.0)
     multi_json (1.15.0)
     mutex_m (0.2.0)
@@ -274,10 +274,10 @@ GEM
     net-smtp (0.4.0)
       net-protocol
     nio4r (2.5.9)
-    nokogiri (1.15.5)
+    nokogiri (1.16.0)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.15.5-x86_64-linux)
+    nokogiri (1.16.0-x86_64-linux)
       racc (~> 1.4)
     omniauth (2.1.1)
       hashie (>= 3.4.6)
@@ -309,7 +309,7 @@ GEM
       ast (~> 2.4.1)
       racc
     pg (1.4.5)
-    psych (5.1.1.1)
+    psych (5.1.2)
       stringio
     public_suffix (5.0.3)
     puma (5.6.7)
@@ -325,7 +325,7 @@ GEM
       rack (>= 2.1.0)
     rack-protection (3.1.0)
       rack (~> 2.2, >= 2.2.4)
-    rack-session (1.0.1)
+    rack-session (1.0.2)
       rack (< 3)
     rack-test (2.1.0)
       rack (>= 1.3)
@@ -363,11 +363,11 @@ GEM
       zeitwerk (~> 2.6)
     rainbow (3.1.1)
     rake (13.1.0)
-    rdoc (6.6.0)
+    rdoc (6.6.2)
       psych (>= 4.0.0)
     redis (4.8.0)
     regexp_parser (2.8.1)
-    reline (0.4.0)
+    reline (0.4.2)
       io-console (~> 0.5)
     remote_syslog_logger (1.0.4)
       syslog_protocol
@@ -446,7 +446,7 @@ GEM
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
-    stringio (3.0.9)
+    stringio (3.1.0)
     swd (2.0.2)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
@@ -507,7 +507,7 @@ DEPENDENCIES
   bootsnap
   capybara
   clamby (~> 1.6.10)
-  cssbundling-rails (>= 1.3.3)
+  cssbundling-rails (>= 1.4.0)
   data_migrate (>= 9.2.0)
   debug
   dotenv-rails
@@ -547,3 +547,9 @@ DEPENDENCIES
   web-console (>= 4.2.1)
   webdrivers
   webmock
+
+RUBY VERSION
+   ruby 3.0.0p0
+
+BUNDLED WITH
+   2.2.3