From fc7edda257ed2d875e887a3edbe575b5aba84e9a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 4 Jan 2023 23:57:04 -0500 Subject: [PATCH] fix: Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-HTTPARTY-3188560 --- Gemfile.lock | 89 ++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 62 insertions(+), 27 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 816b730..ce762d5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,8 +1,13 @@ GEM remote: http://rubygems.org/ specs: + addressable (2.8.1) + public_suffix (>= 2.0.2, < 6.0) + amq-protocol (2.3.2) builder (3.1.4) - bunny (0.8.0) + bunny (2.20.1) + amq-protocol (~> 2.3, >= 2.3.1) + sorted_set (~> 1, >= 1.0.2) chef (10.12.0) bunny (>= 0.6.0) erubis @@ -21,6 +26,14 @@ GEM treetop (~> 1.4.9) uuidtools yajl-ruby (~> 1.1) + chef-config (16.18.0) + addressable + chef-utils (= 16.18.0) + fuzzyurl + mixlib-config (>= 2.2.12, < 4.0) + mixlib-shellout (>= 2.0, < 4.0) + tomlrb (~> 1.2) + chef-utils (16.18.0) chefspec (0.9.0) chef (>= 0.9.12) erubis @@ -35,6 +48,9 @@ GEM chef httparty net-ssh + ffi (1.15.5) + ffi-yajl (2.4.0) + libyajl2 (>= 1.2) foodcritic (1.7.0) erubis gherkin (~> 2.11.1) @@ -44,31 +60,34 @@ GEM rak (~> 1.4) treetop (~> 1.4.10) yajl-ruby (~> 1.1.0) + fuzzyurl (0.9.0) gherkin (2.11.5) json (>= 1.4.6) gist (3.1.1) - highline (1.6.13) - httparty (0.10.2) - multi_json (~> 1.0) + highline (2.1.0) + httparty (0.21.0) + mini_mime (>= 1.0.0) multi_xml (>= 0.5.2) - ipaddress (0.8.0) + ipaddress (0.8.3) json (1.6.1) + libyajl2 (2.1.0) method_source (0.7.1) - mime-types (1.19) + mime-types (1.25.1) + mini_mime (1.1.2) minitest (4.6.0) minitest-chef-handler (0.6.7) chef ci_reporter minitest - mixlib-authentication (1.1.4) - mixlib-log - mixlib-cli (1.2.2) - mixlib-config (1.1.2) - mixlib-log (1.4.1) - mixlib-shellout (1.0.0) - moneta (0.6.0) - multi_json (1.5.0) - multi_xml (0.5.3) + mixlib-authentication (3.0.10) + mixlib-cli (2.1.8) + mixlib-config (3.0.27) + tomlrb + mixlib-log (3.0.9) + mixlib-shellout (3.2.7) + chef-utils + moneta (1.5.2) + multi_xml (0.6.0) net-ssh (2.2.2) net-ssh-gateway (1.1.0) net-ssh (>= 1.99.1) @@ -76,22 +95,30 @@ GEM net-ssh (>= 2.1.4) net-ssh-gateway (>= 0.99.0) nokogiri (1.5.6) - ohai (6.14.0) + ohai (16.5.6) + chef-config (>= 12.8, < 17) + chef-utils (>= 16.0, < 17) + ffi (~> 1.9) + ffi-yajl (~> 2.2) ipaddress - mixlib-cli - mixlib-config - mixlib-log - systemu - yajl-ruby - polyglot (0.3.3) + mixlib-cli (>= 1.7.0) + mixlib-config (>= 2.0, < 4.0) + mixlib-log (>= 2.0.1, < 4.0) + mixlib-shellout (>= 2.0, < 4.0) + plist (~> 3.1) + wmi-lite (~> 1.0) + plist (3.6.0) + polyglot (0.3.5) pry (0.9.8.4) coderay (~> 1.0.5) method_source (~> 0.7.1) slop (>= 2.4.4, < 3) + public_suffix (5.0.1) rak (1.4) rake (0.9.2.2) - rest-client (1.6.7) - mime-types (>= 1.16) + rbtree (0.4.6) + rest-client (1.6.14) + mime-types (~> 1.16) rspec (2.11.0) rspec-core (~> 2.11.0) rspec-expectations (~> 2.11.0) @@ -100,12 +127,17 @@ GEM rspec-expectations (2.11.3) diff-lcs (~> 1.1.3) rspec-mocks (2.11.3) + set (1.0.3) slop (2.4.4) - systemu (2.5.2) - treetop (1.4.10) + sorted_set (1.0.3) + rbtree + set (~> 1.0) + tomlrb (1.3.0) + treetop (1.4.15) polyglot polyglot (>= 0.3.1) - uuidtools (2.1.3) + uuidtools (2.2.0) + wmi-lite (1.0.7) yajl-ruby (1.1.0) PLATFORMS @@ -117,3 +149,6 @@ DEPENDENCIES fauxhai (~> 0.1.1) foodcritic (~> 1.7.0) rake (~> 0.9.2.2) + +BUNDLED WITH + 2.1.4