[Snyk] Security upgrade berkshelf from 3.2.3 to 4.2.3

Gemfile

@@ -16,7 +16,7 @@ group :test do
   gem 'ci_reporter_rspec', '~> 1.0'
   gem 'test-kitchen', '~> 1.3'
   gem 'kitchen-vagrant', '~> 0.15'
-  gem 'berkshelf', '~> 3.1'
+  gem 'berkshelf', '~> 4.2', '>= 4.2.3'
   # pin to 2.8 series until guard-foodcritic has been updated for v2 API
   gem 'guard', '~> 2.8.2'
   # pin to 4.3 series until guard-foodcritic has been updated for v2 API

Gemfile.lock

@@ -1,28 +1,33 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.3.8)
+    addressable (2.8.0)
+      public_suffix (>= 2.0.2, < 5.0)
     ast (2.0.0)
     astrolabe (1.3.0)
       parser (>= 2.2.0.pre.3, < 3.0)
-    berkshelf (3.2.3)
-      addressable (~> 2.3.4)
-      berkshelf-api-client (~> 1.2)
+    berkshelf (4.3.5)
+      addressable (~> 2.3, >= 2.3.4)
+      berkshelf-api-client (~> 2.0, >= 2.0.2)
       buff-config (~> 1.0)
       buff-extensions (~> 1.0)
       buff-shell_out (~> 0.1)
-      celluloid (~> 0.16.0)
+      celluloid (= 0.16.0)
       celluloid-io (~> 0.16.1)
       cleanroom (~> 1.0)
-      faraday (~> 0.9.0)
-      minitar (~> 0.5.4)
-      octokit (~> 3.0)
+      faraday (~> 0.9)
+      httpclient (~> 2.7)
+      minitar (~> 0.5, >= 0.5.4)
+      mixlib-archive (~> 0.1)
+      octokit (~> 4.0)
       retryable (~> 2.0)
-      ridley (~> 4.0)
-      solve (~> 1.1)
+      ridley (~> 4.5)
+      solve (~> 2.0)
       thor (~> 0.19)
-    berkshelf-api-client (1.2.1)
-      faraday (~> 0.9.0)
+    berkshelf-api-client (2.0.2)
+      faraday (~> 0.9.1)
+      httpclient (~> 2.7.0)
+      ridley (~> 4.5)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
     buff-config (1.0.1)
@@ -63,6 +68,12 @@ GEM
       rspec_junit_formatter (~> 0.2.0)
       serverspec (~> 2.7)
       specinfra (~> 2.10)
+    chef-config (14.2.0)
+      addressable
+      fuzzyurl
+      mixlib-config (~> 2.0)
+      mixlib-shellout (~> 2.0)
+      tomlrb (~> 1.2)
     chef-vault (2.5.0)
     chef-vault-testfixtures (0.2.0)
       chef-vault (~> 2.5)
@@ -87,18 +98,14 @@ GEM
     coderay (1.1.0)
     columnize (0.9.0)
     debug_inspector (0.0.2)
-    dep-selector-libgecode (1.0.2)
-    dep_selector (1.0.3)
-      dep-selector-libgecode (~> 1.0)
-      ffi (~> 1.9)
     diff-lcs (1.2.5)
     erubis (2.7.0)
-    faraday (0.9.1)
+    faraday (0.9.2)
       multipart-post (>= 1.2, < 3)
     fauxhai (2.3.0)
       net-ssh
       ohai
-    ffi (1.9.8)
+    ffi (1.15.3)
     ffi-yajl (2.0.0)
       ffi (~> 1.5)
       libyajl2 (~> 1.2)
@@ -111,6 +118,7 @@ GEM
       treetop (~> 1.4)
       yajl-ruby (~> 1.1)
     formatador (0.2.5)
+    fuzzyurl (0.9.0)
     gherkin (2.12.2)
       multi_json (~> 1.3)
     guard (2.8.2)
@@ -133,10 +141,11 @@ GEM
       rubocop (~> 0.20)
     hashie (2.1.2)
     highline (1.7.1)
-    hitimes (1.2.2)
+    hitimes (2.0.0)
+    httpclient (2.7.2)
     interception (0.5)
     ipaddress (0.8.0)
-    json (1.8.2)
+    json (2.5.1)
     kitchen-vagrant (0.16.0)
       test-kitchen (~> 1.0)
     libyajl2 (1.2.0)
@@ -149,16 +158,17 @@ GEM
     method_source (0.8.2)
     mime-types (2.4.3)
     mini_portile (0.6.2)
-    minitar (0.5.4)
-    mixlib-authentication (1.3.0)
+    minitar (0.9)
+    mixlib-archive (0.4.20)
       mixlib-log
+    mixlib-authentication (1.4.2)
     mixlib-cli (1.5.0)
     mixlib-config (2.1.0)
-    mixlib-log (1.6.0)
+    mixlib-log (1.7.1)
     mixlib-shellout (2.0.1)
+    molinillo (0.4.5)
     multi_json (1.11.0)
-    multipart-post (2.0.0)
-    net-http-persistent (2.9.4)
+    multipart-post (2.1.1)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
     net-ssh (2.9.2)
@@ -167,11 +177,12 @@ GEM
     net-ssh-multi (1.2.1)
       net-ssh (>= 2.6.5)
       net-ssh-gateway (>= 1.2.0)
-    nio4r (1.1.0)
+    nio4r (2.5.7)
     nokogiri (1.6.6.2)
       mini_portile (~> 0.6.0)
-    octokit (3.8.0)
-      sawyer (~> 0.6.0, >= 0.5.3)
+    octokit (4.21.0)
+      faraday (>= 0.9)
+      sawyer (~> 0.8.0, >= 0.5.3)
     ohai (8.2.0)
       ffi (~> 1.9)
       ffi-yajl (>= 1.1, < 3.0)
@@ -202,30 +213,32 @@ GEM
     pry-stack_explorer (0.4.9.2)
       binding_of_caller (>= 0.7)
       pry (>= 0.9.11)
+    public_suffix (4.0.6)
     rack (1.6.0)
     rainbow (2.0.0)
     rake (10.4.2)
     rb-fsevent (0.9.4)
     rb-inotify (0.9.5)
       ffi (>= 0.5.0)
-    retryable (2.0.1)
-    ridley (4.1.2)
+    retryable (2.0.4)
+    ridley (4.6.1)
       addressable
       buff-config (~> 1.0)
       buff-extensions (~> 1.0)
-      buff-ignore (~> 1.1)
+      buff-ignore (~> 1.1.1)
       buff-shell_out (~> 0.1)
       celluloid (~> 0.16.0)
       celluloid-io (~> 0.16.1)
+      chef-config (>= 12.5.0)
       erubis
       faraday (~> 0.9.0)
-      hashie (>= 2.0.2, < 3.0.0)
+      hashie (>= 2.0.2, < 4.0.0)
+      httpclient (~> 2.7)
       json (>= 1.7.7)
       mixlib-authentication (>= 1.3.0)
-      net-http-persistent (>= 2.8)
-      retryable (>= 2.0.0)
+      retryable (~> 2.0)
       semverse (~> 1.1)
-      varia_model (~> 0.4)
+      varia_model (~> 0.4.0)
     rspec (3.2.0)
       rspec-core (~> 3.2.0)
       rspec-expectations (~> 3.2.0)
@@ -256,18 +269,18 @@ GEM
     ruby_gntp (0.3.4)
     rufus-lru (1.0.5)
     safe_yaml (1.0.4)
-    sawyer (0.6.0)
-      addressable (~> 2.3.5)
-      faraday (~> 0.8, < 0.10)
+    sawyer (0.8.2)
+      addressable (>= 2.3.5)
+      faraday (> 0.8, < 2.0)
     semverse (1.2.1)
     serverspec (2.14.1)
       multi_json
       rspec (~> 3.0)
       rspec-its
       specinfra (~> 2.25)
     slop (3.6.0)
-    solve (1.2.1)
-      dep_selector (~> 1.0)
+    solve (2.0.3)
+      molinillo (~> 0.4.2)
       semverse (~> 1.1)
     specinfra (2.28.4)
       net-scp
@@ -279,23 +292,24 @@ GEM
       net-ssh (~> 2.7)
       safe_yaml (~> 1.0)
       thor (~> 0.18)
-    thor (0.19.1)
-    timers (4.0.1)
+    thor (0.20.3)
+    timers (4.0.4)
       hitimes
+    tomlrb (1.3.0)
     treetop (1.6.2)
       polyglot (~> 0.3)
     uuidtools (2.1.5)
-    varia_model (0.4.0)
+    varia_model (0.4.1)
       buff-extensions (~> 1.0)
-      hashie (>= 2.0.2, < 3.0.0)
+      hashie (>= 2.0.2, < 4.0.0)
     wmi-lite (1.0.0)
     yajl-ruby (1.2.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  berkshelf (~> 3.1)
+  berkshelf (~> 4.2, >= 4.2.3)
   chef-vault (~> 2.5)
   chef-vault-testfixtures (= 0.2.0)
   chefspec (~> 4.1)
@@ -315,3 +329,6 @@ DEPENDENCIES
   rubocop (~> 0.28.0)
   ruby_gntp
   test-kitchen (~> 1.3)
+
+BUNDLED WITH
+   2.1.4