From 83eda33f0e8300c9294f72a0a1d48c26630e6f2d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 26 Feb 2020 02:21:23 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159 --- Gemfile | 4 ++-- Gemfile.lock | 51 ++++++++++++++++++++++++++------------------------- 2 files changed, 28 insertions(+), 27 deletions(-) diff --git a/Gemfile b/Gemfile index 9d643da..81bd7ac 100644 --- a/Gemfile +++ b/Gemfile @@ -11,7 +11,7 @@ end group :test do gem 'chef-vault', '~> 2.5' gem 'chef-vault-testfixtures', '= 0.2.0' - gem 'foodcritic', '~> 4.0' + gem 'foodcritic', '~> 4.0', '>= 4.0.0' gem 'chefspec', '~> 4.1' gem 'ci_reporter_rspec', '~> 1.0' gem 'test-kitchen', '~> 1.3' @@ -21,7 +21,7 @@ group :test do gem 'guard', '~> 2.8.2' # pin to 4.3 series until guard-foodcritic has been updated for v2 API gem 'guard-rspec', '~> 4.3.1' - gem 'guard-foodcritic', '~> 1.0' + gem 'guard-foodcritic', '~> 1.0', '>= 1.0.3' gem 'guard-rake', '~> 0.0' gem 'rubocop', '~> 0.28.0' gem 'guard-rubocop', '~> 1.1' diff --git a/Gemfile.lock b/Gemfile.lock index d1f6c4a..8c9b5e5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -84,7 +84,7 @@ GEM ci_reporter (~> 2.0) rspec (>= 2.14, < 4) cleanroom (1.0.0) - coderay (1.1.0) + coderay (1.1.2) columnize (0.9.0) debug_inspector (0.0.2) dep-selector-libgecode (1.0.2) @@ -98,7 +98,7 @@ GEM fauxhai (2.3.0) net-ssh ohai - ffi (1.9.8) + ffi (1.12.2) ffi-yajl (2.0.0) ffi (~> 1.5) libyajl2 (~> 1.2) @@ -133,22 +133,22 @@ GEM rubocop (~> 0.20) hashie (2.1.2) highline (1.7.1) - hitimes (1.2.2) + hitimes (2.0.0) interception (0.5) ipaddress (0.8.0) json (1.8.2) kitchen-vagrant (0.16.0) test-kitchen (~> 1.0) libyajl2 (1.2.0) - listen (2.10.0) + listen (2.10.1) celluloid (~> 0.16.0) rb-fsevent (>= 0.9.3) rb-inotify (>= 0.9) little-plugger (1.1.3) - lumberjack (1.0.9) - method_source (0.8.2) + lumberjack (1.2.4) + method_source (0.9.2) mime-types (2.4.3) - mini_portile (0.6.2) + mini_portile2 (2.4.0) minitar (0.5.4) mixlib-authentication (1.3.0) mixlib-log @@ -156,7 +156,7 @@ GEM mixlib-config (2.1.0) mixlib-log (1.6.0) mixlib-shellout (2.0.1) - multi_json (1.11.0) + multi_json (1.14.1) multipart-post (2.0.0) net-http-persistent (2.9.4) net-scp (1.2.1) @@ -168,8 +168,8 @@ GEM net-ssh (>= 2.6.5) net-ssh-gateway (>= 1.2.0) nio4r (1.1.0) - nokogiri (1.6.6.2) - mini_portile (~> 0.6.0) + nokogiri (1.10.8) + mini_portile2 (~> 2.4.0) octokit (3.8.0) sawyer (~> 0.6.0, >= 0.5.3) ohai (8.2.0) @@ -189,10 +189,9 @@ GEM plist (3.1.0) polyglot (0.3.5) powerpack (0.0.9) - pry (0.10.1) + pry (0.12.2) coderay (~> 1.1.0) - method_source (~> 0.8.1) - slop (~> 3.4) + method_source (~> 0.9.0) pry-byebug (3.1.0) byebug (~> 4.0) pry (~> 0.10) @@ -204,10 +203,10 @@ GEM pry (>= 0.9.11) rack (1.6.0) rainbow (2.0.0) - rake (10.4.2) - rb-fsevent (0.9.4) - rb-inotify (0.9.5) - ffi (>= 0.5.0) + rake (10.5.0) + rb-fsevent (0.10.3) + rb-inotify (0.10.1) + ffi (~> 1.0) retryable (2.0.1) ridley (4.1.2) addressable @@ -254,7 +253,7 @@ GEM ruby-progressbar (~> 1.4) ruby-progressbar (1.7.5) ruby_gntp (0.3.4) - rufus-lru (1.0.5) + rufus-lru (1.1.0) safe_yaml (1.0.4) sawyer (0.6.0) addressable (~> 2.3.5) @@ -265,7 +264,6 @@ GEM rspec (~> 3.0) rspec-its specinfra (~> 2.25) - slop (3.6.0) solve (1.2.1) dep_selector (~> 1.0) semverse (~> 1.1) @@ -279,17 +277,17 @@ GEM net-ssh (~> 2.7) safe_yaml (~> 1.0) thor (~> 0.18) - thor (0.19.1) - timers (4.0.1) + thor (0.20.3) + timers (4.0.4) hitimes - treetop (1.6.2) + treetop (1.6.10) polyglot (~> 0.3) uuidtools (2.1.5) varia_model (0.4.0) buff-extensions (~> 1.0) hashie (>= 2.0.2, < 3.0.0) wmi-lite (1.0.0) - yajl-ruby (1.2.1) + yajl-ruby (1.4.1) PLATFORMS ruby @@ -300,9 +298,9 @@ DEPENDENCIES chef-vault-testfixtures (= 0.2.0) chefspec (~> 4.1) ci_reporter_rspec (~> 1.0) - foodcritic (~> 4.0) + foodcritic (~> 4.0, >= 4.0.0) guard (~> 2.8.2) - guard-foodcritic (~> 1.0) + guard-foodcritic (~> 1.0, >= 1.0.3) guard-rake (~> 0.0) guard-rspec (~> 4.3.1) guard-rubocop (~> 1.1) @@ -315,3 +313,6 @@ DEPENDENCIES rubocop (~> 0.28.0) ruby_gntp test-kitchen (~> 1.3) + +BUNDLED WITH + 1.17.3