From 20b757cb80bd8393f051b0b06b2fc2e65f1f2e23 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 2 Aug 2024 10:15:14 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-7577227 - https://snyk.io/vuln/SNYK-RUBY-REXML-7577228 --- Gemfile | 2 +- Gemfile.lock | 52 ++++++++++++++++++++++++++++------------------------ 2 files changed, 29 insertions(+), 25 deletions(-) diff --git a/Gemfile b/Gemfile index 0986bf5..9d146cd 100644 --- a/Gemfile +++ b/Gemfile @@ -8,7 +8,7 @@ ruby RUBY_VERSION # bundle exec jekyll serve # -gem "jekyll", "4.2.2" +gem "jekyll", "4.3.0" # Fix development command "jekyll serve" # Can be removed when upgrading to Jekyll 4.3 diff --git a/Gemfile.lock b/Gemfile.lock index 8e1634a..46f6120 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,41 +1,43 @@ GEM remote: https://rubygems.org/ specs: - addressable (2.8.6) - public_suffix (>= 2.0.2, < 6.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) colorator (1.1.0) - concurrent-ruby (1.2.3) + concurrent-ruby (1.3.3) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) eventmachine (1.2.7) - ffi (1.16.3) + ffi (1.17.0) forwardable-extended (2.6.0) + google-protobuf (3.25.4) http_parser.rb (0.8.0) i18n (1.14.5) concurrent-ruby (~> 1.0) - jekyll (4.2.2) + jekyll (4.3.0) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) i18n (~> 1.0) - jekyll-sass-converter (~> 2.0) + jekyll-sass-converter (>= 2.0, < 4.0) jekyll-watch (~> 2.0) - kramdown (~> 2.3) + kramdown (~> 2.3, >= 2.3.1) kramdown-parser-gfm (~> 1.0) liquid (~> 4.0) - mercenary (~> 0.4.0) + mercenary (>= 0.3.6, < 0.5) pathutil (~> 0.9) - rouge (~> 3.0) + rouge (>= 3.0, < 5.0) safe_yaml (~> 1.0) - terminal-table (~> 2.0) + terminal-table (>= 1.8, < 4.0) + webrick (~> 1.7) jekyll-feed (0.17.0) jekyll (>= 3.7, < 5.0) jekyll-paginate (1.1.0) jekyll-redirect-from (0.16.0) jekyll (>= 3.3, < 5.0) - jekyll-sass-converter (2.2.0) - sassc (> 2.0.1, < 3.0) + jekyll-sass-converter (3.0.0) + sass-embedded (~> 1.54) jekyll-seo-tag (2.8.0) jekyll (>= 3.8, < 5.0) jekyll-watch (2.2.1) @@ -55,27 +57,29 @@ GEM jekyll-seo-tag (~> 2.1) pathutil (0.16.2) forwardable-extended (~> 2.6) - public_suffix (5.0.5) + public_suffix (5.1.1) + rake (13.2.1) rb-fsevent (0.11.2) - rb-inotify (0.10.1) + rb-inotify (0.11.1) ffi (~> 1.0) - rexml (3.2.8) - strscan (>= 3.0.9) - rouge (3.30.0) + rexml (3.3.4) + strscan + rouge (4.3.0) safe_yaml (1.0.5) - sassc (2.4.0) - ffi (~> 1.9) + sass-embedded (1.63.6) + google-protobuf (~> 3.23) + rake (>= 13.0.0) strscan (3.1.0) - terminal-table (2.0.0) - unicode-display_width (~> 1.1, >= 1.1.1) - unicode-display_width (1.8.0) + terminal-table (3.0.2) + unicode-display_width (>= 1.1.1, < 3) + unicode-display_width (2.5.0) webrick (1.8.1) PLATFORMS ruby DEPENDENCIES - jekyll (= 4.2.2) + jekyll (= 4.3.0) jekyll-feed (~> 0.16, >= 0.16.0) jekyll-paginate jekyll-redirect-from @@ -83,7 +87,7 @@ DEPENDENCIES webrick (~> 1.8) RUBY VERSION - ruby 3.0.2p107 + ruby 2.7.8p225 BUNDLED WITH 2.1.4