Skip to content

Commit 83a31a5

Browse files
awilfoxawilfox
committed
Gemfile: Updates for security issues
* Rails: 8.0.4 -> 8.0.5. Fixes multiple CVEs in Active Storage. * Other gems: updated to versions that fix various vulnerabilities.
1 parent 51abf99 commit 83a31a5

2 files changed

Lines changed: 70 additions & 70 deletions

File tree

Gemfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ gem 'pg', '~> 1.2'
3232
gem 'prawn', '~> 2.4'
3333
gem 'puma', '~> 7.2'
3434
gem 'puma-plugin-delayed_stop', '~> 0.1.2'
35-
gem 'rails', '~> 8.0.4'
35+
gem 'rails', '~> 8.0.5'
3636
gem 'recaptcha', '~> 4.13'
3737
gem 'sassc-rails'
3838
gem 'sprockets', '~> 4.0'

Gemfile.lock

Lines changed: 69 additions & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -1,65 +1,65 @@
11
GEM
22
remote: https://rubygems.org/
33
specs:
4-
actioncable (8.0.4)
5-
actionpack (= 8.0.4)
6-
activesupport (= 8.0.4)
4+
actioncable (8.0.5)
5+
actionpack (= 8.0.5)
6+
activesupport (= 8.0.5)
77
nio4r (~> 2.0)
88
websocket-driver (>= 0.6.1)
99
zeitwerk (~> 2.6)
10-
actionmailbox (8.0.4)
11-
actionpack (= 8.0.4)
12-
activejob (= 8.0.4)
13-
activerecord (= 8.0.4)
14-
activestorage (= 8.0.4)
15-
activesupport (= 8.0.4)
10+
actionmailbox (8.0.5)
11+
actionpack (= 8.0.5)
12+
activejob (= 8.0.5)
13+
activerecord (= 8.0.5)
14+
activestorage (= 8.0.5)
15+
activesupport (= 8.0.5)
1616
mail (>= 2.8.0)
17-
actionmailer (8.0.4)
18-
actionpack (= 8.0.4)
19-
actionview (= 8.0.4)
20-
activejob (= 8.0.4)
21-
activesupport (= 8.0.4)
17+
actionmailer (8.0.5)
18+
actionpack (= 8.0.5)
19+
actionview (= 8.0.5)
20+
activejob (= 8.0.5)
21+
activesupport (= 8.0.5)
2222
mail (>= 2.8.0)
2323
rails-dom-testing (~> 2.2)
24-
actionpack (8.0.4)
25-
actionview (= 8.0.4)
26-
activesupport (= 8.0.4)
24+
actionpack (8.0.5)
25+
actionview (= 8.0.5)
26+
activesupport (= 8.0.5)
2727
nokogiri (>= 1.8.5)
2828
rack (>= 2.2.4)
2929
rack-session (>= 1.0.1)
3030
rack-test (>= 0.6.3)
3131
rails-dom-testing (~> 2.2)
3232
rails-html-sanitizer (~> 1.6)
3333
useragent (~> 0.16)
34-
actiontext (8.0.4)
35-
actionpack (= 8.0.4)
36-
activerecord (= 8.0.4)
37-
activestorage (= 8.0.4)
38-
activesupport (= 8.0.4)
34+
actiontext (8.0.5)
35+
actionpack (= 8.0.5)
36+
activerecord (= 8.0.5)
37+
activestorage (= 8.0.5)
38+
activesupport (= 8.0.5)
3939
globalid (>= 0.6.0)
4040
nokogiri (>= 1.8.5)
41-
actionview (8.0.4)
42-
activesupport (= 8.0.4)
41+
actionview (8.0.5)
42+
activesupport (= 8.0.5)
4343
builder (~> 3.1)
4444
erubi (~> 1.11)
4545
rails-dom-testing (~> 2.2)
4646
rails-html-sanitizer (~> 1.6)
47-
activejob (8.0.4)
48-
activesupport (= 8.0.4)
47+
activejob (8.0.5)
48+
activesupport (= 8.0.5)
4949
globalid (>= 0.3.6)
50-
activemodel (8.0.4)
51-
activesupport (= 8.0.4)
52-
activerecord (8.0.4)
53-
activemodel (= 8.0.4)
54-
activesupport (= 8.0.4)
50+
activemodel (8.0.5)
51+
activesupport (= 8.0.5)
52+
activerecord (8.0.5)
53+
activemodel (= 8.0.5)
54+
activesupport (= 8.0.5)
5555
timeout (>= 0.4.0)
56-
activestorage (8.0.4)
57-
actionpack (= 8.0.4)
58-
activejob (= 8.0.4)
59-
activerecord (= 8.0.4)
60-
activesupport (= 8.0.4)
56+
activestorage (8.0.5)
57+
actionpack (= 8.0.5)
58+
activejob (= 8.0.5)
59+
activerecord (= 8.0.5)
60+
activesupport (= 8.0.5)
6161
marcel (~> 1.0)
62-
activesupport (8.0.4)
62+
activesupport (8.0.5)
6363
base64
6464
benchmark (>= 0.3)
6565
bigdecimal
@@ -72,7 +72,7 @@ GEM
7272
securerandom (>= 0.3)
7373
tzinfo (~> 2.0, >= 2.0.5)
7474
uri (>= 0.13.1)
75-
addressable (2.8.8)
75+
addressable (2.9.0)
7676
public_suffix (>= 2.0.2, < 8.0)
7777
amazing_print (1.8.1)
7878
ast (2.4.3)
@@ -162,15 +162,15 @@ GEM
162162
dotenv (= 2.8.1)
163163
railties (>= 3.2)
164164
drb (2.2.3)
165-
erb (6.0.2)
165+
erb (6.0.4)
166166
erubi (1.13.1)
167167
et-orbi (1.4.0)
168168
tzinfo
169-
faraday (2.14.1)
169+
faraday (2.14.2)
170170
faraday-net_http (>= 2.0, < 3.5)
171171
json
172172
logger
173-
faraday-net_http (3.4.2)
173+
faraday-net_http (3.4.3)
174174
net-http (~> 0.5)
175175
ffi (1.17.3-aarch64-linux-gnu)
176176
ffi (1.17.3-arm64-darwin)
@@ -210,10 +210,10 @@ GEM
210210
thor (>= 0.14, < 2.0)
211211
jquery-ui-rails (8.0.0)
212212
railties (>= 3.2.16)
213-
json (2.18.1)
213+
json (2.19.7)
214214
jsonpath (0.5.8)
215215
multi_json
216-
jwt (2.10.2)
216+
jwt (2.10.3)
217217
base64
218218
language_server-protocol (3.17.0.5)
219219
lint_roller (1.1.0)
@@ -227,7 +227,7 @@ GEM
227227
activesupport (>= 4)
228228
railties (>= 4)
229229
request_store (~> 1.0)
230-
loofah (2.25.0)
230+
loofah (2.25.1)
231231
crass (~> 1.0.2)
232232
nokogiri (>= 1.12.0)
233233
mail (2.9.0)
@@ -253,7 +253,7 @@ GEM
253253
mutex_m (0.3.0)
254254
net-http (0.9.1)
255255
uri (>= 0.11.1)
256-
net-imap (0.6.3)
256+
net-imap (0.6.4)
257257
date
258258
net-protocol
259259
net-pop (0.1.2)
@@ -266,11 +266,11 @@ GEM
266266
netaddr (1.5.3)
267267
netrc (0.11.0)
268268
nio4r (2.7.5)
269-
nokogiri (1.19.1-aarch64-linux-gnu)
269+
nokogiri (1.19.3-aarch64-linux-gnu)
270270
racc (~> 1.4)
271-
nokogiri (1.19.1-arm64-darwin)
271+
nokogiri (1.19.3-arm64-darwin)
272272
racc (~> 1.4)
273-
nokogiri (1.19.1-x86_64-linux-gnu)
273+
nokogiri (1.19.3-x86_64-linux-gnu)
274274
racc (~> 1.4)
275275
oj (3.16.16)
276276
bigdecimal (>= 3.0)
@@ -313,49 +313,49 @@ GEM
313313
psych (5.3.1)
314314
date
315315
stringio
316-
public_suffix (7.0.2)
316+
public_suffix (7.0.5)
317317
puma (7.2.0)
318318
nio4r (~> 2.0)
319319
puma-plugin-delayed_stop (0.1.2)
320320
puma (>= 5.0, < 8)
321321
raabro (1.4.0)
322322
racc (1.8.1)
323-
rack (3.2.5)
323+
rack (3.2.6)
324324
rack-protection (4.2.1)
325325
base64 (>= 0.1.0)
326326
logger (>= 1.6.0)
327327
rack (>= 3.0.0, < 4)
328-
rack-session (2.1.1)
328+
rack-session (2.1.2)
329329
base64 (>= 0.1.0)
330330
rack (>= 3.0.0)
331331
rack-test (2.2.0)
332332
rack (>= 1.3)
333333
rackup (2.3.1)
334334
rack (>= 3)
335-
rails (8.0.4)
336-
actioncable (= 8.0.4)
337-
actionmailbox (= 8.0.4)
338-
actionmailer (= 8.0.4)
339-
actionpack (= 8.0.4)
340-
actiontext (= 8.0.4)
341-
actionview (= 8.0.4)
342-
activejob (= 8.0.4)
343-
activemodel (= 8.0.4)
344-
activerecord (= 8.0.4)
345-
activestorage (= 8.0.4)
346-
activesupport (= 8.0.4)
335+
rails (8.0.5)
336+
actioncable (= 8.0.5)
337+
actionmailbox (= 8.0.5)
338+
actionmailer (= 8.0.5)
339+
actionpack (= 8.0.5)
340+
actiontext (= 8.0.5)
341+
actionview (= 8.0.5)
342+
activejob (= 8.0.5)
343+
activemodel (= 8.0.5)
344+
activerecord (= 8.0.5)
345+
activestorage (= 8.0.5)
346+
activesupport (= 8.0.5)
347347
bundler (>= 1.15.0)
348-
railties (= 8.0.4)
348+
railties (= 8.0.5)
349349
rails-dom-testing (2.3.0)
350350
activesupport (>= 5.0.0)
351351
minitest
352352
nokogiri (>= 1.6)
353353
rails-html-sanitizer (1.7.0)
354354
loofah (~> 2.25)
355355
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
356-
railties (8.0.4)
357-
actionpack (= 8.0.4)
358-
activesupport (= 8.0.4)
356+
railties (8.0.5)
357+
actionpack (= 8.0.5)
358+
activesupport (= 8.0.5)
359359
irb (~> 1.13)
360360
rackup (>= 1.0.0)
361361
rake (>= 12.2)
@@ -486,7 +486,7 @@ GEM
486486
stringio (3.2.0)
487487
thor (1.5.0)
488488
tilt (2.7.0)
489-
timeout (0.6.0)
489+
timeout (0.6.1)
490490
tsort (0.2.0)
491491
ttfunk (1.8.0)
492492
bigdecimal (~> 3.1)
@@ -557,7 +557,7 @@ DEPENDENCIES
557557
prawn (~> 2.4)
558558
puma (~> 7.2)
559559
puma-plugin-delayed_stop (~> 0.1.2)
560-
rails (~> 8.0.4)
560+
rails (~> 8.0.5)
561561
recaptcha (~> 4.13)
562562
roo (~> 2.8)
563563
rspec (~> 3.13)

0 commit comments

Comments
 (0)