From f9c7f830e143243b5752be2581aba162538755a7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 6 Jun 2024 15:59:40 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639 --- Gemfile | 2 +- Gemfile.lock | 18 ++++++++++-------- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/Gemfile b/Gemfile index 495d163..1e836ac 100644 --- a/Gemfile +++ b/Gemfile @@ -8,7 +8,7 @@ gem 'dotenv' gem 'hashie' gem 'mocha' gem 'rexml' -gem 'ruby-saml', '>= 1.9.0' +gem 'ruby-saml', '>= 1.15.0' gem 'rack-test', '>= 2.0.0' gem 'rake' gem 'sinatra', '>= 3.0.4' diff --git a/Gemfile.lock b/Gemfile.lock index 41d349a..6667578 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -31,14 +31,14 @@ GEM jmespath (1.6.1) metaclass (0.0.4) method_source (0.9.2) - mini_portile2 (2.8.5) + mini_portile2 (2.8.7) minitest (5.19.0) mocha (1.7.0) metaclass (~> 0.0.1) mustermann (3.0.0) ruby2_keywords (~> 0.0.1) nio4r (2.7.0) - nokogiri (1.16.2) + nokogiri (1.16.5) mini_portile2 (~> 2.8.2) racc (~> 1.4) power_assert (2.0.2) @@ -47,16 +47,17 @@ GEM method_source (~> 0.9.0) puma (6.4.2) nio4r (~> 2.0) - racc (1.7.3) + racc (1.8.0) rack (2.2.8.1) rack-protection (3.0.4) rack rack-test (2.0.2) rack (>= 1.3) rake (13.0.1) - rexml (3.2.5) - ruby-saml (1.14.0) - nokogiri (>= 1.10.5) + rexml (3.2.8) + strscan (>= 3.0.9) + ruby-saml (1.16.0) + nokogiri (>= 1.13.10) rexml ruby2_keywords (0.0.5) sinatra (3.0.4) @@ -64,6 +65,7 @@ GEM rack (~> 2.2, >= 2.2.4) rack-protection (= 3.0.4) tilt (~> 2.0) + strscan (3.1.0) test-unit (3.5.7) power_assert tilt (2.0.11) @@ -85,7 +87,7 @@ DEPENDENCIES rack-test (>= 2.0.0) rake rexml - ruby-saml (>= 1.9.0) + ruby-saml (>= 1.15.0) sinatra (>= 3.0.4) test-unit @@ -93,4 +95,4 @@ RUBY VERSION ruby 3.2.2p223 BUNDLED WITH - 2.2.33 + 2.4.6