From d2788bbb25994aba8749a51f29a6dacff716b11a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 24 Aug 2023 05:33:23 +0000 Subject: [PATCH] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-5851458 - https://snyk.io/vuln/SNYK-RUBY-RAILTIES-5851410 --- Gemfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 1275100..54d95a9 100644 --- a/Gemfile +++ b/Gemfile @@ -4,7 +4,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '2.5.1' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 5.2.1' +gem 'rails', '~> 6.1.7', '>= 6.1.7.5' # Use postgresql as the database for Active Record gem 'pg', '>= 0.18', '< 2.0' # Use Puma as the app server @@ -35,13 +35,13 @@ group :development, :test do gem 'pry-rails' gem 'pry-byebug' gem "database_cleaner" - gem "rspec-rails" + gem "rspec-rails", ">= 3.8.2" end group :development do gem 'listen', '>= 3.0.5', '< 3.2' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring - gem 'spring' + gem 'spring', '>= 2.1.0' gem 'spring-watcher-listen', '~> 2.0.0' end @@ -59,7 +59,7 @@ gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby] gem "jwt", "~> 2.1" -gem "active_model_serializers", "~> 0.10.8" +gem "active_model_serializers", "~> 0.10.12" gem "faker", "~> 1.9"