From 015e85c568c7aa0a3fb352954b580c1384a58b17 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 20 May 2020 04:55:51 +0300 Subject: [PATCH] fix: Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598 --- Gemfile.lock | 83 +++++++++++++++++++++++++++++++++------------------- 1 file changed, 53 insertions(+), 30 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index f75c343..c1d50bf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,22 +1,24 @@ GIT remote: https://github.com/stellar/stellar_core_commander.git - revision: 2a6d83e147069188afba52f751edaca45985d07a + revision: abbb62a0b1ac09a1938350a9bc10a7f102456418 branch: master specs: - stellar_core_commander (0.0.12) - activesupport (>= 4.0.0) - contracts (~> 0.9) + stellar_core_commander (0.0.13) + activesupport (>= 5.2.0) + contracts (~> 0.16) faraday (~> 0.9.1) faraday_middleware (~> 0.9.1) pg (~> 0.18.1) + pry (~> 0.11.3) sequel (~> 5.5.0) slop (~> 3.6.0) - stellar-base (>= 0.12.0) + stellar-base (>= 0.17.0) + stellar-sdk (>= 0.5.0) typhoeus (~> 0.8.0) GIT remote: https://github.com/stellar/xdrgen.git - revision: e29a93e248f2ae97ec783949676b4293a67b768e + revision: 08e9c35abbac94a735fbe08620d2234404cde73d branch: master specs: xdrgen (0.0.1) @@ -28,33 +30,48 @@ GIT GEM remote: https://rubygems.org/ specs: - activemodel (5.1.4) - activesupport (= 5.1.4) - activesupport (5.1.4) + activemodel (5.2.4.3) + activesupport (= 5.2.4.3) + activesupport (5.2.4.3) concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (~> 0.7) + i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) base32 (0.3.2) + citrus (3.0.2) coderay (1.1.2) - concurrent-ruby (1.0.5) + concurrent-ruby (1.1.6) contracts (0.16.0) - digest-crc (0.4.1) - ethon (0.11.0) + digest-crc (0.5.1) + ethon (0.12.0) ffi (>= 1.3.0) + excon (0.73.0) faraday (0.9.2) multipart-post (>= 1.2, < 3) + faraday-digestauth (0.4.1) + faraday (>= 0.7) + net-http-digest_auth (~> 1.4) + faraday_hal_middleware (0.1.1) + faraday_middleware (>= 0.9) faraday_middleware (0.9.2) faraday (>= 0.7.4, < 0.10) - ffi (1.9.21) - i18n (0.9.3) + ffi (1.12.2) + hyperclient (0.9.3) + addressable + faraday (>= 0.9.0) + faraday-digestauth (>= 0.3.0) + faraday_hal_middleware + faraday_middleware + net-http-digest_auth + i18n (1.8.2) concurrent-ruby (~> 1.0) memoist (0.11.0) method_source (0.9.0) - minitest (5.11.3) - multipart-post (2.0.0) + minitest (5.14.1) + multipart-post (2.1.1) + net-http-digest_auth (1.4.1) netrc (0.11.0) octokit (4.8.0) sawyer (~> 0.8.0, >= 0.5.3) @@ -65,32 +82,38 @@ GEM method_source (~> 0.9.0) public_suffix (3.0.1) rake (12.3.0) - rbnacl (5.0.0) + rbnacl (7.1.1) ffi - rbnacl-libsodium (1.0.16) - rbnacl (>= 3.0.1) sawyer (0.8.1) addressable (>= 2.3.5, < 2.6) faraday (~> 0.8, < 1.0) sequel (5.5.0) slop (3.6.0) - stellar-base (0.12.0) - activesupport (>= 4.2.7) + stellar-base (0.22.0) + activesupport (>= 5.0.0) base32 digest-crc - rbnacl - rbnacl-libsodium (~> 1.0.3) - xdr (~> 2.0.0) + rbnacl (>= 6.0) + xdr (~> 3.0.0) + stellar-sdk (0.8.0) + activesupport (>= 5.0) + contracts (~> 0.16) + excon (~> 0.44, >= 0.44.4) + hyperclient (~> 0.7) + stellar-base (>= 0.22.0) + toml-rb (~> 1.1, >= 1.1.1) thread_safe (0.3.6) + toml-rb (1.1.2) + citrus (~> 3.0, > 3.0) treetop (1.5.3) polyglot (~> 0.3) typhoeus (0.8.0) ethon (>= 0.8.0) - tzinfo (1.2.5) + tzinfo (1.2.7) thread_safe (~> 0.1) - xdr (2.0.0) - activemodel (>= 4.2.7) - activesupport (>= 4.2.7) + xdr (3.0.0) + activemodel (>= 5.2.0) + activesupport (>= 5.2.0) PLATFORMS ruby @@ -104,4 +127,4 @@ DEPENDENCIES xdrgen! BUNDLED WITH - 1.16.1 + 1.17.3