From 783bdc34896f5c4808d788fe1bf1b947668fd4cd Mon Sep 17 00:00:00 2001 From: Nick Adams Date: Tue, 6 Dec 2022 11:26:19 -0500 Subject: [PATCH] updating Gems to address vulnerability --- Gemfile | 29 ++++---- Gemfile.lock | 199 ++++++++++++++++++++++++--------------------------- 2 files changed, 111 insertions(+), 117 deletions(-) diff --git a/Gemfile b/Gemfile index 835a25d..6a9108d 100644 --- a/Gemfile +++ b/Gemfile @@ -1,18 +1,23 @@ source 'https://rubygems.org' -ruby '2.3.3' +ruby '2.7.6' # Specify your gem's dependencies in atlas_assets.gemspec gemspec -gem "rake", "~> 10.0.4" -gem "jekyll", "~> 2.0" -gem "sass", "~> 3.2.9" -gem 'jekyll-assets' -gem 'coffee-script' -gem 'rack-contrib', "~> 1.1.0" -gem "rack-rewrite", "~> 1.3.3" +gem "rake", "~> 13.0.0" +gem "jekyll", "~> 3.0" +gem "sass" +gem "jekyll-assets", "~> 2.0.0" +gem "coffee-script", "~> 2.4.1" +gem 'rack-contrib' +gem "rack-rewrite" gem "pygmentize", "~> 0.0.3" -gem "kramdown", "~> 1.3" -gem "coderay", "~> 1.0.9" -gem "puma", "~> 3.11.0" -gem "eco" +gem "kramdown" +gem "coderay", "~> 1.1.3" +gem "puma", "~> 4.3.11" +gem "eco", "~> 1.0.0" +gem "sprockets" +gem "liquid" +gem "rack", "~> 2.1.4" +gem "kramdown-parser-gfm" +gem "kramdown-syntax-coderay" \ No newline at end of file diff --git a/Gemfile.lock b/Gemfile.lock index 4dd8b88..fb82593 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,144 +1,133 @@ PATH remote: . specs: - atlas_assets (0.8.13) + atlas_assets (0.8.14) handlebars_assets (= 0.23.1) GEM remote: https://rubygems.org/ specs: - addressable (2.3.8) - blankslate (2.1.2.4) - classifier-reborn (2.2.0) - fast-stemmer (~> 1.0) - coderay (1.0.9) + addressable (2.8.1) + public_suffix (>= 2.0.2, < 6.0) + coderay (1.1.3) coffee-script (2.4.1) coffee-script-source execjs - coffee-script-source (1.11.1) - colorator (0.1) - concurrent-ruby (1.0.5) + coffee-script-source (1.12.2) + colorator (1.1.0) + concurrent-ruby (1.1.10) eco (1.0.0) coffee-script eco-source execjs eco-source (1.1.0.rc.1) - execjs (2.7.0) - faraday (0.14.0) - multipart-post (>= 1.2, < 3) - fast-stemmer (1.0.2) - fastimage (1.9.0) - addressable (~> 2.3.5) - ffi (1.9.23) + em-websocket (0.5.3) + eventmachine (>= 0.12.9) + http_parser.rb (~> 0) + eventmachine (1.2.7) + execjs (2.8.1) + fastimage (1.8.1) + addressable (~> 2.3, >= 2.3.5) + ffi (1.15.5) + forwardable-extended (2.6.0) handlebars_assets (0.23.1) execjs (~> 2.0) multi_json (~> 1.0) sprockets (>= 2.0.0) tilt (>= 1.2) - hike (1.2.3) - jekyll (2.5.3) - classifier-reborn (~> 2.0) - colorator (~> 0.1) - jekyll-coffeescript (~> 1.0) - jekyll-gist (~> 1.0) - jekyll-paginate (~> 1.0) + http_parser.rb (0.8.0) + i18n (0.9.5) + concurrent-ruby (~> 1.0) + jekyll (3.9.2) + addressable (~> 2.4) + colorator (~> 1.0) + em-websocket (~> 0.5) + i18n (~> 0.7) jekyll-sass-converter (~> 1.0) - jekyll-watch (~> 1.1) - kramdown (~> 1.3) - liquid (~> 2.6.1) + jekyll-watch (~> 2.0) + kramdown (>= 1.17, < 3) + liquid (~> 4.0) mercenary (~> 0.3.3) - pygments.rb (~> 0.6.0) - redcarpet (~> 3.1) + pathutil (~> 0.9) + rouge (>= 1.7, < 4) safe_yaml (~> 1.0) - toml (~> 0.1.0) - jekyll-assets (1.0.0) - fastimage (~> 1.6) - jekyll (>= 2) - mini_magick (~> 4.1) - sass (~> 3.2) - sprockets (~> 2.10) - sprockets-helpers - sprockets-sass - jekyll-coffeescript (1.1.1) - coffee-script (~> 2.2) - coffee-script-source (~> 1.11.1) - jekyll-gist (1.5.0) - octokit (~> 4.2) - jekyll-paginate (1.1.0) - jekyll-sass-converter (1.3.0) - sass (~> 3.2) - jekyll-watch (1.5.1) + jekyll-assets (2.0.3) + fastimage (~> 1.8) + jekyll (~> 3.0) + sprockets (~> 3.3) + sprockets-helpers (~> 1.2) + jekyll-sass-converter (1.5.2) + sass (~> 3.4) + jekyll-watch (2.2.1) listen (~> 3.0) - kramdown (1.16.2) - liquid (2.6.3) - listen (3.1.5) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - ruby_dep (~> 1.2) + kramdown (2.4.0) + rexml + kramdown-parser-gfm (1.1.0) + kramdown (~> 2.0) + kramdown-syntax-coderay (1.0.1) + coderay (~> 1.1) + kramdown (~> 2.0) + liquid (4.0.3) + listen (3.7.1) + rb-fsevent (~> 0.10, >= 0.10.3) + rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.3.6) - mini_magick (4.8.0) - multi_json (1.13.1) - multipart-post (2.0.0) - octokit (4.8.0) - sawyer (~> 0.8.0, >= 0.5.3) - parslet (1.5.0) - blankslate (~> 2.0) - posix-spawn (0.3.13) - puma (3.11.2) + multi_json (1.15.0) + nio4r (2.5.8) + pathutil (0.16.2) + forwardable-extended (~> 2.6) + public_suffix (5.0.0) + puma (4.3.12) + nio4r (~> 2.0) pygmentize (0.0.3) - pygments.rb (0.6.3) - posix-spawn (~> 0.3.6) - yajl-ruby (~> 1.2.0) - rack (1.6.9) - rack-contrib (1.1.0) - rack (>= 0.9.1) - rack-rewrite (1.3.3) - rake (10.0.4) - rb-fsevent (0.10.2) - rb-inotify (0.9.10) - ffi (>= 0.5.0, < 2) - redcarpet (3.4.0) - ruby_dep (1.5.0) - safe_yaml (1.0.4) - sass (3.2.19) - sawyer (0.8.1) - addressable (>= 2.3.5, < 2.6) - faraday (~> 0.8, < 1.0) - sprockets (2.12.4) - hike (~> 1.2) - multi_json (~> 1.0) - rack (~> 1.0) - tilt (~> 1.1, != 1.3.0) - sprockets-helpers (1.2.1) + rack (2.1.4.1) + rack-contrib (2.3.0) + rack (~> 2.0) + rack-rewrite (1.5.1) + rake (13.0.6) + rb-fsevent (0.11.2) + rb-inotify (0.10.1) + ffi (~> 1.0) + rexml (3.2.5) + rouge (3.30.0) + safe_yaml (1.0.5) + sass (3.7.4) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) + sprockets (3.7.2) + concurrent-ruby (~> 1.0) + rack (> 1, < 3) + sprockets-helpers (1.4.0) sprockets (>= 2.2) - sprockets-sass (1.3.1) - sprockets (~> 2.0) - tilt (~> 1.1) - tilt (1.4.1) - toml (0.1.2) - parslet (~> 1.5.0) - yajl-ruby (1.2.3) + tilt (2.0.11) PLATFORMS ruby DEPENDENCIES atlas_assets! - coderay (~> 1.0.9) - coffee-script - eco - jekyll (~> 2.0) - jekyll-assets - kramdown (~> 1.3) - puma (~> 3.11.0) + coderay (~> 1.1.3) + coffee-script (~> 2.4.1) + eco (~> 1.0.0) + jekyll (~> 3.0) + jekyll-assets (~> 2.0.0) + kramdown + kramdown-parser-gfm + kramdown-syntax-coderay + liquid + puma (~> 4.3.11) pygmentize (~> 0.0.3) - rack-contrib (~> 1.1.0) - rack-rewrite (~> 1.3.3) - rake (~> 10.0.4) - sass (~> 3.2.9) + rack (~> 2.1.4) + rack-contrib + rack-rewrite + rake (~> 13.0.0) + sass + sprockets RUBY VERSION - ruby 2.3.3p222 + ruby 2.7.6p219 BUNDLED WITH - 1.15.4 + 2.3.26