From 7a3a6f06f700cb200fb3dcf8a1eeace0bca4b24a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 23 Sep 2025 06:46:47 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-12878608 --- Gemfile | 4 ++-- Gemfile.lock | 65 +++++++++++++++++++++++++++++----------------------- 2 files changed, 38 insertions(+), 31 deletions(-) diff --git a/Gemfile b/Gemfile index 94b5375..ca0d94e 100644 --- a/Gemfile +++ b/Gemfile @@ -8,14 +8,14 @@ ruby RUBY_VERSION # bundle exec jekyll serve # -gem "jekyll", "4.2.2" +gem "jekyll", "4.3.0" # Fix development command "jekyll serve" # Can be removed when upgrading to Jekyll 4.3 gem "webrick", "~> 1.8", ">= 1.8.2" # This is the default theme for new Jekyll sites. You may change this to anything you like. -gem "minima", "~> 2.5", ">= 2.5.1" +gem "minima", "~> 2.5", ">= 2.5.2" # If you want to use GitHub Pages, remove the "gem "jekyll"" above and # uncomment the line below. To upgrade, run `bundle update github-pages`. diff --git a/Gemfile.lock b/Gemfile.lock index 63dd49b..66578ee 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,47 +1,52 @@ GEM remote: https://rubygems.org/ specs: - addressable (2.8.6) - public_suffix (>= 2.0.2, < 6.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) + bigdecimal (3.2.3) colorator (1.1.0) - concurrent-ruby (1.2.3) + concurrent-ruby (1.3.5) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) eventmachine (1.2.7) - ffi (1.16.3) + ffi (1.17.2) forwardable-extended (2.6.0) + google-protobuf (4.32.1) + bigdecimal + rake (>= 13) http_parser.rb (0.8.0) - i18n (1.14.5) + i18n (1.14.7) concurrent-ruby (~> 1.0) - jekyll (4.2.2) + jekyll (4.3.0) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) i18n (~> 1.0) - jekyll-sass-converter (~> 2.0) + jekyll-sass-converter (>= 2.0, < 4.0) jekyll-watch (~> 2.0) - kramdown (~> 2.3) + kramdown (~> 2.3, >= 2.3.1) kramdown-parser-gfm (~> 1.0) liquid (~> 4.0) - mercenary (~> 0.4.0) + mercenary (>= 0.3.6, < 0.5) pathutil (~> 0.9) - rouge (~> 3.0) + rouge (>= 3.0, < 5.0) safe_yaml (~> 1.0) - terminal-table (~> 2.0) + terminal-table (>= 1.8, < 4.0) + webrick (~> 1.7) jekyll-feed (0.17.0) jekyll (>= 3.7, < 5.0) jekyll-paginate (1.1.0) jekyll-redirect-from (0.16.0) jekyll (>= 3.3, < 5.0) - jekyll-sass-converter (2.2.0) - sassc (> 2.0.1, < 3.0) + jekyll-sass-converter (3.1.0) + sass-embedded (~> 1.75) jekyll-seo-tag (2.8.0) jekyll (>= 3.8, < 5.0) jekyll-watch (2.2.1) listen (~> 3.0) - kramdown (2.4.0) - rexml + kramdown (2.5.1) + rexml (>= 3.3.9) kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) liquid (4.0.4) @@ -49,39 +54,41 @@ GEM rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.4.0) - minima (2.5.1) + minima (2.5.2) jekyll (>= 3.5, < 5.0) jekyll-feed (~> 0.9) jekyll-seo-tag (~> 2.1) pathutil (0.16.2) forwardable-extended (~> 2.6) - public_suffix (5.0.5) + public_suffix (6.0.2) + rake (13.3.0) rb-fsevent (0.11.2) - rb-inotify (0.10.1) + rb-inotify (0.11.1) ffi (~> 1.0) - rexml (3.3.9) - rouge (3.30.0) + rexml (3.4.4) + rouge (4.6.0) safe_yaml (1.0.5) - sassc (2.4.0) - ffi (~> 1.9) - terminal-table (2.0.0) - unicode-display_width (~> 1.1, >= 1.1.1) - unicode-display_width (1.8.0) + sass-embedded (1.93.1) + google-protobuf (~> 4.31) + rake (>= 13) + terminal-table (3.0.2) + unicode-display_width (>= 1.1.1, < 3) + unicode-display_width (2.6.0) webrick (1.8.2) PLATFORMS ruby DEPENDENCIES - jekyll (= 4.2.2) + jekyll (= 4.3.0) jekyll-feed (~> 0.16, >= 0.16.0) jekyll-paginate jekyll-redirect-from - minima (~> 2.5, >= 2.5.1) + minima (~> 2.5, >= 2.5.2) webrick (~> 1.8, >= 1.8.2) RUBY VERSION - ruby 2.7.8p225 + ruby 3.1.3p185 BUNDLED WITH - 2.1.4 + 2.3.26