From 7c4a085d02beeea518ec772422345556d7c6d844 Mon Sep 17 00:00:00 2001 From: Nikita Acharya Date: Wed, 30 Oct 2019 22:20:28 -0400 Subject: [PATCH] Upgrade vulnerable gems --- .ruby-version | 2 +- Gemfile | 2 +- Gemfile.lock | 388 ++++++++++++++++++++++++-------------------------- 3 files changed, 190 insertions(+), 202 deletions(-) diff --git a/.ruby-version b/.ruby-version index cc6612c..e46a05b 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.3.0 \ No newline at end of file +2.6.4 \ No newline at end of file diff --git a/Gemfile b/Gemfile index 21aae92..2973b7b 100644 --- a/Gemfile +++ b/Gemfile @@ -9,7 +9,7 @@ gem 'grape' gem 'grape-activerecord' gem 'grape-entity' -gem 'honeybadger', '~> 2.3' +gem 'honeybadger' gem 'httparty' gem 'hutch' diff --git a/Gemfile.lock b/Gemfile.lock index 538f38e..5dcc6b3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,305 +8,290 @@ GIT GEM remote: https://rubygems.org/ specs: - actionpack (4.2.6) - actionview (= 4.2.6) - activesupport (= 4.2.6) - rack (~> 1.6) - rack-test (~> 0.6.2) - rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.6) - activesupport (= 4.2.6) + actionview (4.2.11.1) + activesupport (= 4.2.11.1) builder (~> 3.1) erubis (~> 2.7.0) rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - activemodel (4.2.6) - activesupport (= 4.2.6) + rails-html-sanitizer (~> 1.0, >= 1.0.3) + activemodel (4.2.11.1) + activesupport (= 4.2.11.1) builder (~> 3.1) - activerecord (4.2.6) - activemodel (= 4.2.6) - activesupport (= 4.2.6) + activerecord (4.2.11.1) + activemodel (= 4.2.11.1) + activesupport (= 4.2.11.1) arel (~> 6.0) - activesupport (4.2.6) + activesupport (4.2.11.1) i18n (~> 0.7) - json (~> 1.7, >= 1.7.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) - amq-protocol (2.0.1) - annotate (2.7.0) - activerecord (>= 3.2, < 6.0) - rake (~> 10.4) - api-pagination (4.3.0) - arel (6.0.3) - ast (2.2.0) - awesome_print (1.6.1) + airbrussh (1.4.0) + sshkit (>= 1.6.1, != 1.7.0) + amq-protocol (2.3.0) + annotate (2.6.5) + activerecord (>= 2.3.0) + rake (>= 0.8.7) + api-pagination (4.8.2) + arel (6.0.4) + ast (2.4.0) + awesome_print (1.8.0) axiom-types (0.1.1) descendants_tracker (~> 0.0.4) ice_nine (~> 0.11.0) thread_safe (~> 0.3, >= 0.3.1) bond (0.5.1) - brakeman (3.2.1) - erubis (~> 2.6) - haml (>= 3.0, < 5.0) - highline (>= 1.6.20, < 2.0) - ruby2ruby (~> 2.3.0) - ruby_parser (~> 3.8.1) - safe_yaml (>= 1.0) - sass (~> 3.0) - slim (>= 1.3.6, < 4.0) - terminal-table (~> 1.4) - builder (3.2.2) - bunny (2.3.0) - amq-protocol (>= 2.0.1) - byebug (8.2.2) - capistrano (3.4.0) + brakeman (4.7.1) + builder (3.2.3) + bunny (2.14.3) + amq-protocol (~> 2.3, >= 2.3.0) + byebug (11.0.1) + capistrano (3.11.2) + airbrussh (>= 1.0.0) i18n rake (>= 10.0.0) - sshkit (~> 1.3) - capistrano-bundler (1.1.4) + sshkit (>= 1.9.0) + capistrano-bundler (1.6.0) capistrano (~> 3.1) - sshkit (~> 1.2) capistrano-chruby (0.1.2) capistrano (~> 3.0) sshkit (~> 1.3) carrot-top (0.0.7) json - coderay (1.1.1) + coderay (1.1.2) coercible (1.0.0) descendants_tracker (~> 0.0.1) - colorize (0.7.7) - concurrent-ruby (1.0.1) - connection_pool (2.2.0) - daemons (1.2.3) - database_cleaner (1.5.1) + colorize (0.8.1) + concurrent-ruby (1.1.5) + connection_pool (2.2.2) + crass (1.0.5) + daemons (1.3.1) + database_cleaner (1.7.0) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) - diff-lcs (1.2.5) - docile (1.1.5) + diff-lcs (1.3) + docile (1.3.2) equalizer (0.0.11) erubis (2.7.0) - eventmachine (1.2.0.1) - factory_girl (4.5.0) + eventmachine (1.2.7) + factory_girl (4.9.0) activesupport (>= 3.0.0) - faker (1.6.3) - i18n (~> 0.5) - ffi (1.9.10) + faker (2.2.1) + i18n (>= 0.8) + ffi (1.11.1) formatador (0.2.5) - git-version-bump (0.15.1) - grape (0.15.0) + grape (0.19.2) activesupport builder hashie (>= 2.1.0) multi_json (>= 1.3.2) multi_xml (>= 0.5.2) + mustermann-grape (~> 1.0.0) rack (>= 1.3.0) rack-accept - rack-mount virtus (>= 1.0.0) - grape-activerecord (2.0.0) - activerecord (~> 4.0) - grape (~> 0.1) - hashie-forbidden_attributes (~> 0.1.1) - grape-entity (0.5.0) - activesupport + grape-activerecord (2.2.0) + otr-activerecord (~> 1.0) + grape-entity (0.7.1) + activesupport (>= 4.0) multi_json (>= 1.3.2) grape_doc (0.2.1) grape (~> 0.2, >= 0.2.1) json (~> 1.7, >= 1.7.4) trollop (~> 2.0) - guard (2.13.0) + guard (2.15.1) formatador (>= 0.2.4) - listen (>= 2.7, <= 4.0) - lumberjack (~> 1.0) + listen (>= 2.7, < 4.0) + lumberjack (>= 1.0.12, < 2.0) nenv (~> 0.1) notiffany (~> 0.0) pry (>= 0.9.12) shellany (~> 0.0) thor (>= 0.18.1) guard-compat (1.2.1) - guard-rspec (4.6.4) + guard-rspec (4.7.3) guard (~> 2.1) guard-compat (~> 1.1) rspec (>= 2.99.0, < 4.0) - haml (4.0.7) - tilt - hashie (3.4.3) + hashie (4.0.0) hashie-forbidden_attributes (0.1.1) hashie (>= 3.0) - highline (1.7.8) - hipchat (1.5.3) + hipchat (1.6.0) httparty mimemagic - honeybadger (2.5.3) - httparty (0.13.7) - json (~> 1.8) + honeybadger (4.5.2) + httparty (0.17.1) + mime-types (~> 3.0) multi_xml (>= 0.5.2) - hutch (0.21.0) - activesupport (>= 3.0) - bunny (>= 2.2.2) + hutch (0.27.0) + activesupport (>= 4.2, < 7) + bunny (>= 2.13, < 2.15) carrot-top (~> 0.0.7) - multi_json (~> 1.11.2) - i18n (0.7.0) + multi_json (~> 1.12) + i18n (0.9.5) + concurrent-ruby (~> 1.0) ice_nine (0.11.2) - json (1.8.3) - kaminari (0.16.3) - actionpack (>= 3.0.0) - activesupport (>= 3.0.0) - kgio (2.10.0) - listen (3.0.6) - rb-fsevent (>= 0.9.3) - rb-inotify (>= 0.9.7) - loofah (2.0.3) + jaro_winkler (1.5.4) + json (1.8.6) + kaminari (1.1.1) + activesupport (>= 4.1.0) + kaminari-actionview (= 1.1.1) + kaminari-activerecord (= 1.1.1) + kaminari-core (= 1.1.1) + kaminari-actionview (1.1.1) + actionview + kaminari-core (= 1.1.1) + kaminari-activerecord (1.1.1) + activerecord + kaminari-core (= 1.1.1) + kaminari-core (1.1.1) + kgio (2.11.2) + listen (3.2.0) + rb-fsevent (~> 0.10, >= 0.10.3) + rb-inotify (~> 0.9, >= 0.9.10) + loofah (2.3.1) + crass (~> 1.0.2) nokogiri (>= 1.5.9) - lumberjack (1.0.10) - method_source (0.8.2) - mimemagic (0.3.1) - mini_portile2 (2.0.0) - minitest (5.8.4) - multi_json (1.11.2) - multi_xml (0.5.5) + lumberjack (1.0.13) + method_source (0.9.2) + mime-types (3.3) + mime-types-data (~> 3.2015) + mime-types-data (3.2019.1009) + mimemagic (0.3.3) + mini_portile2 (2.4.0) + minitest (5.13.0) + multi_json (1.14.1) + multi_xml (0.6.0) + mustermann (1.0.3) + mustermann-grape (1.0.0) + mustermann (~> 1.0.0) nenv (0.3.0) - net-scp (1.2.1) - net-ssh (>= 2.6.5) - net-ssh (3.0.2) + net-scp (2.0.0) + net-ssh (>= 2.6.5, < 6.0.0) + net-ssh (5.2.0) newrelic-grape (2.1.0) grape newrelic_rpm newrelic-redis (2.0.2) newrelic_rpm (~> 3.11) redis (< 4.0) - newrelic_rpm (3.15.0.314) - nokogiri (1.6.7.2) - mini_portile2 (~> 2.0.0.rc2) - notiffany (0.0.8) + newrelic_rpm (3.18.1.330) + nokogiri (1.10.4) + mini_portile2 (~> 2.4.0) + notiffany (0.1.3) nenv (~> 0.1) shellany (~> 0.0) - parser (2.3.0.6) - ast (~> 2.2) - pg (0.18.4) - powerpack (0.1.1) - pry (0.10.3) + otr-activerecord (1.4.1) + activerecord (>= 4.0, < 6.1) + hashie-forbidden_attributes (~> 0.1) + parallel (1.18.0) + parser (2.6.5.0) + ast (~> 2.4.0) + pg (1.1.4) + pry (0.12.2) coderay (~> 1.1.0) - method_source (~> 0.8.1) - slop (~> 3.4) - pry-byebug (3.3.0) - byebug (~> 8.0) + method_source (~> 0.9.0) + pry-byebug (3.7.0) + byebug (~> 11.0) pry (~> 0.10) - rack (1.6.4) + rack (2.0.7) rack-accept (0.4.5) rack (>= 0.4) - rack-contrib (1.4.0) - git-version-bump (~> 0.15) - rack (~> 1.4) - rack-cors (0.4.0) - rack-mount (0.8.3) - rack (>= 1.0.0) - rack-protection (1.5.3) + rack-contrib (2.1.0) + rack (~> 2.0) + rack-cors (1.0.3) + rack-protection (2.0.7) rack - rack-test (0.6.3) - rack (>= 1.0) - rack-utf8_sanitizer (1.3.2) + rack-test (1.1.0) + rack (>= 1.0, < 3) + rack-utf8_sanitizer (1.6.0) rack (>= 1.0, < 3.0) rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.7) - activesupport (>= 4.2.0.beta, < 5.0) - nokogiri (~> 1.6.0) + rails-dom-testing (1.0.9) + activesupport (>= 4.2.0, < 5.0) + nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.0.3) - loofah (~> 2.0) - rainbow (2.1.0) - raindrops (0.16.0) - rake (10.5.0) - rb-fsevent (0.9.7) - rb-inotify (0.9.7) - ffi (>= 0.5.0) - redis (3.2.2) + rails-html-sanitizer (1.3.0) + loofah (~> 2.3) + rainbow (3.0.0) + raindrops (0.19.0) + rake (13.0.0) + rb-fsevent (0.10.3) + rb-inotify (0.10.0) + ffi (~> 1.0) + redis (3.3.5) ripl (0.7.1) bond (~> 0.5.1) ripl-multi_line (0.3.1) ripl (>= 0.3.6) - ripl-rack (0.2.1) + ripl-rack (0.2.0) rack (>= 1.0) - rack-test (~> 0.6.2) - ripl (>= 0.7.0) - rspec (3.4.0) - rspec-core (~> 3.4.0) - rspec-expectations (~> 3.4.0) - rspec-mocks (~> 3.4.0) - rspec-core (3.4.4) - rspec-support (~> 3.4.0) - rspec-expectations (3.4.0) + rack-test (>= 0.5) + ripl (>= 0.3.5) + rspec (3.9.0) + rspec-core (~> 3.9.0) + rspec-expectations (~> 3.9.0) + rspec-mocks (~> 3.9.0) + rspec-core (3.9.0) + rspec-support (~> 3.9.0) + rspec-expectations (3.9.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.4.0) - rspec-mocks (3.4.1) + rspec-support (~> 3.9.0) + rspec-mocks (3.9.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.4.0) - rspec-support (3.4.1) - rubocop (0.38.0) - parser (>= 2.3.0.6, < 3.0) - powerpack (~> 0.1) - rainbow (>= 1.99.1, < 3.0) + rspec-support (~> 3.9.0) + rspec-support (3.9.0) + rubocop (0.76.0) + jaro_winkler (~> 1.5.1) + parallel (~> 1.10) + parser (>= 2.6) + rainbow (>= 2.2.2, < 4.0) ruby-progressbar (~> 1.7) - unicode-display_width (~> 1.0, >= 1.0.1) - ruby-progressbar (1.7.5) - ruby2ruby (2.3.0) - ruby_parser (~> 3.1) - sexp_processor (~> 4.0) - ruby_parser (3.8.1) - sexp_processor (~> 4.1) - safe_yaml (1.0.4) - sass (3.4.21) - sexp_processor (4.7.0) + unicode-display_width (>= 1.4.0, < 1.7) + ruby-progressbar (1.10.1) shellany (0.0.1) - shotgun (0.9.1) + shotgun (0.9.2) rack (>= 1.0) - shoulda-matchers (3.1.1) - activesupport (>= 4.0.0) - sidekiq (4.1.1) - concurrent-ruby (~> 1.0) - connection_pool (~> 2.2, >= 2.2.0) - redis (~> 3.2, >= 3.2.1) - simplecov (0.11.2) - docile (~> 1.1.0) - json (~> 1.8) + shoulda-matchers (4.1.2) + activesupport (>= 4.2.0) + sidekiq (5.2.7) + connection_pool (~> 2.2, >= 2.2.2) + rack (>= 1.5.0) + rack-protection (>= 1.5.0) + redis (>= 3.3.5, < 5) + simplecov (0.17.1) + docile (~> 1.1) + json (>= 1.8, < 3) simplecov-html (~> 0.10.0) - simplecov-html (0.10.0) - sinatra (1.4.7) - rack (~> 1.5) - rack-protection (~> 1.4) - tilt (>= 1.3, < 3) - slim (3.0.6) - temple (~> 0.7.3) - tilt (>= 1.3.3, < 2.1) - slop (3.6.0) - sshkit (1.9.0) + simplecov-html (0.10.2) + sinatra (2.0.7) + mustermann (~> 1.0) + rack (~> 2.0) + rack-protection (= 2.0.7) + tilt (~> 2.0) + sshkit (1.20.0) net-scp (>= 1.1.2) net-ssh (>= 2.8.0) - temple (0.7.6) - terminal-table (1.5.2) - thin (1.6.4) + thin (1.7.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) - rack (~> 1.0) - thor (0.19.1) - thread_safe (0.3.5) - tilt (2.0.2) - timecop (0.8.0) - trollop (2.1.2) + rack (>= 1, < 3) + thor (0.20.3) + thread_safe (0.3.6) + tilt (2.0.10) + timecop (0.9.1) + trollop (2.9.9) tux (0.3.0) ripl (>= 0.3.5) ripl-multi_line (>= 0.2.4) ripl-rack (>= 0.2.0) sinatra (>= 1.2.1) - tzinfo (1.2.2) + tzinfo (1.2.5) thread_safe (~> 0.1) - unicode-display_width (1.0.2) - unicorn (5.0.1) + unicode-display_width (1.6.0) + unicorn (5.5.1) kgio (~> 2.6) - rack raindrops (~> 0.7) virtus (1.0.5) axiom-types (~> 0.1) @@ -337,7 +322,7 @@ DEPENDENCIES guard guard-rspec hipchat - honeybadger (~> 2.3) + honeybadger httparty hutch json @@ -366,5 +351,8 @@ DEPENDENCIES tux unicorn +RUBY VERSION + ruby 2.6.4p104 + BUNDLED WITH - 1.11.2 + 1.17.2