[Snyk] Fix for 1 vulnerabilities (#3688)

* fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-TZINFO-2958048 * Update Gemfile.lock Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>
bigbluebutton · Jul 25, 2022 · 2793114 · 2793114
1 parent e564d90
commit 2793114
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 23 deletions.
diff --git a/Gemfile b/Gemfile
@@ -20,7 +20,7 @@ gem 'font-awesome-sass', '~> 5.9.0'
 gem 'google-cloud-storage', '~> 1.30.0'
 gem 'http_accept_language', '~> 2.1.1'
 gem 'i18n-language-mapping', '~> 0.1.3.1'
-gem 'jbuilder', '~> 2.11.2'
+gem 'jbuilder', '~> 2.11.5'
 gem 'jquery-rails', '~> 4.4.0'
 gem 'jquery-ui-rails', '~> 6.0.1'
 gem 'local_time', '~> 2.1.0'
@@ -47,35 +47,35 @@ gem 'sprockets', '~> 3.7.2'
 gem 'sqlite3', '~> 1.3.6'
 gem 'tabler-rubygem', git: 'https://github.com/blindsidenetworks/tabler-rubygem.git', tag: '0.1.4.1'
 gem 'turbolinks', '~> 5.2.1'
-gem 'tzinfo-data', '~> 1.2021.1'
+gem 'tzinfo-data', '~> 1.2021.5'
 gem 'uglifier', '~> 4.2.0'
 
 group :production do
   gem 'hiredis', '~> 0.6.3'
-  gem "lograge", '~> 0.11.2'
+  gem "lograge", "~> 0.11.2"
   gem 'pg', '~> 0.18'
   gem 'redis', '~> 4.2.5'
   gem 'sequel', '~> 5.41.0'
 end
 
 group :development, :test do
   gem 'byebug', '~> 11.1', platform: :mri
-  gem 'dotenv-rails', '~> 2.7'
+  gem 'dotenv-rails', '~> 2.7', '>= 2.7.6'
 end
 
 group :test do
-  gem 'action-cable-testing', '~> 0.6'
-  gem "factory_bot_rails", '~> 6.1'
+  gem 'action-cable-testing', '~> 0.6', '>= 0.6.1'
+  gem "factory_bot_rails", "~> 6.2", ">= 6.2.0"
   gem 'faker', '~> 2.16'
-  gem 'rails-controller-testing', '~> 1.0'
-  gem 'rspec-rails', '~> 3.7'
-  gem 'shoulda-matchers', '~> 3.1'
+  gem 'rails-controller-testing', '~> 1.0', '>= 1.0.5'
+  gem 'rspec-rails', '~> 3.9', '>= 3.9.1'
+  gem 'shoulda-matchers', '~> 3.1', '>= 3.1.3'
   gem 'webmock', '~> 3.11'
 end
 
 group :development do
   gem 'listen', '~> 3.0'
   gem 'spring', '~> 2.1'
   gem 'spring-watcher-listen', '~> 2.0'
-  gem 'web-console', '~> 3.7'
+  gem 'web-console', '~> 3.7', '>= 3.7.0'
 end
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -208,7 +208,7 @@ GEM
     jquery-ui-rails (6.0.1)
       railties (>= 3.2.16)
     json (2.6.2)
-    json-jwt (1.13.0)
+    json-jwt (1.14.0)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
@@ -305,13 +305,13 @@ GEM
       nio4r (~> 2.0)
     racc (1.6.0)
     rack (2.2.4)
-    rack-oauth2 (1.19.0)
+    rack-oauth2 (1.21.2)
       activesupport
       attr_required
       httpclient
       json-jwt (>= 1.11.0)
       rack (>= 2.1.0)
-    rack-protection (2.2.0)
+    rack-protection (2.2.1)
       rack
     rack-test (2.0.2)
       rack (>= 1.3)
@@ -439,7 +439,7 @@ GEM
       tins (~> 1.0)
     thor (1.2.1)
     thread_safe (0.3.6)
-    tilt (2.0.10)
+    tilt (2.0.11)
     tins (1.31.1)
       sync
     trailblazer-option (0.1.2)
@@ -483,7 +483,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  action-cable-testing (~> 0.6)
+  action-cable-testing (~> 0.6, >= 0.6.1)
   aws-sdk-s3 (~> 1.88.1)
   bcrypt (~> 3.1.7)
   bigbluebutton-api-ruby (~> 1.9)
@@ -493,15 +493,15 @@ DEPENDENCIES
   byebug (~> 11.1)
   cancancan (~> 2.3.0)
   coveralls (~> 0.8.23)
-  dotenv-rails (~> 2.7)
-  factory_bot_rails (~> 6.1)
+  dotenv-rails (~> 2.7, >= 2.7.6)
+  factory_bot_rails (~> 6.2, >= 6.2.0)
   faker (~> 2.16)
   font-awesome-sass (~> 5.9.0)
   google-cloud-storage (~> 1.30.0)
   hiredis (~> 0.6.3)
   http_accept_language (~> 2.1.1)
   i18n-language-mapping (~> 0.1.3.1)
-  jbuilder (~> 2.11.2)
+  jbuilder (~> 2.11.5)
   jquery-rails (~> 4.4.0)
   jquery-ui-rails (~> 6.0.1)
   listen (~> 3.0)
@@ -520,25 +520,25 @@ DEPENDENCIES
   pluck_to_hash (~> 1.0.2)
   puma (~> 4.3.12)
   rails (~> 5.2.8.1)
-  rails-controller-testing (~> 1.0)
+  rails-controller-testing (~> 1.0, >= 1.0.5)
   random_password (~> 0.1.1)
   recaptcha (~> 5.7.0)
   redcarpet (~> 3.5.1)
   redis (~> 4.2.5)
   remote_syslog_logger (~> 1.0.4)
   repost (~> 0.3.8)
-  rspec-rails (~> 3.7)
+  rspec-rails (~> 3.9, >= 3.9.1)
   rubocop (~> 1.10.0)
   sassc-rails (~> 2.1.2)
   sequel (~> 5.41.0)
-  shoulda-matchers (~> 3.1)
+  shoulda-matchers (~> 3.1, >= 3.1.3)
   spring (~> 2.1)
   spring-watcher-listen (~> 2.0)
   sprockets (~> 3.7.2)
   sqlite3 (~> 1.3.6)
   tabler-rubygem!
   turbolinks (~> 5.2.1)
-  tzinfo-data (~> 1.2021.1)
+  tzinfo-data (~> 1.2021.5)
   uglifier (~> 4.2.0)
-  web-console (~> 3.7)
+  web-console (~> 3.7, >= 3.7.0)
   webmock (~> 3.11)