Skip to content

Commit

Permalink
adds security fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@tochman
tochman committed Jul 3, 2018
1 parent 3af8980 commit c0fb83f
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 23 deletions.
6 changes: 6 additions & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,3 +25,9 @@ end
group :production do
gem 'rails_12factor'
end

# Fixes
gem 'loofah', '~> 2.2.1'
gem 'rails-html-sanitizer', '~> 1.0.4'
gem 'sprockets', '~> 3.7.2'

49 changes: 26 additions & 23 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,17 +39,17 @@ GEM
minitest (~> 5.1)
tzinfo (~> 1.1)
arel (8.0.0)
autoprefixer-rails (8.0.0)
autoprefixer-rails (8.6.4)
execjs
bcrypt (3.1.11)
bcrypt (3.1.12)
binding_of_caller (0.8.0)
debug_inspector (>= 0.0.1)
bootstrap-sass (3.3.7)
autoprefixer-rails (>= 5.2.1)
sass (>= 3.3.4)
builder (3.2.3)
byebug (10.0.0)
carrierwave (1.2.2)
byebug (10.0.2)
carrierwave (1.2.3)
activemodel (>= 4.0.0)
activesupport (>= 4.0.0)
mime-types (>= 1.16)
Expand All @@ -66,29 +66,29 @@ GEM
execjs
coffee-script-source (1.12.2)
concurrent-ruby (1.0.5)
crass (1.0.3)
crass (1.0.4)
debug_inspector (0.0.3)
devise (4.4.1)
devise (4.4.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0, < 5.2)
railties (>= 4.1.0, < 6.0)
responders
warden (~> 1.2.3)
erubi (1.7.0)
erubi (1.7.1)
execjs (2.7.0)
ffi (1.9.21)
ffi (1.9.25)
globalid (0.4.1)
activesupport (>= 4.2.0)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
jbuilder (2.7.0)
activesupport (>= 4.2.0)
multi_json (>= 1.2)
jquery-rails (4.3.1)
jquery-rails (4.3.3)
rails-dom-testing (>= 1, < 3)
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
loofah (2.2.0)
loofah (2.2.2)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.0)
Expand All @@ -104,8 +104,8 @@ GEM
mini_portile2 (2.3.0)
minitest (5.11.3)
multi_json (1.13.1)
nio4r (2.2.0)
nokogiri (1.8.2)
nio4r (2.3.1)
nokogiri (1.8.3)
mini_portile2 (~> 2.3.0)
orm_adapter (0.5.0)
pg (0.21.0)
Expand All @@ -115,9 +115,9 @@ GEM
pry-byebug (3.6.0)
byebug (~> 10.0)
pry (~> 0.10)
puma (3.11.2)
rack (2.0.4)
rack-test (0.8.2)
puma (3.11.4)
rack (2.0.5)
rack-test (1.0.0)
rack (>= 1.0, < 3)
rails (5.1.5)
actioncable (= 5.1.5)
Expand All @@ -134,8 +134,8 @@ GEM
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
rails-html-sanitizer (1.0.4)
loofah (~> 2.2, >= 2.2.2)
rails_12factor (0.0.3)
rails_serve_static_assets
rails_stdout_logging
Expand All @@ -148,13 +148,13 @@ GEM
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (11.3.0)
rb-fsevent (0.10.2)
rb-fsevent (0.10.3)
rb-inotify (0.9.10)
ffi (>= 0.5.0, < 2)
responders (2.4.0)
actionpack (>= 4.2.0, < 5.3)
railties (>= 4.2.0, < 5.3)
sass (3.5.5)
sass (3.5.6)
sass-listen (~> 4.0.0)
sass-listen (4.0.0)
rb-fsevent (~> 0.9, >= 0.9.4)
Expand All @@ -167,7 +167,7 @@ GEM
tilt (>= 1.1, < 3)
spring (2.0.2)
activesupport (>= 4.2)
sprockets (3.7.1)
sprockets (3.7.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
Expand All @@ -177,12 +177,12 @@ GEM
thor (0.20.0)
thread_safe (0.3.6)
tilt (2.0.8)
turbolinks (5.1.0)
turbolinks (5.1.1)
turbolinks-source (~> 5.1)
turbolinks-source (5.1.0)
tzinfo (1.2.5)
thread_safe (~> 0.1)
uglifier (4.1.6)
uglifier (4.1.14)
execjs (>= 0.3.0, < 3)
warden (1.2.7)
rack (>= 1.0)
Expand All @@ -204,15 +204,18 @@ DEPENDENCIES
devise
jbuilder (~> 2.0)
jquery-rails
loofah (~> 2.2.1)
mailboxer
pg (~> 0.15)
pry-byebug
puma (~> 3.7)
rails (= 5.1.5)
rails-html-sanitizer (~> 1.0.4)
rails_12factor
rake (~> 11.1, >= 11.1.2)
sass-rails (~> 5.0)
spring
sprockets (~> 3.7.2)
turbolinks
uglifier (>= 1.3.0)
web-console (~> 2.0)
Expand Down

0 comments on commit c0fb83f

Please sign in to comment.