Skip to content
This repository has been archived by the owner on Jun 28, 2024. It is now read-only.

Commit

Permalink
fix: Gemfile to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274386
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274388
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274383
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274384
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274385
  • Loading branch information
@snyk-bot
snyk-bot committed Apr 4, 2024
1 parent bc99420 commit 93fb199
Showing 1 changed file with 16 additions and 16 deletions.
32 changes: 16 additions & 16 deletions Gemfile
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
source 'https://rubygems.org'

gem 'rails', '5.2.8.1'
gem 'rails', '7.0.8.1'

gem 'sprockets'
gem 'sprockets', '>= 3.7.3'

# Need to require sprockets-rails expicitly to get asset pipeline, at least untill we move to SASS
# Pinning sprockets-rails to 2.3.3 so that everything doesn't blow up. It might be time to start thinking about webpack.
gem 'sprockets-rails', '2.3.3'
gem 'sprockets-rails', '3.0.0'
# We need less-rails outside of the assets group so that assets will build in production
gem 'less-rails'
# We want non-digest versions of our assets for font-awesome
gem "non-stupid-digest-assets"
gem "non-stupid-digest-assets", ">= 1.0.10"

gem 'cqm-models', '~>4.0.2'
# gem 'cqm-reports', '~> 3.1.2'
Expand All @@ -23,28 +23,28 @@ gem 'zip-zip'

gem 'axlsx', git: 'https://github.com/randym/axlsx', branch: 'master'
gem 'mongoid', '~> 6.4.2'
gem 'devise'
gem 'devise', '>= 4.9.0'
gem 'systemu'
gem 'multi_json'
gem 'rest-client'
# needed for parsing value sets (we need to use roo rather than rubyxl because the value sets are in xls rather than xlsx)
gem 'roo', '~> 2.7'
gem 'roo', '~> 2.10', '>= 2.10.0'


gem 'oj' # Faster JSON
gem 'apipie-rails'
gem 'apipie-rails', '>= 0.8.2'
gem 'maruku' # enable Markup for API documentation
gem 'doorkeeper', '~> 4.4.0'
gem "doorkeeper-mongodb", '~> 4.1.0'
gem 'doorkeeper', '~> 5.0.0'
gem "doorkeeper-mongodb", "~> 4.2.0"

group :test, :development, :ci do
gem 'pry'
# Pinning teaspoon to 1.1.5 because of sprockets-rails 2.3.3
gem 'teaspoon', '1.1.5'
gem 'teaspoon', '1.2.0'
gem "overcommit"
gem 'rubocop', '~> 0.88.0'
gem 'rubocop-ast', '~> 0.3.0'
gem 'teaspoon-jasmine'
gem 'teaspoon-jasmine', '>= 2.4.1'
gem 'simplecov', :require => false
gem 'minitest'
gem 'rails_best_practices'
Expand All @@ -62,7 +62,7 @@ end

group :test, :development do
gem 'pry-byebug'
gem 'thin', '~> 1.7.2'
gem 'thin', '~> 1.8.0'
gem 'capistrano-rails'
gem 'capistrano-npm'
gem 'rvm1-capistrano3', require: false
Expand All @@ -86,13 +86,13 @@ end

gem 'foreman'

gem 'handlebars_assets', '0.16'
gem 'jquery-rails'
gem 'handlebars_assets', '0.17'
gem 'jquery-rails', '>= 4.5.1'

# Browser Detection
gem 'browser'

gem "reverse_markdown", "~> 2.0"
gem "tinymce-rails"
gem "tinymce-rails", ">= 5.8.2"

gem "devise_saml_authenticatable"
gem "devise_saml_authenticatable", ">= 1.9.1"

0 comments on commit 93fb199

Please sign in to comment.