[Snyk] Fix for 2 vulnerabilities (#11)

* fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-560837 - https://snyk.io/vuln/SNYK-RUBY-JSON-560838 * upgrading coffee rails * Fixing rubocop Co-authored-by: Hugo Corbucci <[email protected]>
agile-alliance-brazil · Mar 22, 2020 · 14c4e61 · 14c4e61
1 parent 0e615c3
commit 14c4e61
Show file tree

Hide file tree

Showing 5 changed files with 231 additions and 219 deletions.
diff --git a/Gemfile b/Gemfile
@@ -16,14 +16,14 @@ gem 'attribute_normalizer'
 gem 'aws-ses', require: 'aws/ses'
 gem 'bootstrap-sass', '~> 3.4'
 gem 'bundler'
-gem 'coffee-rails', '~>4.1'
-gem 'devise', '~> 4.7'
-gem 'devise-i18n'
-gem 'doorkeeper', '~> 4.2'
+gem 'coffee-rails', '~> 5.0'
+gem 'devise', '~> 4.7', '>= 4.7.1'
+gem 'devise-i18n', '>= 1.6.4'
+gem 'doorkeeper', '~> 4.4', '>= 4.4.2'
 gem 'doorkeeper-i18n'
 gem 'haml', '~> 5.0'
-gem 'jquery-rails', '~>4.0'
-gem 'jquery-ui-rails', '~>6.0'
+gem 'jquery-rails', '~> 4.3', '>= 4.3.3'
+gem 'jquery-ui-rails', '~> 6.0', '>= 6.0.1'
 gem 'newrelic_rpm'
 gem 'omniauth'
 # general
@@ -36,8 +36,8 @@ gem 'omniauth-facebook'
 # gem 'omniauth-linkedin-oauth2'
 gem 'omniauth-twitter'
 # gem 'omniauth2-gitlab'
-gem 'rails', '~> 5.0'
-gem 'sass-rails', '~>5.0'
+gem 'rails', '~> 5.2', '>= 5.2.4.2'
+gem 'sass-rails', '~> 5.0', '>= 5.0.7'
 gem 'therubyracer'
 gem 'turbolinks'
 gem 'uglifier', '~>4.0'
@@ -56,23 +56,23 @@ group :development do
   gem 'bullet'
   gem 'byebug'
   gem 'foreman'
-  gem 'lol_dba'
+  gem 'lol_dba', '>= 2.1.5'
   gem 'pry'
   gem 'rack-livereload'
-  gem 'web-console'
+  gem 'web-console', '>= 3.7.0'
 end
 
 group :test do
-  gem 'codeclimate-test-reporter', '~> 1.0.0'
+  gem 'codeclimate-test-reporter', '~> 1.0.8'
   gem 'email_spec'
-  gem 'factory_bot_rails'
+  gem 'factory_bot_rails', '>= 4.11.1'
   gem 'shoulda-matchers', require: false
-  gem 'simplecov'
+  gem 'simplecov', '>= 0.13.0'
 end
 
 group :development, :test do
   gem 'brakeman', require: false
-  gem 'dotenv-rails'
+  gem 'dotenv-rails', '>= 2.5.0'
   gem 'guard-livereload', require: false
   gem 'guard-rspec'
   gem 'guard-rubocop'
@@ -82,7 +82,7 @@ group :development, :test do
   gem 'rb-inotify', require: linux_only('rb-inotify')
   gem 'rspec-collection_matchers'
   gem 'rspec-its'
-  gem 'rspec-rails'
+  gem 'rspec-rails', '>= 3.8.0'
   gem 'rubocop'
   gem 'rubocop-rspec'
   gem 'selenium-webdriver'