[Snyk] Fix for 5 vulnerabilities (#12)

* fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-569599 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-569600 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-569601 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESTORAGE-569602 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598 * fixing rubocop and gemfile.lock * fixing rubocop Co-authored-by: Hugo Corbucci <[email protected]>
agile-alliance-brazil · Jun 6, 2020 · b689dbe · b689dbe
1 parent 14c4e61
commit b689dbe
Show file tree

Hide file tree

Showing 6 changed files with 159 additions and 122 deletions.
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -5,12 +5,51 @@ AllCops:
     - 'db/schema.rb' # Auto-generated file
     - 'bin/*' # Auto-generated files
 
-Rails:
-  Enabled: true
-
 Metrics/BlockLength:
   Exclude:
     - '**/*_spec.rb'
 
+Layout/EmptyLinesAroundAttributeAccessor:
+  Enabled: true
+
+Layout/SpaceAroundMethodCallOperator:
+  Enabled: true
+
+Lint/DeprecatedOpenSSLConstant:
+  Enabled: true
+
+Lint/MixedRegexpCaptureTypes:
+  Enabled: true
+
+Lint/RaiseException:
+  Enabled: true
+
+Lint/StructNewOverride:
+  Enabled: true
+
+Style/ExponentialNotation:
+  Enabled: true
+
+Style/HashEachMethods:
+  Enabled: true
+
+Style/HashTransformKeys:
+  Enabled: true
+
+Style/HashTransformValues:
+  Enabled: true
+
+Style/RedundantRegexpCharacterClass:
+  Enabled: true
+
+Style/RedundantRegexpEscape:
+  Enabled: true
+
+Style/SlicingWithRange:
+  Enabled: true
+
+RSpec/ExampleLength:
+  Enabled: false
+
 RSpec/MultipleExpectations:
   Enabled: false
diff --git a/Gemfile b/Gemfile
@@ -16,13 +16,13 @@ gem 'attribute_normalizer'
 gem 'aws-ses', require: 'aws/ses'
 gem 'bootstrap-sass', '~> 3.4'
 gem 'bundler'
-gem 'coffee-rails', '~> 5.0'
+gem 'coffee-rails', '~> 5.0', '>= 5.0.0'
 gem 'devise', '~> 4.7', '>= 4.7.1'
-gem 'devise-i18n', '>= 1.6.4'
-gem 'doorkeeper', '~> 4.4', '>= 4.4.2'
+gem 'devise-i18n', '>= 1.9.0'
+gem 'doorkeeper', '~> 4.4', '>= 4.4.3'
 gem 'doorkeeper-i18n'
 gem 'haml', '~> 5.0'
-gem 'jquery-rails', '~> 4.3', '>= 4.3.3'
+gem 'jquery-rails', '~> 4.3', '>= 4.3.5'
 gem 'jquery-ui-rails', '~> 6.0', '>= 6.0.1'
 gem 'newrelic_rpm'
 gem 'omniauth'
@@ -36,8 +36,8 @@ gem 'omniauth-facebook'
 # gem 'omniauth-linkedin-oauth2'
 gem 'omniauth-twitter'
 # gem 'omniauth2-gitlab'
-gem 'rails', '~> 5.2', '>= 5.2.4.2'
-gem 'sass-rails', '~> 5.0', '>= 5.0.7'
+gem 'rails', '~> 5.2', '>= 5.2.4.3'
+gem 'sass-rails', '~> 5.1', '>= 5.1.0'
 gem 'therubyracer'
 gem 'turbolinks'
 gem 'uglifier', '~>4.0'
@@ -53,10 +53,10 @@ group :development do
   # gem 'capistrano', '3.4.1', require: false
   # gem 'capistrano-bundler', require: false
   # gem 'capistrano-rails', require: false
-  gem 'bullet'
+  gem 'bullet', '>= 6.1.0'
   gem 'byebug'
   gem 'foreman'
-  gem 'lol_dba', '>= 2.1.5'
+  gem 'lol_dba', '>= 2.1.9'
   gem 'pry'
   gem 'rack-livereload'
   gem 'web-console', '>= 3.7.0'
@@ -65,14 +65,14 @@ end
 group :test do
   gem 'codeclimate-test-reporter', '~> 1.0.8'
   gem 'email_spec'
-  gem 'factory_bot_rails', '>= 4.11.1'
-  gem 'shoulda-matchers', require: false
+  gem 'factory_bot_rails', '>= 5.1.1'
+  gem 'shoulda-matchers', '>= 4.3.0', require: false
   gem 'simplecov', '>= 0.13.0'
 end
 
 group :development, :test do
   gem 'brakeman', require: false
-  gem 'dotenv-rails', '>= 2.5.0'
+  gem 'dotenv-rails', '>= 2.7.5'
   gem 'guard-livereload', require: false
   gem 'guard-rspec'
   gem 'guard-rubocop'
@@ -82,7 +82,7 @@ group :development, :test do
   gem 'rb-inotify', require: linux_only('rb-inotify')
   gem 'rspec-collection_matchers'
   gem 'rspec-its'
-  gem 'rspec-rails', '>= 3.8.0'
+  gem 'rspec-rails', '>= 3.9.1'
   gem 'rubocop'
   gem 'rubocop-rspec'
   gem 'selenium-webdriver'