From 367655dc59ab2ef56492430ab3a521af269c7bc1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 29 Jun 2018 06:42:26 +0000 Subject: [PATCH] fix: Gemfile.lock & Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-FFI-22037 --- Gemfile | 4 ++-- Gemfile.lock | 44 +++++++++++++++++++++++++------------------- 2 files changed, 27 insertions(+), 21 deletions(-) diff --git a/Gemfile b/Gemfile index 8af2673..1cd8046 100644 --- a/Gemfile +++ b/Gemfile @@ -12,7 +12,7 @@ ruby RUBY_VERSION gem "jekyll", "3.4.3" # This is the default theme for new Jekyll sites. You may change this to anything you like. -gem "minima", "~> 2.0" +gem "minima", "~> 2.1", ">= 2.1.1" # If you want to use GitHub Pages, remove the "gem "jekyll"" above and # uncomment the line below. To upgrade, run `bundle update github-pages`. @@ -20,7 +20,7 @@ gem "minima", "~> 2.0" # If you have any plugins, put them here! group :jekyll_plugins do - gem "jekyll-feed", "~> 0.6" + gem "jekyll-feed", "~> 0.9", ">= 0.9.2" end # Windows does not include zoneinfo files, so bundle the tzinfo-data gem diff --git a/Gemfile.lock b/Gemfile.lock index 729ad6d..7a0c95d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,10 +1,10 @@ GEM remote: https://rubygems.org/ specs: - addressable (2.5.1) - public_suffix (~> 2.0, >= 2.0.2) + addressable (2.5.2) + public_suffix (>= 2.0.2, < 4.0) colorator (1.1.0) - ffi (1.9.18) + ffi (1.9.25) forwardable-extended (2.6.0) jekyll (3.4.3) addressable (~> 2.4) @@ -17,41 +17,47 @@ GEM pathutil (~> 0.9) rouge (~> 1.7) safe_yaml (~> 1.0) - jekyll-feed (0.9.2) + jekyll-feed (0.10.0) jekyll (~> 3.3) - jekyll-sass-converter (1.5.0) + jekyll-sass-converter (1.5.2) sass (~> 3.4) - jekyll-watch (1.5.0) - listen (~> 3.0, < 3.1) - kramdown (1.13.2) + jekyll-watch (1.5.1) + listen (~> 3.0) + kramdown (1.17.0) liquid (3.0.6) - listen (3.0.8) + listen (3.1.5) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) + ruby_dep (~> 1.2) mercenary (0.3.6) minima (2.1.1) jekyll (~> 3.3) - pathutil (0.14.0) + pathutil (0.16.1) forwardable-extended (~> 2.6) - public_suffix (2.0.5) - rb-fsevent (0.9.8) - rb-inotify (0.9.8) - ffi (>= 0.5.0) + public_suffix (3.0.2) + rb-fsevent (0.10.3) + rb-inotify (0.9.10) + ffi (>= 0.5.0, < 2) rouge (1.11.1) + ruby_dep (1.5.0) safe_yaml (1.0.4) - sass (3.4.24) + sass (3.5.6) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) PLATFORMS ruby DEPENDENCIES jekyll (= 3.4.3) - jekyll-feed (~> 0.6) - minima (~> 2.0) + jekyll-feed (~> 0.9, >= 0.9.2) + minima (~> 2.1, >= 2.1.1) tzinfo-data RUBY VERSION - ruby 2.3.1p112 + ruby 2.3.6p384 BUNDLED WITH - 1.15.1 + 1.16.1