From e261df956974e13378b928fefe9af1dd20f15d52 Mon Sep 17 00:00:00 2001 From: snyk-test Date: Sat, 22 Jun 2019 06:12:50 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-BOOTSTRAPSASS-450237 - https://snyk.io/vuln/SNYK-RUBY-BOOTSTRAPSASS-450238 - https://snyk.io/vuln/SNYK-RUBY-BOOTSTRAPSASS-450239 --- Gemfile | 2 +- Gemfile.lock | 18 ++++++++++++++---- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index db203ccd2..23c4f5b7d 100644 --- a/Gemfile +++ b/Gemfile @@ -65,7 +65,7 @@ gem "color-generator" # Bootstrap # Bootstrap, as SASS -gem "bootstrap-sass" +gem "bootstrap-sass", ">= 3.4.0" # There's a bug in with bootstrap-sass + sprockets-sass in 3.3.3 # FIXME: When a fix is released (3.3.4?), remove this block diff --git a/Gemfile.lock b/Gemfile.lock index e5ed7e0b1..e82ef3141 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,10 +9,13 @@ GEM tzinfo (~> 1.1) addressable (2.3.6) asciidoctor (0.1.4) + autoprefixer-rails (9.6.0) + execjs binding_of_caller (0.7.2) debug_inspector (>= 0.0.1) - bootstrap-sass (3.1.1.1) - sass (~> 3.2) + bootstrap-sass (3.4.1) + autoprefixer-rails (>= 5.2.1) + sassc (>= 2.0.0) builder (3.2.2) chunky_png (1.3.1) coderay (1.1.0) @@ -155,6 +158,7 @@ GEM rack rack-test (0.6.2) rack (>= 1.0) + rake (12.3.2) rb-fsevent (0.9.4) rb-inotify (0.9.5) ffi (>= 0.5.0) @@ -164,7 +168,10 @@ GEM rinku (1.7.3) rouge (1.4.0) ruby18_source_location (0.2) - sass (3.3.8) + sass (3.4.25) + sassc (2.0.1) + ffi (~> 1.9) + rake slop (3.5.0) sprockets (2.12.1) hike (~> 1.2) @@ -199,7 +206,7 @@ PLATFORMS DEPENDENCIES asciidoctor - bootstrap-sass + bootstrap-sass (>= 3.4.0) builder (~> 3.0) coderay color-generator @@ -227,3 +234,6 @@ DEPENDENCIES therubyracer wdm (~> 0.1.0) wikicloth + +BUNDLED WITH + 1.17.3