Skip to content

[Snyk] Fix for 6 vulnerabilities #92

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 6 vulnerabilities #92

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
84 changes: 42 additions & 42 deletions Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
source "https://rubygems.org"

gem 'rails', '4.2.6'
gem 'rails', '4.2.7'
gem 'rails-deprecated_sanitizer', '~> 1.0.3'

# Responders respond_to and respond_with
gem 'responders', '~> 2.0'
gem 'responders', '~> 2.1', '>= 2.1.2'

# Specify a sprockets version due to increased performance
# See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
Expand All @@ -18,23 +18,23 @@ gem "mysql2", '~> 0.3.16', group: :mysql
gem "pg", '~> 0.18.2', group: :postgres

# Authentication libraries
gem 'devise', '~> 3.5.4'
gem 'doorkeeper', '~> 3.1'
gem 'devise-async', '~> 0.9.0'
gem 'devise', '~> 3.5.5'
gem 'doorkeeper', '~> 4.0', '>= 4.0.0'
gem 'devise-async', '~> 0.10.1'
gem 'omniauth', '~> 1.3.1'
gem 'omniauth-auth0', '~> 1.4.1'
gem 'omniauth-azure-oauth2', '~> 0.0.6'
gem 'omniauth-bitbucket', '~> 0.0.2'
gem 'omniauth-cas3', '~> 1.1.2'
gem 'omniauth-cas3', '~> 1.1.4'
gem 'omniauth-facebook', '~> 3.0.0'
gem 'omniauth-github', '~> 1.1.1'
gem 'omniauth-gitlab', '~> 1.0.0'
gem 'omniauth-google-oauth2', '~> 0.2.0'
gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
gem 'omniauth-saml', '~> 1.5.0'
gem 'omniauth-saml', '~> 1.6.0'
gem 'omniauth-shibboleth', '~> 1.2.0'
gem 'omniauth-twitter', '~> 1.2.0'
gem 'omniauth_crowd', '~> 2.2.0'
gem 'omniauth_crowd', '~> 2.3.0'
gem 'rack-oauth2', '~> 1.2.1'
gem 'jwt'

Expand All @@ -43,7 +43,7 @@ gem 'recaptcha', require: 'recaptcha/rails'
gem 'akismet', '~> 2.0'

# Two-factor authentication
gem 'devise-two-factor', '~> 2.0.0'
gem 'devise-two-factor', '~> 2.1.0'
gem 'rqrcode-rails3', '~> 0.1.7'
gem 'attr_encrypted', '~> 1.3.4'

Expand All @@ -61,7 +61,7 @@ gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: "omniauth-ldap"

# Git Wiki
# Required manually in config/initializers/gollum.rb to control load order
gem 'gollum-lib', '~> 4.1.0', require: false
gem 'gollum-lib', '~> 4.2.7', require: false
gem 'gollum-rugged_adapter', '~> 0.4.2', require: false

# Language detection
Expand All @@ -76,16 +76,16 @@ gem 'rack-cors', '~> 0.4.0', require: 'rack/cors'
gem "kaminari", "~> 0.16.3"

# HAML
gem "haml-rails", '~> 0.9.0'
gem "haml-rails", "~> 1.0.0"

# Files attachments
gem "carrierwave", '~> 0.10.0'

# Drag and Drop UI
gem 'dropzonejs-rails', '~> 0.7.1'
gem 'dropzonejs-rails', '~> 0.7.3'

# for aws storage
gem "fog", "~> 1.36.0"
gem "fog", "~> 1.37.0"
gem "unf", '~> 0.1.4'

# Authorization
Expand All @@ -109,7 +109,7 @@ gem 'rouge', '~> 1.10.1'

# See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
# and https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
gem 'nokogiri', '~> 1.6.7', '>= 1.6.7.2'
gem 'nokogiri', '~> 1.18.9'

# Diffs
gem 'diffy', '~> 3.0.3'
Expand Down Expand Up @@ -148,7 +148,7 @@ gem 'settingslogic', '~> 2.0.9'
gem 'version_sorter', '~> 2.0.0'

# Cache
gem "redis-rails", '~> 4.0.0'
gem "redis-rails", "~> 5.0.0"

# Redis
gem 'redis', '~> 3.2'
Expand Down Expand Up @@ -176,17 +176,17 @@ gem 'asana', '~> 0.4.0'
gem 'ruby-fogbugz', '~> 0.2.1'

# d3
gem 'd3_rails', '~> 3.5.0'
gem 'd3_rails', '~> 3.5.12'

# underscore-rails
gem "underscore-rails", "~> 1.8.0"

# Sanitize user input
gem "sanitize", '~> 2.0'
gem "sanitize", "~> 2.1", ">= 2.1.1"
gem 'babosa', '~> 1.0.2'

# Sanitizes SVG input
gem "loofah", "~> 2.0.3"
gem "loofah", "~> 2.1.0"

# Working with license
gem 'licensee', '~> 8.0.0'
Expand All @@ -203,31 +203,31 @@ gem 'mousetrap-rails', '~> 1.4.6'
# Detect and convert string character encoding
gem 'charlock_holmes', '~> 0.7.3'

gem "sass-rails", '~> 5.0.0'
gem "coffee-rails", '~> 4.1.0'
gem "sass-rails", "~> 5.0.5"
gem "coffee-rails", "~> 4.2.0"
gem "uglifier", '~> 2.7.2'
gem 'turbolinks', '~> 2.5.0'
gem 'turbolinks', '~> 2.5.4'
gem 'jquery-turbolinks', '~> 2.1.0'

gem 'addressable', '~> 2.3.8'
gem 'bootstrap-sass', '~> 3.3.0'
gem 'font-awesome-rails', '~> 4.2'
gem 'font-awesome-rails', '~> 4.6', '>= 4.6.0.0'
gem 'gitlab_emoji', '~> 0.3.0'
gem 'gon', '~> 6.0.1'
gem 'gon', '~> 6.1.0'
gem 'jquery-atwho-rails', '~> 1.3.2'
gem 'jquery-rails', '~> 4.1.0'
gem 'jquery-ui-rails', '~> 5.0.0'
gem 'jquery-rails', '~> 4.2.0'
gem 'jquery-ui-rails', '~> 6.0.0'
gem 'raphael-rails', '~> 2.1.2'
gem 'request_store', '~> 1.3.0'
gem 'select2-rails', '~> 3.5.9'
gem 'select2-rails', '~> 3.5.11'
gem 'virtus', '~> 1.0.1'
gem 'net-ssh', '~> 3.0.1'
gem 'base32', '~> 0.3.0'

# Sentry integration
gem 'sentry-raven', '~> 0.15'

gem 'premailer-rails', '~> 1.9.0'
gem 'premailer-rails', '~> 1.9.3'

# Metrics
group :metrics do
Expand All @@ -237,15 +237,15 @@ group :metrics do
end

group :development do
gem "foreman"
gem "foreman", ">= 0.86.0"
gem 'brakeman', '~> 3.2.0', require: false

gem 'letter_opener_web', '~> 1.3.0'
gem 'quiet_assets', '~> 1.0.2'
gem 'letter_opener_web', '~> 1.3.1'
gem 'quiet_assets', '~> 1.1.0'
gem 'rerun', '~> 0.11.0'
gem 'bullet', require: false
gem 'rblineprof', platform: :mri, require: false
gem 'web-console', '~> 2.0'
gem 'web-console', '~> 3.0', '>= 3.0.0'

# Better errors handler
gem 'better_errors', '~> 1.0.1'
Expand All @@ -266,8 +266,8 @@ group :development, :test do
gem 'fuubar', '~> 2.0.0'

gem 'database_cleaner', '~> 1.4.0'
gem 'factory_girl_rails', '~> 4.6.0'
gem 'rspec-rails', '~> 3.4.0'
gem 'factory_girl_rails', '~> 4.7.0'
gem 'rspec-rails', '~> 3.5.0'
gem 'rspec-retry'
gem 'spinach-rails', '~> 0.2.1'
gem 'spinach-rerun-reporter', '~> 0.0.2'
Expand All @@ -278,12 +278,12 @@ group :development, :test do
# Generate Fake data
gem 'ffaker', '~> 2.0.0'

gem 'capybara', '~> 2.6.2'
gem 'capybara-screenshot', '~> 1.0.0'
gem 'poltergeist', '~> 1.9.0'
gem 'capybara', '~> 2.7.0'
gem 'capybara-screenshot', '~> 1.0.12'
gem 'poltergeist', '~> 1.10.0'

gem 'teaspoon', '~> 1.1.0'
gem 'teaspoon-jasmine', '~> 2.2.0'
gem 'teaspoon', '~> 1.2.0'
gem 'teaspoon-jasmine', '~> 2.3.4'

gem 'spring', '~> 1.7.0'
gem 'spring-commands-rspec', '~> 1.0.4'
Expand All @@ -293,11 +293,11 @@ group :development, :test do
gem 'rubocop', '~> 0.40.0', require: false
gem 'rubocop-rspec', '~> 1.5.0', require: false
gem 'scss_lint', '~> 0.47.0', require: false
gem 'coveralls', '~> 0.8.2', require: false
gem 'coveralls', '~> 0.8.23', require: false
gem 'simplecov', '~> 0.11.0', require: false
gem 'flog', require: false
gem 'flay', require: false
gem 'bundler-audit', require: false
gem 'bundler-audit', '>= 0.7.0', require: false

gem 'benchmark-ips', require: false
end
Expand All @@ -323,7 +323,7 @@ gem "mail_room", "~> 0.7"
gem 'email_reply_parser', '~> 0.5.8'

## CI
gem 'activerecord-session_store', '~> 1.0.0'
gem 'activerecord-session_store', '~> 1.1.0'
gem "nested_form", '~> 0.3.2'

# OAuth
Expand All @@ -333,4 +333,4 @@ gem 'oauth2', '~> 1.0.0'
gem "paranoia", "~> 2.0"

# Health check
gem 'health_check', '~> 1.5.1'
gem 'health_check', '~> 1.7.2'