From 4edc7c072c25a0f9a48c48611e1194dbbe8135fe Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 3 Jun 2025 08:23:38 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-IMAGEPROCESSING-2414086 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-2960802 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732769 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732779 - https://snyk.io/vuln/SNYK-RUBY-REXML-7577227 - https://snyk.io/vuln/SNYK-RUBY-OMNIAUTH-174820 - https://snyk.io/vuln/SNYK-RUBY-RACK-10074187 - https://snyk.io/vuln/SNYK-RUBY-RACK-9398129 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-3237236 - https://snyk.io/vuln/SNYK-RUBY-REXML-7814166 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-2803851 - https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-3237239 - https://snyk.io/vuln/SNYK-RUBY-OMNIAUTH-2987513 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510795 - https://snyk.io/vuln/SNYK-RUBY-RACK-8720151 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220162 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220268 - https://snyk.io/vuln/SNYK-RUBY-RACK-9058602 - https://snyk.io/vuln/SNYK-RUBY-REXML-7577228 - https://snyk.io/vuln/SNYK-RUBY-REXML-8309365 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2803847 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-7210237 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237231 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237232 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274388 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242 - https://snyk.io/vuln/SNYK-RUBY-GLOBALID-3237234 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-REXML-6861566 - https://snyk.io/vuln/SNYK-RUBY-REXML-7462086 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510789 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-5741907 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-5851458 - https://snyk.io/vuln/SNYK-RUBY-RAILTIES-5851410 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9789079 - https://snyk.io/vuln/SNYK-RUBY-RACK-10074188 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8454495 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8496389 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8453714 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8447886 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8448218 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8448407 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8448516 --- Gemfile | 54 ++--- Gemfile.lock | 619 +++++++++++++++++++++++++++++---------------------- 2 files changed, 377 insertions(+), 296 deletions(-) diff --git a/Gemfile b/Gemfile index 1f14f4af..b3817697 100644 --- a/Gemfile +++ b/Gemfile @@ -4,8 +4,8 @@ ruby '3.2.2' source 'https://rubygems.org' -gem 'rails', '~> 6.1' -gem 'rails-i18n', '~> 6.0' +gem 'rails', '~> 7.1', '>= 7.1.0' +gem 'rails-i18n', '~> 7.0', '>= 7.0.1' # Databases gem 'hiredis' @@ -13,7 +13,7 @@ gem 'pg' gem 'redis' # Queue -gem 'sidekiq', '>= 5.2.7' +gem 'sidekiq', '>= 6.5.0' # Integrations gem 'http' @@ -25,27 +25,27 @@ gem 'mailchimp-api', require: 'mailchimp' gem 'mailgun-ruby' # Normalization and locales -gem 'postrank-uri' +gem 'postrank-uri', '>= 1.1' gem 'unicode' # Authentication and authorization gem 'cancancan' -gem 'devise', '>= 4.7.1' -gem 'omniauth', '>= 1.9.0' -gem 'omniauth-facebook', '>= 5.0.0' +gem 'devise', '>= 4.9.0' +gem 'omniauth', '>= 2.1.0' +gem 'omniauth-facebook', '>= 7.0.0' gem 'omniauth-github', github: 'omniauth/omniauth-github' -gem 'omniauth-google-oauth2', '>= 0.8.0' +gem 'omniauth-google-oauth2', '>= 0.8.1' gem 'omniauth-twitter', '>= 1.4.0' -gem 'omniauth-vkontakte', '>= 1.5.1' +gem 'omniauth-vkontakte', '>= 1.7.0' # Request handling -gem 'friendly_id', '>= 5.3.0' -gem 'has_scope', '>= 0.7.2' +gem 'friendly_id', '>= 5.5.0' +gem 'has_scope', '>= 0.8.1' # Decoration -gem 'active_model_serializers', '>= 0.10.10' -gem 'activemodel-serializers-xml', '>= 1.0.2' -gem 'draper', '>= 3.1.0' +gem 'active_model_serializers', '>= 0.10.14' +gem 'activemodel-serializers-xml', '>= 1.0.3' +gem 'draper', '>= 4.0.4' gem 'fast_jsonapi', '>= 1.5' gem 'oj' gem 'ox' @@ -58,13 +58,13 @@ gem 'uglifier' gem 'webpacker' # View template compilers and helpers -gem 'jbuilder', '~> 2.9', '>= 2.9.1' +gem 'jbuilder', '~> 2.12', '>= 2.12.0' gem 'redcarpet' -gem 'slim-rails', '>= 3.2.0' +gem 'slim-rails', '>= 3.6.3' # gem 'active_link_to' gem 'high_voltage' -gem 'meta-tags', '>= 2.13.0' -gem 'simple_form', '>= 5.0.2' +gem 'meta-tags', '>= 2.19.0' +gem 'simple_form', '>= 5.3.0' # Reporting gem 'jwt' @@ -83,10 +83,10 @@ gem 'pry-rails' # Image and AWS S3 management gem 'ruby-vips' -gem 'asset_sync', '>= 2.9.0' -gem 'carrierwave', '>= 2.0.2' +gem 'asset_sync', '>= 2.19.2' +gem 'carrierwave', '>= 2.2.3' gem 'carrierwave-vips', '>= 1.2.0' -gem 'fog-aws', '< 3' +gem 'fog-aws', '~> 3.0' # Monitoring gem 'newrelic_rpm' @@ -127,25 +127,25 @@ group :development, :test do gem 'ffaker' # Model factories - gem 'factory_bot_rails', '>= 5.1.1' - gem 'rspec-rails', '>= 3.9.0' + gem 'factory_bot_rails', '>= 6.3.0' + gem 'rspec-rails', '>= 6.0.4' gem 'rubocop', require: false gem 'rubocop-faker', require: false gem 'rubocop-i18n', require: false gem 'rubocop-md', require: false gem 'rubocop-performance', require: false - gem 'rubocop-rails', '>= 2.4.2', require: false + gem 'rubocop-rails', '>= 2.14.0', require: false gem 'rubocop-rake', require: false gem 'rubocop-rspec', require: false end group :test do gem 'codecov', require: false - gem 'database_cleaner', require: false - gem 'shoulda-matchers', '>= 4.2.0', require: false + gem 'database_cleaner', '>= 2.1.0', require: false + gem 'shoulda-matchers', '>= 6.0.0', require: false gem 'simplecov', require: false gem 'test-prof', require: false - gem 'webmock', require: false + gem 'webmock', '>= 3.20.0', require: false end # Heroku compatibility diff --git a/Gemfile.lock b/Gemfile.lock index 7758495a..9b5c0136 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,105 +1,121 @@ GIT remote: https://github.com/omniauth/omniauth-github.git - revision: d001ed274276bf50e1e756bf38bce75509aa25ec + revision: f27bb4e018150d87e9444ad13955acfc9e76f4d7 specs: - omniauth-github (1.4.0) - omniauth (~> 1.5) - omniauth-oauth2 (>= 1.4.0, < 2.0) + omniauth-github (2.0.1) + omniauth (~> 2.0) + omniauth-oauth2 (~> 1.8) GEM remote: https://rubygems.org/ specs: - actioncable (6.1.4.6) - actionpack (= 6.1.4.6) - activesupport (= 6.1.4.6) + actioncable (7.2.2.1) + actionpack (= 7.2.2.1) + activesupport (= 7.2.2.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.4.6) - actionpack (= 6.1.4.6) - activejob (= 6.1.4.6) - activerecord (= 6.1.4.6) - activestorage (= 6.1.4.6) - activesupport (= 6.1.4.6) - mail (>= 2.7.1) - actionmailer (6.1.4.6) - actionpack (= 6.1.4.6) - actionview (= 6.1.4.6) - activejob (= 6.1.4.6) - activesupport (= 6.1.4.6) - mail (~> 2.5, >= 2.5.4) - rails-dom-testing (~> 2.0) - actionpack (6.1.4.6) - actionview (= 6.1.4.6) - activesupport (= 6.1.4.6) - rack (~> 2.0, >= 2.0.9) + zeitwerk (~> 2.6) + actionmailbox (7.2.2.1) + actionpack (= 7.2.2.1) + activejob (= 7.2.2.1) + activerecord (= 7.2.2.1) + activestorage (= 7.2.2.1) + activesupport (= 7.2.2.1) + mail (>= 2.8.0) + actionmailer (7.2.2.1) + actionpack (= 7.2.2.1) + actionview (= 7.2.2.1) + activejob (= 7.2.2.1) + activesupport (= 7.2.2.1) + mail (>= 2.8.0) + rails-dom-testing (~> 2.2) + actionpack (7.2.2.1) + actionview (= 7.2.2.1) + activesupport (= 7.2.2.1) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4, < 3.2) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.4.6) - actionpack (= 6.1.4.6) - activerecord (= 6.1.4.6) - activestorage (= 6.1.4.6) - activesupport (= 6.1.4.6) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + useragent (~> 0.16) + actiontext (7.2.2.1) + actionpack (= 7.2.2.1) + activerecord (= 7.2.2.1) + activestorage (= 7.2.2.1) + activesupport (= 7.2.2.1) + globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (6.1.4.6) - activesupport (= 6.1.4.6) + actionview (7.2.2.1) + activesupport (= 7.2.2.1) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) - active_model_serializers (0.10.13) - actionpack (>= 4.1, < 7.1) - activemodel (>= 4.1, < 7.1) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + active_model_serializers (0.10.15) + actionpack (>= 4.1) + activemodel (>= 4.1) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - activejob (6.1.4.6) - activesupport (= 6.1.4.6) + activejob (7.2.2.1) + activesupport (= 7.2.2.1) globalid (>= 0.3.6) - activemodel (6.1.4.6) - activesupport (= 6.1.4.6) - activemodel-serializers-xml (1.0.2) - activemodel (> 5.x) - activesupport (> 5.x) + activemodel (7.2.2.1) + activesupport (= 7.2.2.1) + activemodel-serializers-xml (1.0.3) + activemodel (>= 5.0.0.a) + activesupport (>= 5.0.0.a) builder (~> 3.1) - activerecord (6.1.4.6) - activemodel (= 6.1.4.6) - activesupport (= 6.1.4.6) - activestorage (6.1.4.6) - actionpack (= 6.1.4.6) - activejob (= 6.1.4.6) - activerecord (= 6.1.4.6) - activesupport (= 6.1.4.6) - marcel (~> 1.0.0) - mini_mime (>= 1.1.0) - activesupport (6.1.4.6) - concurrent-ruby (~> 1.0, >= 1.0.2) + activerecord (7.2.2.1) + activemodel (= 7.2.2.1) + activesupport (= 7.2.2.1) + timeout (>= 0.4.0) + activestorage (7.2.2.1) + actionpack (= 7.2.2.1) + activejob (= 7.2.2.1) + activerecord (= 7.2.2.1) + activesupport (= 7.2.2.1) + marcel (~> 1.0) + activesupport (7.2.2.1) + base64 + benchmark (>= 0.3) + bigdecimal + concurrent-ruby (~> 1.0, >= 1.3.1) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - tzinfo (~> 2.0) - zeitwerk (~> 2.3) - acts-as-taggable-on (9.0.1) - activerecord (>= 6.0, < 7.1) - addressable (2.8.5) - public_suffix (>= 2.0.2, < 6.0) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) + acts-as-taggable-on (12.0.0) + activerecord (>= 7.1, < 8.1) + zeitwerk (>= 2.4, < 3.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) airbrussh (1.4.0) sshkit (>= 1.6.1, != 1.7.0) annotate (3.2.0) activerecord (>= 3.2, < 8.0) rake (>= 10.4, < 14.0) - asset_sync (2.19.1) + asset_sync (2.19.2) activemodel (>= 4.1.0) fog-core mime-types (>= 2.99) unf - ast (2.4.2) + ast (2.4.3) autoprefixer-rails (10.4.15.0) execjs (~> 2) awesome_print (1.9.2) - bcrypt (3.1.19) + base64 (0.2.0) + bcrypt (3.1.20) + benchmark (0.4.1) + bigdecimal (3.2.1) bindex (0.8.1) bootsnap (1.11.1) msgpack (~> 1.2) - builder (3.2.4) + builder (3.3.0) byebug (11.1.3) cancancan (3.5.0) capistrano (3.16.0) @@ -107,13 +123,12 @@ GEM i18n rake (>= 10.0.0) sshkit (>= 1.9.0) - carrierwave (2.2.2) - activemodel (>= 5.0.0) - activesupport (>= 5.0.0) + carrierwave (3.1.2) + activemodel (>= 6.0.0) + activesupport (>= 6.0.0) addressable (~> 2.6) image_processing (~> 1.1) marcel (~> 1.0.0) - mini_mime (>= 0.1.3) ssrf_filter (~> 1.0) carrierwave-vips (1.2.0) carrierwave (>= 0.11.0) @@ -123,82 +138,88 @@ GEM codecov (0.6.0) simplecov (>= 0.15, < 0.22) coderay (1.1.3) - concurrent-ruby (1.2.2) - connection_pool (2.2.5) - crack (0.4.5) + concurrent-ruby (1.3.5) + connection_pool (2.5.3) + crack (1.0.0) + bigdecimal rexml crass (1.0.6) - database_cleaner (2.0.2) + database_cleaner (2.1.0) database_cleaner-active_record (>= 2, < 3) - database_cleaner-active_record (2.1.0) + database_cleaner-active_record (2.2.1) activerecord (>= 5.a) database_cleaner-core (~> 2.0.0) database_cleaner-core (2.0.1) - devise (4.8.1) + devise (4.9.4) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0) responders warden (~> 1.2.3) - diff-lcs (1.5.0) + diff-lcs (1.6.2) digest (3.1.0) docile (1.4.0) domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - draper (4.0.2) + draper (4.0.4) actionpack (>= 5.0) activemodel (>= 5.0) activemodel-serializers-xml (>= 1.0) activesupport (>= 5.0) request_store (>= 1.0) ruby2_keywords - erubi (1.12.0) - excon (0.103.0) + drb (2.2.3) + erubi (1.13.1) + excon (1.2.7) + logger execjs (2.9.1) - factory_bot (6.2.1) - activesupport (>= 5.0.0) - factory_bot_rails (6.2.0) - factory_bot (~> 6.2.0) + factory_bot (6.5.3) + activesupport (>= 6.1.0) + factory_bot_rails (6.4.4) + factory_bot (~> 6.5) railties (>= 5.0.0) faker (2.21.0) i18n (>= 1.8.11, < 2) - faraday (2.3.0) - faraday-net_http (~> 2.0) - ruby2_keywords (>= 0.0.4) - faraday-net_http (2.0.3) + faraday (2.13.1) + faraday-net_http (>= 2.0, < 3.5) + json + logger + faraday-net_http (3.4.0) + net-http (>= 0.5.0) fast_jsonapi (1.5) activesupport (>= 4.2) ffaker (2.23.0) - ffi (1.15.5) + ffi (1.17.2) ffi-compiler (1.0.1) ffi (>= 1.0.0) rake - fog-aws (2.0.1) - fog-core (~> 1.38) - fog-json (~> 1.0) + fog-aws (3.32.0) + base64 (~> 0.2.0) + fog-core (~> 2.6) + fog-json (~> 1.1) fog-xml (~> 0.1) - ipaddress (~> 0.8) - fog-core (1.45.0) + fog-core (2.6.0) builder - excon (~> 0.58) - formatador (~> 0.2) + excon (~> 1.0) + formatador (>= 0.2, < 2.0) + mime-types fog-json (1.2.0) fog-core multi_json (~> 1.10) - fog-xml (0.1.3) + fog-xml (0.1.5) fog-core nokogiri (>= 1.5.11, < 2.0.0) font-awesome-sass (5.15.1) sassc (>= 1.11) - formatador (0.3.0) - friendly_id (5.4.2) + formatador (1.1.0) + friendly_id (5.5.1) activerecord (>= 4.0.0) - globalid (1.0.0) - activesupport (>= 5.0) - has_scope (0.8.0) + globalid (1.2.1) + activesupport (>= 6.1) + has_scope (0.8.2) actionpack (>= 5.2) activesupport (>= 5.2) - hashdiff (1.0.1) + hashdiff (1.2.0) hashie (5.0.0) high_voltage (3.1.2) hiredis (0.6.3) @@ -211,22 +232,27 @@ GEM http-cookie (1.0.5) domain_name (~> 0.5) http-form_data (2.3.0) - i18n (1.14.1) + i18n (1.14.7) concurrent-ruby (~> 1.0) icalendar (2.7.1) ice_cube (~> 0.16) ice_cube (0.16.4) - image_processing (1.12.1) - mini_magick (>= 4.9.5, < 5) + image_processing (1.14.0) + mini_magick (>= 4.9.5, < 6) ruby-vips (>= 2.0.17, < 3) + io-console (0.8.0) io-wait (0.2.1) - ipaddress (0.8.3) - jbuilder (2.11.5) + irb (1.15.2) + pp (>= 0.6.0) + rdoc (>= 4.0.0) + reline (>= 0.4.2) + jbuilder (2.13.0) actionview (>= 5.0.0) activesupport (>= 5.0.0) json (2.6.2) jsonapi-renderer (0.2.2) - jwt (2.3.0) + jwt (2.10.1) + base64 kaminari (1.2.2) activesupport (>= 4.1.0) kaminari-actionview (= 1.2.2) @@ -239,41 +265,53 @@ GEM activerecord kaminari-core (= 1.2.2) kaminari-core (1.2.2) + language_server-protocol (3.17.0.5) launchy (2.5.0) addressable (~> 2.7) letter_opener (1.8.1) launchy (>= 2.2, < 3) + lint_roller (1.1.0) listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) llhttp-ffi (0.4.0) ffi-compiler (~> 1.0) rake (~> 13.0) - loofah (2.21.3) + logger (1.7.0) + loofah (2.24.1) crass (~> 1.0.2) nokogiri (>= 1.12.0) - mail (2.7.1) + mail (2.8.1) mini_mime (>= 0.1.1) + net-imap + net-pop + net-smtp mailchimp-api (2.0.7) excon (>= 0.16.0) json (>= 1.7.7) mailgun-ruby (1.2.5) rest-client (>= 2.0.2) - marcel (1.0.2) - meta-tags (2.16.0) - actionpack (>= 3.2.0, < 7.1) - method_source (1.0.0) - mime-types (3.5.1) - mime-types-data (~> 3.2015) - mime-types-data (3.2023.0808) - mini_magick (4.11.0) - mini_mime (1.1.2) - mini_portile2 (2.8.4) - minitest (5.20.0) + marcel (1.0.4) + meta-tags (2.22.1) + actionpack (>= 6.0.0, < 8.1) + method_source (1.1.0) + mime-types (3.7.0) + logger + mime-types-data (~> 3.2025, >= 3.2025.0507) + mime-types-data (3.2025.0527) + mini_magick (5.2.0) + benchmark + logger + mini_mime (1.1.5) + mini_portile2 (2.8.9) + minitest (5.25.5) msgpack (1.5.1) multi_json (1.15.0) - multi_xml (0.6.0) + multi_xml (0.7.2) + bigdecimal (~> 3.1) multipart-post (2.1.1) + net-http (0.6.0) + uri net-imap (0.2.3) digest net-protocol @@ -294,48 +332,59 @@ GEM net-ssh (7.2.0) netrc (0.11.0) newrelic_rpm (9.5.0) - nio4r (2.5.9) - nokogiri (1.15.4) + nio4r (2.7.4) + nokogiri (1.18.8) mini_portile2 (~> 2.8.2) racc (~> 1.4) oauth (0.5.8) - oauth2 (1.4.9) - faraday (>= 0.17.3, < 3.0) - jwt (>= 1.0, < 3.0) - multi_json (~> 1.3) + oauth2 (2.0.12) + faraday (>= 0.17.3, < 4.0) + jwt (>= 1.0, < 4.0) + logger (~> 1.2) multi_xml (~> 0.5) - rack (>= 1.2, < 3) + rack (>= 1.2, < 4) + snaky_hash (~> 2.0, >= 2.0.3) + version_gem (>= 1.1.8, < 3) oj (3.16.1) - omniauth (1.9.1) + omniauth (2.1.3) hashie (>= 3.4.6) - rack (>= 1.6.2, < 3) - omniauth-facebook (6.0.0) - omniauth-oauth2 (~> 1.2) - omniauth-google-oauth2 (0.8.0) - jwt (>= 2.0) - omniauth (>= 1.1.1) - omniauth-oauth2 (>= 1.6) - omniauth-oauth (1.1.0) + rack (>= 2.2.3) + rack-protection + omniauth-facebook (10.0.0) + bigdecimal + omniauth-oauth2 (>= 1.2, < 3) + omniauth-google-oauth2 (1.2.1) + jwt (>= 2.9.2) + oauth2 (~> 2.0) + omniauth (~> 2.0) + omniauth-oauth2 (~> 1.8) + omniauth-oauth (1.2.1) oauth - omniauth (~> 1.0) - omniauth-oauth2 (1.6.0) - oauth2 (~> 1.1) - omniauth (~> 1.9) + omniauth (>= 1.0, < 3) + rack (>= 1.6.2, < 4) + omniauth-oauth2 (1.8.0) + oauth2 (>= 1.4, < 3) + omniauth (~> 2.0) omniauth-twitter (1.4.0) omniauth-oauth (~> 1.1) rack - omniauth-vkontakte (1.6.0) - omniauth-oauth2 (>= 1.5, <= 1.6) + omniauth-vkontakte (1.8.1) + omniauth-oauth2 (>= 1.5, <= 1.8.0) orm_adapter (0.5.0) ox (2.14.17) - parallel (1.22.1) - parser (3.1.1.0) + parallel (1.27.0) + parser (3.3.8.0) ast (~> 2.4.1) + racc pg (1.5.4) - postrank-uri (1.0.24) + postrank-uri (1.1) addressable (>= 2.4.0) nokogiri (>= 1.8.0) - public_suffix (>= 2.0.0, < 2.1) + public_suffix (>= 4.0.0, < 5) + pp (0.6.2) + prettyprint + prettyprint (0.2.0) + prism (1.4.0) pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) @@ -343,104 +392,122 @@ GEM pry (>= 0.10.4) psych (5.1.0) stringio - public_suffix (2.0.5) + public_suffix (4.0.7) puma (6.4.0) nio4r (~> 2.0) puma-rails (0.0.2) puma rack - racc (1.7.1) - rack (2.2.8) + racc (1.8.1) + rack (3.1.15) + rack-protection (4.1.1) + base64 (>= 0.1.0) + logger (>= 1.6.0) + rack (>= 3.0.0, < 4) rack-proxy (0.7.7) rack - rack-test (2.1.0) + rack-session (2.1.1) + base64 (>= 0.1.0) + rack (>= 3.0.0) + rack-test (2.2.0) rack (>= 1.3) - rails (6.1.4.6) - actioncable (= 6.1.4.6) - actionmailbox (= 6.1.4.6) - actionmailer (= 6.1.4.6) - actionpack (= 6.1.4.6) - actiontext (= 6.1.4.6) - actionview (= 6.1.4.6) - activejob (= 6.1.4.6) - activemodel (= 6.1.4.6) - activerecord (= 6.1.4.6) - activestorage (= 6.1.4.6) - activesupport (= 6.1.4.6) + rackup (2.2.1) + rack (>= 3) + rails (7.2.2.1) + actioncable (= 7.2.2.1) + actionmailbox (= 7.2.2.1) + actionmailer (= 7.2.2.1) + actionpack (= 7.2.2.1) + actiontext (= 7.2.2.1) + actionview (= 7.2.2.1) + activejob (= 7.2.2.1) + activemodel (= 7.2.2.1) + activerecord (= 7.2.2.1) + activestorage (= 7.2.2.1) + activesupport (= 7.2.2.1) bundler (>= 1.15.0) - railties (= 6.1.4.6) - sprockets-rails (>= 2.0.0) - rails-dom-testing (2.2.0) + railties (= 7.2.2.1) + rails-dom-testing (2.3.0) activesupport (>= 5.0.0) minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.6.0) + rails-html-sanitizer (1.6.2) loofah (~> 2.21) - nokogiri (~> 1.14) - rails-i18n (6.0.0) + nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) + rails-i18n (7.0.10) i18n (>= 0.7, < 2) - railties (>= 6.0.0, < 7) + railties (>= 6.0.0, < 8) rails_12factor (0.0.3) rails_serve_static_assets rails_stdout_logging rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (6.1.4.6) - actionpack (= 6.1.4.6) - activesupport (= 6.1.4.6) - method_source - rake (>= 0.13) - thor (~> 1.0) + railties (7.2.2.1) + actionpack (= 7.2.2.1) + activesupport (= 7.2.2.1) + irb (~> 1.13) + rackup (>= 1.0.0) + rake (>= 12.2) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) - rake (13.0.6) + rake (13.3.0) rb-fsevent (0.11.1) rb-inotify (0.10.1) ffi (~> 1.0) rdoc (6.5.0) psych (>= 4.0.0) redcarpet (3.6.0) - redis (4.6.0) - regexp_parser (2.8.1) - request_store (1.5.1) + redis (5.4.0) + redis-client (>= 0.22.0) + redis-client (0.24.0) + connection_pool + regexp_parser (2.10.0) + reline (0.6.1) + io-console (~> 0.5) + request_store (1.7.0) rack (>= 1.4) - responders (3.0.1) - actionpack (>= 5.0) - railties (>= 5.0) + responders (3.1.1) + actionpack (>= 5.2) + railties (>= 5.2) rest-client (2.1.0) http-accept (>= 1.7.0, < 2.0) http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - rexml (3.2.6) + rexml (3.4.1) rollbar (3.3.0) - rspec-core (3.12.2) - rspec-support (~> 3.12.0) - rspec-expectations (3.12.3) + rspec-core (3.13.4) + rspec-support (~> 3.13.0) + rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-mocks (3.12.6) + rspec-support (~> 3.13.0) + rspec-mocks (3.13.5) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-rails (6.0.3) - actionpack (>= 6.1) - activesupport (>= 6.1) - railties (>= 6.1) - rspec-core (~> 3.12) - rspec-expectations (~> 3.12) - rspec-mocks (~> 3.12) - rspec-support (~> 3.12) - rspec-support (3.12.1) - rubocop (1.25.1) + rspec-support (~> 3.13.0) + rspec-rails (8.0.0) + actionpack (>= 7.2) + activesupport (>= 7.2) + railties (>= 7.2) + rspec-core (~> 3.13) + rspec-expectations (~> 3.13) + rspec-mocks (~> 3.13) + rspec-support (~> 3.13) + rspec-support (3.13.4) + rubocop (1.75.8) + json (~> 2.3) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) parallel (~> 1.10) - parser (>= 3.1.0.0) + parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 1.8, < 3.0) - rexml - rubocop-ast (>= 1.15.1, < 2.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.44.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.16.0) - parser (>= 3.1.1.0) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.44.1) + parser (>= 3.3.7.2) + prism (~> 1.4) rubocop-faker (1.1.0) faker (>= 2.12.0) rubocop (>= 0.82.0) @@ -451,17 +518,20 @@ GEM rubocop-performance (1.13.2) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) - rubocop-rails (2.13.2) + rubocop-rails (2.32.0) activesupport (>= 4.2.0) + lint_roller (~> 1.1) rack (>= 1.1) - rubocop (>= 1.7.0, < 2.0) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) rubocop-rake (0.6.0) rubocop (~> 1.0) rubocop-rspec (2.8.0) rubocop (~> 1.19) - ruby-progressbar (1.11.0) - ruby-vips (2.1.4) + ruby-progressbar (1.13.0) + ruby-vips (2.2.3) ffi (~> 1.12) + logger ruby2_keywords (0.0.5) sassc (2.4.0) ffi (~> 1.9) @@ -473,15 +543,18 @@ GEM tilt sdoc (2.6.1) rdoc (>= 5.0) + securerandom (0.4.1) semantic_range (3.0.0) - shoulda-matchers (5.3.0) + shoulda-matchers (6.5.0) activesupport (>= 5.2.0) - sidekiq (6.4.2) - connection_pool (>= 2.2.2) - rack (~> 2.0) - redis (>= 4.2.0) + sidekiq (7.3.9) + base64 + connection_pool (>= 2.3.0) + logger + rack (>= 2.2.4) + redis-client (>= 0.22.2) silencer (1.0.1) - simple_form (5.2.0) + simple_form (5.3.1) actionpack (>= 5.2) activemodel (>= 5.2) simplecov (0.21.2) @@ -490,46 +563,53 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - slim (5.1.1) + slim (5.2.1) temple (~> 0.10.0) tilt (>= 2.1.0) - slim-rails (3.6.2) + slim-rails (3.7.0) actionpack (>= 3.1) railties (>= 3.1) slim (>= 3.0, < 6.0, != 5.0.0) + snaky_hash (2.0.3) + hashie (>= 0.1.0, < 6) + version_gem (>= 1.1.8, < 3) spring (2.1.1) spring-commands-rspec (1.0.4) spring (>= 0.9.1) spring-watcher-listen (2.0.1) listen (>= 2.7, < 4.0) spring (>= 1.2, < 3.0) - sprockets (4.0.2) + sprockets (4.2.2) concurrent-ruby (~> 1.0) - rack (> 1, < 3) - sprockets-rails (3.4.2) - actionpack (>= 5.2) - activesupport (>= 5.2) + logger + rack (>= 2.2.4, < 4) + sprockets-rails (3.5.2) + actionpack (>= 6.1) + activesupport (>= 6.1) sprockets (>= 3.0.0) sshkit (1.21.5) net-scp (>= 1.1.2) net-ssh (>= 2.8.0) - ssrf_filter (1.0.7) + ssrf_filter (1.3.0) stringio (3.0.8) strscan (3.0.1) - temple (0.10.2) + temple (0.10.3) test-prof (1.2.3) - thor (1.2.2) - tilt (2.3.0) - timeout (0.2.0) + thor (1.3.2) + tilt (2.6.0) + timeout (0.4.3) tzinfo (2.0.6) concurrent-ruby (~> 1.0) uglifier (4.2.0) execjs (>= 0.3.0, < 3) - unf (0.1.4) - unf_ext - unf_ext (0.0.8.2) + unf (0.2.0) unicode (0.4.4.4) - unicode-display_width (2.4.2) + unicode-display_width (3.1.4) + unicode-emoji (~> 4.0, >= 4.0.4) + unicode-emoji (4.0.4) + uri (1.0.3) + useragent (0.16.11) + version_gem (1.1.8) warden (1.2.9) rack (>= 2.0.9) web-console (4.2.1) @@ -537,7 +617,7 @@ GEM activemodel (>= 6.0.0) bindex (>= 0.4.0) railties (>= 6.0.0) - webmock (3.19.1) + webmock (3.25.1) addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) @@ -546,92 +626,93 @@ GEM rack-proxy (>= 0.6.1) railties (>= 5.2) semantic_range (>= 2.3.0) - websocket-driver (0.7.6) + websocket-driver (0.8.0) + base64 websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.12) + zeitwerk (2.7.3) PLATFORMS ruby DEPENDENCIES - active_model_serializers (>= 0.10.10) - activemodel-serializers-xml (>= 1.0.2) + active_model_serializers (>= 0.10.14) + activemodel-serializers-xml (>= 1.0.3) acts-as-taggable-on (>= 6.5.0) annotate (>= 3.0.3) - asset_sync (>= 2.9.0) + asset_sync (>= 2.19.2) autoprefixer-rails awesome_print bootsnap byebug cancancan capistrano - carrierwave (>= 2.0.2) + carrierwave (>= 2.2.3) carrierwave-vips (>= 1.2.0) codecov - database_cleaner - devise (>= 4.7.1) - draper (>= 3.1.0) - factory_bot_rails (>= 5.1.1) + database_cleaner (>= 2.1.0) + devise (>= 4.9.0) + draper (>= 4.0.4) + factory_bot_rails (>= 6.3.0) fast_jsonapi (>= 1.5) ffaker - fog-aws (< 3) + fog-aws (~> 3.0) font-awesome-sass - friendly_id (>= 5.3.0) - has_scope (>= 0.7.2) + friendly_id (>= 5.5.0) + has_scope (>= 0.8.1) high_voltage hiredis http icalendar - jbuilder (~> 2.9, >= 2.9.1) + jbuilder (~> 2.12, >= 2.12.0) jwt kaminari (>= 1.2.1) letter_opener listen mailchimp-api mailgun-ruby - meta-tags (>= 2.13.0) + meta-tags (>= 2.19.0) multipart-post net-imap net-pop net-smtp newrelic_rpm oj - omniauth (>= 1.9.0) - omniauth-facebook (>= 5.0.0) + omniauth (>= 2.1.0) + omniauth-facebook (>= 7.0.0) omniauth-github! - omniauth-google-oauth2 (>= 0.8.0) + omniauth-google-oauth2 (>= 0.8.1) omniauth-twitter (>= 1.4.0) - omniauth-vkontakte (>= 1.5.1) + omniauth-vkontakte (>= 1.7.0) ox pg - postrank-uri + postrank-uri (>= 1.1) pry-rails puma-rails (>= 0.0.2) - rails (~> 6.1) - rails-i18n (~> 6.0) + rails (~> 7.1, >= 7.1.0) + rails-i18n (~> 7.0, >= 7.0.1) rails_12factor redcarpet redis rollbar - rspec-rails (>= 3.9.0) + rspec-rails (>= 6.0.4) rubocop rubocop-faker rubocop-i18n rubocop-md rubocop-performance - rubocop-rails (>= 2.4.2) + rubocop-rails (>= 2.14.0) rubocop-rake rubocop-rspec ruby-vips sassc-rails (>= 2.1.2) sdoc - shoulda-matchers (>= 4.2.0) - sidekiq (>= 5.2.7) + shoulda-matchers (>= 6.0.0) + sidekiq (>= 6.5.0) silencer - simple_form (>= 5.0.2) + simple_form (>= 5.3.0) simplecov - slim-rails (>= 3.2.0) + slim-rails (>= 3.6.3) spring spring-commands-rspec spring-watcher-listen (~> 2.0.0) @@ -640,11 +721,11 @@ DEPENDENCIES uglifier unicode web-console (>= 4.2.1) - webmock + webmock (>= 3.20.0) webpacker RUBY VERSION ruby 3.2.2p53 BUNDLED WITH - 2.3.26 + 2.4.6