From 016bea44cb4bc53e468db4708de186b74a50fe84 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 20 Jun 2025 19:11:50 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-8309365 --- Gemfile | 4 ++-- Gemfile.lock | 59 ++++++++++++++++++++++++++++------------------------ 2 files changed, 34 insertions(+), 29 deletions(-) diff --git a/Gemfile b/Gemfile index 275a3e4..8b9e60c 100644 --- a/Gemfile +++ b/Gemfile @@ -7,9 +7,9 @@ source "https://rubygems.org" # # This will help ensure the proper Jekyll version is running. # Happy Jekylling! -gem "jekyll", "~> 4.2.1" +gem "jekyll", "~> 4.3.0" # This is the default theme for new Jekyll sites. You may change this to anything you like. -gem "minima", "~> 2.5", ">= 2.5.1" +gem "minima", "~> 2.5", ">= 2.5.2" # If you want to use GitHub Pages, remove the "gem "jekyll"" above and # uncomment the line below. To upgrade, run `bundle update github-pages`. # gem "github-pages", group: :jekyll_plugins diff --git a/Gemfile.lock b/Gemfile.lock index b7b8a90..78bc84b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -4,42 +4,45 @@ GEM addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) colorator (1.1.0) - concurrent-ruby (1.3.3) + concurrent-ruby (1.3.5) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) eventmachine (1.2.7) - ffi (1.17.0) - ffi (1.17.0-x86_64-darwin) + ffi (1.17.2) + ffi (1.17.2-x86_64-darwin) forwardable-extended (2.6.0) + google-protobuf (3.25.8) + google-protobuf (3.25.8-x86_64-darwin) http_parser.rb (0.8.0) - i18n (1.14.5) + i18n (1.14.7) concurrent-ruby (~> 1.0) - jekyll (4.2.2) + jekyll (4.3.4) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) i18n (~> 1.0) - jekyll-sass-converter (~> 2.0) + jekyll-sass-converter (>= 2.0, < 4.0) jekyll-watch (~> 2.0) - kramdown (~> 2.3) + kramdown (~> 2.3, >= 2.3.1) kramdown-parser-gfm (~> 1.0) liquid (~> 4.0) - mercenary (~> 0.4.0) + mercenary (>= 0.3.6, < 0.5) pathutil (~> 0.9) - rouge (~> 3.0) + rouge (>= 3.0, < 5.0) safe_yaml (~> 1.0) - terminal-table (~> 2.0) + terminal-table (>= 1.8, < 4.0) + webrick (~> 1.7) jekyll-feed (0.17.0) jekyll (>= 3.7, < 5.0) - jekyll-sass-converter (2.2.0) - sassc (> 2.0.1, < 3.0) - jekyll-seo-tag (2.7.1) + jekyll-sass-converter (3.0.0) + sass-embedded (~> 1.54) + jekyll-seo-tag (2.8.0) jekyll (>= 3.8, < 5.0) jekyll-watch (2.2.1) listen (~> 3.0) - kramdown (2.4.0) - rexml + kramdown (2.5.1) + rexml (>= 3.3.9) kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) liquid (4.0.4) @@ -47,26 +50,28 @@ GEM rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.4.0) - minima (2.5.1) + minima (2.5.2) jekyll (>= 3.5, < 5.0) jekyll-feed (~> 0.9) jekyll-seo-tag (~> 2.1) pathutil (0.16.2) forwardable-extended (~> 2.6) public_suffix (5.1.1) + rake (13.3.0) rb-fsevent (0.11.2) rb-inotify (0.11.1) ffi (~> 1.0) - rexml (3.3.6) - strscan - rouge (3.30.0) + rexml (3.4.1) + rouge (4.5.2) safe_yaml (1.0.5) - sassc (2.4.0) - ffi (~> 1.9) - strscan (3.1.0) - terminal-table (2.0.0) - unicode-display_width (~> 1.1, >= 1.1.1) - unicode-display_width (1.8.0) + sass-embedded (1.63.6) + google-protobuf (~> 3.23) + rake (>= 13.0.0) + sass-embedded (1.63.6-x86_64-darwin) + google-protobuf (~> 3.23) + terminal-table (3.0.2) + unicode-display_width (>= 1.1.1, < 3) + unicode-display_width (2.6.0) webrick (1.8.2) PLATFORMS @@ -74,9 +79,9 @@ PLATFORMS x86_64-darwin-19 DEPENDENCIES - jekyll (~> 4.2.1) + jekyll (~> 4.3.0) jekyll-feed (~> 0.16, >= 0.16.0) - minima (~> 2.5, >= 2.5.1) + minima (~> 2.5, >= 2.5.2) tzinfo (~> 1.2) tzinfo-data wdm (~> 0.1.1)