Bump versions of rails, actionpack and puma to address security vulnerabilities

4 years ago · 1ca88bf6d1
parent 378ea7dda9
commit 1ca88bf6d1
2 changed files with 74 additions and 74 deletions
--- a/4
+++ b/4
@ -7,13 +7,13 @@ git_source(:github) do |repo_name|
 end

 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem 'rails', '~> 7.0.1'
+gem 'rails', '~> 7.0.2.2'
 gem 'sprockets-rails'

 gem 'pg'

 # Use Puma as the app server
-gem 'puma', '>= 5.5.2'
+gem 'puma', '>= 5.6.2'
 # Use Uglifier as compressor for JavaScript assets
 gem 'uglifier', '>= 1.3.0'
 # See https://github.com/rails/execjs#readme for more supported runtimes
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -10,69 +10,69 @@ GIT
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (7.0.1)
-      actionpack (= 7.0.1)
-      activesupport (= 7.0.1)
+    actioncable (7.0.2.2)
+      actionpack (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.1)
-      actionpack (= 7.0.1)
-      activejob (= 7.0.1)
-      activerecord (= 7.0.1)
-      activestorage (= 7.0.1)
-      activesupport (= 7.0.1)
+    actionmailbox (7.0.2.2)
+      actionpack (= 7.0.2.2)
+      activejob (= 7.0.2.2)
+      activerecord (= 7.0.2.2)
+      activestorage (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      mail (>= 2.7.1)
      net-imap
      net-pop
      net-smtp
-    actionmailer (7.0.1)
-      actionpack (= 7.0.1)
-      actionview (= 7.0.1)
-      activejob (= 7.0.1)
-      activesupport (= 7.0.1)
+    actionmailer (7.0.2.2)
+      actionpack (= 7.0.2.2)
+      actionview (= 7.0.2.2)
+      activejob (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      mail (~> 2.5, >= 2.5.4)
      net-imap
      net-pop
      net-smtp
      rails-dom-testing (~> 2.0)
-    actionpack (7.0.1)
-      actionview (= 7.0.1)
-      activesupport (= 7.0.1)
+    actionpack (7.0.2.2)
+      actionview (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      rack (~> 2.0, >= 2.2.0)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (7.0.1)
-      actionpack (= 7.0.1)
-      activerecord (= 7.0.1)
-      activestorage (= 7.0.1)
-      activesupport (= 7.0.1)
+    actiontext (7.0.2.2)
+      actionpack (= 7.0.2.2)
+      activerecord (= 7.0.2.2)
+      activestorage (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      globalid (>= 0.6.0)
      nokogiri (>= 1.8.5)
-    actionview (7.0.1)
-      activesupport (= 7.0.1)
+    actionview (7.0.2.2)
+      activesupport (= 7.0.2.2)
      builder (~> 3.1)
      erubi (~> 1.4)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.1)
-      activesupport (= 7.0.1)
+    activejob (7.0.2.2)
+      activesupport (= 7.0.2.2)
      globalid (>= 0.3.6)
-    activemodel (7.0.1)
-      activesupport (= 7.0.1)
-    activerecord (7.0.1)
-      activemodel (= 7.0.1)
-      activesupport (= 7.0.1)
+    activemodel (7.0.2.2)
+      activesupport (= 7.0.2.2)
+    activerecord (7.0.2.2)
+      activemodel (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
    activerecord-import (1.3.0)
      activerecord (>= 4.2)
-    activestorage (7.0.1)
-      actionpack (= 7.0.1)
-      activejob (= 7.0.1)
-      activerecord (= 7.0.1)
-      activesupport (= 7.0.1)
+    activestorage (7.0.2.2)
+      actionpack (= 7.0.2.2)
+      activejob (= 7.0.2.2)
+      activerecord (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      marcel (~> 1.0)
      mini_mime (>= 1.1.0)
-    activesupport (7.0.1)
+    activesupport (7.0.2.2)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
@ -82,8 +82,8 @@ GEM
    ast (2.4.2)
    bcrypt (3.1.16)
    bindex (0.8.1)
-    bootsnap (1.9.4)
-      msgpack (~> 1.0)
+    bootsnap (1.10.3)
+      msgpack (~> 1.2)
    builder (3.2.4)
    bullet (7.0.1)
      activesupport (>= 3.0.0)
@ -151,7 +151,7 @@ GEM
    listen (3.0.8)
      rb-fsevent (~> 0.9, >= 0.9.4)
      rb-inotify (~> 0.9, >= 0.9.7)
-    loofah (2.13.0)
+    loofah (2.14.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
    mail (2.7.1)
@ -161,7 +161,7 @@ GEM
    method_source (1.0.0)
    mini_mime (1.1.2)
    minitest (5.15.0)
-    msgpack (1.4.2)
+    msgpack (1.4.4)
    multi_json (1.15.0)
    nested_scaffold (1.1.0)
    net-imap (0.2.3)
@ -179,7 +179,7 @@ GEM
      digest
      net-protocol
      timeout
-    newrelic_rpm (8.3.0)
+    newrelic_rpm (8.4.0)
    nio4r (2.5.8)
    nokogiri (1.13.1-x86_64-darwin)
      racc (~> 1.4)
@ -195,9 +195,9 @@ GEM
      parallel
    parser (3.1.0.0)
      ast (~> 2.4.1)
-    pg (1.2.3)
+    pg (1.3.1)
    public_suffix (4.0.6)
-    puma (5.5.2)
+    puma (5.6.2)
      nio4r (~> 2.0)
    racc (1.6.0)
    rack (2.2.3)
@ -207,20 +207,20 @@ GEM
      rack
    rack-test (1.1.0)
      rack (>= 1.0, < 3)
-    rails (7.0.1)
-      actioncable (= 7.0.1)
-      actionmailbox (= 7.0.1)
-      actionmailer (= 7.0.1)
-      actionpack (= 7.0.1)
-      actiontext (= 7.0.1)
-      actionview (= 7.0.1)
-      activejob (= 7.0.1)
-      activemodel (= 7.0.1)
-      activerecord (= 7.0.1)
-      activestorage (= 7.0.1)
-      activesupport (= 7.0.1)
+    rails (7.0.2.2)
+      actioncable (= 7.0.2.2)
+      actionmailbox (= 7.0.2.2)
+      actionmailer (= 7.0.2.2)
+      actionpack (= 7.0.2.2)
+      actiontext (= 7.0.2.2)
+      actionview (= 7.0.2.2)
+      activejob (= 7.0.2.2)
+      activemodel (= 7.0.2.2)
+      activerecord (= 7.0.2.2)
+      activestorage (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      bundler (>= 1.15.0)
-      railties (= 7.0.1)
+      railties (= 7.0.2.2)
    rails-controller-testing (1.0.5)
      actionpack (>= 5.0.1.rc1)
      actionview (>= 5.0.1.rc1)
@ -230,32 +230,32 @@ GEM
      nokogiri (>= 1.6)
    rails-html-sanitizer (1.4.2)
      loofah (~> 2.3)
-    railties (7.0.1)
-      actionpack (= 7.0.1)
-      activesupport (= 7.0.1)
+    railties (7.0.2.2)
+      actionpack (= 7.0.2.2)
+      activesupport (= 7.0.2.2)
      method_source
      rake (>= 12.2)
      thor (~> 1.0)
      zeitwerk (~> 2.5)
    rainbow (3.1.1)
    rake (13.0.6)
-    rb-fsevent (0.11.0)
+    rb-fsevent (0.11.1)
    rb-inotify (0.10.1)
      ffi (~> 1.0)
    redis (3.3.5)
-    regexp_parser (2.2.0)
+    regexp_parser (2.2.1)
    responders (3.0.1)
      actionpack (>= 5.0)
      railties (>= 5.0)
    rexml (3.2.5)
-    rspec-core (3.10.2)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.2)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.3)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.0)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
+      rspec-support (~> 3.11.0)
    rspec-rails (5.1.0)
      actionpack (>= 5.2)
      activesupport (>= 5.2)
@ -264,8 +264,8 @@ GEM
      rspec-expectations (~> 3.10)
      rspec-mocks (~> 3.10)
      rspec-support (~> 3.10)
-    rspec-support (3.10.3)
-    rubocop (1.25.0)
+    rspec-support (3.11.0)
+    rubocop (1.25.1)
      parallel (~> 1.10)
      parser (>= 3.1.0.0)
      rainbow (>= 2.2.2, < 4.0)
@ -357,9 +357,9 @@ DEPENDENCIES
  omniauth
  parallel_tests
  pg
-  puma (>= 5.5.2)
+  puma (>= 5.6.2)
  rack-mini-profiler
-  rails (~> 7.0.1)
+  rails (~> 7.0.2.2)
  rails-controller-testing
  redis (~> 3.0)
  rspec-rails (~> 5.1.0)