From 66fc8f9fd72e3871909225e886e2de8024456bf3 Mon Sep 17 00:00:00 2001 From: Nelson Jovel Date: Fri, 27 Sep 2024 14:20:18 -0700 Subject: [PATCH] chore: add deprecated gems to gemfile because they will get removed from the ruby standard library in the next version. Also address security vulnerabilities --- Gemfile | 65 +++++++++++++++++----------------------------------- Gemfile.lock | 13 +++++++++-- yarn.lock | 2 +- 3 files changed, 33 insertions(+), 47 deletions(-) diff --git a/Gemfile b/Gemfile index 36256080..d679eb46 100644 --- a/Gemfile +++ b/Gemfile @@ -7,57 +7,34 @@ git_source(:github) do |repo_name| end # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem "rails", "~> 7.1.3" -gem "sprockets-rails" - -gem "pg" - -# Use Puma as the app server -gem "puma", ">= 6.4.0" -# Use Uglifier as compressor for JavaScript assets -gem "uglifier", ">= 1.3.0" -# See https://github.com/rails/execjs#readme for more supported runtimes -# Use jquery as the JavaScript library -gem "jquery-rails" -# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder -gem "jbuilder", "~> 2.5" -# Use Redis adapter to run Action Cable in production -gem "redis", "~> 3.0" -# Use ActiveModel has_secure_password -# gem 'bcrypt', '~> 3.1.7' - -gem "nokogiri" - +gem "activerecord-import" +gem "bcrypt_pbkdf" gem "bootsnap", require: false - -gem "haml" - +gem "cssbundling-rails" +gem "devise", git: "https://github.com/heartcombo/devise" +gem "ed25519" gem "friendly_id", "~> 5.1.0" - +gem "haml" +gem "jbuilder", "~> 2.5" +gem "jquery-rails" +gem "jsbundling-rails" +gem "logger" +gem "net-sftp" gem "newrelic_rpm" - -gem "devise", git: "https://github.com/heartcombo/devise" - +gem "nokogiri" gem "omniauth" - -gem "activerecord-import" - -gem "jsbundling-rails" - -gem "cssbundling-rails" - -gem "turbo-rails" - +gem "ostruct" +gem "pg" +gem "puma", ">= 6.4.0" +gem "rails", "~> 7.1.3" +gem "redis", "~> 3.0" +gem "sprockets-rails" +gem "standard_deviation" gem "stimulus-rails" - +gem "turbo-rails" +gem "uglifier", ">= 1.3.0" gem "watir" -gem "bcrypt_pbkdf" -gem "ed25519" -gem "net-sftp" - -gem "standard_deviation" - group :development, :test do # Call 'byebug' anywhere in the code to stop execution and get a debugger console gem "byebug", platform: :mri diff --git a/Gemfile.lock b/Gemfile.lock index 7d950ee1..7aa64af5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -179,7 +179,12 @@ GEM activerecord (>= 4.0.0) globalid (1.2.1) activesupport (>= 6.1) - google-protobuf (3.25.1) + google-protobuf (4.28.2-arm64-darwin) + bigdecimal + rake (>= 13) + google-protobuf (4.28.2-x86_64-linux) + bigdecimal + rake (>= 13) guard (2.18.1) formatador (>= 0.2.4) listen (>= 2.7, < 4.0) @@ -233,6 +238,7 @@ GEM listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) + logger (1.6.1) loofah (2.22.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) @@ -280,6 +286,7 @@ GEM rack (>= 2.2.3) rack-protection orm_adapter (0.5.0) + ostruct (0.6.0) parallel (1.24.0) parallel_tests (4.3.0) parallel @@ -297,7 +304,7 @@ GEM psych (5.1.2) stringio public_suffix (5.0.4) - puma (6.4.2) + puma (6.4.3) nio4r (~> 2.0) racc (1.8.1) rack (3.1.7) @@ -517,12 +524,14 @@ DEPENDENCIES jsbundling-rails launchy listen (~> 3.8.0) + logger nested_scaffold net-sftp newrelic_rpm nokogiri observer (~> 0.1.2) omniauth + ostruct parallel_tests pg pg_query (>= 2) diff --git a/yarn.lock b/yarn.lock index 2a5cb534..c1029509 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1667,7 +1667,7 @@ brace-expansion@^1.1.7: balanced-match "^1.0.0" concat-map "0.0.1" -braces@^3.0.3, braces@~3.0.3: +braces@^3.0.2, braces@^3.0.3, braces@~3.0.2: version "3.0.3" resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789" integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==