From ba16519d30228b34bab980838ff9f4eeb33fc026 Mon Sep 17 00:00:00 2001 From: Korry Luke Date: Fri, 26 Oct 2018 02:26:17 +0900 Subject: [PATCH] Bump gem versions Fix CVE-2018-3760 --- Gemfile.lock | 213 +++++++++++++++++++++++++++------------------------ 1 file changed, 113 insertions(+), 100 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 7fb33a3..882cd60 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ GEM remote: https://rubygems.org/ specs: - Ascii85 (1.0.2) + Ascii85 (1.0.3) actionmailer (4.2.10) actionpack (= 4.2.10) actionview (= 4.2.10) @@ -45,15 +45,15 @@ GEM rack (>= 0.9.0) binding_of_caller (0.7.2) debug_inspector (>= 0.0.1) - bourbon (4.2.7) + bourbon (5.1.0) sass (~> 3.4) thor (~> 0.19) bower-rails (0.11.0) builder (3.2.3) - bullet (5.4.2) + bullet (5.7.6) activesupport (>= 3.0.0) - uniform_notifier (~> 1.10.0) - byebug (9.0.5) + uniform_notifier (~> 1.11.0) + byebug (10.0.2) capistrano (3.4.0) i18n rake (>= 10.0.0) @@ -64,35 +64,33 @@ GEM capistrano-rails (1.1.3) capistrano (~> 3.1) capistrano-bundler (~> 1.1) - capistrano-rbenv (2.0.4) + capistrano-rbenv (2.1.4) capistrano (~> 3.1) sshkit (~> 1.3) capistrano3-unicorn (0.2.1) capistrano (~> 3.1, >= 3.1.0) - carrierwave (0.11.2) - activemodel (>= 3.2.0) - activesupport (>= 3.2.0) - json (>= 1.7) + carrierwave (1.2.3) + activemodel (>= 4.0.0) + activesupport (>= 4.0.0) mime-types (>= 1.16) - mimemagic (>= 0.3.0) - chartkick (2.1.1) + chartkick (3.0.1) chronic (0.10.2) - coderay (1.1.1) + coderay (1.1.2) coffee-rails (4.1.1) coffee-script (>= 2.2.0) railties (>= 4.0.0, < 5.1.x) coffee-script (2.4.1) coffee-script-source execjs - coffee-script-source (1.10.0) + coffee-script-source (1.12.2) concurrent-ruby (1.0.5) crass (1.0.4) - debug_inspector (0.0.2) + debug_inspector (0.0.3) diff-lcs (1.3) - diffy (3.1.0) + diffy (3.2.1) erubis (2.7.0) - eventmachine (1.2.0.1) - exception_notification (4.2.1) + eventmachine (1.2.7) + exception_notification (4.2.2) actionmailer (>= 4.0, < 6) activesupport (>= 4.0, < 6) execjs (2.7.0) @@ -101,25 +99,25 @@ GEM factory_girl_rails (4.5.0) factory_girl (~> 4.5.0) railties (>= 3.0.0) - faraday (0.9.2) + faraday (0.15.3) multipart-post (>= 1.2, < 3) - faraday_middleware (0.10.0) - faraday (>= 0.7.4, < 0.10) - faye-websocket (0.9.2) + faraday_middleware (0.10.1) + faraday (>= 0.7.4, < 1.0) + faye-websocket (0.10.7) eventmachine (>= 0.12.0) websocket-driver (>= 0.5.1) + ffi (1.9.25) font-awesome-sass (4.3.2.1) sass (~> 3.2) - foreman (0.82.0) + foreman (0.85.0) thor (~> 0.19.1) - gemoji (2.1.0) + gemoji (3.0.0) git-ssh-wrapper (0.2.0) github-markdown (0.6.9) globalid (0.4.1) activesupport (>= 4.2.0) - gon (6.1.0) + gon (6.2.1) actionpack (>= 3.0) - json multi_json request_store (>= 1.0) haml (4.0.7) @@ -137,58 +135,65 @@ GEM haml (>= 4.0, < 6) nokogiri (>= 1.6.0) ruby_parser (~> 3.5) - http_accept_language (2.0.5) - i18n (0.9.4) + http_accept_language (2.1.1) + i18n (0.9.5) concurrent-ruby (~> 1.0) jbuilder (2.2.16) activesupport (>= 3.0.0, < 5) multi_json (~> 1.2) - jquery-rails (4.2.1) + jquery-rails (4.3.3) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) jquery-turbolinks (2.1.0) railties (>= 3.1.0) turbolinks - json (2.1.0) json_expressions (0.8.3) - jwt (1.5.6) - kaminari (0.17.0) - actionpack (>= 3.0.0) - activesupport (>= 3.0.0) - kgio (2.10.0) - libv8 (3.16.14.15) - line-bot-api (1.0.0) + jwt (2.1.0) + kaminari (1.1.1) + activesupport (>= 4.1.0) + kaminari-actionview (= 1.1.1) + kaminari-activerecord (= 1.1.1) + kaminari-core (= 1.1.1) + kaminari-actionview (1.1.1) + actionview + kaminari-core (= 1.1.1) + kaminari-activerecord (1.1.1) + activerecord + kaminari-core (= 1.1.1) + kaminari-core (1.1.1) + kgio (2.11.2) + libv8 (3.16.14.19) + line-bot-api (1.3.0) loofah (2.2.2) crass (~> 1.0.2) nokogiri (>= 1.5.9) - mail (2.7.0) + mail (2.7.1) mini_mime (>= 0.1.1) - method_source (0.8.2) - mime-types (3.1) + method_source (0.9.0) + mime-types (3.2.2) mime-types-data (~> 3.2015) - mime-types-data (3.2016.0521) - mimemagic (0.3.2) - mini_mime (1.0.0) + mime-types-data (3.2018.0812) + mini_mime (1.0.1) mini_portile2 (2.3.0) minitest (5.11.3) - multi_json (1.12.1) + multi_json (1.13.1) multi_xml (0.6.0) multipart-post (2.0.0) mysql2 (0.3.18) - neat (1.8.0) - sass (>= 3.3) + neat (3.0.0) + sass (~> 3.4) thor (~> 0.19) nested_form (0.3.2) net-ldap (0.16.1) net-scp (1.2.1) net-ssh (>= 2.6.5) - net-ssh (3.2.0) - nokogiri (1.8.2) + net-ssh (5.0.2) + nokogiri (1.8.5) mini_portile2 (~> 2.3.0) - oauth2 (1.4.0) - faraday (>= 0.8, < 0.13) - jwt (~> 1.0) + oauth2 (1.4.1) + faraday (>= 0.8, < 0.16.0) + jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) rack (>= 1.2, < 3) @@ -200,29 +205,28 @@ GEM omniauth (~> 1.2) omniauth-slack (2.3.0) omniauth-oauth2 (~> 1.3.1) - pdf-reader (1.4.0) + pdf-reader (2.1.0) Ascii85 (~> 1.0.0) afm (~> 0.2.1) hashery (~> 2.0) ruby-rc4 ttfunk pr_geohash (1.0.0) - pry (0.10.4) + pry (0.11.3) coderay (~> 1.1.0) - method_source (~> 0.8.1) - slop (~> 3.4) - pry-doc (0.9.0) - pry (~> 0.9) - yard (~> 0.8) - pry-rails (0.3.4) - pry (>= 0.9.10) + method_source (~> 0.9.0) + pry-doc (0.13.4) + pry (~> 0.11) + yard (~> 0.9.11) + pry-rails (0.3.6) + pry (>= 0.10.4) pry-remote (0.1.8) pry (~> 0.9) slop (~> 3.0) pry-stack_explorer (0.4.9.2) binding_of_caller (>= 0.7) pry (>= 0.9.11) - rack (1.6.8) + rack (1.6.10) rack-test (0.6.3) rack (>= 1.0) rails (4.2.10) @@ -252,15 +256,20 @@ GEM activesupport (= 4.2.10) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - raindrops (0.17.0) - rake (12.3.0) + raindrops (0.19.0) + rake (12.3.1) + rb-fsevent (0.10.3) + rb-inotify (0.9.10) + ffi (>= 0.5.0, < 2) redcarpet (3.3.4) ref (2.0.0) refills (0.2.0) - request_store (1.3.1) - rsolr (1.1.2) + request_store (1.4.1) + rack (>= 1.4) + rsolr (2.2.1) builder (>= 2.1.2) - rspec-core (3.7.0) + faraday (>= 0.9.0) + rspec-core (3.7.1) rspec-support (~> 3.7.0) rspec-expectations (3.7.0) diff-lcs (>= 1.2.0, < 2.0) @@ -276,27 +285,32 @@ GEM rspec-expectations (~> 3.7.0) rspec-mocks (~> 3.7.0) rspec-support (~> 3.7.0) - rspec-support (3.7.0) + rspec-support (3.7.1) ruby-rc4 (0.1.5) - ruby_parser (3.10.1) + ruby_parser (3.11.0) sexp_processor (~> 4.9) - sass (3.4.22) - sass-rails (5.0.6) + sass (3.6.0) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) + sass-rails (5.0.7) railties (>= 4.0.0, < 6) sass (~> 3.1) sprockets (>= 2.8, < 4.0) sprockets-rails (>= 2.0, < 4.0) tilt (>= 1.1, < 3) - sexp_processor (4.10.0) - slack-api (1.2.4) - faraday (>= 0.7, < 0.10) - faraday_middleware (~> 0.8) - faye-websocket (~> 0.9.2) + sexp_processor (4.11.0) + slack-api (1.6.1) + faraday (~> 0.11) + faraday_middleware (~> 0.10.0) + faye-websocket (~> 0.10.6) multi_json (~> 1.0, >= 1.0.3) - slack-notifier (1.5.1) + slack-notifier (2.3.2) slop (3.6.0) - spring (1.7.2) - sprockets (3.7.1) + spring (2.0.2) + activesupport (>= 4.2) + sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) sprockets-rails (3.2.1) @@ -304,50 +318,49 @@ GEM activesupport (>= 4.0) sprockets (>= 3.0.0) sqlite3 (1.3.10) - sshkey (1.8.0) - sshkit (1.11.3) + sshkey (1.9.0) + sshkit (1.18.0) net-scp (>= 1.1.2) net-ssh (>= 2.8.0) - sunspot (2.2.6) + sunspot (2.3.0) pr_geohash (~> 1.0) - rsolr (~> 1.1.1) - sunspot_rails (2.2.6) - nokogiri + rsolr (>= 1.1.1, < 3) + sunspot_rails (2.3.0) rails (>= 3) - sunspot (= 2.2.6) - sunspot_solr (2.2.6) - therubyracer (0.12.2) - libv8 (~> 3.16.14.0) + sunspot (= 2.3.0) + sunspot_solr (2.3.0) + therubyracer (0.12.3) + libv8 (~> 3.16.14.15) ref thor (0.19.4) thread_safe (0.3.6) tilt (2.0.8) - timecop (0.8.1) - ttfunk (1.4.0) - turbolinks (5.0.1) - turbolinks-source (~> 5) - turbolinks-source (5.0.0) + timecop (0.9.1) + ttfunk (1.5.1) + turbolinks (5.2.0) + turbolinks-source (~> 5.2) + turbolinks-source (5.2.0) tzinfo (1.2.5) thread_safe (~> 0.1) - uglifier (3.0.2) + uglifier (4.1.19) execjs (>= 0.3.0, < 3) unicorn (4.8.3) kgio (~> 2.6) rack raindrops (~> 0.7) - uniform_notifier (1.10.0) + uniform_notifier (1.11.0) web-console (2.3.0) activemodel (>= 4.0) binding_of_caller (>= 0.7.2) railties (>= 4.0) sprockets-rails (>= 2.0, < 4.0) - websocket-driver (0.6.4) + websocket-driver (0.7.0) websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.2) - whenever (0.9.7) + websocket-extensions (0.1.3) + whenever (0.10.0) chronic (>= 0.6.3) yajl-ruby (1.3.1) - yard (0.9.12) + yard (0.9.16) PLATFORMS ruby @@ -421,4 +434,4 @@ DEPENDENCIES yajl-ruby (~> 1.3.1) BUNDLED WITH - 1.16.2 + 1.16.6