From 8435dc3b1550b851c4ce8d13b645dc264ac28060 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 16 Jul 2025 09:39:01 +0000 Subject: [PATCH] fix: securepi/static/css/bootstrap/Gemfile & securepi/static/css/bootstrap/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242 - https://snyk.io/vuln/SNYK-RUBY-KRAMDOWN-585939 - https://snyk.io/vuln/SNYK-RUBY-KRAMDOWN-1087436 --- securepi/static/css/bootstrap/Gemfile | 6 +-- securepi/static/css/bootstrap/Gemfile.lock | 56 +++++++++++----------- 2 files changed, 30 insertions(+), 32 deletions(-) diff --git a/securepi/static/css/bootstrap/Gemfile b/securepi/static/css/bootstrap/Gemfile index c712220..ceafaeb 100644 --- a/securepi/static/css/bootstrap/Gemfile +++ b/securepi/static/css/bootstrap/Gemfile @@ -1,8 +1,8 @@ source 'https://rubygems.org' group :development, :test do - gem 'jekyll', '~> 3.8.5' - gem 'jekyll-redirect-from', '~> 0.14.0' - gem 'jekyll-sitemap', '~> 1.2.0' + gem 'jekyll', '~> 3.8.6' + gem 'jekyll-redirect-from', '~> 0.15.0' + gem 'jekyll-sitemap', '~> 1.3.0' gem 'wdm', '~> 0.1.1', :install_if => Gem.win_platform? end diff --git a/securepi/static/css/bootstrap/Gemfile.lock b/securepi/static/css/bootstrap/Gemfile.lock index 175fe6a..fba50ec 100644 --- a/securepi/static/css/bootstrap/Gemfile.lock +++ b/securepi/static/css/bootstrap/Gemfile.lock @@ -1,22 +1,22 @@ GEM remote: https://rubygems.org/ specs: - addressable (2.6.0) - public_suffix (>= 2.0.2, < 4.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) colorator (1.1.0) - concurrent-ruby (1.1.4) - em-websocket (0.5.1) + concurrent-ruby (1.3.5) + em-websocket (0.5.3) eventmachine (>= 0.12.9) - http_parser.rb (~> 0.6.0) + http_parser.rb (~> 0) eventmachine (1.2.7) eventmachine (1.2.7-x64-mingw32) - ffi (1.10.0) - ffi (1.10.0-x64-mingw32) + ffi (1.17.2) + ffi (1.17.2-x64-mingw32) forwardable-extended (2.6.0) - http_parser.rb (0.6.0) + http_parser.rb (0.8.0) i18n (0.9.5) concurrent-ruby (~> 1.0) - jekyll (3.8.5) + jekyll (3.8.7) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) @@ -29,31 +29,29 @@ GEM pathutil (~> 0.9) rouge (>= 1.7, < 4) safe_yaml (~> 1.0) - jekyll-redirect-from (0.14.0) - jekyll (~> 3.3) + jekyll-redirect-from (0.15.0) + jekyll (>= 3.3, < 5.0) jekyll-sass-converter (1.5.2) sass (~> 3.4) - jekyll-sitemap (1.2.0) - jekyll (~> 3.3) - jekyll-watch (2.1.2) + jekyll-sitemap (1.3.1) + jekyll (>= 3.7, < 5.0) + jekyll-watch (2.2.1) listen (~> 3.0) kramdown (1.17.0) - liquid (4.0.1) - listen (3.1.5) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - ruby_dep (~> 1.2) + liquid (4.0.4) + listen (3.9.0) + rb-fsevent (~> 0.10, >= 0.10.3) + rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.3.6) pathutil (0.16.2) forwardable-extended (~> 2.6) - public_suffix (3.0.3) - rb-fsevent (0.10.3) - rb-inotify (0.10.0) + public_suffix (5.1.1) + rb-fsevent (0.11.2) + rb-inotify (0.11.1) ffi (~> 1.0) - rouge (3.3.0) - ruby_dep (1.5.0) - safe_yaml (1.0.4) - sass (3.7.3) + rouge (3.30.0) + safe_yaml (1.0.5) + sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) @@ -65,9 +63,9 @@ PLATFORMS x64-mingw32 DEPENDENCIES - jekyll (~> 3.8.5) - jekyll-redirect-from (~> 0.14.0) - jekyll-sitemap (~> 1.2.0) + jekyll (~> 3.8.6) + jekyll-redirect-from (~> 0.15.0) + jekyll-sitemap (~> 1.3.0) wdm (~> 0.1.1) BUNDLED WITH