fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
bigbluebutton · Oct 6, 2023 · c2f7fa2 · c2f7fa2
1 parent 16b8922
commit c2f7fa2
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 11 deletions.
diff --git a/Gemfile b/Gemfile
@@ -5,14 +5,14 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
 ruby '>= 3.0'
 
-gem 'active_model_serializers'
+gem 'active_model_serializers', '>= 0.10.14'
 gem 'active_storage_validations', '>= 1.0.4'
 gem 'aws-sdk-s3', require: false
 gem 'bcrypt', '~> 3.1.7'
 gem 'bigbluebutton-api-ruby', '1.9.1'
 gem 'bootsnap', require: false
 gem 'cssbundling-rails', '>= 1.3.3'
-gem 'data_migrate', '>= 9.1.0'
+gem 'data_migrate', '>= 9.2.0'
 gem 'dotenv-rails'
 gem 'google-cloud-storage', '~> 1.44', require: false
 gem 'hcaptcha'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -46,9 +46,9 @@ GEM
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    active_model_serializers (0.10.13)
-      actionpack (>= 4.1, < 7.1)
-      activemodel (>= 4.1, < 7.1)
+    active_model_serializers (0.10.14)
+      actionpack (>= 4.1)
+      activemodel (>= 4.1)
       case_transform (>= 0.2)
       jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
     active_storage_validations (1.0.4)
@@ -130,9 +130,9 @@ GEM
     crass (1.0.6)
     cssbundling-rails (1.3.3)
       railties (>= 6.0.0)
-    data_migrate (9.1.1)
-      activerecord (>= 6.0)
-      railties (>= 6.0)
+    data_migrate (9.2.0)
+      activerecord (>= 6.1)
+      railties (>= 6.1)
     date (3.3.3)
     debug (1.7.1)
       irb (>= 1.5.0)
@@ -463,22 +463,22 @@ GEM
       rexml
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.6.11)
+    zeitwerk (2.6.12)
 
 PLATFORMS
   ruby
   x86_64-linux
 
 DEPENDENCIES
-  active_model_serializers
+  active_model_serializers (>= 0.10.14)
   active_storage_validations (>= 1.0.4)
   aws-sdk-s3
   bcrypt (~> 3.1.7)
   bigbluebutton-api-ruby (= 1.9.1)
   bootsnap
   capybara
   cssbundling-rails (>= 1.3.3)
-  data_migrate (>= 9.1.0)
+  data_migrate (>= 9.2.0)
   debug
   dotenv-rails
   factory_bot_rails
@@ -514,3 +514,9 @@ DEPENDENCIES
   web-console (>= 4.2.1)
   webdrivers
   webmock
+
+RUBY VERSION
+   ruby 3.0.0p0
+
+BUNDLED WITH
+   2.2.3