From f37ff175a31a1dc4655e79828eedc6f19da7133b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 28 Jul 2025 08:16:34 +0000 Subject: [PATCH] fix: canaries/ruby/railsgoat/Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674179 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674176 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674184 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674192 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674188 --- canaries/ruby/railsgoat/Gemfile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/canaries/ruby/railsgoat/Gemfile b/canaries/ruby/railsgoat/Gemfile index 451dba6..c8e7354 100644 --- a/canaries/ruby/railsgoat/Gemfile +++ b/canaries/ruby/railsgoat/Gemfile @@ -2,7 +2,7 @@ source "https://rubygems.org" #don't upgrade -gem "rails", "6.0.0" +gem "rails", "6.0.1" ruby "2.6.5" @@ -12,14 +12,14 @@ gem "coffee-rails" gem "execjs" gem "foreman" gem "jquery-fileupload-rails" -gem "jquery-rails" +gem "jquery-rails", ">= 4.4.0" gem "minitest" gem "powder" # Pow related gem gem "pry-rails" # not in dev group in case running via prod/staging @ a training gem "puma" gem "rails-perftest" gem "rake" -gem "responders" #For Rails 4.2 # LOCKED DOWN +gem "responders" , ">= 3.0.1" #For Rails 4.2 # LOCKED DOWN gem "ruby-prof" gem "sassc-rails" gem "simplecov", require: false, group: :test @@ -48,11 +48,11 @@ group :development, :mysql do end group :development, :test, :mysql do - gem "capybara" + gem "capybara", ">= 3.30.0" gem "database_cleaner" gem "launchy" gem "poltergeist" - gem "rspec-rails", '4.0.0.beta3' # 4/26/2019: LOCKED DOWN + gem "rspec-rails", "4.0.0" # 4/26/2019: LOCKED DOWN gem "test-unit" end