This repository has been archived by the owner on Nov 24, 2017. It is now read-only.

[Snyk] Fix for 30 vulnerabilities #320

Open

snyk-bot wants to merge 1 commit into master from snyk-fix-36bbc9fe

snyk-bot commented Jun 9, 2017

This pull request fixes one or more vulnerable gems in the dependencies of this project. See the Snyk test report for this project for details.

The PR includes:

Changes to Gemfile and Gemfile.lock to upgrade the vulnerable dependencies to a fixed version.

Vulnerabilities that will be fixed

With an upgrade:

SNYK-RUBY-ACTIONPACK-20198
SNYK-RUBY-ACTIONPACK-20200
SNYK-RUBY-ACTIONPACK-20255
SNYK-RUBY-ACTIONPACK-20256
SNYK-RUBY-ACTIONPACK-20258
SNYK-RUBY-ACTIONPACK-20264
SNYK-RUBY-JQUERYRAILS-20225 - potentially breaking change
SNYK-RUBY-ACTIONVIEW-20262
SNYK-RUBY-ACTIONVIEW-20263
SNYK-RUBY-ACTIONVIEW-20271
SNYK-RUBY-ACTIVEMODEL-20260
SNYK-RUBY-ACTIVERECORD-20184
SNYK-RUBY-ACTIVERECORD-20190
SNYK-RUBY-ACTIVERECORD-20259
SNYK-RUBY-ACTIVESUPPORT-20228
SNYK-RUBY-ACTIVESUPPORT-20229
SNYK-RUBY-HAML-20341
SNYK-RUBY-HAML-20362
SNYK-RUBY-MAIL-20244
SNYK-RUBY-NOKOGIRI-20214
SNYK-RUBY-NOKOGIRI-20245
SNYK-RUBY-NOKOGIRI-20253
SNYK-RUBY-NOKOGIRI-20268
SNYK-RUBY-NOKOGIRI-20277
SNYK-RUBY-NOKOGIRI-20292
SNYK-RUBY-NOKOGIRI-20367
SNYK-RUBY-NOKOGIRI-20368
SNYK-RUBY-RACKATTACK-20246 - potentially breaking change
SNYK-RUBY-REDCARPET-20212
SNYK-RUBY-UGLIFIER-20236 - potentially breaking change

Check the changes in this PR to ensure they won't cause issues with your project.

Stay secure,
The Snyk team


          fix: Gemfile & Gemfile.lock to reduce vulnerabilities

fe72cc3

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-20198
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-20200
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-20255
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-20256
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-20258
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-20264
- https://snyk.io/vuln/SNYK-RUBY-JQUERYRAILS-20225
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-20262
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-20263
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-20271
- https://snyk.io/vuln/SNYK-RUBY-ACTIVEMODEL-20260
- https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-20184
- https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-20190
- https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-20259
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-20228
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-20229
- https://snyk.io/vuln/SNYK-RUBY-HAML-20341
- https://snyk.io/vuln/SNYK-RUBY-HAML-20362
- https://snyk.io/vuln/SNYK-RUBY-MAIL-20244
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20214
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20245
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20253
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20268
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20277
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20292
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20367
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20368
- https://snyk.io/vuln/SNYK-RUBY-RACKATTACK-20246
- https://snyk.io/vuln/SNYK-RUBY-REDCARPET-20212
- https://snyk.io/vuln/SNYK-RUBY-UGLIFIER-20236

Latest report for hackclub/website:
https://snyk.io/test/github/hackclub/website

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet