From fc88742c3805bdf20141f56d493fdad7f084a1e4 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 7 Aug 2024 19:05:57 +0000 Subject: [PATCH] fix: packages/react-native-editor/ios/Gemfile & packages/react-native-editor/ios/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-7577227 - https://snyk.io/vuln/SNYK-RUBY-REXML-7577228 - https://snyk.io/vuln/SNYK-RUBY-REXML-7462086 --- packages/react-native-editor/ios/Gemfile | 2 +- packages/react-native-editor/ios/Gemfile.lock | 43 ++++++++++--------- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/packages/react-native-editor/ios/Gemfile b/packages/react-native-editor/ios/Gemfile index 2a0889e80abc7..453db24cab069 100644 --- a/packages/react-native-editor/ios/Gemfile +++ b/packages/react-native-editor/ios/Gemfile @@ -2,5 +2,5 @@ source 'https://rubygems.org' ruby File.read(File.join(__dir__, '.ruby-version')).strip -gem 'cocoapods', '>= 1.13', '< 1.15' +gem 'cocoapods', '~> 1.15' gem 'activesupport', '>= 6.1.7.3', '< 7.1.0' diff --git a/packages/react-native-editor/ios/Gemfile.lock b/packages/react-native-editor/ios/Gemfile.lock index e8fbb72a6ca65..b9e151ff89bcb 100644 --- a/packages/react-native-editor/ios/Gemfile.lock +++ b/packages/react-native-editor/ios/Gemfile.lock @@ -1,25 +1,27 @@ GEM remote: https://rubygems.org/ specs: - CFPropertyList (3.0.6) + CFPropertyList (3.0.7) + base64 + nkf rexml - activesupport (6.1.7.6) + activesupport (7.0.8.4) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) - zeitwerk (~> 2.3) - addressable (2.8.6) - public_suffix (>= 2.0.2, < 6.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) algoliasearch (1.27.5) httpclient (~> 2.8, >= 2.8.3) json (>= 1.5.1) atomos (0.1.3) + base64 (0.2.0) claide (1.1.0) - cocoapods (1.14.3) + cocoapods (1.15.2) addressable (~> 2.8) claide (>= 1.0.2, < 2.0) - cocoapods-core (= 1.14.3) + cocoapods-core (= 1.15.2) cocoapods-deintegrate (>= 1.0.3, < 2.0) cocoapods-downloader (>= 2.1, < 3.0) cocoapods-plugins (>= 1.0.0, < 2.0) @@ -34,7 +36,7 @@ GEM nap (~> 1.0) ruby-macho (>= 2.3.0, < 3.0) xcodeproj (>= 1.23.0, < 2.0) - cocoapods-core (1.14.3) + cocoapods-core (1.15.2) activesupport (>= 5.0, < 8) addressable (~> 2.8) algoliasearch (~> 1.0) @@ -54,40 +56,41 @@ GEM netrc (~> 0.11) cocoapods-try (1.2.0) colored2 (3.1.2) - concurrent-ruby (1.2.2) + concurrent-ruby (1.3.3) escape (0.0.4) ethon (0.16.0) ffi (>= 1.15.0) - ffi (1.16.3) + ffi (1.17.0) + ffi (1.17.0-arm64-darwin) fourflusher (2.3.1) fuzzy_match (2.0.4) gh_inspector (1.1.3) httpclient (2.8.3) - i18n (1.14.1) + i18n (1.14.5) concurrent-ruby (~> 1.0) - json (2.7.1) - minitest (5.19.0) + json (2.7.2) + minitest (5.24.1) molinillo (0.8.0) nanaimo (0.3.0) nap (1.1.0) netrc (0.11.0) + nkf (0.2.0) public_suffix (4.0.7) - rexml (3.2.8) - strscan (>= 3.0.9) + rexml (3.3.4) + strscan ruby-macho (2.5.1) strscan (3.1.0) typhoeus (1.4.1) ethon (>= 0.9.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - xcodeproj (1.24.0) + xcodeproj (1.25.0) CFPropertyList (>= 2.3.3, < 4.0) atomos (~> 0.1.3) claide (>= 1.0.2, < 2.0) colored2 (~> 3.1) nanaimo (~> 0.3.0) - rexml (~> 3.2.4) - zeitwerk (2.6.11) + rexml (>= 3.3.2, < 4.0) PLATFORMS arm64-darwin-21 @@ -96,10 +99,10 @@ PLATFORMS DEPENDENCIES activesupport (>= 6.1.7.3, < 7.1.0) - cocoapods (>= 1.13, < 1.15) + cocoapods (~> 1.15) RUBY VERSION - ruby 3.2.2p53 + ruby 2.7.8p225 BUNDLED WITH 2.4.10