Download as
Browse Code »

Commit e204efc036cbc04ff16626c7f52d0055ec3ca0a0

Authored by Felix Bünemann
1 parent 3e1d0657
Exists in master

Security Updates for Dependencies 

* Rails 4.2.5.1 several CVEs fixed
* Devise 3.5.4+ fixes a security issue with remember_me tokens
* Kaminari 0.16.3 is required for mongoid 5.0 support
* Lock to last 4.x version of airbrake, 5.x is full rewrite
* Haml 4.0.7 performance fixes
* libv8 3.16.14.13 fixes compilation errors on latest Mac OS X
* nokogiri 1.6.7.2 fixes CVE-2015-7499
Showing 2 changed files with 62 additions and 58 deletions   Show diff stats
Gemfile
  Diff comments   View file @e204efc
1 1 source 'https://rubygems.org'
2 2  
3   -RAILS_VERSION = '~> 4.2.0'
  3 +RAILS_VERSION = '~> 4.2.5.1'
4 4  
5 5 send :ruby, ENV['GEMFILE_RUBY_VERSION'] if ENV['GEMFILE_RUBY_VERSION']
6 6  
... ... @@ -18,7 +18,7 @@ gem 'railties', RAILS_VERSION
18 18  
19 19 gem 'actionmailer_inline_css'
20 20 gem 'decent_exposure'
21   -gem 'devise'
  21 +gem 'devise', '~> 3.5.5'
22 22 gem 'dotenv-rails'
23 23 gem 'draper'
24 24 gem 'errbit_plugin'
... ... @@ -26,7 +26,7 @@ gem 'errbit_github_plugin'
26 26 gem 'font-awesome-rails'
27 27 gem 'haml'
28 28 gem 'htmlentities'
29   -gem 'kaminari', '>= 0.14.1'
  29 +gem 'kaminari', '>= 0.16.3'
30 30 gem 'mongoid', '5.0.2'
31 31 gem 'mongoid_rails_migrations'
32 32 gem 'rack-ssl', require: 'rack/ssl' # force SSL
... ... @@ -64,7 +64,7 @@ gem 'yajl-ruby', platform: 'ruby'
64 64 gem 'json', platform: 'jruby'
65 65  
66 66 group :development, :test do
67   - gem 'airbrake', require: false
  67 + gem 'airbrake', '~> 4.3.5', require: false
68 68 gem 'pry-rails'
69 69 gem 'pry-byebug', platforms: [:mri]
70 70 gem 'quiet_assets'
... ...
Gemfile.lock
  Diff comments   View file @e204efc
1 1 GEM
2 2 remote: https://rubygems.org/
3 3 specs:
4   - actionmailer (4.2.3)
5   - actionpack (= 4.2.3)
6   - actionview (= 4.2.3)
7   - activejob (= 4.2.3)
  4 + actionmailer (4.2.5.1)
  5 + actionpack (= 4.2.5.1)
  6 + actionview (= 4.2.5.1)
  7 + activejob (= 4.2.5.1)
8 8 mail (~> 2.5, >= 2.5.4)
9 9 rails-dom-testing (~> 1.0, >= 1.0.5)
10 10 actionmailer_inline_css (1.5.3)
11 11 actionmailer (>= 3.0.0)
12 12 nokogiri (>= 1.4.4)
13 13 premailer (>= 1.7.1)
14   - actionpack (4.2.3)
15   - actionview (= 4.2.3)
16   - activesupport (= 4.2.3)
  14 + actionpack (4.2.5.1)
  15 + actionview (= 4.2.5.1)
  16 + activesupport (= 4.2.5.1)
17 17 rack (~> 1.6)
18 18 rack-test (~> 0.6.2)
19 19 rails-dom-testing (~> 1.0, >= 1.0.5)
20 20 rails-html-sanitizer (~> 1.0, >= 1.0.2)
21   - actionview (4.2.3)
22   - activesupport (= 4.2.3)
  21 + actionview (4.2.5.1)
  22 + activesupport (= 4.2.5.1)
23 23 builder (~> 3.1)
24 24 erubis (~> 2.7.0)
25 25 rails-dom-testing (~> 1.0, >= 1.0.5)
26 26 rails-html-sanitizer (~> 1.0, >= 1.0.2)
27   - activejob (4.2.3)
28   - activesupport (= 4.2.3)
  27 + activejob (4.2.5.1)
  28 + activesupport (= 4.2.5.1)
29 29 globalid (>= 0.3.0)
30   - activemodel (4.2.3)
31   - activesupport (= 4.2.3)
  30 + activemodel (4.2.5.1)
  31 + activesupport (= 4.2.5.1)
32 32 builder (~> 3.1)
33   - activerecord (4.2.3)
34   - activemodel (= 4.2.3)
35   - activesupport (= 4.2.3)
  33 + activerecord (4.2.5.1)
  34 + activemodel (= 4.2.5.1)
  35 + activesupport (= 4.2.5.1)
36 36 arel (~> 6.0)
37   - activesupport (4.2.3)
  37 + activesupport (4.2.5.1)
38 38 i18n (~> 0.7)
39 39 json (~> 1.7, >= 1.7.7)
40 40 minitest (~> 5.1)
41 41 thread_safe (~> 0.3, >= 0.3.4)
42 42 tzinfo (~> 1.1)
43 43 addressable (2.3.8)
44   - airbrake (4.3.0)
  44 + airbrake (4.3.5)
45 45 builder
46 46 multi_json
47 47 arel (6.0.3)
... ... @@ -89,6 +89,8 @@ GEM
89 89 coderay (1.1.0)
90 90 colorize (0.7.7)
91 91 columnize (0.9.0)
  92 + concurrent-ruby (1.0.0)
  93 + concurrent-ruby (1.0.0-java)
92 94 coveralls (0.8.2)
93 95 json (~> 1.8)
94 96 rest-client (>= 1.6.8, < 2)
... ... @@ -99,7 +101,7 @@ GEM
99 101 addressable
100 102 debug_inspector (0.0.2)
101 103 decent_exposure (2.3.2)
102   - devise (3.5.1)
  104 + devise (3.5.5)
103 105 bcrypt (~> 3.0)
104 106 orm_adapter (~> 0.1)
105 107 railties (>= 3.2.6, < 5)
... ... @@ -139,7 +141,7 @@ GEM
139 141 railties (>= 3.2, < 5.0)
140 142 globalid (0.3.6)
141 143 activesupport (>= 4.1.0)
142   - haml (4.0.6)
  144 + haml (4.0.7)
143 145 tilt
144 146 hashie (3.4.2)
145 147 hipchat (1.5.1)
... ... @@ -172,7 +174,7 @@ GEM
172 174 launchy (2.4.3-java)
173 175 addressable (~> 2.3)
174 176 spoon (~> 0.0.1)
175   - libv8 (3.16.14.7)
  177 + libv8 (3.16.14.13)
176 178 loofah (2.0.3)
177 179 nokogiri (>= 1.5.9)
178 180 mail (2.6.3)
... ... @@ -182,10 +184,10 @@ GEM
182 184 rack-contrib (~> 1.1)
183 185 railties (>= 3.0.0, < 5.0.0)
184 186 method_source (0.8.2)
185   - mime-types (2.6.1)
  187 + mime-types (2.99)
186 188 mimemagic (0.3.0)
187 189 mini_portile2 (2.0.0)
188   - minitest (5.8.3)
  190 + minitest (5.8.4)
189 191 mongo (2.2.1)
190 192 bson (~> 4.0)
191 193 mongoid (5.0.2)
... ... @@ -209,9 +211,9 @@ GEM
209 211 net-ssh (>= 2.6.5)
210 212 net-ssh (2.9.2)
211 213 netrc (0.10.3)
212   - nokogiri (1.6.7.1)
  214 + nokogiri (1.6.7.2)
213 215 mini_portile2 (~> 2.0.0.rc2)
214   - nokogiri (1.6.7.1-java)
  216 + nokogiri (1.6.7.2-java)
215 217 oauth2 (1.0.0)
216 218 faraday (>= 0.8, < 0.10)
217 219 jwt (~> 1.0)
... ... @@ -260,6 +262,7 @@ GEM
260 262 pry-rails (0.3.4)
261 263 pry (>= 0.9.10)
262 264 puma (2.15.3)
  265 + puma (2.15.3-java)
263 266 quiet_assets (1.1.0)
264 267 railties (>= 3.1, < 5.0)
265 268 rack (1.6.4)
... ... @@ -270,16 +273,16 @@ GEM
270 273 rack-ssl-enforcer (0.2.8)
271 274 rack-test (0.6.3)
272 275 rack (>= 1.0)
273   - rails (4.2.3)
274   - actionmailer (= 4.2.3)
275   - actionpack (= 4.2.3)
276   - actionview (= 4.2.3)
277   - activejob (= 4.2.3)
278   - activemodel (= 4.2.3)
279   - activerecord (= 4.2.3)
280   - activesupport (= 4.2.3)
  276 + rails (4.2.5.1)
  277 + actionmailer (= 4.2.5.1)
  278 + actionpack (= 4.2.5.1)
  279 + actionview (= 4.2.5.1)
  280 + activejob (= 4.2.5.1)
  281 + activemodel (= 4.2.5.1)
  282 + activerecord (= 4.2.5.1)
  283 + activesupport (= 4.2.5.1)
281 284 bundler (>= 1.3.0, < 2.0)
282   - railties (= 4.2.3)
  285 + railties (= 4.2.5.1)
283 286 sprockets-rails
284 287 rails-deprecated_sanitizer (1.0.3)
285 288 activesupport (>= 4.2.0.alpha)
... ... @@ -287,7 +290,7 @@ GEM
287 290 activesupport (>= 4.2.0.beta, < 5.0)
288 291 nokogiri (~> 1.6.0)
289 292 rails-deprecated_sanitizer (>= 1.0.1)
290   - rails-html-sanitizer (1.0.2)
  293 + rails-html-sanitizer (1.0.3)
291 294 loofah (~> 2.0)
292 295 rails_12factor (0.0.3)
293 296 rails_serve_static_assets
... ... @@ -296,17 +299,17 @@ GEM
296 299 rails (> 3.1)
297 300 rails_serve_static_assets (0.0.4)
298 301 rails_stdout_logging (0.0.3)
299   - railties (4.2.3)
300   - actionpack (= 4.2.3)
301   - activesupport (= 4.2.3)
  302 + railties (4.2.5.1)
  303 + actionpack (= 4.2.5.1)
  304 + activesupport (= 4.2.5.1)
302 305 rake (>= 0.8.7)
303 306 thor (>= 0.18.1, < 2.0)
304 307 rainbow (2.0.0)
305   - rake (10.4.2)
  308 + rake (10.5.0)
306 309 ref (1.0.5)
307 310 request_store (1.1.0)
308   - responders (2.1.0)
309   - railties (>= 4.2.0, < 5)
  311 + responders (2.1.1)
  312 + railties (>= 4.2.0, < 5.1)
310 313 rest-client (1.8.0)
311 314 http-cookie (>= 1.0.2, < 2.0)
312 315 mime-types (>= 1.16, < 3.0)
... ... @@ -368,12 +371,13 @@ GEM
368 371 slop (3.6.0)
369 372 spoon (0.0.4)
370 373 ffi
371   - sprockets (3.3.3)
372   - rack (~> 1.0)
373   - sprockets-rails (2.3.2)
374   - actionpack (>= 3.0)
375   - activesupport (>= 3.0)
376   - sprockets (>= 2.8, < 4.0)
  374 + sprockets (3.5.2)
  375 + concurrent-ruby (~> 1.0)
  376 + rack (> 1, < 3)
  377 + sprockets-rails (3.0.0)
  378 + actionpack (>= 4.0)
  379 + activesupport (>= 4.0)
  380 + sprockets (>= 3.0.0)
377 381 sshkit (1.7.1)
378 382 colorize (>= 0.7.0)
379 383 net-scp (>= 1.1.2)
... ... @@ -400,7 +404,7 @@ GEM
400 404 unf (0.1.4-java)
401 405 unf_ext (0.0.7.1)
402 406 useragent (0.14.0)
403   - warden (1.2.3)
  407 + warden (1.2.4)
404 408 rack (>= 1.0)
405 409 websocket-driver (0.5.4)
406 410 websocket-extensions (>= 0.1.0)
... ... @@ -417,10 +421,10 @@ PLATFORMS
417 421 ruby
418 422  
419 423 DEPENDENCIES
420   - actionmailer (~> 4.2.0)
  424 + actionmailer (~> 4.2.5.1)
421 425 actionmailer_inline_css
422   - actionpack (~> 4.2.0)
423   - airbrake
  426 + actionpack (~> 4.2.5.1)
  427 + airbrake (~> 4.3.5)
424 428 better_errors
425 429 binding_of_caller
426 430 campy
... ... @@ -432,7 +436,7 @@ DEPENDENCIES
432 436 capybara
433 437 coveralls
434 438 decent_exposure
435   - devise
  439 + devise (~> 3.5.5)
436 440 dotenv-rails
437 441 draper
438 442 email_spec
... ... @@ -449,7 +453,7 @@ DEPENDENCIES
449 453 httparty
450 454 jquery-rails (~> 2.1.4)
451 455 json
452   - kaminari (>= 0.14.1)
  456 + kaminari (>= 0.16.3)
453 457 launchy
454 458 meta_request
455 459 mongoid (= 5.0.2)
... ... @@ -466,7 +470,7 @@ DEPENDENCIES
466 470 rack-ssl-enforcer
467 471 rails_12factor
468 472 rails_autolink
469   - railties (~> 4.2.0)
  473 + railties (~> 4.2.5.1)
470 474 ri_cal
471 475 rspec (~> 3.3)
472 476 rspec-activemodel-mocks
... ...