From 0dcc8e9e533b0312e0053904304f7e14bbd930ff Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 18 Jul 2024 07:10:15 +0000 Subject: [PATCH] fix: scripts/Gemfile & scripts/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-7462086 --- scripts/Gemfile | 2 +- scripts/Gemfile.lock | 26 +++++++++++++++++--------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/scripts/Gemfile b/scripts/Gemfile index afffc9ac8e0b0..9c9f2748efa26 100644 --- a/scripts/Gemfile +++ b/scripts/Gemfile @@ -7,6 +7,6 @@ ruby '~> 2.7.0' source 'https://rubygems.org' gem 'git', '~> 1.7.0' # for scripts/check-version.rb -gem 'mdl', '~> 0.9' # for scripts/check-markdown.sh +gem 'mdl', '~> 0.10', '>= 0.10.0' # for scripts/check-markdown.sh gem 'semantic', '~> 1.6.1' # for scripts/check-version.rb gem 'toml-rb', '~> 2.0' # for scripts/check-meta.rb diff --git a/scripts/Gemfile.lock b/scripts/Gemfile.lock index bfe8facf50997..f94ebd084cc31 100644 --- a/scripts/Gemfile.lock +++ b/scripts/Gemfile.lock @@ -1,34 +1,42 @@ GEM remote: https://rubygems.org/ specs: + chef-utils (18.5.0) + concurrent-ruby citrus (3.0.2) + concurrent-ruby (1.3.3) git (1.7.0) rchardet (~> 1.8) - kramdown (2.3.0) + kramdown (2.4.0) rexml kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) - mdl (0.9.0) - kramdown (~> 2.0) - kramdown-parser-gfm (~> 1.0) + mdl (0.13.0) + kramdown (~> 2.3) + kramdown-parser-gfm (~> 1.1) mixlib-cli (~> 2.1, >= 2.1.1) mixlib-config (>= 2.2.1, < 4) - mixlib-cli (2.1.6) - mixlib-config (3.0.6) + mixlib-shellout + mixlib-cli (2.1.8) + mixlib-config (3.0.27) tomlrb + mixlib-shellout (3.2.8) + chef-utils rchardet (1.8.0) - rexml (3.2.4) + rexml (3.3.2) + strscan semantic (1.6.1) + strscan (3.1.0) toml-rb (2.0.1) citrus (~> 3.0, > 3.0) - tomlrb (1.3.0) + tomlrb (2.0.3) PLATFORMS ruby DEPENDENCIES git (~> 1.7.0) - mdl (~> 0.9) + mdl (~> 0.10, >= 0.10.0) semantic (~> 1.6.1) toml-rb (~> 2.0)