Apply dependabot security fixes (#26)

* Bump nokogiri from 1.10.5 to 1.10.8 (#11) Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.5 to 1.10.8. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.5...v1.10.8) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump puma from 3.12.2 to 3.12.4 (#14) Bumps [puma](https://github.com/puma/puma) from 3.12.2 to 3.12.4. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v3.12.2...v3.12.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump acorn from 6.4.0 to 6.4.1 (#15) Bumps [acorn](https://github.com/acornjs/acorn) from 6.4.0 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.4.0...6.4.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jquery from 3.4.1 to 3.5.0 (#18) Bumps [jquery](https://github.com/jquery/jquery) from 3.4.1 to 3.5.0. - [Release notes](https://github.com/jquery/jquery/releases) - [Commits](https://github.com/jquery/jquery/compare/3.4.1...3.5.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump kaminari from 1.1.1 to 1.2.1 (#19) Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.1. - [Release notes](https://github.com/kaminari/kaminari/releases) - [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md) - [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Riccardo Graziosi <31478034+riggraz@users.noreply.github.com> * Bump websocket-extensions from 0.1.4 to 0.1.5 (#21) Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-ruby) from 0.1.4 to 0.1.5. - [Release notes](https://github.com/faye/websocket-extensions-ruby/releases) - [Changelog](https://github.com/faye/websocket-extensions-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/faye/websocket-extensions-ruby/compare/0.1.4...0.1.5) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump websocket-extensions from 0.1.3 to 0.1.4 (#22) Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4. - [Release notes](https://github.com/faye/websocket-extensions-node/releases) - [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md) - [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump rack from 2.0.8 to 2.2.3 (#23) Bumps [rack](https://github.com/rack/rack) from 2.0.8 to 2.2.3. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/2.0.8...2.2.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Riccardo Graziosi <31478034+riggraz@users.noreply.github.com> * Bump lodash from 4.17.15 to 4.17.19 (#25) Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 18:57:51 +01:00 · 2020-07-26 15:25:35 +02:00
parent 08de979b45
commit 732a75d2b2
4 changed files with 39 additions and 39 deletions
--- a/2
+++ b/2
@@ -31,7 +31,7 @@ gem "administrate", git: "https://github.com/thoughtbot/administrate.git", tag:
 gem 'react-rails', '~> 2.6.0'

 # Pagination
-gem 'kaminari', '~> 1.1.1'
+gem 'kaminari', '~> 1.2.1'

 group :development, :test do
  # Call 'byebug' anywhere in the code to stop execution and get a debugger console
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -97,7 +97,7 @@ GEM
    bindex (0.8.1)
    bootsnap (1.4.4)
      msgpack (~> 1.0)
-    builder (3.2.3)
+    builder (3.2.4)
    byebug (11.0.1)
    capybara (3.28.0)
      addressable
@@ -109,13 +109,13 @@ GEM
      xpath (~> 3.2)
    childprocess (1.0.1)
      rake (< 13.0)
-    concurrent-ruby (1.1.5)
+    concurrent-ruby (1.1.6)
    connection_pool (2.2.2)
-    crass (1.0.5)
+    crass (1.0.6)
    datetime_picker_rails (0.0.7)
      momentjs-rails (>= 2.8.1)
    diff-lcs (1.3)
-    erubi (1.8.0)
+    erubi (1.9.0)
    execjs (2.7.0)
    factory_bot (5.0.2)
      activesupport (>= 4.2.0)
@@ -125,7 +125,7 @@ GEM
    ffi (1.11.1)
    globalid (0.4.2)
      activesupport (>= 4.2.0)
-    i18n (1.6.0)
+    i18n (1.8.2)
      concurrent-ruby (~> 1.0)
    jbuilder (2.9.1)
      activesupport (>= 4.2.0)
@@ -133,23 +133,23 @@ GEM
      rails-dom-testing (>= 1, < 3)
      railties (>= 4.2.0)
      thor (>= 0.14, < 2.0)
-    kaminari (1.1.1)
+    kaminari (1.2.1)
      activesupport (>= 4.1.0)
-      kaminari-actionview (= 1.1.1)
-      kaminari-activerecord (= 1.1.1)
-      kaminari-core (= 1.1.1)
-    kaminari-actionview (1.1.1)
+      kaminari-actionview (= 1.2.1)
+      kaminari-activerecord (= 1.2.1)
+      kaminari-core (= 1.2.1)
+    kaminari-actionview (1.2.1)
      actionview
-      kaminari-core (= 1.1.1)
-    kaminari-activerecord (1.1.1)
+      kaminari-core (= 1.2.1)
+    kaminari-activerecord (1.2.1)
      activerecord
-      kaminari-core (= 1.1.1)
-    kaminari-core (1.1.1)
+      kaminari-core (= 1.2.1)
+    kaminari-core (1.2.1)
    listen (3.1.5)
      rb-fsevent (~> 0.9, >= 0.9.4)
      rb-inotify (~> 0.9, >= 0.9.7)
      ruby_dep (~> 1.2)
-    loofah (2.3.1)
+    loofah (2.5.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
    mail (2.7.1)
@@ -160,18 +160,18 @@ GEM
    mimemagic (0.3.3)
    mini_mime (1.0.2)
    mini_portile2 (2.4.0)
-    minitest (5.11.3)
+    minitest (5.14.1)
    momentjs-rails (2.20.1)
      railties (>= 3.1)
    msgpack (1.3.1)
    nio4r (2.4.0)
-    nokogiri (1.10.5)
+    nokogiri (1.10.9)
      mini_portile2 (~> 2.4.0)
    orm_adapter (0.5.0)
    pg (1.1.4)
    public_suffix (3.1.1)
    puma (3.12.2)
-    rack (2.0.8)
+    rack (2.2.3)
    rack-proxy (0.6.5)
      rack
    rack-test (1.1.0)
@@ -194,8 +194,8 @@ GEM
    rails-dom-testing (2.0.3)
      activesupport (>= 4.2.0)
      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.2.0)
-      loofah (~> 2.2, >= 2.2.2)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
    railties (6.0.0)
      actionpack (= 6.0.0)
      activesupport (= 6.0.0)
@@ -275,7 +275,7 @@ GEM
    turbolinks (5.2.0)
      turbolinks-source (~> 5.2)
    turbolinks-source (5.2.0)
-    tzinfo (1.2.5)
+    tzinfo (1.2.7)
      thread_safe (~> 0.1)
    warden (1.2.8)
      rack (>= 2.0.6)
@@ -294,10 +294,10 @@ GEM
      railties (>= 4.2)
    websocket-driver (0.7.1)
      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.4)
+    websocket-extensions (0.1.5)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    zeitwerk (2.1.9)
+    zeitwerk (2.3.0)

 PLATFORMS
  ruby
@@ -310,7 +310,7 @@ DEPENDENCIES
  devise!
  factory_bot_rails (~> 5.0.2)
  jbuilder (~> 2.7)
-  kaminari (~> 1.1.1)
+  kaminari (~> 1.2.1)
  listen (>= 3.0.5, < 3.2)
  pg (>= 0.18, < 2.0)
  puma (~> 3.12)
--- a/package.json
+++ b/package.json
@@ -11,7 +11,7 @@
    "@types/react-dom": "^16.9.0",
    "babel-plugin-transform-react-remove-prop-types": "^0.4.24",
    "bootstrap": "4.3.1",
-    "jquery": "^3.4.1",
+    "jquery": "^3.5.0",
    "popper.js": "^1.15.0",
    "prop-types": "^15.7.2",
    "react": "^16.9.0",
--- a/yarn.lock
+++ b/yarn.lock
@@ -1053,9 +1053,9 @@ accepts@~1.3.4, accepts@~1.3.5, accepts@~1.3.7:
    negotiator "0.6.2"

 acorn@^6.2.1:
-  version "6.4.0"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-6.4.0.tgz#b659d2ffbafa24baf5db1cdbb2c94a983ecd2784"
-  integrity sha512-gac8OEcQ2Li1dxIEWGZzsp2BitJxwkwcOm0zHAJLcPJaVvm58FRnk6RkuLRpU1EujipU2ZFODv2P9DLMfnV8mw==
+  version "6.4.1"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-6.4.1.tgz#531e58ba3f51b9dacb9a6646ca4debf5b14ca474"
+  integrity sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==

 aggregate-error@^3.0.0:
  version "3.0.1"
@@ -3913,10 +3913,10 @@ jest-worker@^24.9.0:
    merge-stream "^2.0.0"
    supports-color "^6.1.0"

-jquery@^3.4.1:
-  version "3.4.1"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.4.1.tgz#714f1f8d9dde4bdfa55764ba37ef214630d80ef2"
-  integrity sha512-36+AdBzCL+y6qjw5Tx7HgzeGCzC81MDDgaUP8ld2zhx58HdqXGoBd+tHdrBMiyjGQs0Hxs/MLZTu/eHNJJuWPw==
+jquery@^3.5.0:
+  version "3.5.0"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.0.tgz#9980b97d9e4194611c36530e7dc46a58d7340fc9"
+  integrity sha512-Xb7SVYMvygPxbFMpTFQiHh1J7HClEaThguL15N/Gg37Lri/qKyhRGZYzHRyLH8Stq3Aow0LsHO2O2ci86fCrNQ==

 js-base64@^2.1.8:
  version "2.5.1"
@@ -4142,9 +4142,9 @@ lodash.uniq@^4.5.0:
  integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=

 lodash@^4.0.0, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.5, lodash@~4.17.10:
-  version "4.17.15"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548"
-  integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==
+  version "4.17.19"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.19.tgz#e48ddedbe30b3321783c5b4301fbd353bc1e4a4b"
+  integrity sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==

 loglevel@^1.6.6:
  version "1.6.6"
@@ -7519,9 +7519,9 @@ websocket-driver@>=0.5.1:
    websocket-extensions ">=0.1.1"

 websocket-extensions@>=0.1.1:
-  version "0.1.3"
-  resolved "https://registry.yarnpkg.com/websocket-extensions/-/websocket-extensions-0.1.3.tgz#5d2ff22977003ec687a4b87073dfbbac146ccf29"
-  integrity sha512-nqHUnMXmBzT0w570r2JpJxfiSD1IzoI+HGVdd3aZ0yNi3ngvQ4jv1dtHt5VGxfI2yj5yqImPhOK4vmIh2xMbGg==
+  version "0.1.4"
+  resolved "https://registry.yarnpkg.com/websocket-extensions/-/websocket-extensions-0.1.4.tgz#7f8473bc839dfd87608adb95d7eb075211578a42"
+  integrity sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==

 which-module@^1.0.0:
  version "1.0.0"