From 3b31548133931404357ac23eec0addf3d31a5322 Mon Sep 17 00:00:00 2001 From: Jeremy Massel <1123407+jkmassel@users.noreply.github.com> Date: Mon, 5 Aug 2024 07:18:24 -0600 Subject: [PATCH] Update Ruby dependencies to address nokogiri issue (#23461) > Nokogiri v1.16.5 upgrades its dependency libxml2 to 2.12.7 from 2.12.6. > > libxml2 v2.12.7 addresses CVE-2024-34459: > > described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 > patched by https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac53 --- Gemfile.lock | 82 ++++++++++++++++++++++++++-------------------------- 1 file changed, 41 insertions(+), 41 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e2dff3fe0f09..584a5b3074cb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -5,7 +5,7 @@ GEM base64 nkf rexml - activesupport (7.1.3.2) + activesupport (7.1.3.4) base64 bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) @@ -15,8 +15,8 @@ GEM minitest (>= 5.1) mutex_m tzinfo (~> 2.0) - addressable (2.8.6) - public_suffix (>= 2.0.2, < 6.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) algoliasearch (1.27.5) httpclient (~> 2.8, >= 2.8.3) json (>= 1.5.1) @@ -24,24 +24,24 @@ GEM ast (2.4.2) atomos (0.1.3) aws-eventstream (1.3.0) - aws-partitions (1.944.0) - aws-sdk-core (3.197.0) + aws-partitions (1.960.0) + aws-sdk-core (3.201.3) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.8) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.85.0) - aws-sdk-core (~> 3, >= 3.197.0) - aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.152.3) - aws-sdk-core (~> 3, >= 3.197.0) + aws-sdk-kms (1.88.0) + aws-sdk-core (~> 3, >= 3.201.0) + aws-sigv4 (~> 1.5) + aws-sdk-s3 (1.156.0) + aws-sdk-core (~> 3, >= 3.201.0) aws-sdk-kms (~> 1) - aws-sigv4 (~> 1.8) - aws-sigv4 (1.8.0) + aws-sigv4 (~> 1.5) + aws-sigv4 (1.9.1) aws-eventstream (~> 1, >= 1.0.2) babosa (1.0.4) base64 (0.2.0) - bigdecimal (3.1.7) + bigdecimal (3.1.8) buildkit (1.6.0) sawyer (>= 0.6) chroma (0.2.0) @@ -91,9 +91,9 @@ GEM colored2 (3.1.2) commander (4.6.0) highline (~> 2.0.0) - commonmarker (1.0.4) + commonmarker (1.1.5) rb_sys (~> 0.9) - concurrent-ruby (1.2.3) + concurrent-ruby (1.3.3) connection_pool (2.4.1) cork (0.3.0) colored2 (~> 3.1) @@ -110,14 +110,14 @@ GEM no_proxy_fix octokit (>= 4.0) terminal-table (>= 1, < 4) - danger-dangermattic (1.0.2) + danger-dangermattic (1.1.1) danger (~> 9.4) danger-plugin-api (~> 1.0) - danger-rubocop (~> 0.12) - rubocop (~> 1.61) + danger-rubocop (~> 0.13) + rubocop (~> 1.63) danger-plugin-api (1.0.0) danger (> 2.0) - danger-rubocop (0.12.0) + danger-rubocop (0.13.0) danger rubocop (~> 1.0) declarative (0.0.20) @@ -131,7 +131,7 @@ GEM escape (0.0.4) ethon (0.16.0) ffi (>= 1.15.0) - excon (0.110.0) + excon (0.111.0) faraday (1.10.3) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) @@ -155,7 +155,7 @@ GEM faraday-httpclient (1.0.1) faraday-multipart (1.0.4) multipart-post (~> 2) - faraday-net_http (1.0.1) + faraday-net_http (1.0.2) faraday-net_http_persistent (1.2.0) faraday-patron (1.0.0) faraday-rack (1.0.0) @@ -163,7 +163,7 @@ GEM faraday_middleware (1.2.0) faraday (~> 1.0) fastimage (2.3.1) - fastlane (2.221.0) + fastlane (2.222.0) CFPropertyList (>= 2.3, < 4.0.0) addressable (>= 2.8, < 3.0.0) artifactory (~> 3.0) @@ -205,9 +205,9 @@ GEM xcpretty (~> 0.3.0) xcpretty-travis-formatter (>= 0.0.3, < 2.0.0) fastlane-plugin-appcenter (2.1.2) - fastlane-plugin-sentry (1.20.0) + fastlane-plugin-sentry (1.24.0) os (~> 1.1, >= 1.1.4) - fastlane-plugin-wpmreleasetoolkit (11.0.0) + fastlane-plugin-wpmreleasetoolkit (11.1.0) activesupport (>= 6.1.7.1) buildkit (~> 1.5) chroma (= 0.2.0) @@ -224,7 +224,7 @@ GEM rake (>= 12.3, < 14.0) rake-compiler (~> 1.0) xcodeproj (~> 1.22) - ffi (1.16.3) + ffi (1.17.0) fourflusher (2.3.1) fuzzy_match (2.0.4) gh_inspector (1.1.3) @@ -271,7 +271,7 @@ GEM http-cookie (1.0.6) domain_name (~> 0.5) httpclient (2.8.3) - i18n (1.14.4) + i18n (1.14.5) concurrent-ruby (~> 1.0) java-properties (0.3.0) jmespath (1.6.2) @@ -283,10 +283,10 @@ GEM kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) language_server-protocol (3.17.0.3) - mini_magick (4.13.1) + mini_magick (4.13.2) mini_mime (1.1.5) - mini_portile2 (2.8.5) - minitest (5.22.3) + mini_portile2 (2.8.7) + minitest (5.24.1) molinillo (0.8.0) multi_json (1.15.0) multipart-post (2.4.1) @@ -297,7 +297,7 @@ GEM netrc (0.11.0) nkf (0.2.0) no_proxy_fix (0.1.2) - nokogiri (1.16.4) + nokogiri (1.16.7) mini_portile2 (~> 2.8.2) racc (~> 1.4) octokit (6.1.1) @@ -307,23 +307,23 @@ GEM options (2.3.2) optparse (0.5.0) os (1.1.4) - parallel (1.24.0) - parser (3.3.0.5) + parallel (1.25.1) + parser (3.3.4.0) ast (~> 2.4.1) racc plist (3.7.1) - progress_bar (1.3.3) - highline (>= 1.6, < 3) + progress_bar (1.3.4) + highline (>= 1.6) options (~> 2.3.0) public_suffix (4.0.7) - racc (1.7.3) + racc (1.8.1) rainbow (3.1.1) rake (13.2.1) rake-compiler (1.2.7) rake - rb_sys (0.9.90) + rb_sys (0.9.99) rchardet (1.8.0) - regexp_parser (2.9.0) + regexp_parser (2.9.2) representable (3.2.0) declarative (< 0.1.0) trailblazer-option (>= 0.1.1, < 0.2.0) @@ -333,19 +333,19 @@ GEM strscan rmagick (3.2.0) rouge (2.0.7) - rubocop (1.63.1) + rubocop (1.65.1) json (~> 2.3) language_server-protocol (>= 3.17.0) parallel (~> 1.10) parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 1.8, < 3.0) + regexp_parser (>= 2.4, < 3.0) rexml (>= 3.2.5, < 4.0) rubocop-ast (>= 1.31.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.31.2) - parser (>= 3.3.0.4) + rubocop-ast (1.31.3) + parser (>= 3.3.1.0) rubocop-rake (0.6.0) rubocop (~> 1.0) ruby-macho (2.5.1)