Merge pull request #4117 from envato/patch

Apply security patches for dependencies
zendesk · Oct 6, 2024 · a2d8eb5 · a2d8eb5
2 parents 27d9522 + 0d9b6ea
commit a2d8eb5
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/.bundler-audit.yml b/.bundler-audit.yml
@@ -0,0 +1,2 @@
+ignore:
+  - CVE-2024-6484 # ignore until a patch is available https://github.com/advisories/GHSA-9mvj-f7w8-pvh2
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -525,7 +525,7 @@ GEM
       binding_of_caller (>= 0.7)
       pry (>= 0.9.11)
     public_suffix (5.0.4)
-    puma (5.6.8)
+    puma (5.6.9)
       nio4r (~> 2.0)
     pyu-ruby-sasl (0.0.3.3)
     racc (1.8.0)
@@ -566,8 +566,7 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rexml (3.3.4)
-      strscan
+    rexml (3.3.8)
     rollbar (2.27.1)
     rollbar-user_informer (0.1.0)
       rollbar (~> 2.15)
@@ -638,7 +637,6 @@ GEM
     sqlite3 (1.6.9-x86_64-darwin)
     sqlite3 (1.6.9-x86_64-linux)
     stackprof (0.2.12)
-    strscan (3.1.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     thor (1.3.1)
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		ignore:
		- CVE-2024-6484 # ignore until a patch is available https://github.com/advisories/GHSA-9mvj-f7w8-pvh2