Bump gems

Address a couple of CVEs (as reported by `bundler-audit`). Name: ffi Version: 1.9.23 Advisory: CVE-2018-1000201 Criticality: High URL: https://github.com/ffi/ffi/releases/tag/1.9.24 Title: ruby-ffi DDL loading issue on Windows OS Solution: upgrade to >= 1.9.24 Name: nokogiri Version: 1.8.2 Advisory: CVE-2018-8048 Criticality: Unknown URL: sparklemotion/nokogiri#1746 Title: Revert libxml2 behavior in Nokogiri gem that could cause XSS Solution: upgrade to >= 1.8.3 Name: nokogiri Version: 1.8.2 Advisory: CVE-2018-14404 Criticality: Unknown URL: sparklemotion/nokogiri#1785 Title: Nokogiri gem, via libxml2, is affected by multiple vulnerabilities Solution: upgrade to >= 1.8.5 Name: rubyzip Version: 1.2.1 Advisory: CVE-2018-1000544 Criticality: Unknown URL: rubyzip/rubyzip#369 Title: Directory Traversal in rubyzip Solution: upgrade to >= 1.2.2
Koronen · Jan 22, 2019 · dadce0f · dadce0f
1 parent f242e67
commit dadce0f
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 50 deletions.
diff --git a/Gemfile b/Gemfile
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 ruby File.read('.ruby-version').chomp

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,7 +1,7 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (4.2.9)
+    activesupport (4.2.10)
       i18n (~> 0.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
@@ -13,42 +13,43 @@ GEM
       execjs
     coffee-script-source (1.11.1)
     colorator (1.1.0)
-    commonmarker (0.17.9)
+    commonmarker (0.17.13)
       ruby-enum (~> 0.5)
-    concurrent-ruby (1.0.5)
-    dnsruby (1.60.2)
+    concurrent-ruby (1.1.4)
+    dnsruby (1.61.2)
+      addressable (~> 2.5)
     em-websocket (0.5.1)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0.6.0)
-    ethon (0.11.0)
+    ethon (0.12.0)
       ffi (>= 1.3.0)
-    eventmachine (1.2.6)
+    eventmachine (1.2.7)
     execjs (2.7.0)
-    faraday (0.15.0)
+    faraday (0.15.4)
       multipart-post (>= 1.2, < 3)
-    ffi (1.9.23)
+    ffi (1.10.0)
     forwardable-extended (2.6.0)
     gemoji (3.0.0)
-    github-pages (183)
-      activesupport (= 4.2.9)
-      github-pages-health-check (= 1.7.3)
-      jekyll (= 3.7.3)
-      jekyll-avatar (= 0.5.0)
+    github-pages (193)
+      activesupport (= 4.2.10)
+      github-pages-health-check (= 1.8.1)
+      jekyll (= 3.7.4)
+      jekyll-avatar (= 0.6.0)
       jekyll-coffeescript (= 1.1.1)
       jekyll-commonmark-ghpages (= 0.1.5)
       jekyll-default-layout (= 0.1.4)
-      jekyll-feed (= 0.9.3)
+      jekyll-feed (= 0.11.0)
       jekyll-gist (= 1.5.0)
       jekyll-github-metadata (= 2.9.4)
-      jekyll-mentions (= 1.3.0)
+      jekyll-mentions (= 1.4.1)
       jekyll-optional-front-matter (= 0.3.0)
       jekyll-paginate (= 1.1.0)
       jekyll-readme-index (= 0.2.0)
-      jekyll-redirect-from (= 0.13.0)
+      jekyll-redirect-from (= 0.14.0)
       jekyll-relative-links (= 0.5.3)
-      jekyll-remote-theme (= 0.2.3)
+      jekyll-remote-theme (= 0.3.1)
       jekyll-sass-converter (= 1.5.2)
-      jekyll-seo-tag (= 2.4.0)
+      jekyll-seo-tag (= 2.5.0)
       jekyll-sitemap (= 1.2.0)
       jekyll-swiss (= 0.4.0)
       jekyll-theme-architect (= 0.1.1)
@@ -65,28 +66,28 @@ GEM
       jekyll-theme-tactile (= 0.1.1)
       jekyll-theme-time-machine (= 0.1.1)
       jekyll-titles-from-headings (= 0.5.1)
-      jemoji (= 0.9.0)
-      kramdown (= 1.16.2)
+      jemoji (= 0.10.1)
+      kramdown (= 1.17.0)
       liquid (= 4.0.0)
       listen (= 3.1.5)
       mercenary (~> 0.3)
-      minima (= 2.4.1)
-      nokogiri (>= 1.8.1, < 2.0)
+      minima (= 2.5.0)
+      nokogiri (>= 1.8.2, < 2.0)
       rouge (= 2.2.1)
       terminal-table (~> 1.4)
-    github-pages-health-check (1.7.3)
+    github-pages-health-check (1.8.1)
       addressable (~> 2.3)
       dnsruby (~> 1.60)
       octokit (~> 4.0)
       public_suffix (~> 2.0)
       typhoeus (~> 1.3)
-    html-pipeline (2.7.2)
+    html-pipeline (2.10.0)
       activesupport (>= 2)
       nokogiri (>= 1.4)
     http_parser.rb (0.6.0)
     i18n (0.9.5)
       concurrent-ruby (~> 1.0)
-    jekyll (3.7.3)
+    jekyll (3.7.4)
       addressable (~> 2.4)
       colorator (~> 1.0)
       em-websocket (~> 0.5)
@@ -99,7 +100,7 @@ GEM
       pathutil (~> 0.9)
       rouge (>= 1.7, < 4)
       safe_yaml (~> 1.0)
-    jekyll-avatar (0.5.0)
+    jekyll-avatar (0.6.0)
       jekyll (~> 3.0)
     jekyll-coffeescript (1.1.1)
       coffee-script (~> 2.2)
@@ -113,33 +114,31 @@ GEM
       rouge (~> 2)
     jekyll-default-layout (0.1.4)
       jekyll (~> 3.0)
-    jekyll-feed (0.9.3)
+    jekyll-feed (0.11.0)
       jekyll (~> 3.3)
     jekyll-gist (1.5.0)
       octokit (~> 4.2)
     jekyll-github-metadata (2.9.4)
       jekyll (~> 3.1)
       octokit (~> 4.0, != 4.4.0)
-    jekyll-mentions (1.3.0)
-      activesupport (~> 4.0)
+    jekyll-mentions (1.4.1)
       html-pipeline (~> 2.3)
       jekyll (~> 3.0)
     jekyll-optional-front-matter (0.3.0)
       jekyll (~> 3.0)
     jekyll-paginate (1.1.0)
     jekyll-readme-index (0.2.0)
       jekyll (~> 3.0)
-    jekyll-redirect-from (0.13.0)
+    jekyll-redirect-from (0.14.0)
       jekyll (~> 3.3)
     jekyll-relative-links (0.5.3)
       jekyll (~> 3.3)
-    jekyll-remote-theme (0.2.3)
+    jekyll-remote-theme (0.3.1)
       jekyll (~> 3.5)
       rubyzip (>= 1.2.1, < 3.0)
-      typhoeus (>= 0.7, < 2.0)
     jekyll-sass-converter (1.5.2)
       sass (~> 3.4)
-    jekyll-seo-tag (2.4.0)
+    jekyll-seo-tag (2.5.0)
       jekyll (~> 3.3)
     jekyll-sitemap (1.2.0)
       jekyll (~> 3.3)
@@ -186,44 +185,43 @@ GEM
       jekyll-seo-tag (~> 2.0)
     jekyll-titles-from-headings (0.5.1)
       jekyll (~> 3.3)
-    jekyll-watch (2.0.0)
+    jekyll-watch (2.1.2)
       listen (~> 3.0)
-    jemoji (0.9.0)
-      activesupport (~> 4.0, >= 4.2.9)
+    jemoji (0.10.1)
       gemoji (~> 3.0)
       html-pipeline (~> 2.2)
       jekyll (~> 3.0)
-    kramdown (1.16.2)
+    kramdown (1.17.0)
     liquid (4.0.0)
     listen (3.1.5)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
       ruby_dep (~> 1.2)
     mercenary (0.3.6)
-    mini_portile2 (2.3.0)
-    minima (2.4.1)
+    mini_portile2 (2.4.0)
+    minima (2.5.0)
       jekyll (~> 3.5)
       jekyll-feed (~> 0.9)
       jekyll-seo-tag (~> 2.1)
     minitest (5.11.3)
     multipart-post (2.0.0)
-    nokogiri (1.8.2)
-      mini_portile2 (~> 2.3.0)
-    octokit (4.8.0)
+    nokogiri (1.10.1)
+      mini_portile2 (~> 2.4.0)
+    octokit (4.13.0)
       sawyer (~> 0.8.0, >= 0.5.3)
-    pathutil (0.16.1)
+    pathutil (0.16.2)
       forwardable-extended (~> 2.6)
     public_suffix (2.0.5)
     rb-fsevent (0.10.3)
-    rb-inotify (0.9.10)
-      ffi (>= 0.5.0, < 2)
+    rb-inotify (0.10.0)
+      ffi (~> 1.0)
     rouge (2.2.1)
     ruby-enum (0.7.2)
       i18n
     ruby_dep (1.5.0)
-    rubyzip (1.2.1)
+    rubyzip (1.2.2)
     safe_yaml (1.0.4)
-    sass (3.5.6)
+    sass (3.7.3)
       sass-listen (~> 4.0.0)
     sass-listen (4.0.0)
       rb-fsevent (~> 0.9, >= 0.9.4)
@@ -234,11 +232,11 @@ GEM
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     thread_safe (0.3.6)
-    typhoeus (1.3.0)
+    typhoeus (1.3.1)
       ethon (>= 0.9.0)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
-    unicode-display_width (1.3.2)
+    unicode-display_width (1.4.1)
 
 PLATFORMS
   ruby
@@ -250,4 +248,4 @@ RUBY VERSION
    ruby 2.5.3p105
 
 BUNDLED WITH
-   1.16.1
+   2.0.1