Update gems (#1241)

- Fix some vulnerabilities ``` Name: loofah Version: 2.2.2 Advisory: CVE-2018-16468 Criticality: Unknown URL: flavorjones/loofah#154 Title: Loofah XSS Vulnerability Solution: upgrade to >= 2.2.3 Name: nokogiri Version: 1.8.4 Advisory: CVE-2018-14404 Criticality: Unknown URL: sparklemotion/nokogiri#1785 Title: Nokogiri gem, via libxml2, is affected by multiple vulnerabilities Solution: upgrade to >= 1.8.5 Name: rack Version: 2.0.5 Advisory: CVE-2018-16470 Criticality: Unknown URL: https://groups.google.com/forum/#!topic/ruby-security-ann/Dz4sRl-ktKk Title: Possible DoS vulnerability in Rack Solution: upgrade to >= 2.0.6 Name: rack Version: 2.0.5 Advisory: CVE-2018-16471 Criticality: Unknown URL: https://groups.google.com/forum/#!topic/ruby-security-ann/NAalCee8n6o Title: Possible XSS vulnerability in Rack Solution: upgrade to ~> 1.6.11, >= 2.0.6 ``` - Fix factory_bot issues - Closes #1225
thoughtbot · Nov 28, 2018 · 05b7768 · 05b7768
1 parent 8d86f9f
commit 05b7768
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 18 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -133,7 +133,7 @@ GEM
     kgio (2.11.2)
     launchy (2.4.3)
       addressable (~> 2.3)
-    loofah (2.2.2)
+    loofah (2.2.3)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (0.9.0)
@@ -143,7 +143,7 @@ GEM
     momentjs-rails (2.20.1)
       railties (>= 3.1)
     multipart-post (2.0.0)
-    nokogiri (1.8.4)
+    nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
     parser (2.5.1.2)
       ast (~> 2.4.0)
@@ -160,7 +160,7 @@ GEM
     public_suffix (3.0.3)
     pundit (2.0.0)
       activesupport (>= 3.0.0)
-    rack (2.0.5)
+    rack (2.0.6)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rack-timeout (0.5.1)
@@ -284,4 +284,4 @@ DEPENDENCIES
   webmock
 
 BUNDLED WITH
-   1.16.3
+   1.17.1
diff --git a/spec/factories.rb b/spec/factories.rb
@@ -5,7 +5,7 @@
     email { name.downcase.gsub(" ", "_") + "@example.com" }
 
     transient do
-      order_count 3
+      order_count { 3 }
     end
 
     trait :with_orders do
@@ -18,36 +18,37 @@
   factory :line_item do
     order
     product
-    unit_price 1.5
-    quantity 1
+    unit_price { 1.5 }
+    quantity { 1 }
   end
 
   factory :log_entry do
-    action "create"
+    action { "create" }
     association :logeable, factory: :customer
   end
 
   factory :order do
     customer
-    address_line_one "85 2nd St"
+    address_line_one { "85 2nd St" }
     sequence(:address_line_two) { |n| "#700 (#{n})" }
-    address_city "San Francisco"
-    address_state "CA"
-    address_zip "94110"
+    address_city { "San Francisco" }
+    address_state { "CA" }
+    address_zip { "94110" }
   end
 
   factory :product do
     sequence(:name) { |n| "Monopoly #{n}" }
-    price 10.50
-    description "A cutthroat game of financial conquest"
-    image_url \
+    price { 10.50 }
+    description { "A cutthroat game of financial conquest" }
+    image_url do
       "https://cdn.recombu.com/mobile/images/news/M11370/1264769196_w670.jpg"
+    end
     product_meta_tag
   end
 
   factory :product_meta_tag do
-    meta_title "meta_title"
-    meta_description "meta_description"
+    meta_title { "meta_title" }
+    meta_description { "meta_description" }
   end
 
   factory :payment do
@@ -56,7 +57,7 @@
 
   factory :blog_post, class: "Blog::Post" do
     sequence(:title) { |n| "Post #{n}" }
-    body "Empty"
+    body { "Empty" }
   end
 
   factory :series do