From 69cd5e105a251b35d3ebbe5705b5f91ccf7e1185 Mon Sep 17 00:00:00 2001 From: Christopher Tubbs Date: Tue, 17 Sep 2024 18:07:44 -0400 Subject: [PATCH] Update gems * Update rexml for CVE-2024-43398 (this closes #7) * Lock some dependency versions to work with ruby 2.7 on ASF build servers --- Gemfile | 4 ++ Gemfile.lock | 133 +++++++++++++++++++++++---------------------------- 2 files changed, 63 insertions(+), 74 deletions(-) diff --git a/Gemfile b/Gemfile index 264e97d..227c907 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,7 @@ ruby '>=2.7' source 'https://rubygems.org' gem 'jekyll', '>= 4.2.0' +gem 'jekyll-redirect-from', '>= 0.16.0' + +gem "webrick", "~> 1.7" +gem "google-protobuf", "3.25.3" diff --git a/Gemfile.lock b/Gemfile.lock index a557792..32593f2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,9 +3,8 @@ GEM specs: addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) - bigdecimal (3.1.8) colorator (1.1.0) - concurrent-ruby (1.3.3) + concurrent-ruby (1.3.4) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) @@ -22,28 +21,16 @@ GEM ffi (1.17.0-x86_64-linux-gnu) ffi (1.17.0-x86_64-linux-musl) forwardable-extended (2.6.0) - google-protobuf (4.27.2) - bigdecimal - rake (>= 13) - google-protobuf (4.27.2-aarch64-linux) - bigdecimal - rake (>= 13) - google-protobuf (4.27.2-arm64-darwin) - bigdecimal - rake (>= 13) - google-protobuf (4.27.2-x86-linux) - bigdecimal - rake (>= 13) - google-protobuf (4.27.2-x86_64-darwin) - bigdecimal - rake (>= 13) - google-protobuf (4.27.2-x86_64-linux) - bigdecimal - rake (>= 13) + google-protobuf (3.25.3) + google-protobuf (3.25.3-aarch64-linux) + google-protobuf (3.25.3-arm64-darwin) + google-protobuf (3.25.3-x86-linux) + google-protobuf (3.25.3-x86_64-darwin) + google-protobuf (3.25.3-x86_64-linux) http_parser.rb (0.8.0) - i18n (1.14.5) + i18n (1.14.6) concurrent-ruby (~> 1.0) - jekyll (4.3.3) + jekyll (4.3.4) addressable (~> 2.4) colorator (~> 1.0) em-websocket (~> 0.5) @@ -59,6 +46,8 @@ GEM safe_yaml (~> 1.0) terminal-table (>= 1.8, < 4.0) webrick (~> 1.7) + jekyll-redirect-from (0.16.0) + jekyll (>= 3.3, < 5.0) jekyll-sass-converter (3.0.0) sass-embedded (~> 1.54) jekyll-watch (2.2.1) @@ -75,63 +64,57 @@ GEM pathutil (0.16.2) forwardable-extended (~> 2.6) public_suffix (6.0.1) - rake (13.2.1) rb-fsevent (0.11.2) rb-inotify (0.11.1) ffi (~> 1.0) - rexml (3.3.3) - strscan - rouge (4.3.0) + rexml (3.3.7) + rouge (4.4.0) safe_yaml (1.0.5) - sass-embedded (1.77.8) - google-protobuf (~> 4.26) - rake (>= 13) - sass-embedded (1.77.8-aarch64-linux-android) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-aarch64-linux-gnu) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-aarch64-linux-musl) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-aarch64-mingw-ucrt) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-arm-linux-androideabi) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-arm-linux-gnueabihf) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-arm-linux-musleabihf) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-arm64-darwin) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-riscv64-linux-android) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-riscv64-linux-gnu) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-riscv64-linux-musl) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86-cygwin) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86-linux-android) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86-linux-gnu) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86-linux-musl) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86-mingw-ucrt) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86_64-cygwin) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86_64-darwin) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86_64-linux-android) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86_64-linux-gnu) - google-protobuf (~> 4.26) - sass-embedded (1.77.8-x86_64-linux-musl) - google-protobuf (~> 4.26) - strscan (3.1.0) + sass-embedded (1.77.5-aarch64-linux-android) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-aarch64-linux-gnu) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-aarch64-linux-musl) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-aarch64-mingw-ucrt) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-arm-linux-androideabi) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-arm-linux-gnueabihf) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-arm-linux-musleabihf) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-arm64-darwin) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-riscv64-linux-android) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-riscv64-linux-gnu) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-riscv64-linux-musl) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86-cygwin) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86-linux-android) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86-linux-gnu) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86-linux-musl) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86-mingw-ucrt) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86_64-cygwin) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86_64-darwin) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86_64-linux-android) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86_64-linux-gnu) + google-protobuf (>= 3.25, < 5.0) + sass-embedded (1.77.5-x86_64-linux-musl) + google-protobuf (>= 3.25, < 5.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) - unicode-display_width (2.5.0) + unicode-display_width (2.6.0) webrick (1.8.1) PLATFORMS @@ -149,7 +132,6 @@ PLATFORMS riscv64-linux-android riscv64-linux-gnu riscv64-linux-musl - ruby x86-cygwin x86-linux x86-linux-android @@ -163,7 +145,10 @@ PLATFORMS x86_64-linux-musl DEPENDENCIES + google-protobuf (= 3.25.3) jekyll (>= 4.2.0) + jekyll-redirect-from (>= 0.16.0) + webrick (~> 1.7) RUBY VERSION ruby 3.3.4p94