fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233
MeasureAuthoringTool · Nov 16, 2023 · 0b914e7 · 0b914e7
1 parent 376692b
commit 0b914e7
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/Gemfile b/Gemfile
@@ -10,7 +10,7 @@ gem 'sprockets-rails', '2.3.3'
 # We need less-rails outside of the assets group so that assets will build in production
 gem 'less-rails'
 # We want non-digest versions of our assets for font-awesome
-gem "non-stupid-digest-assets"
+gem "non-stupid-digest-assets", ">= 1.0.10"
 
 gem 'cqm-models', '~>4.0.2'
 # gem 'cqm-reports', '~> 3.1.2'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -129,7 +129,7 @@ GEM
     coffee-script-source (1.12.2)
     colorize (0.8.1)
     commonjs (0.2.7)
-    concurrent-ruby (1.1.10)
+    concurrent-ruby (1.2.2)
     cqm-models (4.0.2)
     crack (0.4.5)
       rexml
@@ -229,7 +229,7 @@ GEM
     nokogiri (1.13.7)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
-    non-stupid-digest-assets (1.0.9)
+    non-stupid-digest-assets (1.0.10)
       sprockets (>= 2.0)
     oj (3.13.16)
     orm_adapter (0.5.0)
@@ -248,7 +248,7 @@ GEM
       pry (~> 0.10)
     public_suffix (4.0.7)
     racc (1.6.0)
-    rack (2.2.4)
+    rack (2.2.8)
     rack-test (2.0.2)
       rack (>= 1.3)
     rails (5.2.8.1)
@@ -423,7 +423,7 @@ DEPENDENCIES
   mongoid (~> 6.4.2)
   multi_json
   newrelic_rpm
-  non-stupid-digest-assets
+  non-stupid-digest-assets (>= 1.0.10)
   oj
   overcommit
   pry