fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-5851458 - https://snyk.io/vuln/SNYK-RUBY-GLOBALID-3237234 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168318 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168649 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648 - https://snyk.io/vuln/SNYK-RUBY-TZINFO-2958048
MeasureAuthoringTool · Oct 5, 2023 · f97180f · f97180f
1 parent 376692b
commit f97180f
Showing 1 changed file with 11 additions and 11 deletions.
diff --git a/Gemfile b/Gemfile
@@ -1,12 +1,12 @@
 source 'https://rubygems.org'
 
-gem 'rails', '5.2.8.1'
+gem 'rails', '7.1.0'
 
 gem 'sprockets'
 
 # Need to require sprockets-rails expicitly to get asset pipeline, at least untill we move to SASS
 # Pinning sprockets-rails to 2.3.3 so that everything doesn't blow up. It might be time to start thinking about webpack.
-gem 'sprockets-rails', '2.3.3'
+gem 'sprockets-rails', '3.0.0'
 # We need less-rails outside of the assets group so that assets will build in production
 gem 'less-rails'
 # We want non-digest versions of our assets for font-awesome
@@ -23,7 +23,7 @@ gem 'zip-zip'
 
 gem 'axlsx', git: 'https://github.com/randym/axlsx', branch: 'master'
 gem 'mongoid', '~> 6.4.2'
-gem 'devise'
+gem 'devise', '>= 4.9.0'
 gem 'systemu'
 gem 'multi_json'
 gem 'rest-client'
@@ -32,19 +32,19 @@ gem 'roo', '~> 2.7'
 
 
 gem 'oj' # Faster JSON
-gem 'apipie-rails'
+gem 'apipie-rails', '>= 0.8.2'
 gem 'maruku' # enable Markup for API documentation
-gem 'doorkeeper', '~> 4.4.0'
-gem "doorkeeper-mongodb", '~> 4.1.0'
+gem 'doorkeeper', '~> 5.0.0'
+gem "doorkeeper-mongodb", "~> 4.2.0"
 
 group :test, :development, :ci do
   gem 'pry'
   # Pinning teaspoon to 1.1.5 because of sprockets-rails 2.3.3
-  gem 'teaspoon', '1.1.5'
+  gem 'teaspoon', '1.2.0'
   gem "overcommit"
   gem 'rubocop', '~> 0.88.0'
   gem 'rubocop-ast', '~> 0.3.0'
-  gem 'teaspoon-jasmine'
+  gem 'teaspoon-jasmine', '>= 2.4.1'
   gem 'simplecov', :require => false
   gem 'minitest'
   gem 'rails_best_practices'
@@ -87,12 +87,12 @@ end
 gem 'foreman'
 
 gem 'handlebars_assets', '0.16'
-gem 'jquery-rails'
+gem 'jquery-rails', '>= 4.5.1'
 
 # Browser Detection
 gem 'browser'
 
 gem "reverse_markdown", "~> 2.0"
-gem "tinymce-rails"
+gem "tinymce-rails", ">= 5.8.2"
 
-gem "devise_saml_authenticatable"
+gem "devise_saml_authenticatable", ">= 1.9.1"