fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233
MeasureAuthoringTool · Nov 16, 2023 · ff0582b · ff0582b
1 parent 0c117df
commit ff0582b
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/Gemfile b/Gemfile
@@ -10,7 +10,7 @@ gem 'sprockets-rails', '2.3.3'
 # We need less-rails outside of the assets group so that assets will build in production
 gem 'less-rails'
 # We want non-digest versions of our assets for font-awesome
-gem "non-stupid-digest-assets"
+gem "non-stupid-digest-assets", ">= 1.0.10"
 
 # gem 'cqm-parsers', :path => '../cqm-parsers'
 # gem 'fhir-mongoid-models', :path => '../fhir-mongoid-models'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -127,7 +127,7 @@ GEM
     coffee-script-source (1.12.2)
     colorize (0.8.1)
     commonjs (0.2.7)
-    concurrent-ruby (1.1.10)
+    concurrent-ruby (1.2.2)
     crack (0.4.5)
       rexml
     crass (1.0.6)
@@ -224,7 +224,7 @@ GEM
     nokogiri (1.13.10)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
-    non-stupid-digest-assets (1.0.9)
+    non-stupid-digest-assets (1.0.10)
       sprockets (>= 2.0)
     oj (3.11.7)
     orm_adapter (0.5.0)
@@ -243,7 +243,7 @@ GEM
       pry (~> 0.13.0)
     public_suffix (4.0.6)
     racc (1.6.0)
-    rack (2.2.4)
+    rack (2.2.8)
     rack-test (2.0.2)
       rack (>= 1.3)
     rails (5.2.8.1)
@@ -412,7 +412,7 @@ DEPENDENCIES
   mongoid (~> 7.1)
   multi_json
   newrelic_rpm
-  non-stupid-digest-assets
+  non-stupid-digest-assets (>= 1.0.10)
   oj
   overcommit
   pry