scottk/chatwoot
1
0
Fork 0
mirror of https://github.com/lingble/chatwoot.git synced 2025-10-31 02:57:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Gemfile to reduce vulnerabilities

Browse Source 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-13378928
- https://snyk.io/vuln/SNYK-RUBY-RACK-13378930
- https://snyk.io/vuln/SNYK-RUBY-RACK-13378932
This commit is contained in:
snyk-bot
2025-10-08 11:58:55 +00:00
parent e9c1c61fe4
commit cfeb9a8423
1 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
Gemfile
View File

@@ -3,8 +3,8 @@ source 'https://rubygems.org'
ruby '3.4.4'
##-- base gems for rails --##
gem 'rack-cors', '2.0.0', require: 'rack/cors'
gem 'rails', '~> 7.1'
gem 'rack-cors', '2.0.1', require: 'rack/cors'
gem 'rails', '~> 8.0', '>= 8.0.0'
# Reduces boot times through caching; required in config/boot.rb
gem 'bootsnap', require: false
@@ -67,10 +67,10 @@ gem 'opensearch-ruby'
gem 'faraday_middleware-aws-sigv4'
##--- gems for server & infra configuration ---##
gem 'dotenv-rails', '>= 3.0.0'
gem 'dotenv-rails', '>= 3.1.3'
gem 'foreman'
gem 'puma'
gem 'vite_rails'
gem 'vite_rails', '>= 3.0.18'
# metrics on heroku
gem 'barnes'
@@ -86,8 +86,8 @@ gem 'pundit'
# super admin
gem 'administrate', '>= 0.20.1'
gem 'administrate-field-active_storage', '>= 1.0.3'
gem 'administrate-field-belongs_to_search', '>= 0.9.0'
gem 'administrate-field-active_storage', '>= 1.0.4'
gem 'administrate-field-belongs_to_search', '>= 0.10.0'
##--- gems for pubsub service ---##
# https://karolgalanciak.com/blog/2019/11/30/from-activerecord-callbacks-to-publish-slash-subscribe-pattern-and-event-driven-design/
@@ -120,14 +120,14 @@ gem 'elastic-apm', require: false
gem 'newrelic_rpm', require: false
gem 'newrelic-sidekiq-metrics', '>= 1.6.2', require: false
gem 'scout_apm', require: false
gem 'sentry-rails', '>= 5.19.0', require: false
gem 'sentry-rails', '>= 5.20.0', require: false
gem 'sentry-ruby', require: false
gem 'sentry-sidekiq', '>= 5.19.0', require: false
gem 'sentry-sidekiq', '>= 5.20.0', require: false
##-- background job processing --##
gem 'sidekiq', '>= 7.3.1'
gem 'sidekiq', '>= 7.3.2'
# We want cron jobs
gem 'sidekiq-cron', '>= 1.12.0'
gem 'sidekiq-cron', '>= 2.0.0'
# for sidekiq healthcheck
gem 'sidekiq_alive'
@@ -173,9 +173,9 @@ gem 'omniauth-oauth2'
gem 'audited', '~> 5.4', '>= 5.4.1'
# need for google auth
gem 'omniauth', '>= 2.1.2'
gem 'omniauth', '>= 2.1.4'
gem 'omniauth-saml'
gem 'omniauth-google-oauth2', '>= 1.1.3'
gem 'omniauth-google-oauth2', '>= 1.2.0'
gem 'omniauth-rails_csrf_protection', '~> 1.0', '>= 1.0.2'
## Gems for reponse bot
@@ -201,8 +201,8 @@ group :production do
# we dont want request timing out in development while using byebug
gem 'rack-timeout'
# for heroku autoscaling
gem 'judoscale-rails', require: false
gem 'judoscale-sidekiq', require: false
gem 'judoscale-rails', '>= 1.8.3', require: false
gem 'judoscale-sidekiq', '>= 1.8.3', require: false
end
group :development do
@@ -216,12 +216,12 @@ group :development do
gem 'squasher'
# profiling
gem 'rack-mini-profiler', '>= 3.2.0', require: false
gem 'rack-mini-profiler', '>= 3.2.1', require: false
gem 'stackprof'
# Should install the associated chrome extension to view query logs
gem 'meta_request', '>= 0.8.3'
gem 'meta_request', '>= 0.8.5'
gem 'tidewave'
gem 'tidewave', '>= 0.3.0'
end
group :test do
@@ -243,15 +243,15 @@ group :development, :test do
gem 'byebug', platform: :mri
gem 'climate_control'
gem 'debug', '~> 1.8'
gem 'factory_bot_rails', '>= 6.4.3'
gem 'factory_bot_rails', '>= 6.4.4'
gem 'listen'
gem 'mock_redis'
gem 'pry-rails'
gem 'rspec_junit_formatter'
gem 'rspec-rails', '>= 6.1.5'
gem 'rspec-rails', '>= 7.0.2'
gem 'rubocop', require: false
gem 'rubocop-performance', require: false
gem 'rubocop-rails', require: false
gem 'rubocop-rails', '>= 2.33.0', require: false
gem 'rubocop-rspec', require: false
gem 'rubocop-factory_bot', require: false
gem 'seed_dump'