From 8922a33ffc079f5bb0a76a6cc1265d5a6bf7f71c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 21 Jul 2025 09:58:42 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-2848599 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732769 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732779 - https://snyk.io/vuln/SNYK-RUBY-REXML-7577227 - https://snyk.io/vuln/SNYK-RUBY-RACK-10074187 - https://snyk.io/vuln/SNYK-RUBY-RACK-9398129 - https://snyk.io/vuln/SNYK-RUBY-THOR-10843853 - https://snyk.io/vuln/SNYK-RUBY-WEBRICK-10500756 - https://snyk.io/vuln/SNYK-RUBY-REXML-7814166 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-2803851 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848600 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 - https://snyk.io/vuln/SNYK-RUBY-WEBRICK-8068535 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510795 - https://snyk.io/vuln/SNYK-RUBY-RACK-8720151 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220162 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220268 - https://snyk.io/vuln/SNYK-RUBY-RACK-9058602 - https://snyk.io/vuln/SNYK-RUBY-REXML-7577228 - https://snyk.io/vuln/SNYK-RUBY-REXML-8309365 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237230 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274386 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028 - https://snyk.io/vuln/SNYK-RUBY-YARD-6305193 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2803847 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-7210237 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237231 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237232 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274388 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242 - https://snyk.io/vuln/SNYK-RUBY-GLOBALID-3237234 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-REXML-6861566 - https://snyk.io/vuln/SNYK-RUBY-REXML-7462086 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510789 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-5741907 - https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-5851458 - https://snyk.io/vuln/SNYK-RUBY-RAILTIES-5851410 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9789079 - https://snyk.io/vuln/SNYK-RUBY-RACK-10074188 - https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8496389 - https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8453714 --- Gemfile | 30 +-- Gemfile.lock | 522 +++++++++++++++++++++++++++++---------------------- 2 files changed, 314 insertions(+), 238 deletions(-) diff --git a/Gemfile b/Gemfile index 525929f9..30de5c39 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ ruby '3.1.0' git_source(:github) { |repo| "https://github.com/#{repo}.git" } -gem 'rails', '~> 7.0.2', '>= 7.0.2.3' +gem 'rails', '~> 7.1.0' # Use postgresql as the database for Active Record gem 'pg', '>= 0.18', '< 2.0' @@ -13,10 +13,10 @@ gem 'pg', '>= 0.18', '< 2.0' # For rendering json, # TODO: turbostreamer replace this with https://github.com/thoughtbot/props_template # pros_template has simple syntax and slightly faster than turbostreamer -gem 'turbostreamer', '= 1.9' +gem 'turbostreamer', '= 1.10.0' gem 'graphql', '= 1.11.4' -gem 'graphql-schema_comparator' +gem 'graphql-schema_comparator', '>= 1.1.2' #gem 'graphql-playground', github: 'naveed-ahmad/graphql-playground-rails' @@ -25,7 +25,7 @@ gem 'cld3', '= 3.4.3' # Elasticsearch gem 'elastic-transport' -gem 'elasticsearch-model'#, '~> 7.2.0' +gem 'elasticsearch-model', '>= 8.0.0' #, '~> 7.2.0' gem 'typhoeus' # Paging the results @@ -34,7 +34,7 @@ gem 'pagy' gem 'oj' gem 'oj_mimic_json' -gem 'rails-html-sanitizer', '>= 1.4.4' +gem 'rails-html-sanitizer', '>= 1.5.0' # This is to run the rake task for importing in parallel # Will provide a progress bar as the import happens @@ -44,10 +44,10 @@ gem 'parallel', require: false gem 'puma', '~> 4.3', '>= 4.3.12' # enable cors -gem 'rack-cors' +gem 'rack-cors', '>= 2.0.0' # compresses Rack responses using Google's Brotli compression algorithm -gem 'rack-brotli' +gem 'rack-brotli', '>= 2.0.0' gem 'tzinfo-data' @@ -57,15 +57,15 @@ gem 'sentry-raven', group: [:production] group :development, :test do gem 'pry-rails' gem 'apollo-tracing' - gem 'solargraph' + gem 'solargraph', '>= 0.45.0' end group :development do gem 'byebug', platform: :mri gem 'ruby-progressbar' gem 'benchmark-ips', require: false - gem 'bullet' - gem 'derailed_benchmarks' + gem 'bullet', '>= 7.0.2' + gem 'derailed_benchmarks', '>= 2.1.2' # run some pre commit hooks gem 'pre-commit', require: false @@ -80,12 +80,12 @@ group :development do end group :test, :development do - gem 'rspec-rails', '= 5.0.2' - gem 'shoulda-matchers', '~> 5.1.0' + gem 'rspec-rails', '= 5.0.3' + gem 'shoulda-matchers', '~> 5.2.0' gem 'simplecov', require: false - gem 'factory_bot_rails', '>= 6.2.0' - gem 'rubocop-rails_config', '>= 1.9.1' + gem 'factory_bot_rails', '>= 6.3.0' + gem 'rubocop-rails_config', '>= 1.9.2' gem 'rubocop-rspec', '>= 2.1.0' gem 'json-schema-rspec' end -gem "kredis", "~> 1.3" +gem "kredis", "~> 1.4", ">= 1.4.0" diff --git a/Gemfile.lock b/Gemfile.lock index b1cdbee0..f60a6a81 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,70 +1,82 @@ GEM remote: https://rubygems.org/ specs: - actioncable (7.0.2.3) - actionpack (= 7.0.2.3) - activesupport (= 7.0.2.3) + actioncable (7.1.5.1) + actionpack (= 7.1.5.1) + activesupport (= 7.1.5.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.2.3) - actionpack (= 7.0.2.3) - activejob (= 7.0.2.3) - activerecord (= 7.0.2.3) - activestorage (= 7.0.2.3) - activesupport (= 7.0.2.3) + zeitwerk (~> 2.6) + actionmailbox (7.1.5.1) + actionpack (= 7.1.5.1) + activejob (= 7.1.5.1) + activerecord (= 7.1.5.1) + activestorage (= 7.1.5.1) + activesupport (= 7.1.5.1) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.2.3) - actionpack (= 7.0.2.3) - actionview (= 7.0.2.3) - activejob (= 7.0.2.3) - activesupport (= 7.0.2.3) + actionmailer (7.1.5.1) + actionpack (= 7.1.5.1) + actionview (= 7.1.5.1) + activejob (= 7.1.5.1) + activesupport (= 7.1.5.1) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.2.3) - actionview (= 7.0.2.3) - activesupport (= 7.0.2.3) - rack (~> 2.0, >= 2.2.0) + rails-dom-testing (~> 2.2) + actionpack (7.1.5.1) + actionview (= 7.1.5.1) + activesupport (= 7.1.5.1) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.2.3) - actionpack (= 7.0.2.3) - activerecord (= 7.0.2.3) - activestorage (= 7.0.2.3) - activesupport (= 7.0.2.3) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.5.1) + actionpack (= 7.1.5.1) + activerecord (= 7.1.5.1) + activestorage (= 7.1.5.1) + activesupport (= 7.1.5.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.2.3) - activesupport (= 7.0.2.3) + actionview (7.1.5.1) + activesupport (= 7.1.5.1) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (7.0.2.3) - activesupport (= 7.0.2.3) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + activejob (7.1.5.1) + activesupport (= 7.1.5.1) globalid (>= 0.3.6) - activemodel (7.0.2.3) - activesupport (= 7.0.2.3) - activerecord (7.0.2.3) - activemodel (= 7.0.2.3) - activesupport (= 7.0.2.3) - activestorage (7.0.2.3) - actionpack (= 7.0.2.3) - activejob (= 7.0.2.3) - activerecord (= 7.0.2.3) - activesupport (= 7.0.2.3) + activemodel (7.1.5.1) + activesupport (= 7.1.5.1) + activerecord (7.1.5.1) + activemodel (= 7.1.5.1) + activesupport (= 7.1.5.1) + timeout (>= 0.4.0) + activestorage (7.1.5.1) + actionpack (= 7.1.5.1) + activejob (= 7.1.5.1) + activerecord (= 7.1.5.1) + activesupport (= 7.1.5.1) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.2.3) + activesupport (7.1.5.1) + base64 + benchmark (>= 0.3) + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) + mutex_m + securerandom (>= 0.3) tzinfo (~> 2.0) addressable (2.8.0) public_suffix (>= 2.0.2, < 5.0) @@ -73,63 +85,70 @@ GEM rake (>= 10.4, < 14.0) apollo-tracing (1.6.0) graphql (>= 1.7.0, < 2) - ast (2.4.2) + ast (2.4.3) backport (1.2.0) - benchmark (0.2.0) - benchmark-ips (2.10.0) - brotli (0.4.0) - builder (3.2.4) - bullet (7.0.1) + base64 (0.3.0) + benchmark (0.4.1) + benchmark-ips (2.14.0) + bigdecimal (3.2.2) + brotli (0.7.0) + builder (3.3.0) + bullet (8.0.8) activesupport (>= 3.0.0) uniform_notifier (~> 1.11) byebug (11.1.3) + cgi (0.5.0) cld3 (3.4.3) ffi (>= 1.1.0, < 1.16.0) coderay (1.1.3) - concurrent-ruby (1.1.10) - connection_pool (2.3.0) + concurrent-ruby (1.3.5) + connection_pool (2.5.3) crass (1.0.6) - dead_end (3.1.1) - derailed_benchmarks (2.1.1) + date (3.4.1) + derailed_benchmarks (2.2.1) + base64 benchmark-ips (~> 2) - dead_end - get_process_mem (~> 0) + bigdecimal + drb + get_process_mem heapy (~> 0) + logger memory_profiler (>= 0, < 2) mini_histogram (>= 0.3.0) + mutex_m + ostruct rack (>= 1) rack-test rake (> 10, < 14) - ruby-statistics (>= 2.1) + ruby-statistics (>= 4.0.1) + ruby2_keywords thor (>= 0.19, < 2) - diff-lcs (1.5.0) - digest (3.1.0) + diff-lcs (1.6.2) docile (1.4.0) - e2mmap (0.1.0) + drb (2.2.3) elastic-transport (8.0.0) faraday (~> 1) multi_json - elasticsearch (7.17.1) - elasticsearch-api (= 7.17.1) - elasticsearch-transport (= 7.17.1) - elasticsearch-api (7.17.1) + elasticsearch (8.10.0) + elastic-transport (~> 8) + elasticsearch-api (= 8.10.0) + elasticsearch-api (8.10.0) multi_json - elasticsearch-model (7.2.1) + elasticsearch-model (8.0.0) activesupport (> 3) - elasticsearch (~> 7) + elasticsearch (~> 8) hashie - elasticsearch-transport (7.17.1) - faraday (~> 1) - multi_json - erubi (1.10.0) + erb (4.0.4) + cgi (>= 0.3.3) + erubi (1.13.1) ethon (0.15.0) ffi (>= 1.15.0) - factory_bot (6.2.1) - activesupport (>= 5.0.0) - factory_bot_rails (6.2.0) - factory_bot (~> 6.2.0) - railties (>= 5.0.0) - faraday (1.10.0) + factory_bot (6.5.4) + activesupport (>= 6.1.0) + factory_bot_rails (6.5.0) + factory_bot (~> 6.5) + railties (>= 6.1.0) + faraday (1.10.4) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) faraday-excon (~> 1.1) @@ -142,153 +161,189 @@ GEM faraday-retry (~> 1.0) ruby2_keywords (>= 0.0.4) faraday-em_http (1.0.0) - faraday-em_synchrony (1.0.0) + faraday-em_synchrony (1.0.1) faraday-excon (1.1.0) faraday-httpclient (1.0.1) - faraday-multipart (1.0.3) - multipart-post (>= 1.2, < 3) - faraday-net_http (1.0.1) + faraday-multipart (1.1.1) + multipart-post (~> 2.0) + faraday-net_http (1.0.2) faraday-net_http_persistent (1.2.0) faraday-patron (1.0.0) faraday-rack (1.0.0) faraday-retry (1.0.3) ffi (1.15.5) - get_process_mem (0.2.7) + get_process_mem (1.0.0) + bigdecimal (>= 2.0) ffi (~> 1.0) - globalid (1.0.0) - activesupport (>= 5.0) + globalid (1.2.1) + activesupport (>= 6.1) graphql (1.11.4) - graphql-schema_comparator (1.1.1) + graphql-schema_comparator (1.2.1) bundler (>= 1.14) graphql (>= 1.10, < 3.0) thor (>= 0.19, < 2.0) hashie (5.0.0) heapy (0.2.0) thor - i18n (1.10.0) + i18n (1.14.7) concurrent-ruby (~> 1.0) - jaro_winkler (1.5.4) + io-console (0.8.1) + irb (1.15.2) + pp (>= 0.6.0) + rdoc (>= 4.0.0) + reline (>= 0.4.2) + jaro_winkler (1.6.1) + json (2.13.0) json-schema (2.8.1) addressable (>= 2.4) json-schema-rspec (0.0.4) json-schema (~> 2.5) rspec - kramdown (2.3.2) - rexml + kramdown (2.5.1) + rexml (>= 3.3.9) kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) - kredis (1.3.0.1) + kredis (1.8.0) + activemodel (>= 6.0.0) activesupport (>= 6.0.0) redis (>= 4.2, < 6) - loofah (2.19.1) + language_server-protocol (3.17.0.5) + lint_roller (1.1.0) + logger (1.7.0) + loofah (2.24.1) crass (~> 1.0.2) - nokogiri (>= 1.5.9) - mail (2.7.1) + nokogiri (>= 1.12.0) + mail (2.8.1) mini_mime (>= 0.1.1) - marcel (1.0.2) - memory_profiler (1.0.0) - method_source (1.0.0) + net-imap + net-pop + net-smtp + marcel (1.0.4) + memory_profiler (1.1.0) + method_source (1.1.0) mini_histogram (0.3.1) - mini_mime (1.1.2) - mini_portile2 (2.8.0) - minitest (5.15.0) - multi_json (1.15.0) - multipart-post (2.1.1) - net-imap (0.2.3) - digest + mini_mime (1.1.5) + mini_portile2 (2.8.9) + minitest (5.25.5) + multi_json (1.17.0) + multipart-post (2.4.1) + mutex_m (0.3.0) + net-imap (0.5.9) + date net-protocol - strscan - net-pop (0.1.1) - digest + net-pop (0.1.2) net-protocol + net-protocol (0.2.2) timeout - net-protocol (0.1.3) - timeout - net-smtp (0.3.1) - digest + net-smtp (0.5.1) net-protocol - timeout - nio4r (2.5.8) - nokogiri (1.13.10) - mini_portile2 (~> 2.8.0) + nio4r (2.7.4) + nokogiri (1.18.9) + mini_portile2 (~> 2.8.2) racc (~> 1.4) + observer (0.1.2) oj (3.13.11) oj_mimic_json (1.0.1) + ostruct (0.6.3) pagy (5.10.1) activesupport - parallel (1.22.1) - parser (3.1.1.0) + parallel (1.27.0) + parser (3.3.8.0) ast (~> 2.4.1) + racc pg (1.3.5) pluginator (1.5.0) + pp (0.6.2) + prettyprint pre-commit (0.39.0) pluginator (~> 1.5) + prettyprint (0.2.0) + prism (1.4.0) pry (0.14.1) coderay (~> 1.1) method_source (~> 1.0) pry-rails (0.3.9) pry (>= 0.10.4) + psych (5.2.6) + date + stringio public_suffix (4.0.6) puma (4.3.12) nio4r (~> 2.0) - racc (1.6.1) - rack (2.2.3) - rack-brotli (1.2.0) - brotli (>= 0.1.7) - rack (>= 1.4) - rack-cors (1.1.1) - rack (>= 2.0.0) - rack-test (1.1.0) - rack (>= 1.0, < 3) - rails (7.0.2.3) - actioncable (= 7.0.2.3) - actionmailbox (= 7.0.2.3) - actionmailer (= 7.0.2.3) - actionpack (= 7.0.2.3) - actiontext (= 7.0.2.3) - actionview (= 7.0.2.3) - activejob (= 7.0.2.3) - activemodel (= 7.0.2.3) - activerecord (= 7.0.2.3) - activestorage (= 7.0.2.3) - activesupport (= 7.0.2.3) + racc (1.8.1) + rack (3.1.16) + rack-brotli (2.0.0) + brotli (>= 0.3) + rack (>= 3) + rack-cors (3.0.0) + logger + rack (>= 3.0.14) + rack-session (2.1.1) + base64 (>= 0.1.0) + rack (>= 3.0.0) + rack-test (2.2.0) + rack (>= 1.3) + rackup (2.2.1) + rack (>= 3) + rails (7.1.5.1) + actioncable (= 7.1.5.1) + actionmailbox (= 7.1.5.1) + actionmailer (= 7.1.5.1) + actionpack (= 7.1.5.1) + actiontext (= 7.1.5.1) + actionview (= 7.1.5.1) + activejob (= 7.1.5.1) + activemodel (= 7.1.5.1) + activerecord (= 7.1.5.1) + activestorage (= 7.1.5.1) + activesupport (= 7.1.5.1) bundler (>= 1.15.0) - railties (= 7.0.2.3) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + railties (= 7.1.5.1) + rails-dom-testing (2.3.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.4.4) - loofah (~> 2.19, >= 2.19.1) - railties (7.0.2.3) - actionpack (= 7.0.2.3) - activesupport (= 7.0.2.3) - method_source + rails-html-sanitizer (1.6.2) + loofah (~> 2.21) + nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) + railties (7.1.5.1) + actionpack (= 7.1.5.1) + activesupport (= 7.1.5.1) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) - rake (13.0.6) - redis (5.0.6) - redis-client (>= 0.9.0) - redis-client (0.14.0) + rake (13.3.0) + rbs (3.6.1) + logger + rdoc (6.14.2) + erb + psych (>= 4.0.0) + redis (5.4.1) + redis-client (>= 0.22.0) + redis-client (0.25.1) connection_pool - regexp_parser (2.2.1) - reverse_markdown (2.1.1) + regexp_parser (2.10.0) + reline (0.6.2) + io-console (~> 0.5) + reverse_markdown (3.0.0) nokogiri - rexml (3.2.5) + rexml (3.4.1) rspec (3.11.0) rspec-core (~> 3.11.0) rspec-expectations (~> 3.11.0) rspec-mocks (~> 3.11.0) rspec-core (3.11.0) rspec-support (~> 3.11.0) - rspec-expectations (3.11.0) + rspec-expectations (3.11.1) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.11.0) - rspec-mocks (3.11.1) + rspec-mocks (3.11.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.11.0) - rspec-rails (5.0.2) + rspec-rails (5.0.3) actionpack (>= 5.2) activesupport (>= 5.2) railties (>= 5.2) @@ -296,45 +351,58 @@ GEM rspec-expectations (~> 3.10) rspec-mocks (~> 3.10) rspec-support (~> 3.10) - rspec-support (3.11.0) - rubocop (1.26.1) + rspec-support (3.11.1) + rubocop (1.78.0) + json (~> 2.3) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) parallel (~> 1.10) - parser (>= 3.1.0.0) + parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 1.8, < 3.0) - rexml - rubocop-ast (>= 1.16.0, < 2.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.45.1, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.16.0) - parser (>= 3.1.1.0) - rubocop-minitest (0.19.0) - rubocop (>= 0.90, < 2.0) - rubocop-packaging (0.5.1) - rubocop (>= 0.89, < 2.0) - rubocop-performance (1.13.3) - rubocop (>= 1.7.0, < 2.0) - rubocop-ast (>= 0.4.0) - rubocop-rails (2.14.2) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.46.0) + parser (>= 3.3.7.2) + prism (~> 1.4) + rubocop-md (2.0.1) + lint_roller (~> 1.1) + rubocop (>= 1.72.1) + rubocop-minitest (0.38.1) + lint_roller (~> 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.38.0, < 2.0) + rubocop-packaging (0.6.0) + lint_roller (~> 1.1.0) + rubocop (>= 1.72.1, < 2.0) + rubocop-performance (1.25.0) + lint_roller (~> 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.38.0, < 2.0) + rubocop-rails (2.32.0) activesupport (>= 4.2.0) + lint_roller (~> 1.1) rack (>= 1.1) - rubocop (>= 1.7.0, < 2.0) - rubocop-rails_config (1.9.1) - railties (>= 5.0) - rubocop (>= 1.25.1) - rubocop-ast (>= 1.0.1) - rubocop-minitest (~> 0.15) - rubocop-packaging (~> 0.5) - rubocop-performance (~> 1.11) - rubocop-rails (~> 2.0) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) + rubocop-rails_config (1.17.1) + rubocop (>= 1.72.2) + rubocop-ast (>= 1.38.0) + rubocop-md + rubocop-minitest (~> 0.37) + rubocop-packaging (~> 0.6) + rubocop-performance (~> 1.24) + rubocop-rails (~> 2.30) rubocop-rspec (2.9.0) rubocop (~> 1.19) - ruby-progressbar (1.11.0) - ruby-statistics (3.0.0) + ruby-progressbar (1.13.0) + ruby-statistics (4.1.0) ruby2_keywords (0.0.5) + securerandom (0.4.1) sentry-raven (3.1.2) faraday (>= 1.0) - shoulda-matchers (5.1.0) + shoulda-matchers (5.2.0) activesupport (>= 5.2.0) simplecov (0.21.2) docile (~> 1.1) @@ -342,43 +410,51 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - solargraph (0.44.3) + solargraph (0.56.1) backport (~> 1.2) - benchmark - bundler (>= 1.17.2) + benchmark (~> 0.4) + bundler (~> 2.0) diff-lcs (~> 1.4) - e2mmap - jaro_winkler (~> 1.5) + jaro_winkler (~> 1.6, >= 1.6.1) kramdown (~> 2.3) kramdown-parser-gfm (~> 1.1) + logger (~> 1.6) + observer (~> 0.1) + ostruct (~> 0.6) parser (~> 3.0) - reverse_markdown (>= 1.0.5, < 3) - rubocop (>= 0.52) + prism (~> 1.4) + rbs (~> 3.6.1) + reverse_markdown (~> 3.0) + rubocop (~> 1.38) thor (~> 1.0) tilt (~> 2.0) yard (~> 0.9, >= 0.9.24) + yard-solargraph (~> 0.1) stackprof (0.2.19) - strscan (3.0.1) - thor (1.2.1) - tilt (2.0.10) - timeout (0.2.0) - turbostreamer (1.9.0) + stringio (3.1.7) + thor (1.4.0) + tilt (2.6.1) + timeout (0.4.3) + turbostreamer (1.10.0) activesupport (>= 5.0.0) typhoeus (1.4.0) ethon (>= 0.9.0) - tzinfo (2.0.4) + tzinfo (2.0.6) concurrent-ruby (~> 1.0) tzinfo-data (1.2022.1) tzinfo (>= 1.0.0) - unicode-display_width (2.1.0) - uniform_notifier (1.16.0) - webrick (1.7.0) - websocket-driver (0.7.5) + unicode-display_width (3.1.4) + unicode-emoji (~> 4.0, >= 4.0.4) + unicode-emoji (4.0.4) + uniform_notifier (1.17.0) + websocket-driver (0.8.0) + base64 websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - yard (0.9.27) - webrick (~> 1.7.0) - zeitwerk (2.5.4) + yard (0.9.37) + yard-solargraph (0.1.0) + yard (~> 0.9) + zeitwerk (2.6.18) PLATFORMS ruby @@ -387,17 +463,17 @@ DEPENDENCIES annotate apollo-tracing benchmark-ips - bullet + bullet (>= 7.0.2) byebug cld3 (= 3.4.3) - derailed_benchmarks + derailed_benchmarks (>= 2.1.2) elastic-transport - elasticsearch-model - factory_bot_rails (>= 6.2.0) + elasticsearch-model (>= 8.0.0) + factory_bot_rails (>= 6.3.0) graphql (= 1.11.4) - graphql-schema_comparator + graphql-schema_comparator (>= 1.1.2) json-schema-rspec - kredis (~> 1.3) + kredis (~> 1.4, >= 1.4.0) oj oj_mimic_json pagy @@ -406,21 +482,21 @@ DEPENDENCIES pre-commit pry-rails puma (~> 4.3, >= 4.3.12) - rack-brotli - rack-cors - rails (~> 7.0.2, >= 7.0.2.3) - rails-html-sanitizer (>= 1.4.4) - rspec-rails (= 5.0.2) + rack-brotli (>= 2.0.0) + rack-cors (>= 2.0.0) + rails (~> 7.1.0) + rails-html-sanitizer (>= 1.5.0) + rspec-rails (= 5.0.3) rubocop (>= 1.7.0) - rubocop-rails_config (>= 1.9.1) + rubocop-rails_config (>= 1.9.2) rubocop-rspec (>= 2.1.0) ruby-progressbar sentry-raven - shoulda-matchers (~> 5.1.0) + shoulda-matchers (~> 5.2.0) simplecov - solargraph + solargraph (>= 0.45.0) stackprof - turbostreamer (= 1.9) + turbostreamer (= 1.10.0) typhoeus tzinfo-data @@ -428,4 +504,4 @@ RUBY VERSION ruby 3.1.0p0 BUNDLED WITH - 2.3.3 + 2.3.26