diff options
| author | Luc Donnet | 2018-05-15 14:49:32 +0200 |
|---|---|---|
| committer | GitHub | 2018-05-15 14:49:32 +0200 |
| commit | 0ea92f772d7eb8facd7cedd50d50531e25664af5 (patch) | |
| tree | 208b9607b0c41c02bb8a2d2919d14f5f8d2ee7d4 | |
| parent | d6211521715039acc58231710d75e6244f9e2907 (diff) | |
| parent | cd81e053aac897a1da8995796f149c292b34e960 (diff) | |
| download | chouette-core-0ea92f772d7eb8facd7cedd50d50531e25664af5.tar.bz2 | |
Merge pull request #564 from af83/6976-security-driven-packages-update
Updates dependencies with potential security breaches
| -rw-r--r-- | Gemfile | 1 | ||||
| -rw-r--r-- | Gemfile.lock | 5 | ||||
| -rw-r--r-- | package.json | 4 | ||||
| -rw-r--r-- | yarn.lock | 10 |
4 files changed, 17 insertions, 3 deletions
@@ -7,6 +7,7 @@ git_source(:af83) { |name| "https://github.com/af83/#{name}.git" } # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' gem 'rails', '~> 4.2.8' +gem 'rack-protection', '~> 1.5.5' # Use SCSS for stylesheets gem 'sass-rails', '~> 4.0.3' diff --git a/Gemfile.lock b/Gemfile.lock index 7bb1c3465..51a72bb32 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -371,10 +371,10 @@ GEM railties (>= 3.1, < 5.0) rabl (0.13.1) activesupport (>= 2.3.14) - rack (1.6.9) + rack (1.6.10) rack-livereload (0.3.16) rack - rack-protection (1.5.4) + rack-protection (1.5.5) rack rack-proxy (0.6.3) rack @@ -668,6 +668,7 @@ DEPENDENCIES quiet_assets rabl rack-livereload + rack-protection (~> 1.5.5) rails (~> 4.2.8) rails-assets-bootstrap-sass-official (~> 3.3.0)! rails-assets-footable (~> 2.0.3)! diff --git a/package.json b/package.json index ef956105c..2967ad3d3 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,9 @@ "redux-promise": "0.5.3", "redux-thunk": "2.2.0", "uglify-js": "3.3.2", - "whatwg-fetch": "^2.0.4" + "whatwg-fetch": "^2.0.4", + "ssri": "~> 5.2.2", + "hoek": "~> 4.2.1" }, "license": "MIT", "engines": { @@ -2874,6 +2874,10 @@ hoek@4.x.x: version "4.2.0" resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.2.0.tgz#72d9d0754f7fe25ca2d01ad8f8f9a9449a89526d" +"hoek@~> 4.2.1": + version "4.2.1" + resolved "https://registry.yarnpkg.com/hoek/-/hoek-4.2.1.tgz#9634502aa12c445dd5a7c5734b572bb8738aacbb" + hoist-non-react-statics@^2.2.1: version "2.3.1" resolved "https://registry.yarnpkg.com/hoist-non-react-statics/-/hoist-non-react-statics-2.3.1.tgz#343db84c6018c650778898240135a1420ee22ce0" @@ -6169,6 +6173,12 @@ ssri@^5.0.0: dependencies: safe-buffer "^5.1.0" +"ssri@~> 5.2.2": + version "5.2.4" + resolved "https://registry.yarnpkg.com/ssri/-/ssri-5.2.4.tgz#9985e14041e65fc397af96542be35724ac11da52" + dependencies: + safe-buffer "^5.1.1" + stack-utils@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/stack-utils/-/stack-utils-1.0.1.tgz#d4f33ab54e8e38778b0ca5cfd3b3afb12db68620" |