From f464269263bec5485c62bb4dc291076cc75177fb Mon Sep 17 00:00:00 2001 From: snyk-test Date: Sat, 20 Jul 2019 05:41:46 +0000 Subject: [PATCH] fix: fastlane/Gemfile & fastlane/Gemfile.lock to reduce vulnerabilities MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-MINIMAGICK-451567 Signed-off-by: Jakub SokoĊ‚owski --- Makefile | 4 ++++ fastlane/Gemfile | 2 +- fastlane/Gemfile.lock | 10 +++++----- fastlane/gemset.nix | 12 ++++++------ fastlane/{update => update.sh} | 0 5 files changed, 16 insertions(+), 12 deletions(-) rename fastlane/{update => update.sh} (100%) diff --git a/Makefile b/Makefile index 7fbca03ae2..302ed13a3d 100644 --- a/Makefile +++ b/Makefile @@ -76,6 +76,10 @@ nix-update-lein: export TARGET_OS := none nix-update-lein: ##@nix Update maven nix expressions based on current lein setup nix/tools/lein/generate-nix.sh nix/lein +update-gems-nix: export TARGET_OS := android +update-gems-nix: ##@nix Update Ruby gems in fastlane/Gemfile.lock and fastlane/gemset.nix + fastlane/update.sh + #---------------- # General targets #---------------- diff --git a/fastlane/Gemfile b/fastlane/Gemfile index 1d29b045c6..6b6e281fe0 100644 --- a/fastlane/Gemfile +++ b/fastlane/Gemfile @@ -1,6 +1,6 @@ source "https://rubygems.org" -gem "fastlane" +gem "fastlane", ">= 2.127.2" plugins_path = File.join(File.dirname(__FILE__), 'Pluginfile') eval_gemfile(plugins_path) if File.exist?(plugins_path) diff --git a/fastlane/Gemfile.lock b/fastlane/Gemfile.lock index 118afab84c..49454be6bc 100644 --- a/fastlane/Gemfile.lock +++ b/fastlane/Gemfile.lock @@ -18,7 +18,7 @@ GEM unf (>= 0.0.5, < 1.0.0) dotenv (2.7.4) emoji_regex (1.0.1) - excon (0.64.0) + excon (0.65.0) faraday (0.15.4) multipart-post (>= 1.2, < 3) faraday-cookie_jar (0.0.6) @@ -27,7 +27,7 @@ GEM faraday_middleware (0.13.1) faraday (>= 0.7.4, < 1.0) fastimage (2.1.5) - fastlane (2.127.1) + fastlane (2.128.0) CFPropertyList (>= 2.3, < 4.0.0) addressable (>= 2.3, < 3.0.0) babosa (>= 1.0.2, < 2.0.0) @@ -47,7 +47,7 @@ GEM highline (>= 1.7.2, < 2.0.0) json (< 3.0.0) jwt (~> 2.1.0) - mini_magick (~> 4.5.1) + mini_magick (>= 4.9.4, < 5.0.0) multi_xml (~> 0.5) multipart-post (~> 2.0.0) plist (>= 3.1.0, < 4.0.0) @@ -102,7 +102,7 @@ GEM mime-types (3.2.2) mime-types-data (~> 3.2015) mime-types-data (3.2019.0331) - mini_magick (4.5.1) + mini_magick (4.9.5) multi_json (1.13.1) multi_xml (0.6.0) multipart-post (2.0.0) @@ -161,7 +161,7 @@ PLATFORMS ruby DEPENDENCIES - fastlane + fastlane (>= 2.127.2) fastlane-plugin-clean_testflight_testers fastlane-plugin-diawi diff --git a/fastlane/gemset.nix b/fastlane/gemset.nix index a6d1a903e4..404703a1b8 100644 --- a/fastlane/gemset.nix +++ b/fastlane/gemset.nix @@ -147,10 +147,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vcplvlykirg2vc56jjxavgpkllzq26xgp7ind7wc5ikaqaz64gn"; + sha256 = "1mc6y6n7i0hhk7i8wwi4qjnpkm013p7z3xr994s696hk74f91a7j"; type = "gem"; }; - version = "0.64.0"; + version = "0.65.0"; }; faraday = { dependencies = ["multipart-post"]; @@ -201,10 +201,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dw06kbsnfg6mqzxvkmb4bswgzng0kc1nbfpvv0r7sq99wsscrz9"; + sha256 = "1ahxbimlx6d2w0dhx2pj7mii2rpigqgmj4bcaymddbwfbp385gmx"; type = "gem"; }; - version = "2.127.1"; + version = "2.128.0"; }; fastlane-plugin-clean_testflight_testers = { groups = ["default"]; @@ -379,10 +379,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1a59k5l29vj060yscaqk370rg5vyr132kbw6x3zar7khzjqjqd8p"; + sha256 = "0qy09qrd5bwh8mkbj514n5vcw9ni73218h9s3zmvbpmdwrnzi8j4"; type = "gem"; }; - version = "4.5.1"; + version = "4.9.5"; }; multi_json = { groups = ["default"]; diff --git a/fastlane/update b/fastlane/update.sh similarity index 100% rename from fastlane/update rename to fastlane/update.sh