diff --git a/.circleci/config.yml b/.circleci/config.yml index d8e9c5d17..a7a13246a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -111,7 +111,8 @@ jobs: root: tmp paths: - codeclimate.backend.json - - run: bundle exec bundle-audit check --update + # Wait for Sinatra be upgraded to fix security issue + - run: bundle exec bundle-audit check --update --ignore CVE-2024-21510 - store_test_results: path: /tmp/circleci-test-results - store_artifacts: diff --git a/Gemfile.lock b/Gemfile.lock index 186e25e0f..41c170981 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -264,7 +264,7 @@ GEM mono_logger (1.1.2) multi_json (1.15.0) multi_xml (0.6.0) - mustermann (3.0.0) + mustermann (3.0.3) ruby2_keywords (~> 0.0.1) net-imap (0.4.10) date @@ -347,7 +347,8 @@ GEM rack (2.2.10) rack-mini-profiler (2.1.0) rack (>= 1.2.0) - rack-protection (3.1.0) + rack-protection (3.2.0) + base64 (>= 0.1.0) rack (~> 2.2, >= 2.2.4) rack-proxy (0.7.4) rack @@ -447,8 +448,7 @@ GEM mime-types (>= 1.16, < 4.0) netrc (~> 0.8) retriable (3.1.2) - rexml (3.3.6) - strscan + rexml (3.3.9) rspec (3.11.0) rspec-core (~> 3.11.0) rspec-expectations (~> 3.11.0) @@ -561,10 +561,10 @@ GEM json (>= 1.8, < 3) simplecov-html (~> 0.10.0) simplecov-html (0.10.2) - sinatra (3.1.0) + sinatra (3.2.0) mustermann (~> 3.0) rack (~> 2.2, >= 2.2.4) - rack-protection (= 3.1.0) + rack-protection (= 3.2.0) tilt (~> 2.0) spring (4.1.0) sprockets (3.7.2) @@ -576,11 +576,10 @@ GEM sprockets (>= 3.0.0) ssrf_filter (1.1.2) stringio (3.1.0) - strscan (3.1.0) terser (1.1.14) execjs (>= 0.3.0, < 3) thor (1.3.1) - tilt (2.3.0) + tilt (2.4.0) timeout (0.4.1) trailblazer-option (0.1.2) turbolinks (5.2.1)