From 00be46f6f4e3994984e534a713bf3bc4d19c6d9c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 8 Nov 2019 02:15:49 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-PUPPET-472666 --- Gemfile | 2 +- Gemfile.lock | 35 +++++++++++++++++++++++++---------- 2 files changed, 26 insertions(+), 11 deletions(-) diff --git a/Gemfile b/Gemfile index b24e297..fdf98fd 100644 --- a/Gemfile +++ b/Gemfile @@ -5,5 +5,5 @@ puppet_version = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['> gem 'rake' gem 'rspec' gem 'rspec-puppet' -gem 'puppet', puppet_version +gem 'puppet', '>= 4.10.1', puppet_version gem 'puppetlabs_spec_helper' diff --git a/Gemfile.lock b/Gemfile.lock index 0bc3aea..b9dcd43 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,25 +1,36 @@ GEM remote: https://rubygems.org/ specs: + concurrent-ruby (1.1.5) diff-lcs (1.2.4) - facter (1.7.2) - hiera (1.2.1) - json_pure - json_pure (1.8.0) + facter (2.5.6) + fast_gettext (1.8.0) + hiera (3.6.0) + hocon (1.3.0) + httpclient (2.8.3) + locale (2.1.2) metaclass (0.0.1) mocha (0.14.0) metaclass (~> 0.0.1) - puppet (3.2.2) - facter (~> 1.6) - hiera (~> 1.0) - rgen (~> 0.6) + multi_json (1.14.1) + puppet (6.10.1) + concurrent-ruby (~> 1.0) + facter (> 2.0.1, < 4) + fast_gettext (~> 1.1) + hiera (>= 3.2.1, < 4) + httpclient (~> 2.8) + locale (~> 2.1) + multi_json (~> 1.10) + puppet-resource_api (~> 1.5) + semantic_puppet (~> 1.0) + puppet-resource_api (1.8.7) + hocon (>= 1.0) puppetlabs_spec_helper (0.4.1) mocha (>= 0.10.5) rake rspec (>= 2.9.0) rspec-puppet (>= 0.1.1) rake (10.1.0) - rgen (0.6.5) rspec (2.14.0) rspec-core (~> 2.14.0) rspec-expectations (~> 2.14.0) @@ -30,13 +41,17 @@ GEM rspec-mocks (2.14.1) rspec-puppet (0.1.6) rspec + semantic_puppet (1.0.2) PLATFORMS ruby DEPENDENCIES - puppet (>= 2.7) + puppet (>= 4.10.1, >= 2.7) puppetlabs_spec_helper rake rspec rspec-puppet + +BUNDLED WITH + 1.17.3