fix: src/main/resources/static/bower_components/bootstrap/Gemfile & src/main/resources/static/bower_components/bootstrap/Gemfile.lock to reduce vulnerabilities (#342)

snyk-bot · web-flow · commit 2681028a79ab · 2021-07-09T13:09:06.000+02:00
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242 - https://snyk.io/vuln/SNYK-RUBY-KRAMDOWN-1087436 - https://snyk.io/vuln/SNYK-RUBY-REXML-1244518
diff --git a/src/main/resources/static/bower_components/bootstrap/Gemfile b/src/main/resources/static/bower_components/bootstrap/Gemfile
@@ -2,5 +2,5 @@ source 'https://rubygems.org'
 
 group :development, :test do
   gem 'jekyll', '~> 3.9.0'
-  gem 'jekyll-sitemap', '~> 0.11.0'
+  gem 'jekyll-sitemap', '~> 0.12.0'
 end
diff --git a/src/main/resources/static/bower_components/bootstrap/Gemfile.lock b/src/main/resources/static/bower_components/bootstrap/Gemfile.lock
@@ -1,21 +1,22 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.4.0)
+    addressable (2.8.0)
+      public_suffix (>= 2.0.2, < 5.0)
     colorator (1.1.0)
-    concurrent-ruby (1.1.7)
+    concurrent-ruby (1.1.9)
     em-websocket (0.5.2)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0.6.0)
     eventmachine (1.2.7)
     eventmachine (1.2.7-x64-mingw32)
-    ffi (1.13.1)
-    ffi (1.13.1-x64-mingw32)
+    ffi (1.15.3)
+    ffi (1.15.3-x64-mingw32)
     forwardable-extended (2.6.0)
     http_parser.rb (0.6.0)
     i18n (0.9.5)
       concurrent-ruby (~> 1.0)
-    jekyll (3.9.0)
+    jekyll (3.9.1)
       addressable (~> 2.4)
       colorator (~> 1.0)
       em-websocket (~> 0.5)
@@ -30,24 +31,25 @@ GEM
       safe_yaml (~> 1.0)
     jekyll-sass-converter (1.5.2)
       sass (~> 3.4)
-    jekyll-sitemap (0.11.0)
-      addressable (~> 2.4.0)
+    jekyll-sitemap (0.12.0)
+      jekyll (~> 3.3)
     jekyll-watch (2.2.1)
       listen (~> 3.0)
-    kramdown (2.3.0)
+    kramdown (2.3.1)
       rexml
     liquid (4.0.3)
-    listen (3.3.3)
+    listen (3.5.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     mercenary (0.3.6)
     pathutil (0.16.2)
       forwardable-extended (~> 2.6)
-    rb-fsevent (0.10.4)
+    public_suffix (4.0.6)
+    rb-fsevent (0.11.0)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rexml (3.2.4)
-    rouge (3.25.0)
+    rexml (3.2.5)
+    rouge (3.26.0)
     safe_yaml (1.0.5)
     sass (3.7.4)
       sass-listen (~> 4.0.0)
@@ -61,7 +63,7 @@ PLATFORMS
 
 DEPENDENCIES
   jekyll (~> 3.9.0)
-  jekyll-sitemap (~> 0.11.0)
+  jekyll-sitemap (~> 0.12.0)
 
 BUNDLED WITH
    1.17.3
