[Snyk] Security upgrade baby_squeel from 2.0.0 to 3.0.0 (#3970)

* fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RANSACK-5776488 * Update Gemfile.lock --------- Co-authored-by: snyk-bot <[email protected]> Co-authored-by: Joan Lledó <[email protected]>
3scale · Jan 21, 2025 · 2a52176 · 2a52176
1 parent 50d2f42
commit 2a52176
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 8 deletions.
diff --git a/Gemfile b/Gemfile
@@ -87,7 +87,7 @@ gem 'secure_headers', '~> 6.3.0'
 gem 'redlock'
 
 gem 'acts-as-taggable-on', '~> 11.0'
-gem 'baby_squeel', '~> 2.0'
+gem 'baby_squeel', '~> 3.0', '>= 3.0.0'
 gem 'browser'
 gem 'diff-lcs', '~> 1.2'
 gem 'hiredis-client'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -213,9 +213,9 @@ GEM
       rack (~> 2)
     aws-sigv4 (1.5.0)
       aws-eventstream (~> 1, >= 1.0.2)
-    baby_squeel (2.0.0)
-      activerecord (>= 6.0, < 7.1)
-      ransack (~> 2.3)
+    baby_squeel (3.0.0)
+      activerecord (>= 6.1.5, < 7.2)
+      ransack (~> 4.1)
     base64 (0.2.0)
     bcrypt (3.1.13)
     bigdecimal (3.1.8)
@@ -668,9 +668,9 @@ GEM
     rainbow (3.1.1)
     raindrops (0.20.1)
     rake (13.2.1)
-    ransack (2.6.0)
-      activerecord (>= 6.0.4)
-      activesupport (>= 6.0.4)
+    ransack (4.2.1)
+      activerecord (>= 6.1.5)
+      activesupport (>= 6.1.5)
       i18n
     ratelimit (1.0.3)
       redis (>= 2.0.0)
@@ -988,7 +988,7 @@ DEPENDENCIES
   audited (~> 5.0.2)
   aws-sdk-rails (~> 3)
   aws-sdk-s3 (~> 1)
-  baby_squeel (~> 2.0)
+  baby_squeel (~> 3.0, >= 3.0.0)
   bcrypt (~> 3.1.7)
   bootsnap (~> 1.16)
   braintree (~> 2.93)