From 78a74402a890c178a9163dc980ada7b6e478e0d4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 18 May 2021 20:47:24 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1293239
---
 Gemfile      |  6 ++---
 Gemfile.lock | 63 ++++++++++++++++++++++++++++------------------------
 2 files changed, 37 insertions(+), 32 deletions(-)

diff --git a/Gemfile b/Gemfile
index b97f810..7478097 100644
--- a/Gemfile
+++ b/Gemfile
@@ -9,7 +9,7 @@ group :development do
 end
 
 group :test do
-  gem 'foodcritic', '~> 4.0'
+  gem 'foodcritic', '~> 4.0', '>= 4.0.0'
   gem 'chefspec', '~> 4.1'
   gem 'ci_reporter_rspec', '~> 1.0'
   gem 'test-kitchen', '~> 1.2'
@@ -18,7 +18,7 @@ group :test do
   # does a >= pin; we add a ~> pin for now to keep us
   # on the 0.4.x release
   gem 'log_switch', '~> 0.4'
-  gem 'tailor', '~> 1.4'
+  gem 'tailor', '~> 1.4', '>= 1.4.0'
   # use our forked version until
   # https://github.com/berkshelf/berkshelf/pull/1393 has been accepted
   gem 'berkshelf', '~> 3.2',
@@ -33,7 +33,7 @@ group :test do
   gem 'guard', '~> 2.8.2'
   # pin to 4.3 series until guard-foodcritic has been updated for v2 API
   gem 'guard-rspec', '~> 4.3.1'
-  gem 'guard-foodcritic', '~> 1.0'
+  gem 'guard-foodcritic', '~> 1.0', '>= 1.0.3'
   gem 'guard-rake', '~> 0.0'
   gem 'rubocop', '~> 0.28.0'
   gem 'guard-rubocop', '~> 1.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 46e71ca..da1bce5 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -93,7 +93,7 @@ GEM
       ci_reporter (~> 2.0)
       rspec (>= 2.14, < 4)
     cleanroom (1.0.0)
-    coderay (1.1.0)
+    coderay (1.1.3)
     columnize (0.9.0)
     debug_inspector (0.0.2)
     dep-selector-libgecode (1.0.2)
@@ -107,7 +107,7 @@ GEM
     fauxhai (2.3.0)
       net-ssh
       ohai
-    ffi (1.9.8)
+    ffi (1.15.0)
     ffi-yajl (2.1.0)
       libyajl2 (~> 1.2)
     foodcritic (4.0.0)
@@ -141,7 +141,7 @@ GEM
       rubocop (~> 0.20)
     hashie (2.1.2)
     highline (1.7.2)
-    hitimes (1.2.2)
+    hitimes (2.0.0)
     httpclient (2.6.0.1)
     interception (0.5)
     ipaddress (0.8.0)
@@ -149,15 +149,15 @@ GEM
     kitchen-vagrant (0.16.0)
       test-kitchen (~> 1.0)
     libyajl2 (1.2.0)
-    listen (2.10.0)
+    listen (2.10.1)
       celluloid (~> 0.16.0)
       rb-fsevent (>= 0.9.3)
       rb-inotify (>= 0.9)
     log_switch (0.4.0)
-    lumberjack (1.0.9)
-    method_source (0.8.2)
+    lumberjack (1.2.8)
+    method_source (1.0.0)
     mime-types (2.4.3)
-    mini_portile (0.6.2)
+    mini_portile2 (2.5.1)
     minitar (0.5.4)
     mixlib-authentication (1.3.0)
       mixlib-log
@@ -165,7 +165,7 @@ GEM
     mixlib-config (2.1.0)
     mixlib-log (1.6.0)
     mixlib-shellout (2.0.1)
-    multi_json (1.11.0)
+    multi_json (1.15.0)
     multipart-post (2.0.0)
     net-http-persistent (2.9.4)
     net-scp (1.2.1)
@@ -177,8 +177,9 @@ GEM
       net-ssh (>= 2.6.5)
       net-ssh-gateway (>= 1.2.0)
     nio4r (1.1.0)
-    nokogiri (1.6.6.2)
-      mini_portile (~> 0.6.0)
+    nokogiri (1.11.4)
+      mini_portile2 (~> 2.5.0)
+      racc (~> 1.4)
     octokit (3.8.0)
       sawyer (~> 0.6.0, >= 0.5.3)
     ohai (8.2.0)
@@ -198,10 +199,9 @@ GEM
     plist (3.1.0)
     polyglot (0.3.5)
     powerpack (0.0.9)
-    pry (0.10.1)
-      coderay (~> 1.1.0)
-      method_source (~> 0.8.1)
-      slop (~> 3.4)
+    pry (0.14.1)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
     pry-byebug (3.1.0)
       byebug (~> 4.0)
       pry (~> 0.10)
@@ -211,12 +211,13 @@ GEM
     pry-stack_explorer (0.4.9.2)
       binding_of_caller (>= 0.7)
       pry (>= 0.9.11)
+    racc (1.5.2)
     rack (1.6.0)
     rainbow (2.0.0)
-    rake (10.4.2)
-    rb-fsevent (0.9.4)
-    rb-inotify (0.9.5)
-      ffi (>= 0.5.0)
+    rake (10.5.0)
+    rb-fsevent (0.11.0)
+    rb-inotify (0.10.1)
+      ffi (~> 1.0)
     retryable (2.0.1)
     ridley (4.1.2)
       addressable
@@ -263,7 +264,7 @@ GEM
       ruby-progressbar (~> 1.4)
     ruby-progressbar (1.7.5)
     ruby_gntp (0.3.4)
-    rufus-lru (1.0.5)
+    rufus-lru (1.1.0)
     safe_yaml (1.0.4)
     sawyer (0.6.0)
       addressable (~> 2.3.5)
@@ -274,20 +275,20 @@ GEM
       rspec (~> 3.0)
       rspec-its
       specinfra (~> 2.25)
-    slop (3.6.0)
     solve (1.2.1)
       dep_selector (~> 1.0)
       semverse (~> 1.1)
     specinfra (2.30.0)
       net-scp
       net-ssh
+    sync (0.5.0)
     systemu (2.6.5)
     tailor (1.4.0)
       log_switch (>= 0.3.0)
       nokogiri (>= 1.6.0)
       term-ansicolor (>= 1.0.5)
       text-table (>= 1.2.2)
-    term-ansicolor (1.3.0)
+    term-ansicolor (1.7.1)
       tins (~> 1.0)
     test-kitchen (1.3.1)
       mixlib-shellout (>= 1.2, < 3.0)
@@ -296,18 +297,19 @@ GEM
       safe_yaml (~> 1.0)
       thor (~> 0.18)
     text-table (1.2.4)
-    thor (0.19.1)
-    timers (4.0.1)
+    thor (0.20.3)
+    timers (4.0.4)
       hitimes
-    tins (1.4.2)
-    treetop (1.6.2)
+    tins (1.29.0)
+      sync
+    treetop (1.6.11)
       polyglot (~> 0.3)
     uuidtools (2.1.5)
     varia_model (0.4.0)
       buff-extensions (~> 1.0)
       hashie (>= 2.0.2, < 3.0.0)
     wmi-lite (1.0.0)
-    yajl-ruby (1.2.1)
+    yajl-ruby (1.4.1)
 
 PLATFORMS
   ruby
@@ -317,9 +319,9 @@ DEPENDENCIES
   berkshelf-api-client (~> 1.2)!
   chefspec (~> 4.1)
   ci_reporter_rspec (~> 1.0)
-  foodcritic (~> 4.0)
+  foodcritic (~> 4.0, >= 4.0.0)
   guard (~> 2.8.2)
-  guard-foodcritic (~> 1.0)
+  guard-foodcritic (~> 1.0, >= 1.0.3)
   guard-rake (~> 0.0)
   guard-rspec (~> 4.3.1)
   guard-rubocop (~> 1.1)
@@ -332,5 +334,8 @@ DEPENDENCIES
   rake (~> 10.3)
   rubocop (~> 0.28.0)
   ruby_gntp (~> 0.3)
-  tailor (~> 1.4)
+  tailor (~> 1.4, >= 1.4.0)
   test-kitchen (~> 1.2)
+
+BUNDLED WITH
+   2.1.4