From 7795debb5574d5f363e101ebfaa4824ea7cbcdd3 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 30 Sep 2018 04:13:54 +0000
Subject: [PATCH] fix: Gemfile.lock & Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RUBYZIP-22039
---
 Gemfile.lock | 172 +++++----------------------------------------------
 1 file changed, 16 insertions(+), 156 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index c01079b..5cca65c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -32,14 +32,14 @@ GEM
     activesupport (3.2.6)
       i18n (~> 0.6)
       multi_json (~> 1.0)
-    addressable (2.2.7)
+    addressable (2.2.8)
     arel (3.0.2)
     bourbon (2.1.0)
       sass (>= 3.1)
     bourne (1.1.1)
       mocha (= 0.10.4)
-    builder (3.0.0)
-    capybara (1.1.2)
+    builder (3.0.4)
+    capybara (1.1.4)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
       rack (>= 1.0.0)
@@ -49,8 +49,8 @@ GEM
     capybara-webkit (0.12.1)
       capybara (>= 1.0.0, < 1.2)
       json
-    childprocess (0.3.2)
-      ffi (~> 1.0.6)
+    childprocess (0.9.0)
+      ffi (~> 1.0, >= 1.0.11)
     coffee-rails (3.2.2)
       coffee-script (>= 2.2.0)
       railties (~> 3.2.0)
@@ -58,16 +58,21 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.3.1)
-    cucumber (1.1.9)
+    cucumber (2.99.0)
       builder (>= 2.1.2)
-      diff-lcs (>= 1.1.2)
-      gherkin (~> 2.9.0)
-      json (>= 1.4.6)
-      term-ansicolor (>= 1.0.6)
+      cucumber-core (~> 1.5.0)
+      cucumber-wire (~> 0.0.1)
+      diff-lcs (>= 1.1.3)
+      gherkin (~> 4.0)
+      multi_json (>= 1.7.5, < 2.0)
+      multi_test (>= 0.1.2)
+    cucumber-core (1.5.0)
+      gherkin (~> 4.0)
     cucumber-rails (1.3.0)
       capybara (>= 1.1.2)
       cucumber (>= 1.1.8)
       nokogiri (>= 1.5.0)
+    cucumber-wire (0.0.1)
     daemons (1.1.8)
     database_cleaner (0.7.1)
     diff-lcs (1.1.3)
@@ -76,149 +81,4 @@ GEM
     eventmachine (0.12.10)
     execjs (1.3.2)
       multi_json (~> 1.0)
-    factory_girl (2.6.3)
-      activesupport (>= 2.3.9)
-    factory_girl_rails (1.7.0)
-      factory_girl (~> 2.6.0)
-      railties (>= 3.0.0)
-    fakeweb (1.3.0)
-    ffi (1.0.11)
-    flutie (1.3.3)
-    foreman (0.40.0)
-      term-ansicolor (~> 1.0.7)
-      thor (>= 0.13.6)
-    formtastic (2.0.2)
-      rails (~> 3.0)
-    gherkin (2.9.0)
-      json (>= 1.4.6)
-    hike (1.2.1)
-    htmldiff (0.0.1)
-    i18n (0.6.0)
-    journey (1.0.4)
-    jquery-rails (1.0.19)
-      railties (~> 3.0)
-      thor (~> 0.14)
-    json (1.7.3)
-    launchy (2.0.5)
-      addressable (~> 2.2.6)
-    libwebsocket (0.1.3)
-      addressable
-    mail (2.4.4)
-      i18n (>= 0.4.0)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
-    metaclass (0.0.1)
-    mime-types (1.19)
-    mocha (0.10.4)
-      metaclass (~> 0.0.1)
-    multi_json (1.3.6)
-    nokogiri (1.5.4)
-    open4 (1.3.0)
-    pg (0.13.2)
-    polyglot (0.3.3)
-    rack (1.4.1)
-    rack-cache (1.2)
-      rack (>= 0.4)
-    rack-ssl (1.3.2)
-      rack
-    rack-test (0.6.1)
-      rack (>= 1.0)
-    rails (3.2.6)
-      actionmailer (= 3.2.6)
-      actionpack (= 3.2.6)
-      activerecord (= 3.2.6)
-      activeresource (= 3.2.6)
-      activesupport (= 3.2.6)
-      bundler (~> 1.0)
-      railties (= 3.2.6)
-    railties (3.2.6)
-      actionpack (= 3.2.6)
-      activesupport (= 3.2.6)
-      rack-ssl (~> 1.3.2)
-      rake (>= 0.8.7)
-      rdoc (~> 3.4)
-      thor (>= 0.14.6, < 2.0)
-    rake (0.9.2.2)
-    rdoc (3.12)
-      json (~> 1.4)
-    rspec (2.8.0)
-      rspec-core (~> 2.8.0)
-      rspec-expectations (~> 2.8.0)
-      rspec-mocks (~> 2.8.0)
-    rspec-core (2.8.0)
-    rspec-expectations (2.8.0)
-      diff-lcs (~> 1.1.2)
-    rspec-mocks (2.8.0)
-    rspec-rails (2.8.1)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec (~> 2.8.0)
-    rubyzip (0.9.9)
-    sass (3.1.19)
-    sass-rails (3.2.5)
-      railties (~> 3.2.0)
-      sass (>= 3.1.10)
-      tilt (~> 1.3)
-    selenium-webdriver (2.24.0)
-      childprocess (>= 0.2.5)
-      libwebsocket (~> 0.1.3)
-      multi_json (~> 1.0)
-      rubyzip
-    shoulda-matchers (1.0.0)
-    spork (0.9.0)
-    sprockets (2.1.3)
-      hike (~> 1.2)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
-    term-ansicolor (1.0.7)
-    thin (1.3.1)
-      daemons (>= 1.0.9)
-      eventmachine (>= 0.12.6)
-      rack (>= 1.0.0)
-    thor (0.15.3)
-    tilt (1.3.3)
-    timecop (0.3.5)
-    treetop (1.4.10)
-      polyglot
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.33)
-    uglifier (1.2.4)
-      execjs (>= 0.3.0)
-      multi_json (>= 1.0.2)
-    xpath (0.1.4)
-      nokogiri (~> 1.3)
-    yajl-ruby (1.1.0)
-    yui-compressor (0.9.6)
-      POpen4 (>= 0.1.4)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bourbon (= 2.1.0)
-  bourne (= 1.1.1)
-  capybara-webkit (= 0.12.1)
-  coffee-rails (~> 3.2.1)
-  cucumber-rails (= 1.3.0)
-  database_cleaner (= 0.7.1)
-  dynamic_form (= 1.1.4)
-  factory_girl_rails (= 1.7.0)
-  fakeweb (= 1.3.0)
-  flutie (= 1.3.3)
-  foreman (= 0.40.0)
-  formtastic (= 2.0.2)
-  htmldiff (= 0.0.1)
-  jquery-rails (= 1.0.19)
-  launchy (= 2.0.5)
-  pg (= 0.13.2)
-  rails (= 3.2.6)
-  rspec-rails (= 2.8.1)
-  sass-rails (~> 3.2.5)
-  shoulda-matchers (= 1.0.0)
-  spork (= 0.9.0)
-  thin (= 1.3.1)
-  timecop (= 0.3.5)
-  uglifier
-  yajl-ruby (= 1.1.0)
-  yui-compressor
+    fac...
\ No newline at end of file