Skip to content

Commit

Permalink
Pins Nokogiri to server GLIBC version.
Browse files Browse the repository at this point in the history
  • Loading branch information
Thomas Scherz committed Mar 5, 2025
1 parent b7a81b0 commit eb426e4
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 12 deletions.
10 changes: 10 additions & 0 deletions .bundler-audit.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
ignore:
# rails-html-sanitizer - needs Rails 7 upgrade to fix
- CVE-2024-53989
- CVE-2024-53988
- CVE-2024-53987
- CVE-2024-53986
- CVE-2024-53985

# Nokogiri - servers don't have compatible GLIBC
- GHSA-vvfq-8hwr-qm4m
2 changes: 1 addition & 1 deletion Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ gem 'globalize', '~> 7.0'
gem 'net-pop', '~> 0.1.2'
gem 'net-protocol', '>= 0'
# Use nokogiri for java
gem 'nokogiri', '>= 1.18.3'
gem 'nokogiri', '1.16.7'
# Use Puma as the app server
gem 'puma', '>= 6.4.3'
# Use SCSS for stylesheets
Expand Down
20 changes: 9 additions & 11 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,6 @@ GEM
marcel (1.0.4)
matrix (0.4.2)
mini_mime (1.1.5)
mini_portile2 (2.8.8)
minitest (5.25.4)
msgpack (1.8.0)
mutex_m (0.3.0)
Expand All @@ -221,18 +220,17 @@ GEM
net-protocol
net-ssh (7.3.0)
nio4r (2.7.4)
nokogiri (1.18.3)
mini_portile2 (~> 2.8.2)
nokogiri (1.16.7-aarch64-linux)
racc (~> 1.4)
nokogiri (1.18.3-aarch64-linux-gnu)
nokogiri (1.16.7-arm-linux)
racc (~> 1.4)
nokogiri (1.18.3-arm-linux-gnu)
nokogiri (1.16.7-arm64-darwin)
racc (~> 1.4)
nokogiri (1.18.3-arm64-darwin)
nokogiri (1.16.7-x86-linux)
racc (~> 1.4)
nokogiri (1.18.3-x86_64-darwin)
nokogiri (1.16.7-x86_64-darwin)
racc (~> 1.4)
nokogiri (1.18.3-x86_64-linux-gnu)
nokogiri (1.16.7-x86_64-linux)
racc (~> 1.4)
orm_adapter (0.5.0)
ostruct (0.6.1)
Expand Down Expand Up @@ -283,9 +281,9 @@ GEM
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.2)
rails-html-sanitizer (1.6.0)
loofah (~> 2.21)
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
nokogiri (~> 1.14)
railties (7.2.2.1)
actionpack (= 7.2.2.1)
activesupport (= 7.2.2.1)
Expand Down Expand Up @@ -480,7 +478,7 @@ DEPENDENCIES
mysql2
net-pop (~> 0.1.2)
net-protocol
nokogiri (>= 1.18.3)
nokogiri (= 1.16.7)
petergate
puma (>= 6.4.3)
rails (~> 7.2.2.1)
Expand Down

0 comments on commit eb426e4

Please sign in to comment.