From 4b03ac9f476afdbd19ccc3583b575f359ee71afe Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 20 May 2020 02:13:40 -0400
Subject: [PATCH 1/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598
---
 Gemfile | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/Gemfile b/Gemfile
index db203ccd2..1c75c4ec6 100644
--- a/Gemfile
+++ b/Gemfile
@@ -9,13 +9,13 @@ gem "middleman", "~> 3.3.3"
 gem 'compass', '~> 1.0.0.alpha.19'
 
 # Live-reloading plugin
-gem "middleman-livereload"
+gem "middleman-livereload", ">= 3.3.4"
 
 # Debugger / REPL alternative to irb
 gem 'pry'
 gem 'pry-debugger'
 gem 'pry-stack_explorer'
-gem 'middleman-pry'
+gem 'middleman-pry', '>= 0.0.3'
 
 # Cross-templating language block fix for Ruby 1.8
 platforms :mri_18 do
@@ -30,26 +30,26 @@ gem "wdm", "~> 0.1.0", :platforms => [:mswin, :mingw]
 # General plugins
 
 # Blog plugin
-gem "middleman-blog"
+gem "middleman-blog", ">= 3.5.3"
 #gem "middleman-blog-drafts"
 #gem "middleman-blog-authors"
 
-gem 'middleman-deploy'
+gem 'middleman-deploy', '>= 0.2.4'
 
 # Piwik tracker
-gem 'middleman-piwik'
+gem 'middleman-piwik', '>= 0.1.1'
 
 # Thumbnailer
 #gem "middleman-thumbnailer", github: "nhemsley/middleman-thumbnailer"
 
 # favicon support (favicon PNG should be 144×144)
-gem "middleman-favicon-maker"
+gem "middleman-favicon-maker", ">= 3.7"
 
 # HTML & XML parsing smarts
 gem "nokogiri"
 
 # Syntax highlighting
-gem "middleman-syntax"
+gem "middleman-syntax", ">= 2.0.0"
 
 # For feed.xml.builder
 gem "builder", "~> 3.0"
@@ -94,4 +94,4 @@ gem "kramdown"
 
 gem 'open-uri-cached'
 
-gem 'font-awesome-middleman'
+gem 'font-awesome-middleman', '>= 4.1.1'

From 886abe1aeb4fc61833a23a46af970b2e73ef52d3 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 20 May 2020 02:13:41 -0400
Subject: [PATCH 2/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598
---
 Gemfile.lock | 180 +++++++++++++++++++++++++++------------------------
 1 file changed, 94 insertions(+), 86 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index e5ed7e0b1..d080abdfe 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,39 +1,41 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    activesupport (4.1.1)
+    activesupport (4.1.16)
       i18n (~> 0.6, >= 0.6.9)
       json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.1)
       tzinfo (~> 1.1)
-    addressable (2.3.6)
+    addressable (2.3.8)
     asciidoctor (0.1.4)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
     bootstrap-sass (3.1.1.1)
       sass (~> 3.2)
     builder (3.2.2)
-    chunky_png (1.3.1)
-    coderay (1.1.0)
-    coffee-script (2.2.0)
+    celluloid (0.16.0)
+      timers (~> 4.0.0)
+    chunky_png (1.3.11)
+    coderay (1.1.2)
+    coffee-script (2.4.1)
       coffee-script-source
       execjs
-    coffee-script-source (1.7.0)
+    coffee-script-source (1.12.2)
     color-generator (0.0.4)
     columnize (0.8.9)
     commonjs (0.2.7)
-    compass (1.0.0.alpha.19)
+    compass (1.0.3)
       chunky_png (~> 1.2)
-      compass-core (~> 1.0.0.alpha.19)
-      compass-import-once (~> 1.0.3)
-      json
-      listen (~> 1.1.0)
-      sass (>= 3.3.0, < 3.5)
-    compass-core (1.0.0.alpha.19)
+      compass-core (~> 1.0.2)
+      compass-import-once (~> 1.0.5)
+      rb-fsevent (>= 0.9.3)
+      rb-inotify (>= 0.9)
+      sass (>= 3.3.13, < 3.5)
+    compass-core (1.0.3)
       multi_json (~> 1.0)
       sass (>= 3.3.0, < 3.5)
-    compass-import-once (1.0.4)
+    compass-import-once (1.0.5)
       sass (>= 3.2, < 3.5)
     debug_inspector (0.0.2)
     debugger (1.6.8)
@@ -42,102 +44,104 @@ GEM
       debugger-ruby_core_source (~> 1.3.5)
     debugger-linecache (1.2.0)
     debugger-ruby_core_source (1.3.5)
-    docile (1.1.5)
+    docile (1.3.2)
     em-websocket (0.5.1)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0.6.0)
     erubis (2.7.0)
-    eventmachine (1.0.3)
-    execjs (2.2.0)
+    eventmachine (1.2.7)
+    execjs (2.7.0)
     expression_parser (0.9.0)
-    favicon_maker (1.3)
+    favicon_maker (1.3.1)
       docile (~> 1.1)
-    ffi (1.9.3)
-    font-awesome-middleman (4.1.1)
-      middleman-core (>= 3.0.0)
-    haml (4.0.5)
+    ffi (1.12.2)
+    font-awesome-middleman (4.5.0)
+      middleman-core (~> 3.0)
+    haml (5.1.2)
+      temple (>= 0.8.0)
       tilt
     hike (1.2.3)
-    hooks (0.4.0)
-      uber (~> 0.0.4)
+    hitimes (2.0.0)
+    hooks (0.4.1)
+      uber (~> 0.0.14)
     http_parser.rb (0.6.0)
-    i18n (0.6.9)
-    json (1.8.1)
-    kramdown (1.4.0)
+    i18n (0.7.0)
+    json (1.8.6)
+    kramdown (1.17.0)
     less (2.6.0)
       commonjs (~> 0.2.7)
     libv8 (3.16.14.3)
-    listen (1.1.6)
+    listen (2.10.1)
+      celluloid (~> 0.16.0)
       rb-fsevent (>= 0.9.3)
       rb-inotify (>= 0.9)
-      rb-kqueue (>= 0.2)
-    method_source (0.8.2)
-    middleman (3.3.3)
-      coffee-script (~> 2.2.0)
-      compass (>= 0.12.4)
-      compass-import-once (= 1.0.4)
+    method_source (0.9.2)
+    middleman (3.3.12)
+      coffee-script (~> 2.2)
+      compass (>= 1.0.0, < 2.0.0)
+      compass-import-once (= 1.0.5)
       execjs (~> 2.0)
       haml (>= 4.0.5)
       kramdown (~> 1.2)
-      middleman-core (= 3.3.3)
+      middleman-core (= 3.3.12)
       middleman-sprockets (>= 3.1.2)
-      sass (>= 3.2.17, < 4.0)
+      sass (>= 3.4.0, < 4.0)
       uglifier (~> 2.5)
     middleman-blog (3.5.3)
       addressable (~> 2.3.5)
       middleman-core (~> 3.2)
       tzinfo (>= 0.3.0)
-    middleman-core (3.3.3)
+    middleman-core (3.3.12)
       activesupport (~> 4.1.0)
       bundler (~> 1.1)
       erubis
       hooks (~> 0.3)
-      i18n (~> 0.6.9)
-      listen (~> 1.1)
-      padrino-helpers (~> 0.12.1)
+      i18n (~> 0.7.0)
+      listen (>= 2.7.9, < 3.0)
+      padrino-helpers (~> 0.12.3)
       rack (>= 1.4.5, < 2.0)
       rack-test (~> 0.6.2)
       thor (>= 0.15.2, < 2.0)
       tilt (~> 1.4.1, < 2.0)
-    middleman-deploy (0.2.4)
-      middleman-core (>= 3.0.0)
+    middleman-deploy (1.0.0)
+      middleman-core (>= 3.2)
       net-sftp
       ptools
     middleman-favicon-maker (3.7)
       favicon_maker (~> 1.3)
       middleman-core (>= 3.0.0)
-    middleman-livereload (3.3.4)
+    middleman-livereload (3.4.6)
       em-websocket (~> 0.5.1)
-      middleman-core (~> 3.2)
+      middleman-core (>= 3.3)
       rack-livereload (~> 0.3.15)
-    middleman-piwik (0.1.1)
+    middleman-piwik (0.2.0)
       middleman-core (~> 3.2)
-    middleman-pry (0.0.3)
-      middleman-core (>= 3.2.2)
-      pry (>= 0.9.12)
+    middleman-pry (1.0.2)
+      middleman (>= 3.3, < 5)
+      pry (~> 0.9)
     middleman-sprockets (3.3.2)
       middleman-core (>= 3.2)
       sprockets (~> 2.2)
       sprockets-helpers (~> 1.1.0)
       sprockets-sass (~> 1.0.0)
-    middleman-syntax (2.0.0)
-      middleman-core (~> 3.2)
-      rouge (~> 1.0)
+    middleman-syntax (3.2.0)
+      middleman-core (>= 3.2)
+      rouge (~> 3.2)
     mini_portile (0.6.0)
-    minitest (5.3.5)
-    multi_json (1.10.1)
-    net-sftp (2.1.2)
-      net-ssh (>= 2.6.5)
-    net-ssh (2.9.1)
+    minitest (5.14.1)
+    multi_json (1.14.1)
+    net-sftp (3.0.0)
+      net-ssh (>= 5.0.0, < 7.0.0)
+    net-ssh (6.0.2)
     nokogiri (1.6.2.1)
       mini_portile (= 0.6.0)
     oj (2.9.6)
     open-uri-cached (0.0.4)
-    padrino-helpers (0.12.2)
+    padrino-helpers (0.12.9)
       i18n (~> 0.6, >= 0.6.7)
-      padrino-support (= 0.12.2)
-      tilt (~> 1.4.1)
-    padrino-support (0.12.2)
+      padrino-support (= 0.12.9)
+      tilt (>= 1.4.1, < 3)
+    padrino-support (0.12.9)
       activesupport (>= 3.1)
     pry (0.9.12.6)
       coderay (~> 1.0)
@@ -149,24 +153,22 @@ GEM
     pry-stack_explorer (0.4.9.1)
       binding_of_caller (>= 0.7)
       pry (>= 0.9.11)
-    ptools (1.2.4)
-    rack (1.5.2)
-    rack-livereload (0.3.15)
+    ptools (1.3.5)
+    rack (1.6.13)
+    rack-livereload (0.3.17)
       rack
-    rack-test (0.6.2)
+    rack-test (0.6.3)
       rack (>= 1.0)
-    rb-fsevent (0.9.4)
-    rb-inotify (0.9.5)
-      ffi (>= 0.5.0)
-    rb-kqueue (0.2.3)
-      ffi (>= 0.5.0)
+    rb-fsevent (0.10.4)
+    rb-inotify (0.10.1)
+      ffi (~> 1.0)
     ref (1.0.5)
     rinku (1.7.3)
-    rouge (1.4.0)
+    rouge (3.19.0)
     ruby18_source_location (0.2)
-    sass (3.3.8)
-    slop (3.5.0)
-    sprockets (2.12.1)
+    sass (3.4.25)
+    slop (3.6.0)
+    sprockets (2.12.5)
       hike (~> 1.2)
       multi_json (~> 1.0)
       rack (~> 1.0)
@@ -177,16 +179,19 @@ GEM
       sprockets (~> 2.0)
       tilt (~> 1.1)
     stringex (2.5.2)
+    temple (0.8.2)
     therubyracer (0.12.1)
       libv8 (~> 3.16.14.0)
       ref
-    thor (0.19.1)
-    thread_safe (0.3.4)
+    thor (1.0.1)
+    thread_safe (0.3.6)
     tilt (1.4.1)
-    tzinfo (1.2.1)
+    timers (4.0.4)
+      hitimes
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
-    uber (0.0.6)
-    uglifier (2.5.1)
+    uber (0.0.15)
+    uglifier (2.7.2)
       execjs (>= 0.3.0)
       json (>= 1.8.0)
     wikicloth (0.8.1)
@@ -204,18 +209,18 @@ DEPENDENCIES
   coderay
   color-generator
   compass (~> 1.0.0.alpha.19)
-  font-awesome-middleman
+  font-awesome-middleman (>= 4.1.1)
   kramdown
   less
   middleman (~> 3.3.3)
-  middleman-blog
-  middleman-deploy
-  middleman-favicon-maker
-  middleman-livereload
-  middleman-piwik
-  middleman-pry
+  middleman-blog (>= 3.5.3)
+  middleman-deploy (>= 0.2.4)
+  middleman-favicon-maker (>= 3.7)
+  middleman-livereload (>= 3.3.4)
+  middleman-piwik (>= 0.1.1)
+  middleman-pry (>= 0.0.3)
   middleman-sprockets (= 3.3.2)
-  middleman-syntax
+  middleman-syntax (>= 2.0.0)
   nokogiri
   oj
   open-uri-cached
@@ -227,3 +232,6 @@ DEPENDENCIES
   therubyracer
   wdm (~> 0.1.0)
   wikicloth
+
+BUNDLED WITH
+   1.17.3