diff --git a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile index ef5a22d201405..80a003335852a 100644 --- a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile +++ b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile @@ -13,7 +13,7 @@ gem 'bundler-checksum', '~> 0.1.0', path: 'vendor/gems/bundler-checksum', requir # NOTE: When incrementing the major or minor version here, also increment activerecord_version # in vendor/gems/attr_encrypted/attr_encrypted.gemspec until we resolve # https://gitlab.com/gitlab-org/gitlab/-/issues/375713 -gem 'rails', '~> 6.1.7.2' +gem 'rails', '~> 7.0.8.1' gem 'bootsnap', '~> 1.16.0', require: false @@ -21,9 +21,9 @@ gem 'openssl', '~> 3.0' gem 'ipaddr', '~> 1.2.5' # Responders respond_to and respond_with -gem 'responders', '~> 3.0' +gem 'responders', '~> 3.0', '>= 3.0.1' -gem 'sprockets', '~> 3.7.0' +gem 'sprockets', '~> 4.0.0' gem 'view_component', '~> 3.2.0' @@ -33,7 +33,7 @@ gem 'pg', '~> 1.5.3' gem 'neighbor', '~> 0.2.3' gem 'rugged', '~> 1.5' -gem 'grape-path-helpers', '~> 1.7.1' +gem 'grape-path-helpers', '~> 2.0.0' gem 'faraday', '~> 1.0' gem 'marginalia', '~> 1.11.1' @@ -42,20 +42,20 @@ gem 'marginalia', '~> 1.11.1' gem 'declarative_policy', '~> 1.1.0' # Authentication libraries -gem 'devise', '~> 4.8.1' +gem 'devise', '~> 4.9.0' gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable' gem 'bcrypt', '~> 3.1', '>= 3.1.14' -gem 'doorkeeper', '~> 5.6', '>= 5.6.6' -gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.7' +gem 'doorkeeper', '~> 5.6', '>= 5.6.7' +gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.8' gem 'rexml', '~> 3.2.5' -gem 'ruby-saml', '~> 1.15.0' -gem 'omniauth', '~> 2.1.0' -gem 'omniauth-auth0', '~> 3.1' -gem 'omniauth-azure-activedirectory-v2', '~> 2.0' +gem 'ruby-saml', '~> 1.16.0' +gem 'omniauth', '~> 2.1.1' +gem 'omniauth-auth0', '~> 3.1', '>= 3.1.1' +gem 'omniauth-azure-activedirectory-v2', '~> 2.0', '>= 2.0.1' gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md gem 'omniauth-dingtalk-oauth2', '~> 1.0' -gem 'omniauth-alicloud', '~> 2.0.1' -gem 'omniauth-facebook', '~> 4.0.0' +gem 'omniauth-alicloud', '~> 3.0.0' +gem 'omniauth-facebook', '~> 5.0.0' gem 'omniauth-github', '2.0.1' gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md gem 'omniauth-google-oauth2', '~> 1.1' @@ -64,13 +64,13 @@ gem 'omniauth-saml', '~> 2.1.0' gem 'omniauth-shibboleth-redux', '~> 2.0' gem 'omniauth-twitter', '~> 1.4' gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md -gem 'omniauth_openid_connect', '~> 0.6.1' +gem 'omniauth_openid_connect', '~> 0.7.0' # Locked until Ruby 3.0 upgrade since upgrading will pull in an updated net-smtp gem. # See https://docs.gitlab.com/ee/development/emails.html#rationale. -gem 'openid_connect', '= 1.3.0' +gem 'openid_connect', '= 1.3.1' gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md gem 'omniauth-atlassian-oauth2', '~> 0.2.0' -gem 'rack-oauth2', '~> 1.21.3' +gem 'rack-oauth2', '~> 2.0.0' gem 'jwt', '~> 2.5' # Kerberos authentication. EE-only @@ -80,10 +80,10 @@ gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos # Spam and anti-bot protection gem 'recaptcha', '~> 5.12', require: 'recaptcha/rails' gem 'akismet', '~> 3.0' -gem 'invisible_captcha', '~> 2.0.0' +gem 'invisible_captcha', '~> 2.1.0' # Two-factor authentication -gem 'devise-two-factor', '~> 4.0.2' +gem 'devise-two-factor', '~> 4.1.0' gem 'rqrcode-rails3', '~> 0.1.7' gem 'attr_encrypted', '~> 3.2.4', path: 'vendor/gems/attr_encrypted' @@ -109,17 +109,17 @@ gem 'gitlab_omniauth-ldap', '~> 2.2.0', require: 'omniauth-ldap' gem 'net-ldap', '~> 0.18.0' # API -gem 'grape', '~> 1.7.0' +gem 'grape', '~> 1.7.1' gem 'grape-entity', '~> 0.10.0' -gem 'rack-cors', '~> 1.1.1', require: 'rack/cors' -gem 'grape-swagger', '~> 1.6.1', group: [:development, :test] -gem 'grape-swagger-entity', '~> 0.5.1', group: [:development, :test] +gem 'rack-cors', '~> 2.0.0', require: 'rack/cors' +gem 'grape-swagger', '~> 2.0.0', group: [:development, :test] +gem 'grape-swagger-entity', '~> 0.5.2', group: [:development, :test] # GraphQL API gem 'graphql', '~> 1.13.12' -gem 'graphiql-rails', '~> 1.8' -gem 'apollo_upload_server', '~> 2.1.0' -gem 'graphql-docs', '~> 2.1.0', group: [:development, :test] +gem 'graphiql-rails', '~> 1.9', '>= 1.9.0' +gem 'apollo_upload_server', '~> 2.1.2' +gem 'graphql-docs', '~> 3.0.0', group: [:development, :test] gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import) gem 'hashie', '~> 5.0.0' @@ -135,11 +135,11 @@ gem 'carrierwave', '~> 1.3' gem 'mini_magick', '~> 4.10.1' # for backups -gem 'fog-aws', '~> 3.18' +gem 'fog-aws', '~> 3.19', '>= 3.19.0' # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421. # Also see config/initializers/fog_core_patch.rb. gem 'fog-core', '= 2.1.0' -gem 'fog-google', '~> 1.19', require: 'fog/google' +gem 'fog-google', '~> 1.20', '>= 1.20.0', require: 'fog/google' gem 'fog-local', '~> 0.8' # NOTE: # the fog-aliyun gem since v0.4 pulls in aliyun-sdk transitively, which monkey-patches @@ -148,7 +148,7 @@ gem 'fog-local', '~> 0.8' # We may want to update this dependency if this is ever addressed upstream, e.g. via # https://github.com/aliyun/aliyun-oss-ruby-sdk/pull/93 gem 'fog-aliyun', '~> 0.4' -gem 'gitlab-fog-azure-rm', '~> 1.7.0', require: 'fog/azurerm' +gem 'gitlab-fog-azure-rm', '~> 1.8.0', require: 'fog/azurerm' # for Google storage gem 'google-cloud-storage', '~> 1.44.0' @@ -180,8 +180,8 @@ gem 'faraday_middleware-aws-sigv4', '~>0.3.0' gem 'typhoeus', '~> 1.4.0' # Used with Elasticsearch to support http keep-alive connections # Markdown and HTML processing -gem 'html-pipeline', '~> 2.14.3' -gem 'deckar01-task_list', '2.3.2' +gem 'html-pipeline', '~> 3.0.0' +gem 'deckar01-task_list', '2.3.3' gem 'gitlab-markup', '~> 1.9.0', require: 'github/markup' gem 'commonmarker', '~> 0.23.9' gem 'kramdown', '~> 2.3.1' @@ -196,7 +196,7 @@ gem 'asciidoctor-plantuml', '~> 0.0.16' gem 'asciidoctor-kroki', '~> 0.8.0', require: false gem 'rouge', '~> 4.1.2' gem 'truncato', '~> 0.7.12' -gem 'nokogiri', '~> 1.15', '>= 1.15.2' +gem 'nokogiri', '~> 1.16', '>= 1.16.2' # Calendar rendering gem 'icalendar' @@ -206,7 +206,7 @@ gem 'diffy', '~> 3.4' gem 'diff_match_patch', '~> 0.1.0' # Application server -gem 'rack', '~> 2.2.7' +gem 'rack', '~> 2.2.8', '>= 2.2.8.1' # https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base' @@ -222,8 +222,8 @@ gem 'state_machines-activerecord', '~> 0.8.0' gem 'acts-as-taggable-on', '~> 9.0' # Background jobs -gem 'sidekiq', '~> 6.5.7' -gem 'sidekiq-cron', '~> 1.8.0' +gem 'sidekiq', '~> 6.5.8' +gem 'sidekiq-cron', '~> 1.9.0' gem 'redis-namespace', '~> 1.9.0' gem 'gitlab-sidekiq-fetcher', path: 'vendor/gems/sidekiq-reliable-fetch', require: 'sidekiq-reliable-fetch' @@ -258,7 +258,7 @@ gem 'redis', '~> 4.8.0' gem 'connection_pool', '~> 2.0' # Redis session store -gem 'redis-actionpack', '~> 5.3.0' +gem 'redis-actionpack', '~> 5.4.0' # Discord integration gem 'discordrb-webhooks', '~> 3.4', require: false @@ -274,7 +274,7 @@ gem 'slack-messenger', '~> 2.3.4' gem 'hangouts-chat', '~> 0.0.5', require: 'hangouts_chat' # Asana integration -gem 'asana', '~> 0.10.13' +gem 'asana', '~> 1.0.0' # FogBugz integration gem 'ruby-fogbugz', '~> 0.3.0' @@ -287,16 +287,16 @@ gem 'ruby-openai', '~> 3.7' gem 'circuitbox', '2.0.0' # Sanitize user input -gem 'sanitize', '~> 6.0' +gem 'sanitize', '~> 6.0', '>= 6.0.1' gem 'babosa', '~> 2.0' # Sanitizes SVG input -gem 'loofah', '~> 2.21.3' +gem 'loofah', '~> 2.21.4' # Working with license # Detects the open source license the repository includes # This version needs to be in sync with gitlab-org/gitaly -gem 'licensee', '~> 9.15' +gem 'licensee', '~> 9.15', '>= 9.15.3' # Detect and convert string character encoding gem 'charlock_holmes', '~> 0.7.7' @@ -311,43 +311,43 @@ gem 'fast_blank' gem 'gitlab-chronic', '~> 0.10.5' gem 'gitlab_chronic_duration', '~> 0.10.6.2' -gem 'rack-proxy', '~> 0.7.6' +gem 'rack-proxy', '~> 0.7.7' -gem 'sassc-rails', '~> 2.1.0' +gem 'sassc-rails', '~> 2.1.1' gem 'autoprefixer-rails', '10.2.5.1' gem 'terser', '1.0.2' gem 'addressable', '~> 2.8' gem 'tanuki_emoji', '~> 0.6' gem 'gon', '~> 6.4.0' -gem 'request_store', '~> 1.5.1' +gem 'request_store', '~> 1.6.0' gem 'base32', '~> 0.3.0' gem 'gitlab-license', '~> 2.3' # Protect against bruteforcing -gem 'rack-attack', '~> 6.6.1' +gem 'rack-attack', '~> 6.7.0' # Sentry integration gem 'sentry-raven', '~> 3.1' gem 'sentry-ruby', '~> 5.8.0' -gem 'sentry-rails', '~> 5.8.0' -gem 'sentry-sidekiq', '~> 5.8.0' +gem 'sentry-rails', '~> 5.9.0' +gem 'sentry-sidekiq', '~> 5.9.0' # PostgreSQL query parsing # gem 'pg_query', '~> 4.2.1' -gem 'premailer-rails', '~> 1.10.3' +gem 'premailer-rails', '~> 1.11.0' -gem 'gitlab-labkit', '~> 0.33.0' +gem 'gitlab-labkit', '~> 0.34.0' gem 'thrift', '>= 0.16.0' # I18n gem 'ruby_parser', '~> 3.20', require: false -gem 'rails-i18n', '~> 7.0' +gem 'rails-i18n', '~> 7.0', '>= 7.0.5' gem 'gettext_i18n_rails', '~> 1.8.0' -gem 'gettext_i18n_rails_js', '~> 1.3' +gem 'gettext_i18n_rails_js', '~> 1.3', '>= 1.3.1' gem 'gettext', '~> 3.3', require: false, group: :development gem 'batch-loader', '~> 2.0.1' @@ -370,10 +370,10 @@ gem 'warning', '~> 1.3.0' group :development do gem 'lefthook', '~> 1.4.2', require: false gem 'rubocop' - gem 'solargraph', '~> 0.47.2', require: false + gem 'solargraph', '~> 0.48.0', require: false gem 'letter_opener_web', '~> 2.0.0' - gem 'lookbook', '~> 2.0', '>= 2.0.1' + gem 'lookbook', '~> 2.0', '>= 2.0.2' # Better errors handler gem 'better_errors', '~> 2.10.1' @@ -394,8 +394,8 @@ group :development, :test do gem 'awesome_print', require: false gem 'database_cleaner', '~> 1.7.0' - gem 'factory_bot_rails', '~> 6.2.0' - gem 'rspec-rails', '~> 6.0.1' + gem 'factory_bot_rails', '~> 6.3.0' + gem 'rspec-rails', '~> 6.0.2' # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) gem 'minitest', '~> 5.11.0' @@ -406,7 +406,7 @@ group :development, :test do gem 'spring', '~> 4.1.0' gem 'spring-commands-rspec', '~> 1.0.4' - gem 'gitlab-styles', '~> 10.0.0', require: false + gem 'gitlab-styles', '~> 10.1.0', require: false gem 'haml_lint', '~> 0.40.0', require: false gem 'bundler-audit', '~> 0.7.0.1', require: false @@ -428,7 +428,7 @@ group :development, :test do gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup' - gem 'pact', '~> 1.63' + gem 'pact', '~> 1.64', '>= 1.64.0' end group :development, :test, :danger do @@ -450,11 +450,11 @@ end group :test do gem 'fuubar', '~> 2.2.0' gem 'rspec-retry', '~> 0.6.2' - gem 'rspec_profiling', '~> 0.0.6' + gem 'rspec_profiling', '~> 0.0.7' gem 'rspec-benchmark', '~> 0.6.0' gem 'rspec-parameterized', '~> 1.0', require: false - gem 'capybara', '~> 3.39', '>= 3.39.1' + gem 'capybara', '~> 3.39', '>= 3.39.2' gem 'capybara-screenshot', '~> 1.0.26' # 4.9.1 drops Ruby 2.7 support. We can upgrade further after we drop Ruby 2.7 support. gem 'selenium-webdriver', '= 4.9.0' @@ -474,15 +474,15 @@ group :test do # Moved in `test` because https://gitlab.com/gitlab-org/gitlab/-/issues/217527 gem 'derailed_benchmarks', require: false - gem 'gitlab_quality-test_tooling', '~> 0.8.1', require: false + gem 'gitlab_quality-test_tooling', '~> 0.8.2', require: false end gem 'octokit', '~> 4.15' -gem 'gitlab-mail_room', '~> 0.0.23', require: 'mail_room' +gem 'gitlab-mail_room', '~> 0.0.24', require: 'mail_room' gem 'email_reply_trimmer', '~> 0.1' -gem 'html2text' +gem 'html2text', '>= 0.2.1' gem 'stackprof', '~> 0.2.25', require: false gem 'rbtrace', '~> 0.4', require: false @@ -525,10 +525,10 @@ gem 'flipper', '~> 0.25.0' gem 'flipper-active_record', '~> 0.25.0' gem 'flipper-active_support_cache_store', '~> 0.25.0' gem 'unleash', '~> 3.2.2' -gem 'gitlab-experiment', '~> 0.7.1' +gem 'gitlab-experiment', '~> 0.8.0' # Structured logging -gem 'lograge', '~> 0.5' +gem 'lograge', '~> 0.12', '>= 0.12.0' gem 'grape_logging', '~> 1.8' # DNS Lookup