phoedos/pmd
1
1
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
27,464 Commits 16 Branches 123 Tags 510 MiB
Commit Graph

52 Commits

Author SHA1 Message Date
Andreas Dangel
aa6851e2d2 Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/49
Fixes https://github.com/pmd/pmd/security/dependabot/50
 2024-02-15 20:31:17 +01:00
Andreas Dangel
a558fd17eb [ci] Use bundler 2.4.22, which is still compatible with ruby 2.7 2023-12-16 13:03:32 +01:00
Andreas Dangel
94d374acaa Update gems 
* Bump commonmarker from 0.23.9 to 0.23.10
** Fixes https://github.com/pmd/pmd/security/dependabot/43
** Fixes https://github.com/advisories/GHSA-7vh7-fw88-wj87
* Bump activesupport from 7.0.5 to 7.0.8
** Fixes https://github.com/pmd/pmd/security/dependabot/45
** Fixes CVE-2023-38037
** Fixes https://github.com/advisories/GHSA-cr5q-6q9f-rq6q
* Bump addressable from 2.8.4 to 2.8.5
* Bump danger from 9.2.0 to 9.3.2
* Bump execjs from 2.8.1 to 2.9.1
* Bump faraday from 2.7.5 to 2.7.11
* Bump ffi from 1.15.5 to 1.16.2
* Bump i18n from 1.13.0 to 1.14.1
* Bump mini_portile2 from 2.8.2 to 2.8.4
* Bump minitest from 5.18.0 to 5.20.0
* Bump nokogiri from 1.15.2 to 1.15.4
* Bump octokit from 5.6.1 to 6.1.1
* Bump public_suffix from 5.0.1 to 5.0.3
* Bump racc from 1.6.2 to 1.7.1
* Bump rexml from 3.2.5 to 3.2.6
* Bump rouge from 4.1.1 to 4.1.3
* Bump rufus-schedule from 3.8.2 to 3.9.1
 2023-09-28 12:17:26 +02:00
Andreas Dangel
f147c76577 Update gems - use pmdtester 1.5.4 2023-05-28 09:04:46 +02:00
Andreas Dangel
ae766de203 Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/38
Fixes https://github.com/pmd/pmd/security/dependabot/39
Fixes https://github.com/pmd/pmd/security/dependabot/40
 2023-04-28 10:28:17 +02:00
Andreas Dangel
11e2a8687e Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/37
Fixes CVE-2023-28120
Fixes https://github.com/advisories/GHSA-pj73-v5mw-pm9j
 2023-03-17 10:40:15 +01:00
Andreas Dangel
c3b1317a77 Update gems 2023-02-02 09:37:17 +01:00
Andreas Dangel
7619693102 Revert "Update gems, update activesupport" 
This reverts commit 460d6a0809c12605cfc6bd543ebb0c41075b4657.
 2023-01-25 10:30:35 +01:00
Andreas Dangel
460d6a0809 Update gems, update activesupport 
Fixes https://github.com/pmd/pmd/security/dependabot/35
Fixes https://github.com/advisories/GHSA-j6gc-792m-qgm2
 2023-01-25 09:46:26 +01:00
Andreas Dangel
9d92528587 Update bundler 2023-01-25 08:56:17 +01:00
Andreas Dangel
6b2f1be14e Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/35
Fixes CVE-2023-22796
Fixes https://github.com/advisories/GHSA-j6gc-792m-qgm2

Fixes https://github.com/pmd/pmd/security/dependabot/36
Fixes https://github.com/advisories/GHSA-636f-xm5j-pj9m
 2023-01-25 08:48:34 +01:00
Andreas Dangel
77b4970de8 Add webrick as gem dependency (jekyll/jekyll#8523) 2023-01-16 11:34:41 +01:00
Andreas Dangel
89b947bec5 Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/34
Fixes CVE-2022-46648
Fixes https://github.com/advisories/GHSA-pfpr-3463-c6jh
 2023-01-10 12:21:27 +01:00
Andreas Dangel
9f5bd42d43 Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/31
Fixes CVE-2022-23476
Fixes https://github.com/advisories/GHSA-qv4q-mr5r-qprj
 2022-12-08 11:41:02 +01:00
Andreas Dangel
edcfe21131 Update pmdtester and other gems 2022-11-25 15:15:10 +01:00
Andreas Dangel
f54ca8b364 Update gems 2022-10-20 15:53:51 +02:00
Andreas Dangel
0dcff72455 Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/26
Fixes https://github.com/advisories/GHSA-4qw4-jpp4-8gvp
 2022-09-24 17:52:56 +02:00
Andreas Dangel
4308aafe92 Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/22
TZInfo relative path traversal vulnerability allows loading of arbitrary files
CVE-2022-31163
https://github.com/advisories/GHSA-5cm2-9h8c-rvfx
 2022-07-22 14:14:12 +02:00
Andreas Dangel
dc512e8a04 [ci] Update gems 
- update pmdtester from 1.5.0 to 1.5.1
- update nokogiri from 1.13.5 to 1.13.6
- update activesupport from 6.0.4.8 to 6.0.5
 2022-05-12 17:33:54 +02:00
Andreas Dangel
d3880443f7 [ci] Update gems 
- update pmtester from 1.4.1 to 1.5.0
- update nokogiri from 1.13.4 to 1.13.5
 2022-05-06 15:05:20 +02:00
Andreas Dangel
094bb1310a Update gems 2022-04-29 12:06:23 +02:00
Andreas Dangel
d09a48ad5f Update regression-tester and other gems 
pmd-tester 1.4.1
nokogiri 1.13.4

Fixes the following security alerts:
- Out-of-bounds Write in zlib affects Nokogiri
- XML Injection in Xerces Java affects Nokogiri
- Inefficient Regular Expression Complexity in Nokogiri
- Denial of Service (DoS) in Nokogiri on JRuby
 2022-04-12 12:17:01 +02:00
Andreas Dangel
c421e7e646 Update gems 
Fixes https://github.com/pmd/pmd/security/dependabot/12
 2022-03-10 10:58:16 +01:00
Andreas Dangel
691887af00 Update gems (nokogiri and others) 
Fixes https://github.com/pmd/pmd/security/dependabot/11
Fixes https://github.com/pmd/pmd/security/dependabot/10
 2022-02-26 10:39:00 +01:00
Andreas Dangel
5fce802d0d [doc] Update gems 2021-12-20 19:04:00 +01:00
Andreas Dangel
c9077e19ea Update gems 
Fixes https://github.com/advisories/GHSA-2rr5-8q37-2w7h
 2021-09-30 15:48:48 +02:00
Andreas Dangel
4a519be2d9 Update gems 
Fixes CVE-2021-32740
Regular Expression Denial of Service in Addressable templates
https://github.com/advisories/GHSA-jxhc-q857-3j6g
 2021-07-15 10:43:38 +02:00
Andreas Dangel
0dab8818af Update gems 2021-05-20 14:26:47 +02:00
Andreas Dangel
c2955e3aa9 Update gems 
Fixes CVE-2021-28965
https://github.com/advisories/GHSA-8cr8-4vfw-mr7h
 2021-05-06 10:12:13 +02:00
Andreas Dangel
1da26f9e55 [doc] Update gems 2021-04-01 12:00:31 +02:00
Andreas Dangel
5ed003c686 Update gems 
CVE-2020-26247
https://github.com/advisories/GHSA-vr8q-g5c7-m54m
 2021-01-07 15:28:06 +01:00
Andreas Dangel
6277717dcf Update gems 
Fixes CVE-2020-14001 (kramdown)
 2020-08-13 09:48:07 +02:00
Andreas Dangel
58d92add5f Update gems 2020-07-31 14:08:28 +02:00
Andreas Dangel
bc4a1d67eb Update gems 2020-05-29 09:27:58 +02:00
Andreas Dangel
6edd6c3ebb [doc] Update gems 2020-05-23 11:01:11 +02:00
Andreas Dangel
baef99df85 [doc] Update gems 2020-04-24 09:48:55 +02:00
Andreas Dangel
75d901068a [doc] Update gems 2020-02-16 11:56:26 +01:00
Clément Fournier
000376f2d2 Update 2020-02-05 20:46:17 +01:00
Andreas Dangel
459b430916 [doc] Update gems, fix rubyzip security alert 
Upgrades rubyzip to 2.0.0, which fixes CVE-2019-16892
 2019-10-03 19:42:58 +02:00
dependabot[bot]
1192ca5051 Bump nokogiri from 1.8.5 to 1.10.4 in /docs 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.8.5 to 1.10.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.8.5...v1.10.4)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-09-02 17:41:26 +00:00
Andreas Dangel
280f53d0b5 [doc] update gems 2018-11-22 20:21:25 +01:00
Andreas Dangel
2e3866fbd4 [doc] Update gems 2018-11-10 18:00:30 +01:00
Andreas Dangel
6339cd42d4 [doc] Update ruby dependencies 
Fixes potential security vulnerability in jekyll 3.7.3 -> 3.7.4
 2018-10-03 10:35:11 +02:00
Andreas Dangel
e3018c3892 [doc] Update gems 2018-09-02 15:36:38 +02:00
Andreas Dangel
eed145b53a Updated gems 2018-05-31 12:57:05 +02:00
Andreas Dangel
175b4285d3 [doc] Update gems 2018-05-26 21:31:19 +02:00
Andreas Dangel
b3161639f8 [doc] Update Ruby/Jekyll/Gems 2017-12-15 18:26:26 +01:00
Andreas Dangel
b7f3032070 [doc] Update gems 2017-09-05 17:05:03 +02:00
Andreas Dangel
23d947b4bf [doc] Add syntax highlighting for code examples 2017-08-15 14:31:03 +02:00
Andreas Dangel
ff0149fb7f [ci] run jekyll directly without docker 2017-07-25 21:09:23 +02:00