From 4ed27214948f79a6cd529e15480231210b3315de Mon Sep 17 00:00:00 2001 From: Alexander Graf Date: Wed, 5 Dec 2018 11:53:11 +0100 Subject: [PATCH] Set new minimum fastlane version to 2.104.0 to fix #129 (#130) * Set new minimum fastlane version to fix #129 Fixes CVE 2018-1000544 and resolves https://github.com/airsidemobile/JOSESwift/issues/129 * Update Gemfile * Update Gemfile * [CVE-2018] Set fastlane version to 2.108.0 and run bundle install --- Gemfile | 4 ++-- Gemfile.lock | 49 +++++++++++++++++++++++++------------------------ 2 files changed, 27 insertions(+), 26 deletions(-) diff --git a/Gemfile b/Gemfile index 7630d3d8..78e70d8c 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,4 @@ source 'https://rubygems.org' gem 'cocoapods' -gem 'fastlane' -gem 'xcpretty' \ No newline at end of file +gem 'fastlane', '>= 2.108.0' +gem 'xcpretty' diff --git a/Gemfile.lock b/Gemfile.lock index 13864eac..f1750a8d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,7 +2,7 @@ GEM remote: https://rubygems.org/ specs: CFPropertyList (3.0.0) - activesupport (4.2.10) + activesupport (4.2.11) i18n (~> 0.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) @@ -36,12 +36,12 @@ GEM fuzzy_match (~> 2.0.4) nap (~> 1.0) cocoapods-deintegrate (1.0.2) - cocoapods-downloader (1.2.1) + cocoapods-downloader (1.2.2) cocoapods-plugins (1.0.0) nap cocoapods-search (1.0.0) cocoapods-stats (1.0.0) - cocoapods-trunk (1.3.0) + cocoapods-trunk (1.3.1) nap (>= 0.8, < 2.0) netrc (~> 0.11) cocoapods-try (1.1.0) @@ -49,7 +49,7 @@ GEM colored2 (3.1.2) commander-fastlane (4.4.6) highline (~> 1.7.2) - concurrent-ruby (1.0.5) + concurrent-ruby (1.1.3) declarative (0.0.10) declarative-option (0.1.0) domain_name (0.5.20180417) @@ -58,15 +58,15 @@ GEM emoji_regex (0.1.1) escape (0.0.4) excon (0.62.0) - faraday (0.15.2) + faraday (0.15.4) multipart-post (>= 1.2, < 3) faraday-cookie_jar (0.0.6) faraday (>= 0.7.4) http-cookie (~> 1.0.0) faraday_middleware (0.12.2) faraday (>= 0.7.4, < 1.0) - fastimage (2.1.3) - fastlane (2.101.1) + fastimage (2.1.5) + fastlane (2.108.0) CFPropertyList (>= 2.3, < 4.0.0) addressable (>= 2.3, < 3.0.0) babosa (>= 1.0.2, < 2.0.0) @@ -90,7 +90,7 @@ GEM multipart-post (~> 2.0.0) plist (>= 3.1.0, < 4.0.0) public_suffix (~> 2.0.0) - rubyzip (>= 1.2.1, < 2.0.0) + rubyzip (>= 1.2.2, < 2.0.0) security (= 0.1.3) simctl (~> 1.6.3) slack-notifier (>= 2.0.0, < 3.0.0) @@ -99,23 +99,24 @@ GEM tty-screen (>= 0.6.3, < 1.0.0) tty-spinner (>= 0.8.0, < 1.0.0) word_wrap (~> 1.0.0) - xcodeproj (>= 1.5.7, < 2.0.0) - xcpretty (~> 0.2.8) + xcodeproj (>= 1.6.0, < 2.0.0) + xcpretty (~> 0.3.0) xcpretty-travis-formatter (>= 0.0.3) fourflusher (2.0.1) fuzzy_match (2.0.4) gh_inspector (1.1.3) - google-api-client (0.23.4) + google-api-client (0.23.9) addressable (~> 2.5, >= 2.5.1) googleauth (>= 0.5, < 0.7.0) httpclient (>= 2.8.1, < 3.0) mime-types (~> 3.0) representable (~> 3.0) retriable (>= 2.0, < 4.0) - googleauth (0.6.4) + signet (~> 0.9) + googleauth (0.6.7) faraday (~> 0.12) jwt (>= 1.4, < 3.0) - memoist (~> 0.12) + memoist (~> 0.16) multi_json (~> 1.11) os (>= 0.9, < 2.0) signet (~> 0.7) @@ -150,10 +151,10 @@ GEM uber (< 0.2.0) retriable (3.1.2) rouge (2.0.7) - ruby-macho (1.2.0) - rubyzip (1.2.1) + ruby-macho (1.3.1) + rubyzip (1.2.2) security (0.1.3) - signet (0.8.1) + signet (0.11.0) addressable (~> 2.3) faraday (~> 0.9) jwt (>= 1.5, < 3.0) @@ -168,8 +169,8 @@ GEM thread_safe (0.3.6) tty-cursor (0.6.0) tty-screen (0.6.5) - tty-spinner (0.8.0) - tty-cursor (>= 0.5.0) + tty-spinner (0.9.0) + tty-cursor (~> 0.6.0) tzinfo (1.2.5) thread_safe (~> 0.1) uber (0.1.0) @@ -178,13 +179,13 @@ GEM unf_ext (0.0.7.5) unicode-display_width (1.4.0) word_wrap (1.0.0) - xcodeproj (1.5.9) + xcodeproj (1.7.0) CFPropertyList (>= 2.3.3, < 4.0) - atomos (~> 0.1.2) + atomos (~> 0.1.3) claide (>= 1.0.2, < 2.0) colored2 (~> 3.1) - nanaimo (~> 0.2.5) - xcpretty (0.2.8) + nanaimo (~> 0.2.6) + xcpretty (0.3.0) rouge (~> 2.0.7) xcpretty-travis-formatter (1.0.0) xcpretty (~> 0.2, >= 0.0.7) @@ -194,8 +195,8 @@ PLATFORMS DEPENDENCIES cocoapods - fastlane + fastlane (>= 2.108.0) xcpretty BUNDLED WITH - 1.16.1 + 1.16.6