From a57f4dcda90760c7e8244496717155d196f6a9b2 Mon Sep 17 00:00:00 2001 From: Andrey Sokolov Date: Wed, 14 Jun 2023 21:44:43 +0400 Subject: [PATCH] fix: bump dependencies to fix cocoapods vulnerability (#448) * chore: bump dependencies * fix: update README for patch version bump --------- Co-authored-by: justin.fiedler --- Gemfile.lock | 79 ++++++++++++++++++++++++++++------------------------ README.md | 2 +- 2 files changed, 44 insertions(+), 37 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 3dfc6141..8e00ca60 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,84 +1,91 @@ GEM remote: https://rubygems.org/ specs: - CFPropertyList (3.0.2) - activesupport (4.2.11.3) - i18n (~> 0.7) - minitest (~> 5.1) - thread_safe (~> 0.3, >= 0.3.4) - tzinfo (~> 1.1) - algoliasearch (1.27.4) + CFPropertyList (3.0.6) + rexml + activesupport (6.1.7.3) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + zeitwerk (~> 2.3) + addressable (2.8.4) + public_suffix (>= 2.0.2, < 6.0) + algoliasearch (1.27.5) httpclient (~> 2.8, >= 2.8.3) json (>= 1.5.1) atomos (0.1.3) - claide (1.0.3) - cocoapods (1.9.3) - activesupport (>= 4.0.2, < 5) + claide (1.1.0) + cocoapods (1.12.1) + addressable (~> 2.8) claide (>= 1.0.2, < 2.0) - cocoapods-core (= 1.9.3) + cocoapods-core (= 1.12.1) cocoapods-deintegrate (>= 1.0.3, < 2.0) - cocoapods-downloader (>= 1.2.2, < 2.0) + cocoapods-downloader (>= 1.6.0, < 2.0) cocoapods-plugins (>= 1.0.0, < 2.0) cocoapods-search (>= 1.0.0, < 2.0) - cocoapods-stats (>= 1.0.0, < 2.0) - cocoapods-trunk (>= 1.4.0, < 2.0) + cocoapods-trunk (>= 1.6.0, < 2.0) cocoapods-try (>= 1.1.0, < 2.0) colored2 (~> 3.1) escape (~> 0.0.4) fourflusher (>= 2.3.0, < 3.0) gh_inspector (~> 1.0) - molinillo (~> 0.6.6) + molinillo (~> 0.8.0) nap (~> 1.0) - ruby-macho (~> 1.4) - xcodeproj (>= 1.14.0, < 2.0) - cocoapods-core (1.9.3) - activesupport (>= 4.0.2, < 6) + ruby-macho (>= 2.3.0, < 3.0) + xcodeproj (>= 1.21.0, < 2.0) + cocoapods-core (1.12.1) + activesupport (>= 5.0, < 8) + addressable (~> 2.8) algoliasearch (~> 1.0) concurrent-ruby (~> 1.1) fuzzy_match (~> 2.0.4) nap (~> 1.0) netrc (~> 0.11) + public_suffix (~> 4.0) typhoeus (~> 1.0) - cocoapods-deintegrate (1.0.4) + cocoapods-deintegrate (1.0.5) cocoapods-downloader (1.6.3) cocoapods-plugins (1.0.0) nap - cocoapods-search (1.0.0) - cocoapods-stats (1.1.0) - cocoapods-trunk (1.5.0) + cocoapods-search (1.0.1) + cocoapods-trunk (1.6.0) nap (>= 0.8, < 2.0) netrc (~> 0.11) cocoapods-try (1.2.0) colored2 (3.1.2) - concurrent-ruby (1.1.7) + concurrent-ruby (1.2.2) escape (0.0.4) - ethon (0.12.0) - ffi (>= 1.3.0) - ffi (1.13.1) + ethon (0.16.0) + ffi (>= 1.15.0) + ffi (1.15.5) fourflusher (2.3.1) fuzzy_match (2.0.4) gh_inspector (1.1.3) httpclient (2.8.3) - i18n (0.9.5) + i18n (1.14.1) concurrent-ruby (~> 1.0) - json (2.3.1) - minitest (5.14.2) - molinillo (0.6.6) + json (2.6.3) + minitest (5.18.0) + molinillo (0.8.0) nanaimo (0.3.0) nap (1.1.0) netrc (0.11.0) - ruby-macho (1.4.0) - thread_safe (0.3.6) + public_suffix (4.0.7) + rexml (3.2.5) + ruby-macho (2.5.1) typhoeus (1.4.0) ethon (>= 0.9.0) - tzinfo (1.2.10) - thread_safe (~> 0.1) - xcodeproj (1.18.0) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) + xcodeproj (1.22.0) CFPropertyList (>= 2.3.3, < 4.0) atomos (~> 0.1.3) claide (>= 1.0.2, < 2.0) colored2 (~> 3.1) nanaimo (~> 0.3.0) + rexml (~> 3.2.4) + zeitwerk (2.6.8) PLATFORMS ruby diff --git a/README.md b/README.md index e8054d88..8c88ce2c 100644 --- a/README.md +++ b/README.md @@ -68,4 +68,4 @@ Prerequisites Click [here](https://github.com/amplitude/Amplitude-iOS/blob/main/CHANGELOG.md) to view the iOS SDK Changelog. ## Need Help? -If you have any problems or issues over our SDK, feel free to create a github issue or submit a request on [Amplitude Help](https://help.amplitude.com/hc/en-us/requests/new). +If you have any problems or issues over our SDK, please refer to the [Developer Center](https://developers.amplitude.com/docs/ios) for help. If you don't find a solution there, then feel free to create a GitHub issue or submit a request on [Amplitude Help](https://help.amplitude.com/hc/en-us/requests/new).