From ea41fdf7e58a729cdefffaa3fcc3061b441497b2 Mon Sep 17 00:00:00 2001 From: Yannick Wurm Date: Sat, 9 May 2026 23:32:09 +0100 Subject: [PATCH] security update to ruby 3.3 and of all bundles --- .github/workflows/tests.yml | 2 +- Dockerfile | 6 +- Gemfile | 2 +- Gemfile.lock | 142 ++++++++++++++++++++---------------- 4 files changed, 84 insertions(+), 68 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 5f4b9f9b..44945ed0 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -34,7 +34,7 @@ jobs: - name: Set up Ruby uses: ruby/setup-ruby@v1 with: - ruby-version: "3.2" + ruby-version: "3.3" bundler-cache: true - name: Install Ruby dependencies diff --git a/Dockerfile b/Dockerfile index 0f2569b6..8b3dca0e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG BLAST_VERSION=2.16.0 ## Stage 1: gem dependencies. -FROM docker.io/library/ruby:3.2-bookworm AS builder +FROM docker.io/library/ruby:3.3-bookworm AS builder # Copy over files required for installing gem dependencies. WORKDIR /sequenceserver @@ -22,7 +22,7 @@ RUN bundle install --without=development FROM docker.io/ncbi/blast-static:${BLAST_VERSION} AS ncbi-blast ## Stage 3: Puting it together. -FROM docker.io/library/ruby:3.2-bookworm AS final +FROM docker.io/library/ruby:3.3-bookworm AS final LABEL Description="Intuitive local web frontend for the BLAST bioinformatics tool" LABEL MailingList="https://groups.google.com/forum/#!forum/sequenceserver" @@ -89,7 +89,7 @@ COPY --from=node /usr/src/app/public/sequenceserver-*.min.js public/ COPY --from=node /usr/src/app/public/css/sequenceserver.min.css public/css/ ## Stage 6 (optional) Pull the example database from the debian package. -FROM docker.io/library/ruby:3.2-bookworm AS example_db +FROM docker.io/library/ruby:3.3-bookworm AS example_db WORKDIR /tmp RUN apt-get update && apt-get download ncbi-blast+ && dpkg-deb -xv ncbi-blast+*.deb . diff --git a/Gemfile b/Gemfile index d65e2a66..fa75df15 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,3 @@ -source 'http://rubygems.org' +source 'https://rubygems.org' gemspec diff --git a/Gemfile.lock b/Gemfile.lock index eef29819..321e6bfc 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -13,12 +13,13 @@ PATH webrick (~> 1.8, >= 1.8.0) GEM - remote: http://rubygems.org/ + remote: https://rubygems.org/ specs: - addressable (2.8.5) - public_suffix (>= 2.0.2, < 6.0) - ast (2.4.2) - base64 (0.2.0) + addressable (2.9.0) + public_suffix (>= 2.0.2, < 8.0) + ast (2.4.3) + base64 (0.3.0) + bigdecimal (4.1.2) capybara (3.40.0) addressable matrix @@ -28,92 +29,107 @@ GEM rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) - capybara-screenshot (1.0.26) + capybara-screenshot (1.0.27) capybara (>= 1.0, < 4) launchy + childprocess (5.1.0) + logger (~> 1.5) coderay (1.1.3) - diff-lcs (1.5.1) - docile (1.4.0) - domain_name (0.5.20190701) - unf (>= 0.0.5, < 1.0.0) + diff-lcs (1.6.2) + docile (1.4.1) + domain_name (0.6.20240107) http-accept (1.7.0) - http-cookie (1.0.5) + http-cookie (1.1.6) domain_name (~> 0.5) - json (2.3.0) - json_pure (2.6.3) - launchy (2.5.2) + io-console (0.8.2) + json (2.19.5) + json_pure (2.8.1) + language_server-protocol (3.17.0.5) + launchy (3.1.1) addressable (~> 2.8) - matrix (0.4.2) - method_source (1.0.0) - mime-types (3.4.1) - mime-types-data (~> 3.2015) - mime-types-data (3.2023.0218.1) + childprocess (~> 5.0) + logger (~> 1.6) + lint_roller (1.1.0) + logger (1.7.0) + matrix (0.4.3) + method_source (1.1.0) + mime-types (3.7.0) + logger + mime-types-data (~> 3.2025, >= 3.2025.0507) + mime-types-data (3.2026.0414) mini_mime (1.1.5) - mini_portile2 (2.8.7) - mustermann (3.0.0) - ruby2_keywords (~> 0.0.1) + mini_portile2 (2.8.9) + mustermann (3.1.1) netrc (0.11.0) - nokogiri (1.16.6) + nokogiri (1.19.3) mini_portile2 (~> 2.8.2) racc (~> 1.4) - ox (2.14.16) - parallel (1.23.0) - parser (3.2.2.0) + ox (2.14.26) + bigdecimal (>= 3.0) + parallel (2.1.0) + parser (3.3.11.1) ast (~> 2.4.1) - pry (0.14.2) + racc + prism (1.9.0) + pry (0.16.0) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (5.0.3) - racc (1.8.0) - rack (3.1.7) - rack-protection (4.0.0) + reline (>= 0.6.0) + public_suffix (7.0.5) + racc (1.8.1) + rack (3.2.6) + rack-protection (4.2.1) base64 (>= 0.1.0) + logger (>= 1.6.0) rack (>= 3.0.0, < 4) - rack-session (2.0.0) + rack-session (2.1.2) + base64 (>= 0.1.0) rack (>= 3.0.0) - rack-test (2.1.0) + rack-test (2.2.0) rack (>= 1.3) rack_csrf (2.7.0) rack (>= 1.1.0) - rackup (2.1.0) + rackup (2.3.1) rack (>= 3) - webrick (~> 1.8) rainbow (3.1.1) - regexp_parser (2.8.2) + regexp_parser (2.12.0) + reline (0.6.3) + io-console (~> 0.5) rest-client (2.1.0) http-accept (>= 1.7.0, < 2.0) http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - rexml (3.3.7) - rspec (3.13.0) + rexml (3.4.4) + rspec (3.13.2) rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) rspec-mocks (~> 3.13.0) - rspec-core (3.13.0) + rspec-core (3.13.6) rspec-support (~> 3.13.0) - rspec-expectations (3.13.0) + rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.0) + rspec-mocks (3.13.8) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-support (3.13.1) - rubocop (1.50.2) + rspec-support (3.13.7) + rubocop (1.86.1) json (~> 2.3) - parallel (~> 1.10) - parser (>= 3.2.0.0) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) + parallel (>= 1.10) + parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) - regexp_parser (>= 1.8, < 3.0) - rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.28.0, < 2.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.49.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.28.0) - parser (>= 3.2.1.0) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.49.1) + parser (>= 3.3.7.2) + prism (~> 1.7) ruby-progressbar (1.13.0) - ruby2_keywords (0.0.5) - rubyzip (2.3.2) + rubyzip (2.4.1) selenium-webdriver (4.18.1) base64 (~> 0.2) rexml (~> 3.2, >= 3.2.5) @@ -123,22 +139,22 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-html (0.12.3) + simplecov-html (0.13.2) simplecov_json_formatter (0.1.4) - sinatra (4.0.0) + sinatra (4.2.1) + logger (>= 1.6.0) mustermann (~> 3.0) rack (>= 3.0.0, < 4) - rack-protection (= 4.0.0) + rack-protection (= 4.2.1) rack-session (>= 2.0.0, < 3) tilt (~> 2.0) slop (3.6.0) - tilt (2.2.0) - unf (0.1.4) - unf_ext - unf_ext (0.0.8.2) - unicode-display_width (2.4.2) - webrick (1.8.1) - websocket (1.2.10) + tilt (2.7.0) + unicode-display_width (3.2.0) + unicode-emoji (~> 4.1) + unicode-emoji (4.2.0) + webrick (1.9.2) + websocket (1.2.11) xpath (3.2.0) nokogiri (~> 1.8)