14988: Upgrades bootstrap-sass to deal with CVE-2019-8331.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima@veritasgenetics.com>

diff --git a/apps/workbench/Gemfile b/apps/workbench/Gemfile
index 0be9a3a4123ddb1b96fa9415d032ead462df255c..ce2a1377d72a3f9f6bbbc3cf92243921eff137cf 100644 (file)
--- a/apps/workbench/Gemfile
+++ b/apps/workbench/Gemfile
@@ -62,7 +62,7 @@ group :test, :performance do
 end
 
 gem 'jquery-rails'
-gem 'bootstrap-sass', '~> 3.1.0'
+gem 'bootstrap-sass', '~> 3.4.1'
 gem 'bootstrap-x-editable-rails'
 gem 'bootstrap-tab-history-rails'
 

diff --git a/apps/workbench/Gemfile.lock b/apps/workbench/Gemfile.lock
index e39f2077602b64c95919f99d39911fe4c2510474..548da1dc049bf32a2abc886e2c451f2b5b1927ab 100644 (file)
--- a/apps/workbench/Gemfile.lock
+++ b/apps/workbench/Gemfile.lock
@@ -80,8 +80,11 @@ GEM
       addressable (>= 2.3.1)
       extlib (>= 0.9.15)
       multi_json (>= 1.0.0)
-    bootstrap-sass (3.1.1.1)
-      sass (~> 3.2)
+    autoprefixer-rails (9.5.1.1)
+      execjs
+    bootstrap-sass (3.4.1)
+      autoprefixer-rails (>= 5.2.1)
+      sassc (>= 2.0.0)
     bootstrap-tab-history-rails (0.1.0)
       railties (>= 3.1)
     bootstrap-x-editable-rails (1.5.1.1)
@@ -318,7 +321,7 @@ DEPENDENCIES
   andand
   angularjs-rails (~> 1.3.8)
   arvados (>= 0.1.20150511150219)
-  bootstrap-sass (~> 3.1.0)
+  bootstrap-sass (~> 3.4.1)
   bootstrap-tab-history-rails
   bootstrap-x-editable-rails
   byebug