From be41d61790a7120add8aa544ea541b87905d96c0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 8 Nov 2018 06:55:18 +0000
Subject: [PATCH] fix: Gemfile.lock & Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-72567
---
 Gemfile      |  2 +-
 Gemfile.lock | 90 +++++++++++++++++++++++++++-------------------------
 2 files changed, 47 insertions(+), 45 deletions(-)

diff --git a/Gemfile b/Gemfile
index 7f385a6..2d28286 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,4 +2,4 @@ source 'https://rubygems.org'
 
 gem 'foodcritic', '>= 4.0.0'
 gem 'berkshelf', '~> 4.2', '>= 4.2.3'
-gem 'chefspec', '~> 4.1', '>= 4.1.0'
+gem 'chefspec', '~> 4.7', '>= 4.7.0'
diff --git a/Gemfile.lock b/Gemfile.lock
index 174603b..b0c02f9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -40,26 +40,26 @@ GEM
     celluloid-io (0.16.2)
       celluloid (>= 0.16.0)
       nio4r (>= 1.1.0)
-    chef (13.6.4)
+    chef (14.6.47)
       addressable
       bundler (>= 1.10)
-      chef-config (= 13.6.4)
+      chef-config (= 14.6.47)
       chef-zero (>= 13.0)
       diff-lcs (~> 1.2, >= 1.2.4)
       erubis (~> 2.7)
+      ffi (~> 1.9, >= 1.9.25)
       ffi-yajl (~> 2.2)
       highline (~> 1.6, >= 1.6.9)
       iniparse (~> 1.4)
-      iso8601 (~> 0.9.1)
       mixlib-archive (~> 0.4)
-      mixlib-authentication (~> 1.4)
+      mixlib-authentication (~> 2.1)
       mixlib-cli (~> 1.7)
-      mixlib-log (~> 1.3)
-      mixlib-shellout (~> 2.0)
+      mixlib-log (~> 2.0, >= 2.0.3)
+      mixlib-shellout (~> 2.4)
       net-sftp (~> 2.1, >= 2.1.2)
-      net-ssh (>= 2.9, < 5.0)
+      net-ssh (~> 4.2)
       net-ssh-multi (~> 1.2, >= 1.2.1)
-      ohai (~> 13.0)
+      ohai (~> 14.0)
       plist (~> 3.2)
       proxifier (~> 1.0)
       rspec-core (~> 3.5)
@@ -70,15 +70,16 @@ GEM
       specinfra (~> 2.10)
       syslog-logger (~> 1.6)
       uuidtools (~> 2.1.5)
-    chef-config (13.6.4)
+    chef-config (14.6.47)
       addressable
       fuzzyurl
-      mixlib-config (~> 2.0)
+      mixlib-config (>= 2.2.12, < 3.0)
       mixlib-shellout (~> 2.0)
-    chef-zero (13.1.0)
+      tomlrb (~> 1.2)
+    chef-zero (14.0.6)
       ffi-yajl (~> 2.2)
       hashie (>= 2.0, < 4.0)
-      mixlib-log (~> 1.3)
+      mixlib-log (~> 2.0)
       rack (~> 2.0)
       uuidtools (~> 2.1)
     chefspec (4.7.0)
@@ -97,7 +98,7 @@ GEM
       multipart-post (>= 1.2, < 3)
     fauxhai (3.10.0)
       net-ssh
-    ffi (1.9.18)
+    ffi (1.9.25)
     ffi-yajl (2.3.1)
       libyajl2 (~> 1.2)
     foodcritic (12.2.1)
@@ -110,26 +111,26 @@ GEM
       treetop (~> 1.4)
     fuzzyurl (0.9.0)
     gherkin (5.0.0)
-    hashie (3.5.6)
+    hashie (3.6.0)
     highline (1.7.10)
     hitimes (1.2.6)
     httpclient (2.7.2)
     iniparse (1.4.4)
     ipaddress (0.8.3)
-    iso8601 (0.9.1)
     json (2.1.0)
     libyajl2 (1.2.0)
     mini_portile2 (2.3.0)
     minitar (0.6.1)
-    mixlib-archive (0.4.1)
+    mixlib-archive (0.4.18)
       mixlib-log
-    mixlib-authentication (1.4.2)
+    mixlib-authentication (2.1.1)
     mixlib-cli (1.7.0)
-    mixlib-config (2.2.4)
-    mixlib-log (1.7.1)
-    mixlib-shellout (2.3.2)
+    mixlib-config (2.2.13)
+      tomlrb
+    mixlib-log (2.0.4)
+    mixlib-shellout (2.4.0)
     molinillo (0.4.5)
-    multi_json (1.12.2)
+    multi_json (1.13.1)
     multipart-post (2.0.0)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
@@ -147,23 +148,23 @@ GEM
       mini_portile2 (~> 2.3.0)
     octokit (4.7.0)
       sawyer (~> 0.8.0, >= 0.5.3)
-    ohai (13.6.0)
-      chef-config (>= 12.5.0.alpha.1, < 14)
+    ohai (14.6.2)
+      chef-config (>= 12.8, < 15)
       ffi (~> 1.9)
       ffi-yajl (~> 2.2)
       ipaddress
-      mixlib-cli
+      mixlib-cli (>= 1.7.0)
       mixlib-config (~> 2.0)
-      mixlib-log (>= 1.7.1, < 2.0)
+      mixlib-log (~> 2.0, >= 2.0.1)
       mixlib-shellout (~> 2.0)
       plist (~> 3.1)
       systemu (~> 2.6.4)
       wmi-lite (~> 1.0)
-    plist (3.3.0)
+    plist (3.4.0)
     polyglot (0.3.5)
     proxifier (1.0.3)
-    public_suffix (3.0.1)
-    rack (2.0.3)
+    public_suffix (3.0.3)
+    rack (2.0.6)
     rake (12.3.0)
     retryable (2.0.4)
     ridley (4.6.1)
@@ -184,22 +185,22 @@ GEM
       retryable (~> 2.0)
       semverse (~> 1.1)
       varia_model (~> 0.4.0)
-    rspec (3.7.0)
-      rspec-core (~> 3.7.0)
-      rspec-expectations (~> 3.7.0)
-      rspec-mocks (~> 3.7.0)
-    rspec-core (3.7.0)
-      rspec-support (~> 3.7.0)
-    rspec-expectations (3.7.0)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.8.0)
     rspec-its (1.2.0)
       rspec-core (>= 3.0.0)
       rspec-expectations (>= 3.0.0)
-    rspec-mocks (3.7.0)
+    rspec-mocks (3.8.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
-    rspec-support (3.7.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.0)
     rspec_junit_formatter (0.2.3)
       builder (< 4)
       rspec-core (>= 2, < 4, != 2.12.0)
@@ -217,16 +218,17 @@ GEM
     solve (2.0.3)
       molinillo (~> 0.4.2)
       semverse (~> 1.1)
-    specinfra (2.72.1)
+    specinfra (2.76.3)
       net-scp
-      net-ssh (>= 2.7, < 5.0)
-      net-telnet
+      net-ssh (>= 2.7)
+      net-telnet (= 0.1.1)
       sfl
     syslog-logger (1.6.8)
     systemu (2.6.5)
     thor (0.20.0)
     timers (4.0.4)
       hitimes
+    tomlrb (1.2.7)
     treetop (1.6.9)
       polyglot (~> 0.3)
     uuidtools (2.1.5)
@@ -240,8 +242,8 @@ PLATFORMS
 
 DEPENDENCIES
   berkshelf (~> 4.2, >= 4.2.3)
-  chefspec (~> 4.1, >= 4.1.0)
+  chefspec (~> 4.7, >= 4.7.0)
   foodcritic (>= 4.0.0)
 
 BUNDLED WITH
-   1.13.6
+   1.16.6