zerobounce-sdk 2.1.0 → 2.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2dc83468988043fa3a7907c8c9cbfac6185cc54f6e02d56c89e0be0cd1f1d24b
-  data.tar.gz: 410e9b0308a04ba30400123609247b6216c3005b5843ae6a8eb41951ea178171
+  metadata.gz: b617667aabee47a92fde32c4b4d12eaa132d25c6873e42930425376b0e1b00d3
+  data.tar.gz: 372e8da40e33f992a5c37c6af94cdbaefa60376e4e576b193d532846c8f82510
 SHA512:
-  metadata.gz: 2c650c338d1ebcf6222fd047b99682bec4e0f6da937e8b06cc2d2dfcb47db975f3ba3b39c909f91ddd7b8c1ab4ae38087dc4c9bfcce166a95ad130de9f34c3e1
-  data.tar.gz: cf4b1948a0eb8017cf4e0c1a07658f013d10b0effc35b4483d299df1bbf2117bd7f7dab40ba9bddeb744272217739e31ad9dc95711d4d32d143a5692d49d54df
+  metadata.gz: 281f8049a31c3ce3291a5a1ac4b093002918d1c403092e9716b958223b13498b9c0a8c37e2a5e46245a8891c11a8da3198ee56ced5a2abff402fd12193dbee5b
+  data.tar.gz: c4847c780bd16ba9918963f94ba5df4f7489de9a51bef6cc01c634f88ea598964cd60fdcae42773766a2418b84931074785858b7763dfd8bbe5a9cad4a866bd2

data/.github/workflows/codeql.yml

@@ -71,7 +71,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4
+      uses: github/codeql-action/init@v4.35.2
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -100,6 +100,6 @@ jobs:
         exit 1
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4
+      uses: github/codeql-action/analyze@v4.35.2
       with:
         category: "/language:${{matrix.language}}"

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+# 2.1.1
+
+* Raise development and transitive dependency floors to address security advisories for REXML, Addressable, and YARD (updated `Gemfile.lock`; see `Gemfile` and `zerobounce.gemspec`).
+
 # 0.3.0
 * Update ruby and bundler version
 

data/Gemfile

@@ -7,3 +7,7 @@ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 # Specify your gem's dependencies in zerobounce.gemspec
 gemspec
 
+# Transitive dependency floors (security advisories: REXML DoS/ReDoS, Addressable ReDoS).
+gem 'rexml', '>= 3.4.4'
+gem 'addressable', '>= 2.8.10'
+

data/Gemfile.lock

@@ -1,15 +1,15 @@
 PATH
   remote: .
   specs:
-    zerobounce-sdk (2.1.0)
+    zerobounce-sdk (2.1.4)
       dotenv
       rest-client (~> 2.1)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.4)
-      public_suffix (>= 2.0.2, < 6.0)
+    addressable (2.9.0)
+      public_suffix (>= 2.0.2, < 8.0)
     ast (2.4.2)
     base64 (0.3.0)
     bigdecimal (4.0.1)
@@ -26,18 +26,20 @@ GEM
     http-cookie (1.0.5)
       domain_name (~> 0.5)
     json (2.6.3)
+    logger (1.7.0)
     method_source (1.0.0)
     mime-types (3.5.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2023.0808)
     netrc (0.11.0)
+    ostruct (0.6.3)
     parallel (1.22.1)
     parser (3.2.2.0)
       ast (~> 2.4.1)
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    public_suffix (5.0.1)
+    public_suffix (7.0.5)
     rainbow (3.1.1)
     rake (13.0.6)
     regexp_parser (2.7.0)
@@ -46,7 +48,7 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rexml (3.2.5)
+    rexml (3.4.4)
     rspec (3.12.0)
       rspec-core (~> 3.12.0)
       rspec-expectations (~> 3.12.0)
@@ -95,23 +97,28 @@ GEM
       unf_ext
     unf_ext (0.0.8.2)
     unicode-display_width (2.4.2)
-    vcr (6.1.0)
+    vcr (6.4.0)
     webmock (3.18.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    yard (0.9.32)
+    yard (0.9.43)
 
 PLATFORMS
   arm64-darwin-24
+  arm64-darwin-25
   x86_64-linux
 
 DEPENDENCIES
+  addressable (>= 2.8.10)
   base64
   bigdecimal
   bundler (~> 2.4.6)
+  logger
+  ostruct
   pry (~> 0.14.1)
   rake (~> 13.0)
+  rexml (>= 3.4.4)
   rspec (~> 3.0)
   rspec_junit_formatter (~> 0.4.1)
   rubocop (~> 1.15)
@@ -119,9 +126,9 @@ DEPENDENCIES
   rubocop-rake (~> 0.5.1)
   rubocop-rspec (~> 2.3)
   simplecov (~> 0.21.2)
-  vcr (~> 6.1.0)
+  vcr (~> 6.4)
   webmock (~> 3.18)
-  yard (~> 0.9.26)
+  yard (~> 0.9.42)
   zerobounce-sdk!
 
 BUNDLED WITH

data/lib/zerobounce/version.rb

@@ -2,5 +2,5 @@
 
 module Zerobounce
   # The version of the gem.
-  VERSION = '2.1.0'
+  VERSION = '2.1.4'
 end

data/zerobounce.gemspec

@@ -31,6 +31,8 @@ Gem::Specification.new do |spec| # rubocop:disable Metrics/BlockLength
 
   spec.add_development_dependency 'base64' # stdlib gem on Ruby 3.4+
   spec.add_development_dependency 'bigdecimal' # required by crack (webmock) on Ruby 3.4+
+  spec.add_development_dependency 'ostruct' # stdlib gem on Ruby 3.5+ (json/simplecov load chain)
+  spec.add_development_dependency 'logger' # stdlib gem on Ruby 3.4+ (mime-types / rest-client load chain)
   spec.add_development_dependency 'bundler', '~> 2.4.6'
   spec.add_development_dependency 'pry', '~> 0.14.1'
   spec.add_development_dependency 'rake', '~> 13.0'
@@ -41,7 +43,7 @@ Gem::Specification.new do |spec| # rubocop:disable Metrics/BlockLength
   spec.add_development_dependency 'rubocop-rake', '~> 0.5.1'
   spec.add_development_dependency 'rubocop-rspec', '~> 2.3'
   spec.add_development_dependency 'simplecov', '~> 0.21.2'
-  spec.add_development_dependency 'yard', '~> 0.9.26'
+  spec.add_development_dependency 'yard', '~> 0.9.42'
   spec.add_development_dependency 'webmock', '~> 3.18'
-  spec.add_development_dependency 'vcr', '~> 6.1.0'
+  spec.add_development_dependency 'vcr', '~> 6.4'
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: zerobounce-sdk
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.1.4
 platform: ruby
 authors:
 - Zero Bounce
 bindir: exe
 cert_chain: []
-date: 2026-04-08 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -65,6 +65,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: ostruct
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: logger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -217,14 +245,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.26
+        version: 0.9.42
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.26
+        version: 0.9.42
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -245,14 +273,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.1.0
+        version: '6.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.1.0
+        version: '6.4'
 description: A Ruby client for Zerobounce.net.
 email:
 - integrations@zerobounce.net
@@ -324,7 +352,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.6
+rubygems_version: 4.0.8
 specification_version: 4
 summary: A Ruby client for Zerobounce.net.
 test_files: []