From 2afc2bc28ce715fae5fd2c46e1b0c5034e733525 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Dec 2025 12:18:00 +0000 Subject: [PATCH] build(deps): bump nokogiri from 1.14.5 to 1.19.0 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.5 to 1.19.0. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.5...v1.19.0) --- updated-dependencies: - dependency-name: nokogiri dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/Gemfile b/Gemfile index fef3cff..cddad37 100644 --- a/Gemfile +++ b/Gemfile @@ -9,7 +9,7 @@ gem "puma", "~> 6.0" gem "bootsnap", ">= 1.4.4", require: false # Vulnerable dependencies for testing -gem "nokogiri", "~> 1.14.0" # Vulnerable version with known CVEs +gem "nokogiri", "~> 1.19.0" # Vulnerable version with known CVEs group :development, :test do gem "byebug", platforms: [:mri, :mingw, :x64_mingw] diff --git a/Gemfile.lock b/Gemfile.lock index 32da337..bd9ac94 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -118,7 +118,6 @@ GEM net-smtp marcel (1.1.0) mini_mime (1.1.5) - mini_portile2 (2.8.9) minitest (5.25.5) msgpack (1.8.0) mutex_m (0.3.0) @@ -132,10 +131,9 @@ GEM net-smtp (0.5.1) net-protocol nio4r (2.7.4) - nokogiri (1.14.5) - mini_portile2 (~> 2.8.0) + nokogiri (1.19.0-arm64-darwin) racc (~> 1.4) - nokogiri (1.18.10-x86_64-linux-gnu) + nokogiri (1.19.0-x86_64-linux-gnu) racc (~> 1.4) pp (0.6.2) prettyprint @@ -220,7 +218,7 @@ DEPENDENCIES bootsnap (>= 1.4.4) byebug listen (~> 3.3) - nokogiri (~> 1.14.0) + nokogiri (~> 1.19.0) puma (~> 6.0) rails (~> 7.1.0) spring