From 8878936cd2f0aeda8ea0b34b4325ca3e23b9d723 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 4 Apr 2024 21:02:24 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-6274386
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274383
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274384
---
 Gemfile      |  4 ++--
 Gemfile.lock | 64 ++++++++++++++++++++++++++++++++++++++++++++--------
 2 files changed, 57 insertions(+), 11 deletions(-)

diff --git a/Gemfile b/Gemfile
index c5c59f73..74b15b39 100644
--- a/Gemfile
+++ b/Gemfile
@@ -7,9 +7,9 @@ group :development do
 end
 
 group :test do
-  gem 'actionpack', '~>2.3.8'
+  gem 'actionpack', '~> 7.0.8', '>= 7.0.8.1'
   gem 'mocha', '>=0.9.8'
-  gem 'typhoeus', '>=0.1.13'
+  gem 'typhoeus', '>= 0.2.0'
   gem 'em-http-request', "0.2.11"
   gem 'curb', ">= 0.6.6.0"
   gem 'webmock'
diff --git a/Gemfile.lock b/Gemfile.lock
index 7bdaa94e..c552aeef 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,33 +1,76 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    actionpack (2.3.8)
-      activesupport (= 2.3.8)
-      rack (~> 1.1.0)
-    activesupport (2.3.8)
+    actionpack (7.0.8.1)
+      actionview (= 7.0.8.1)
+      activesupport (= 7.0.8.1)
+      rack (~> 2.0, >= 2.2.4)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actionview (7.0.8.1)
+      activesupport (= 7.0.8.1)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activesupport (7.0.8.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
     addressable (2.2.0)
+    builder (3.2.4)
+    concurrent-ruby (1.2.3)
     crack (0.1.8)
+    crass (1.0.6)
     curb (0.7.7.1)
     em-http-request (0.2.11)
       addressable (>= 2.0.0)
       eventmachine (>= 0.12.9)
+    erubi (1.12.0)
+    ethon (0.16.0)
+      ffi (>= 1.15.0)
     eventmachine (0.12.10)
+    ffi (1.16.3)
     gemcutter (0.4.1)
       json_pure
     git (1.2.5)
+    i18n (1.14.4)
+      concurrent-ruby (~> 1.0)
     jeweler (1.4.0)
       gemcutter (>= 0.1.0)
       git (>= 1.2.5)
       rubyforge (>= 2.0.0)
     json_pure (1.4.3)
+    loofah (2.22.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.12.0)
+    mini_portile2 (2.8.5)
+    minitest (5.22.3)
     mocha (0.9.8)
       rake
-    rack (1.1.0)
+    nokogiri (1.15.6)
+      mini_portile2 (~> 2.8.2)
+      racc (~> 1.4)
+    racc (1.7.3)
+    rack (2.2.9)
+    rack-test (2.1.0)
+      rack (>= 1.3)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
     rake (0.8.7)
     rubyforge (2.0.4)
       json_pure (>= 1.1.7)
-    typhoeus (0.1.31)
-      rack
+    typhoeus (1.4.1)
+      ethon (>= 0.9.0)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
     webmock (1.3.5)
       addressable (>= 2.1.1)
       crack (>= 0.1.7)
@@ -36,11 +79,14 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  actionpack (~> 2.3.8)
+  actionpack (~> 7.0.8, >= 7.0.8.1)
   curb (>= 0.6.6.0)
   em-http-request (= 0.2.11)
   jeweler
   mocha (>= 0.9.8)
   rake
-  typhoeus (>= 0.1.13)
+  typhoeus (>= 0.2.0)
   webmock
+
+BUNDLED WITH
+   2.1.4