From 81680b23f5a864eaae2f5fb315904505b3e4f809 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 15 Nov 2023 08:10:58 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056551
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056552
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056553
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056554
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056555
---
 Gemfile      |  2 +-
 Gemfile.lock | 61 ++++++++++++++++++++++++++++------------------------
 2 files changed, 34 insertions(+), 29 deletions(-)

diff --git a/Gemfile b/Gemfile
index eaaf55a4..61d3edc2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -3,4 +3,4 @@ source :rubygems
 gem "sinatra"
 gem "haml"
 gem "httparty"
-gem "actionpack"
+gem "actionpack", ">= 4.2.5.1"
diff --git a/Gemfile.lock b/Gemfile.lock
index c204545a..ce7fea9b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,71 +1,76 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    actionpack (4.2.5)
-      actionview (= 4.2.5)
-      activesupport (= 4.2.5)
+    actionpack (4.2.11.3)
+      actionview (= 4.2.11.3)
+      activesupport (= 4.2.11.3)
       rack (~> 1.6)
       rack-test (~> 0.6.2)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.5)
-      activesupport (= 4.2.5)
+    actionview (4.2.11.3)
+      activesupport (= 4.2.11.3)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activesupport (4.2.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activesupport (4.2.11.3)
       i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
-    builder (3.2.2)
+    builder (3.2.4)
+    concurrent-ruby (1.2.2)
+    crass (1.0.6)
     erubis (2.7.0)
     haml (3.1.4)
     httparty (0.8.1)
       multi_json
       multi_xml
-    i18n (0.7.0)
-    json (1.8.3)
-    loofah (2.0.3)
-      nokogiri (>= 1.5.9)
-    mini_portile2 (2.1.0)
-    minitest (5.9.1)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    loofah (2.22.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.12.0)
+    mini_portile2 (2.8.5)
+    minitest (5.20.0)
     multi_json (1.12.1)
     multi_xml (0.5.5)
-    nokogiri (1.6.8.1)
-      mini_portile2 (~> 2.1.0)
-    rack (1.6.4)
+    nokogiri (1.15.4)
+      mini_portile2 (~> 2.8.2)
+      racc (~> 1.4)
+    racc (1.7.3)
+    rack (1.6.13)
     rack-protection (1.5.3)
       rack
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails-deprecated_sanitizer (1.0.3)
+    rails-deprecated_sanitizer (1.0.4)
       activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
-      activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
+    rails-dom-testing (1.0.9)
+      activesupport (>= 4.2.0, < 5.0)
+      nokogiri (~> 1.6)
       rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
     sinatra (1.3.2)
       rack (~> 1.3, >= 1.3.6)
       rack-protection (~> 1.2)
       tilt (~> 1.3, >= 1.3.3)
-    thread_safe (0.3.5)
+    thread_safe (0.3.6)
     tilt (1.4.1)
-    tzinfo (1.2.2)
+    tzinfo (1.2.11)
       thread_safe (~> 0.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  actionpack
+  actionpack (>= 4.2.5.1)
   haml
   httparty
   sinatra
 
 BUNDLED WITH
-   1.13.2
+   1.17.3