From 10457a4f52ffc03a8ef694002ce0ea61bb56f2be Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 19 Jul 2025 10:27:25 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-569156
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598
- https://snyk.io/vuln/SNYK-RUBY-RACKCONTRIB-7148535
- https://snyk.io/vuln/SNYK-RUBY-JQUERYRAILS-565439
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674179
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674176
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674184
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674192
- https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-2960802
- https://snyk.io/vuln/SNYK-RUBY-RACK-2848599
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1293239
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056551
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056552
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056553
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056554
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056555
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639
- https://snyk.io/vuln/SNYK-RUBY-RAILS-1071903
- https://snyk.io/vuln/SNYK-RUBY-RAKE-552000
- https://snyk.io/vuln/SNYK-RUBY-JSON-560838
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732769
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732779
- https://snyk.io/vuln/SNYK-RUBY-JQUERYRAILS-450225
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-534637
- https://snyk.io/vuln/SNYK-RUBY-RACK-10074187
- https://snyk.io/vuln/SNYK-RUBY-RACK-9398129
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-569599
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-569600
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-560837
- https://snyk.io/vuln/SNYK-RUBY-RACK-572377
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2840634
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2413994
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-459107
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-2803851
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1290052
- https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-1080913
- https://snyk.io/vuln/SNYK-RUBY-ACTIVERECORD-3237239
- https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168649
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1726792
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2620374
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630623
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630898
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880
- https://snyk.io/vuln/SNYK-RUBY-RACK-2848600
- https://snyk.io/vuln/SNYK-RUBY-RACK-3356639
- https://snyk.io/vuln/SNYK-RUBY-RACK-569066
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274385
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646
- https://snyk.io/vuln/SNYK-RUBY-TZINFO-2958048
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-1290051
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-569601
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-2400638
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-474102
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510795
- https://snyk.io/vuln/SNYK-RUBY-RACK-8720151
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10494060
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10494063
- https://snyk.io/vuln/SNYK-RUBY-ACTIONMAILER-8220269
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220162
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-8220268
- https://snyk.io/vuln/SNYK-RUBY-RACK-9058602
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-2935879
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3357693
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6228056
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168318
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237231
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-3237232
- https://snyk.io/vuln/SNYK-RUBY-ACTIVEJOB-72640
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242
- https://snyk.io/vuln/SNYK-RUBY-GLOBALID-3237234
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237240
- https://snyk.io/vuln/SNYK-RUBY-RACK-538324
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274383
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274384
- https://snyk.io/vuln/SNYK-RUBY-RAILTIES-20454
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9510789
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-5741907
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-632514
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-9789079
- https://snyk.io/vuln/SNYK-RUBY-ERUBIS-20482
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674188
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1055008
- https://snyk.io/vuln/SNYK-RUBY-RACK-10074188
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8453714
---
 Gemfile | 50 +++++++++++++++++++++++++-------------------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/Gemfile b/Gemfile
index b3b7d3924..ef70976c9 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,24 +4,24 @@ RAILS_VERSION = '~> 4.2.10'
 
 send :ruby, ENV['GEMFILE_RUBY_VERSION'] if ENV['GEMFILE_RUBY_VERSION']
 
-gem 'actionmailer', RAILS_VERSION
-gem 'actionpack', RAILS_VERSION
-gem 'railties', RAILS_VERSION
+gem 'actionmailer', '>= 7.1.0', RAILS_VERSION
+gem 'actionpack', '>= 7.1.0', RAILS_VERSION
+gem 'railties', '>= 7.1.0', RAILS_VERSION
 
 gem 'actionmailer_inline_css'
-gem 'decent_exposure'
-gem 'devise', '~> 4.4.0'
-gem 'dotenv-rails'
-gem 'draper'
+gem 'decent_exposure', '>= 3.0.3'
+gem 'devise', '~> 4.7.0'
+gem 'dotenv-rails', '>= 2.7.6'
+gem 'draper', '>= 3.1.0'
 gem 'errbit_plugin'
-gem 'errbit_github_plugin'
-gem 'font-awesome-rails'
+gem 'errbit_github_plugin', '>= 0.4.0'
+gem 'font-awesome-rails', '>= 4.7.0.8'
 gem 'haml'
 gem 'htmlentities'
-gem 'kaminari'
-gem 'kaminari-mongoid'
-gem 'mongoid', '~> 5.4'
-gem 'mongoid_rails_migrations'
+gem 'kaminari', '>= 1.2.0'
+gem 'kaminari-mongoid', '>= 1.0.2'
+gem 'mongoid', '~> 7.0', '>= 7.0.12'
+gem 'mongoid_rails_migrations', '>= 1.2.1'
 gem 'rack-ssl', require: 'rack/ssl' # force SSL
 gem 'rack-ssl-enforcer', require: false
 gem 'rails_autolink', '>= 1.1.8'
@@ -50,9 +50,9 @@ gem 'flowdock'
 # Authentication
 # ---------------------------------------
 # GitHub OAuth
-gem 'omniauth-github'
+gem 'omniauth-github', '>= 2.0.0'
 # Google OAuth
-gem 'omniauth-google-oauth2'
+gem 'omniauth-google-oauth2', '>= 0.6.0'
 
 gem 'ri_cal'
 gem 'yajl-ruby', platform: 'ruby'
@@ -67,25 +67,25 @@ group :development, :test do
 end
 
 group :development do
-  gem 'better_errors'
+  gem 'better_errors', '>= 2.5.1'
   gem 'binding_of_caller', platform: 'ruby'
-  gem 'meta_request'
+  gem 'meta_request', '>= 0.8.0'
 end
 
 group :test do
   gem 'rake'
   gem 'rspec'
-  gem 'rspec-rails', '>= 8.0.0', require: false
-  gem 'rspec-activemodel-mocks'
-  gem 'mongoid-rspec', require: false
+  gem 'rspec-rails', '>= 3.8.2', require: false
+  gem 'rspec-activemodel-mocks', '>= 1.2.0'
+  gem 'mongoid-rspec', '>= 4.0.0', require: false
   gem 'fabrication'
-  gem 'capybara'
+  gem 'capybara', '>= 3.13.0'
   gem 'poltergeist'
   gem 'phantomjs'
   gem 'launchy'
-  gem 'email_spec'
+  gem 'email_spec', '>= 2.0.0'
   gem 'timecop'
-  gem 'coveralls', require: false
+  gem 'coveralls', '>= 0.8.23', require: false
 end
 
 group :heroku, :production do
@@ -99,8 +99,8 @@ end
 gem 'puma'
 gem 'sass-rails', '>= 6.0.0'
 gem 'uglifier'
-gem 'jquery-rails'
-gem 'pjax_rails'
+gem 'jquery-rails', '>= 4.3.4'
+gem 'pjax_rails', '>= 0.5.0'
 gem 'underscore-rails'
 
 gem 'sucker_punch'