From 4d26a10592ba123d0bdb7f6ed67edebc667843ad Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 9 Dec 2024 19:37:39 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8453714
---
 Gemfile      | 2 +-
 Gemfile.lock | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Gemfile b/Gemfile
index c78af002..f4bac85c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -70,7 +70,7 @@ gem 'rack-maintenance', '~> 3.0'
 gem 'auth0', '~> 4.17', require: false
 
 # Locking above vulnerable version https://nvd.nist.gov/vuln/detail/CVE-2019-5477
-gem 'nokogiri', '>= 1.16.5'
+gem 'nokogiri', '>= 1.16.8'
 
 group :development, :test do
   gem 'brakeman', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index cee10216..cbf6696f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -259,7 +259,7 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2023.0808)
     mini_mime (1.1.5)
-    mini_portile2 (2.8.7)
+    mini_portile2 (2.8.8)
     mini_racer (0.8.0)
       libv8-node (~> 18.16.0.0)
     minitest (5.24.1)
@@ -278,7 +278,7 @@ GEM
       net-protocol
     netrc (0.11.0)
     nio4r (2.7.3)
-    nokogiri (1.16.5)
+    nokogiri (1.17.0)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     oauth2 (2.0.9)
@@ -322,7 +322,7 @@ GEM
     public_suffix (6.0.0)
     puma (6.4.2)
       nio4r (~> 2.0)
-    racc (1.8.0)
+    racc (1.8.1)
     rack (3.1.7)
     rack-maintenance (3.0.0)
       rack (>= 2.1.4)
@@ -516,7 +516,7 @@ DEPENDENCIES
   listen (~> 3.5, >= 3.5.1)
   lograge (>= 0.13.0)
   mini_racer
-  nokogiri (>= 1.16.5)
+  nokogiri (>= 1.16.8)
   omniauth (>= 2.1.2)
   omniauth-auth0 (~> 2.1.0)
   omniauth-rails_csrf_protection (>= 1.0.2)