From 65210392c7c34bd34d97f582e1f00bc85c28dd30 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 23 Sep 2025 03:20:35 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-8720151
- https://snyk.io/vuln/SNYK-RUBY-RACK-10074187
- https://snyk.io/vuln/SNYK-RUBY-RACK-9398129
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8447886
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8448218
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8448407
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8448516
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-8454495
- https://snyk.io/vuln/SNYK-RUBY-RACKSESSION-10074669
- https://snyk.io/vuln/SNYK-RUBY-RACK-9058602
---
 Gemfile      |   6 +-
 Gemfile.lock | 210 +--------------------------------------------------
 2 files changed, 4 insertions(+), 212 deletions(-)

diff --git a/Gemfile b/Gemfile
index a69b335..1eff00a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -11,15 +11,15 @@ gemspec
 
 lockfile "activerecord-7.1" do
   gem "activerecord", "~> 7.1.0"
-  gem "railties", "~> 7.1.0"
+  gem "railties", "~> 8.0.3"
 end
 
 lockfile "activerecord-7.2" do
   gem "activerecord", "~> 7.2.0"
-  gem "railties", "~> 7.2.0"
+  gem "railties", "~> 8.0.3"
 end
 
 lockfile do
   gem "activerecord", "~> 8.0.0"
-  gem "railties", "~> 8.0.0"
+  gem "railties", "~> 8.0.3"
 end
diff --git a/Gemfile.lock b/Gemfile.lock
index 6a9a7ca..01ab38c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,200 +1,6 @@
-PATH
-  remote: .
-  specs:
-    switchman (4.2.1)
-      activerecord (>= 7.1, < 8.1)
-      guardrail (~> 3.1.0)
-      parallel (~> 1.22)
-      railties (>= 7.1, < 8.1)
-
 GEM
   remote: http://rubygems.org/
   specs:
-    actionpack (8.0.2.1)
-      actionview (= 8.0.2.1)
-      activesupport (= 8.0.2.1)
-      nokogiri (>= 1.8.5)
-      rack (>= 2.2.4)
-      rack-session (>= 1.0.1)
-      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
-      useragent (~> 0.16)
-    actionview (8.0.2.1)
-      activesupport (= 8.0.2.1)
-      builder (~> 3.1)
-      erubi (~> 1.11)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
-    activemodel (8.0.2.1)
-      activesupport (= 8.0.2.1)
-    activerecord (8.0.2.1)
-      activemodel (= 8.0.2.1)
-      activesupport (= 8.0.2.1)
-      timeout (>= 0.4.0)
-    activesupport (8.0.2.1)
-      base64
-      benchmark (>= 0.3)
-      bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.3.1)
-      connection_pool (>= 2.2.5)
-      drb
-      i18n (>= 1.6, < 2)
-      logger (>= 1.4.2)
-      minitest (>= 5.1)
-      securerandom (>= 0.3)
-      tzinfo (~> 2.0, >= 2.0.5)
-      uri (>= 0.13.1)
-    ast (2.4.2)
-    base64 (0.2.0)
-    benchmark (0.4.0)
-    bigdecimal (3.1.7)
-    builder (3.2.4)
-    concurrent-ruby (1.3.5)
-    connection_pool (2.4.1)
-    crass (1.0.6)
-    debug (1.9.1)
-      irb (~> 1.10)
-      reline (>= 0.3.8)
-    diff-lcs (1.5.1)
-    docile (1.4.0)
-    drb (2.2.1)
-    erubi (1.12.0)
-    guardrail (3.1.0)
-      activerecord (>= 6.1, < 8.1)
-      railties (>= 6.1, < 8.1)
-    i18n (1.14.4)
-      concurrent-ruby (~> 1.0)
-    io-console (0.7.2)
-    irb (1.15.1)
-      pp (>= 0.6.0)
-      rdoc (>= 4.0.0)
-      reline (>= 0.4.2)
-    json (2.10.1)
-    language_server-protocol (3.17.0.4)
-    lint_roller (1.1.0)
-    logger (1.6.5)
-    loofah (2.22.0)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
-    mini_portile2 (2.8.5)
-    minitest (5.22.3)
-    nokogiri (1.18.3)
-      mini_portile2 (~> 2.8.2)
-      racc (~> 1.4)
-    nokogiri (1.18.3-aarch64-linux-gnu)
-      racc (~> 1.4)
-    nokogiri (1.18.3-arm64-darwin)
-      racc (~> 1.4)
-    nokogiri (1.18.3-x86_64-darwin)
-      racc (~> 1.4)
-    nokogiri (1.18.3-x86_64-linux-gnu)
-      racc (~> 1.4)
-    parallel (1.26.3)
-    parser (3.3.7.1)
-      ast (~> 2.4.1)
-      racc
-    pg (1.5.6)
-    pp (0.6.2)
-      prettyprint
-    prettyprint (0.2.0)
-    psych (5.1.2)
-      stringio
-    racc (1.8.1)
-    rack (3.0.9.1)
-    rack-session (2.0.0)
-      rack (>= 3.0.0)
-    rack-test (2.1.0)
-      rack (>= 1.3)
-    rackup (2.2.1)
-      rack (>= 3)
-    rails-dom-testing (2.2.0)
-      activesupport (>= 5.0.0)
-      minitest
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.0)
-      loofah (~> 2.21)
-      nokogiri (~> 1.14)
-    railties (8.0.2.1)
-      actionpack (= 8.0.2.1)
-      activesupport (= 8.0.2.1)
-      irb (~> 1.13)
-      rackup (>= 1.0.0)
-      rake (>= 12.2)
-      thor (~> 1.0, >= 1.2.2)
-      zeitwerk (~> 2.6)
-    rainbow (3.1.1)
-    rake (13.1.0)
-    rdoc (6.6.2)
-      psych (>= 4.0.0)
-    regexp_parser (2.10.0)
-    reline (0.4.3)
-      io-console (~> 0.5)
-    rspec-core (3.13.0)
-      rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.13.0)
-    rspec-rails (6.1.2)
-      actionpack (>= 6.1)
-      activesupport (>= 6.1)
-      railties (>= 6.1)
-      rspec-core (~> 3.13)
-      rspec-expectations (~> 3.13)
-      rspec-mocks (~> 3.13)
-      rspec-support (~> 3.13)
-    rspec-support (3.13.1)
-    rubocop (1.72.2)
-      json (~> 2.3)
-      language_server-protocol (~> 3.17.0.2)
-      lint_roller (~> 1.1.0)
-      parallel (~> 1.10)
-      parser (>= 3.3.0.2)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 2.9.3, < 3.0)
-      rubocop-ast (>= 1.38.0, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.38.0)
-      parser (>= 3.3.1.0)
-    rubocop-inst (1.2.0)
-      rubocop (~> 1.72, >= 1.72.1)
-      rubocop-performance (~> 1.24)
-    rubocop-performance (1.24.0)
-      lint_roller (~> 1.1)
-      rubocop (>= 1.72.1, < 2.0)
-      rubocop-ast (>= 1.38.0, < 2.0)
-    rubocop-rake (0.7.1)
-      lint_roller (~> 1.1)
-      rubocop (>= 1.72.1)
-    rubocop-rspec (3.5.0)
-      lint_roller (~> 1.1)
-      rubocop (~> 1.72, >= 1.72.1)
-    rubocop-rspec_rails (2.30.0)
-      rubocop (~> 1.61)
-      rubocop-rspec (~> 3, >= 3.0.1)
-    ruby-progressbar (1.13.0)
-    securerandom (0.3.2)
-    simplecov (0.22.0)
-      docile (~> 1.1)
-      simplecov-html (~> 0.11)
-      simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.12.3)
-    simplecov_json_formatter (0.1.4)
-    stringio (3.1.0)
-    thor (1.4.0)
-    timeout (0.4.3)
-    tzinfo (2.0.6)
-      concurrent-ruby (~> 1.0)
-    unicode-display_width (3.1.4)
-      unicode-emoji (~> 4.0, >= 4.0.4)
-    unicode-emoji (4.0.4)
-    uri (1.0.3)
-    useragent (0.16.11)
-    zeitwerk (2.7.3)
 
 PLATFORMS
   aarch64-linux
@@ -204,20 +10,6 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
-  activerecord (~> 8.0.0)
-  debug (~> 1.8)
-  pg (~> 1.2)
-  railties (~> 8.0.0)
-  rake (~> 13.0)
-  rspec-mocks (~> 3.5)
-  rspec-rails (~> 6.0)
-  rubocop (~> 1.10)
-  rubocop-inst (~> 1)
-  rubocop-rake (~> 0.5)
-  rubocop-rspec (~> 3.0)
-  rubocop-rspec_rails (~> 2.29)
-  simplecov (~> 0.15)
-  switchman!
 
 BUNDLED WITH
-   2.4.19
+   2.3.26