From 3a0241238d1536265888b05f1f840367e261e7f9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 19 Feb 2025 16:12:22 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732769
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732779
- https://snyk.io/vuln/SNYK-RUBY-RACK-8720151
---
 Gemfile | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/Gemfile b/Gemfile
index b897dc0a7412c..10c506443c4c4 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gem 'rails', '4.2.6'
+gem 'rails', '7.0.0'
 gem 'rails-deprecated_sanitizer', '~> 1.0.3'
 
 # Responders respond_to and respond_with
@@ -61,22 +61,22 @@ gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: "omniauth-ldap"
 
 # Git Wiki
 # Required manually in config/initializers/gollum.rb to control load order
-gem 'gollum-lib', '~> 4.1.0', require: false
+gem 'gollum-lib', '~> 5.0.0', require: false
 gem 'gollum-rugged_adapter', '~> 0.4.2', require: false
 
 # Language detection
 gem "github-linguist", "~> 4.7.0", require: "linguist"
 
 # API
-gem 'grape',        '~> 0.13.0'
+gem 'grape', '~> 2.1.0'
 gem 'grape-entity', '~> 0.4.2'
 gem 'rack-cors',    '~> 0.4.0', require: 'rack/cors'
 
 # Pagination
-gem "kaminari", "~> 0.16.3"
+gem "kaminari", "~> 1.0.0"
 
 # HAML
-gem "haml-rails", '~> 0.9.0'
+gem "haml-rails", "~> 2.1.0"
 
 # Files attachments
 gem "carrierwave", '~> 0.10.0'
@@ -85,7 +85,7 @@ gem "carrierwave", '~> 0.10.0'
 gem 'dropzonejs-rails', '~> 0.7.1'
 
 # for aws storage
-gem "fog", "~> 1.36.0"
+gem "fog", "~> 1.37.0"
 gem "unf", '~> 0.1.4'
 
 # Authorization
@@ -95,7 +95,7 @@ gem "six", '~> 0.2.0'
 gem "seed-fu", '~> 2.3.5'
 
 # Markdown and HTML processing
-gem 'html-pipeline', '~> 1.11.0'
+gem 'html-pipeline', '~> 3.0.0'
 gem 'task_list',     '~> 1.0.2', require: 'task_list/railtie'
 gem 'github-markup', '~> 1.3.1'
 gem 'redcarpet',     '~> 3.3.3'
@@ -109,14 +109,14 @@ gem 'rouge',         '~> 1.10.1'
 
 # See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
 # and https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
-gem 'nokogiri', '~> 1.6.7', '>= 1.6.7.2'
+gem 'nokogiri', '~> 1.18.3'
 
 # Diffs
 gem 'diffy', '~> 3.0.3'
 
 # Application server
 group :unicorn do
-  gem "unicorn", '~> 4.9.0'
+  gem "unicorn", "~> 5.1.0"
   gem 'unicorn-worker-killer', '~> 0.4.2'
 end
 
@@ -203,10 +203,10 @@ gem 'mousetrap-rails', '~> 1.4.6'
 # Detect and convert string character encoding
 gem 'charlock_holmes', '~> 0.7.3'
 
-gem "sass-rails", '~> 5.0.0'
+gem "sass-rails", "~> 6.0.0"
 gem "coffee-rails", '~> 4.1.0'
 gem "uglifier", '~> 2.7.2'
-gem 'turbolinks', '~> 2.5.0'
+gem 'turbolinks', '~> 5.0.0'
 gem 'jquery-turbolinks', '~> 2.1.0'
 
 gem 'addressable',        '~> 2.3.8'
@@ -245,7 +245,7 @@ group :development do
   gem 'rerun', '~> 0.11.0'
   gem 'bullet', require: false
   gem 'rblineprof', platform: :mri, require: false
-  gem 'web-console', '~> 2.0'
+  gem 'web-console', '~> 3.0', '>= 3.0.0'
 
   # Better errors handler
   gem 'better_errors', '~> 1.0.1'
@@ -333,4 +333,4 @@ gem 'oauth2', '~> 1.0.0'
 gem "paranoia", "~> 2.0"
 
 # Health check
-gem 'health_check', '~> 1.5.1'
+gem 'health_check', '~> 1.7.2'