From 30e1ec51bb913c1072640aab38ac9a3de2399261 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 2 Aug 2024 03:39:34 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577227
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577228
---
 Gemfile      |  2 +-
 Gemfile.lock | 26 +++++++++++++++-----------
 2 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/Gemfile b/Gemfile
index dc7861d..4ca5788 100644
--- a/Gemfile
+++ b/Gemfile
@@ -43,7 +43,7 @@ group :test do
   gem 'selenium-webdriver'
   # Easy installation and use of web drivers to run system tests with browsers
   gem 'webdrivers'
-  gem 'webmock'
+  gem 'webmock', '>= 3.13.0'
   gem 'vcr'
 end
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 0c6e473..a59bcdb 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -60,10 +60,11 @@ GEM
       minitest (>= 5.1)
       tzinfo (~> 2.0)
       zeitwerk (~> 2.3)
-    addressable (2.7.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     autoprefixer-rails (10.2.4.0)
       execjs
+    bigdecimal (3.1.8)
     bindex (0.8.1)
     bootsnap (1.7.3)
       msgpack (~> 1.0)
@@ -83,7 +84,8 @@ GEM
       xpath (~> 3.2)
     childprocess (3.0.0)
     concurrent-ruby (1.1.8)
-    crack (0.4.5)
+    crack (1.0.0)
+      bigdecimal
       rexml
     crass (1.0.6)
     diff-lcs (1.4.4)
@@ -102,7 +104,7 @@ GEM
     ffi (1.15.0-x64-mingw32)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
-    hashdiff (1.0.1)
+    hashdiff (1.1.0)
     i18n (1.8.10)
       concurrent-ruby (~> 1.0)
     jbuilder (2.11.2)
@@ -132,7 +134,7 @@ GEM
     nokogiri (1.11.2-x86_64-linux)
       racc (~> 1.4)
     popper_js (1.16.0)
-    public_suffix (4.0.6)
+    public_suffix (6.0.1)
     puma (5.2.2)
       nio4r (~> 2.0)
     racc (1.5.2)
@@ -174,7 +176,8 @@ GEM
     rb-inotify (0.10.1)
       ffi (~> 1.0)
     regexp_parser (2.1.1)
-    rexml (3.2.5)
+    rexml (3.3.4)
+      strscan
     rspec-core (3.10.1)
       rspec-support (~> 3.10.0)
     rspec-expectations (3.10.1)
@@ -216,6 +219,7 @@ GEM
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
+    strscan (3.1.0)
     thor (1.1.0)
     tilt (2.0.10)
     turbolinks (5.2.1)
@@ -239,8 +243,8 @@ GEM
       nokogiri (~> 1.6)
       rubyzip (>= 1.3.0)
       selenium-webdriver (>= 3.0, < 4.0)
-    webmock (3.12.2)
-      addressable (>= 2.3.6)
+    webmock (3.23.1)
+      addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
     webpacker (5.2.1)
@@ -270,7 +274,7 @@ DEPENDENCIES
   listen (~> 3.3)
   puma (~> 5.0)
   rack-mini-profiler (~> 2.0)
-  rails (~> 6.1.3.1)
+  rails (~> 6.1)
   rspec-rails
   selenium-webdriver
   spring
@@ -280,11 +284,11 @@ DEPENDENCIES
   vcr
   web-console (>= 4.1.0)
   webdrivers
-  webmock
+  webmock (>= 3.13.0)
   webpacker (~> 5.0)
 
 RUBY VERSION
    ruby 3.0.0p0
 
 BUNDLED WITH
-   2.2.6
+   2.2.3