Merge pull request #441 from wordpress-mobile/dependabot/bundler/activesupport-6.1.7.1

Update activesupport requirement from ~> 5 to >= 5, < 8

Author: jkmassel

CHANGELOG.md

@@ -18,7 +18,7 @@ _None_
 
 ### Internal Changes
 
-_None_
+- Updates `activesupport` to `6.1.7.1`, addressing [a security issue](https://github.com/advisories/GHSA-j6gc-792m-qgm2). This is a major version change, but as the dependency is internal-only, it shouldn't be a breaking change for clients. [#441]
 
 ## 6.3.0
 

Gemfile.lock

@@ -2,7 +2,7 @@ PATH
   remote: .
   specs:
     fastlane-plugin-wpmreleasetoolkit (6.3.0)
-      activesupport (~> 5)
+      activesupport (>= 6.1.7.1)
       bigdecimal (~> 1.4)
       buildkit (~> 1.5)
       chroma (= 0.2.0)
@@ -22,11 +22,12 @@ GEM
   specs:
     CFPropertyList (3.0.5)
       rexml
-    activesupport (5.2.6)
+    activesupport (6.1.7.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
     addressable (2.8.1)
       public_suffix (>= 2.0.2, < 6.0)
     algoliasearch (1.27.5)
@@ -105,7 +106,7 @@ GEM
     colored2 (3.1.2)
     commander (4.6.0)
       highline (~> 2.0.0)
-    concurrent-ruby (1.1.9)
+    concurrent-ruby (1.1.10)
     cork (0.3.0)
       colored2 (~> 3.1)
     crack (0.4.5)
@@ -260,7 +261,7 @@ GEM
     http-cookie (1.0.5)
       domain_name (~> 0.5)
     httpclient (2.8.3)
-    i18n (1.8.10)
+    i18n (1.12.0)
       concurrent-ruby (~> 1.0)
     jmespath (1.6.1)
     json (2.6.2)
@@ -274,7 +275,7 @@ GEM
     mini_magick (4.11.0)
     mini_mime (1.1.2)
     mini_portile2 (2.8.0)
-    minitest (5.14.4)
+    minitest (5.17.0)
     molinillo (0.8.0)
     multi_json (1.15.0)
     multipart-post (2.0.0)
@@ -378,16 +379,15 @@ GEM
     simplecov-html (0.10.2)
     terminal-notifier (2.0.0)
     terminal-table (1.6.0)
-    thread_safe (0.3.6)
     trailblazer-option (0.1.2)
     tty-cursor (0.7.1)
     tty-screen (0.8.1)
     tty-spinner (0.9.3)
       tty-cursor (~> 0.7)
     typhoeus (1.4.0)
       ethon (>= 0.9.0)
-    tzinfo (1.2.10)
-      thread_safe (~> 0.1)
+    tzinfo (2.0.5)
+      concurrent-ruby (~> 1.0)
     uber (0.1.0)
     unf (0.1.4)
       unf_ext
@@ -412,6 +412,7 @@ GEM
     xcpretty-travis-formatter (1.0.1)
       xcpretty (~> 0.2, >= 0.0.7)
     yard (0.9.26)
+    zeitwerk (2.6.6)
 
 PLATFORMS
   ruby

fastlane-plugin-wpmreleasetoolkit.gemspec

@@ -25,7 +25,7 @@ Gem::Specification.new do |spec|
   # since this would cause a circular dependency
 
   # spec.add_dependency 'your-dependency', '~> 1.0.0'
-  spec.add_dependency 'activesupport', '~> 5'
+  spec.add_dependency 'activesupport', '>= 6.1.7.1'
   spec.add_dependency 'buildkit', '~> 1.5'
   spec.add_dependency 'chroma', '0.2.0'
   spec.add_dependency 'diffy', '~> 3.3'
@@ -50,7 +50,7 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency 'bundler', '~> 2.0'
   spec.add_development_dependency 'cocoapods', '~> 1.10'
-  # Use at least Fastlene 2.210.0 to ensure compatibility with the Xcode 14 toolchain
+  # Use at least Fastlane 2.210.0 to ensure compatibility with the Xcode 14 toolchain
   # See https://github.com/fastlane/fastlane/releases/tag/2.210.0
   spec.add_development_dependency 'fastlane', '~> 2.210'
   spec.add_development_dependency 'pry', '~> 0.12.2'