From 472c2ed7487acc5b7c63175894984d2510df8af8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 2 Aug 2024 03:58:48 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577227
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577228
---
 Gemfile      |  2 +-
 Gemfile.lock | 26 ++++++++++++++++----------
 2 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/Gemfile b/Gemfile
index 45b8ebd..9bac02c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -47,7 +47,7 @@ group :test do
   gem 'rails-controller-testing'
   gem 'vcr'
   gem 'webdrivers'
-  gem 'webmock'
+  gem 'webmock', '>= 3.11.2'
 end
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
diff --git a/Gemfile.lock b/Gemfile.lock
index cf75eaa..ee06f2d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -60,9 +60,10 @@ GEM
       minitest (>= 5.1)
       tzinfo (~> 2.0)
       zeitwerk (~> 2.3)
-    addressable (2.7.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     bcrypt (3.1.16)
+    bigdecimal (3.1.8)
     bindex (0.8.1)
     bootsnap (1.5.1)
       msgpack (~> 1.0)
@@ -70,7 +71,8 @@ GEM
     byebug (11.1.3)
     childprocess (3.0.0)
     concurrent-ruby (1.1.8)
-    crack (0.4.5)
+    crack (1.0.0)
+      bigdecimal
       rexml
     crass (1.0.6)
     diff-lcs (1.4.4)
@@ -94,7 +96,7 @@ GEM
     ffi (1.14.2-x64-mingw32)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
-    hashdiff (1.0.1)
+    hashdiff (1.1.0)
     i18n (1.8.9)
       concurrent-ruby (~> 1.0)
     jbuilder (2.10.1)
@@ -127,9 +129,11 @@ GEM
       racc (~> 1.4)
     nokogiri (1.11.2-x64-mingw32)
       racc (~> 1.4)
+    nokogiri (1.11.2-x86_64-darwin)
+      racc (~> 1.4)
     nokogiri (1.11.2-x86_64-linux)
       racc (~> 1.4)
-    public_suffix (4.0.6)
+    public_suffix (6.0.1)
     puma (5.1.1)
       nio4r (~> 2.0)
     racc (1.5.2)
@@ -172,7 +176,8 @@ GEM
     rb-fsevent (0.10.4)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rexml (3.2.4)
+    rexml (3.3.4)
+      strscan
     rspec-core (3.10.1)
       rspec-support (~> 3.10.0)
     rspec-expectations (3.10.1)
@@ -216,6 +221,7 @@ GEM
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
     sqlite3 (1.4.2)
+    strscan (3.1.0)
     thor (1.1.0)
     tilt (2.0.10)
     turbolinks (5.2.1)
@@ -241,8 +247,8 @@ GEM
       nokogiri (~> 1.6)
       rubyzip (>= 1.3.0)
       selenium-webdriver (>= 3.0, < 4.0)
-    webmock (3.11.1)
-      addressable (>= 2.3.6)
+    webmock (3.23.1)
+      addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
     websocket-driver (0.7.3)
@@ -280,10 +286,10 @@ DEPENDENCIES
   vcr
   web-console (>= 4.1.0)
   webdrivers
-  webmock
+  webmock (>= 3.11.2)
 
 RUBY VERSION
    ruby 3.0.0p0
 
 BUNDLED WITH
-   2.2.6
+   2.2.3