From 209660914fe4b9236184506ca69faa51567cdcf8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 15 Nov 2023 15:06:35 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056551
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056552
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056553
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056554
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-6056555
---
 Gemfile | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/Gemfile b/Gemfile
index ae5d736..ab7a054 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,24 +4,24 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 ruby '2.5.1'
 
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem 'rails', '~> 5.2.0'
+gem 'rails', '~> 5.2.4', '>= 5.2.4.5'
 # Use postgresql as the database for Active Record
 gem 'pg', '>= 0.18', '< 2.0'
 # Use Puma as the app server
 gem 'puma', '~> 3.11'
 # Use SCSS for stylesheets
-gem 'sass-rails', '~> 5.0'
+gem 'sass-rails', '~> 6.0', '>= 6.0.0'
 # Use Uglifier as compressor for JavaScript assets
 gem 'uglifier', '>= 1.3.0'
 # See https://github.com/rails/execjs#readme for more supported runtimes
 # gem 'mini_racer', platforms: :ruby
-gem 'devise', '~> 4.6.0'
-gem 'devise_saml_authenticatable'
+gem 'devise', '~> 4.7.0'
+gem 'devise_saml_authenticatable', '>= 1.7.0'
 gem 'cancancan', '~> 2.2.0'
 gem 'paperclip', '~> 6.0.0'
 gem 'pry'
 # Use CoffeeScript for .coffee assets and views
-gem 'coffee-rails', '~> 4.2'
+gem 'coffee-rails', '~> 5.0', '>= 5.0.0'
 # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
 gem 'turbolinks', '~> 5'
 # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
@@ -42,7 +42,7 @@ gem 'terrapin'
 # gem 'capistrano-rails', group: :development
 # gem 'htmltoword'
 gem 'prawn', '~> 2.2.2'
-gem 'roo', '~> 2.8'
+gem 'roo', '~> 2.9', '>= 2.9.0'
 gem 'prawn-table'
 gem 'rubyzip', '>= 1.2.2' # will load new rubyzip version
 gem 'will_paginate', '~> 3.1.0'
@@ -57,7 +57,7 @@ end
 
 group :development do
   # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
-  gem 'web-console', '>= 3.3.0'
+  gem 'web-console', '>= 4.0.0'
   gem 'listen', '>= 3.0.5', '< 3.2'
   gem 'capistrano'
   gem 'capistrano-rbenv'          # idiomatic rbenv support
@@ -74,7 +74,7 @@ end
 
 group :test do
   # Adds support for Capybara system testing and selenium driver
-  gem 'capybara', '>= 2.15', '< 4.0'
+  gem 'capybara', '>= 3.35.0', '< 4.0'
   gem 'selenium-webdriver'
   # Easy installation and use of chromedriver to run system tests with Chrome
   gem 'chromedriver-helper'