From cbe60c21f76e95ef02c3002713e401f001360627 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 25 Jul 2025 09:32:53 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674179
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674176
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674184
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674192
- https://snyk.io/vuln/SNYK-RUBY-THOR-10843853
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674188
---
 Gemfile | 52 ++++++++++++++++++++++++++--------------------------
 1 file changed, 26 insertions(+), 26 deletions(-)

diff --git a/Gemfile b/Gemfile
index 9d247a50907..2ac3d5ea25c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gem "rails", "6.0.5.1"
+gem "rails", "6.0.6"
 
 gem "acts-as-taggable-on", "~> 9.0.1"
 gem "acts_as_votable", "~> 0.13.2"
@@ -10,36 +10,36 @@ gem "ancestry", "~> 4.2.0"
 gem "audited", "~> 5.0.2"
 gem "autoprefixer-rails", "~> 8.2.0"
 gem "cancancan", "~> 3.4.0"
-gem "caxlsx", "~> 3.2.0"
-gem "caxlsx_rails", "~> 0.6.3"
+gem "caxlsx", "~> 3.3.0"
+gem "caxlsx_rails", "~> 0.6.4"
 gem "ckeditor", "~> 4.3.0"
 gem "cocoon", "~> 1.2.15"
 gem "daemons", "~> 1.4.1"
 gem "dalli", "~> 2.7.11"
 gem "delayed_job_active_record", "~> 4.1.7"
-gem "devise", "~> 4.8.1"
-gem "devise-security", "~> 0.16.0"
+gem "devise", "~> 4.9.0"
+gem "devise-security", "~> 0.17.0"
 gem "file_validators", "~> 3.0.0"
 gem "font-awesome-sass", "~> 5.15.1" # Remember to update vendor/assets/images/fontawesome when updating this gem
-gem "foundation-rails", "~> 6.6.2.0"
+gem "foundation-rails", "~> 6.9.0.0"
 gem "foundation_rails_helper", "~> 4.0.1"
 gem "globalize", "~> 6.2.1"
 gem "globalize-accessors", "~> 0.3.0"
-gem "graphiql-rails", "~> 1.8.0"
+gem "graphiql-rails", "~> 1.9.0"
 gem "graphql", "~> 1.12.14"
 gem "groupdate", "~> 6.1.0"
 gem "image_processing", "~> 1.12.2"
 gem "initialjs-rails", "~> 0.2.0.9"
-gem "invisible_captcha", "~> 2.0.0"
+gem "invisible_captcha", "~> 2.1.0"
 gem "jquery-fileupload-rails"
-gem "jquery-rails", "~> 4.5.0"
-gem "jquery-ui-rails", "~> 6.0.1"
+gem "jquery-rails", "~> 4.5.1"
+gem "jquery-ui-rails", "~> 7.0.0"
 gem "kaminari", "~> 1.2.2"
 gem "mini_magick", "~> 4.11.0"
 gem "omniauth", "~> 2.1.0"
 gem "omniauth-facebook", "~> 9.0.0"
 gem "omniauth-google-oauth2", "~> 1.0.1"
-gem "omniauth-rails_csrf_protection", "~> 1.0.1"
+gem "omniauth-rails_csrf_protection", "~> 1.0.2"
 gem "omniauth-twitter", "~> 1.4.0"
 gem "paranoia", "~> 2.6.0"
 gem "pg", "~> 1.4.3"
@@ -47,10 +47,10 @@ gem "pg_search", "~> 2.3.6"
 gem "puma", "~> 4.3.12"
 gem "recipient_interceptor", "~> 0.3.1"
 gem "redcarpet", "~> 3.5.1"
-gem "responders", "~> 3.0.1"
+gem "responders", "~> 3.1.0"
 gem "rinku", "~> 2.0.6", require: "rails_rinku"
 gem "sassc-rails", "~> 2.1.2"
-gem "savon", "~> 2.13.0"
+gem "savon", "~> 2.13.1"
 gem "sitemap_generator", "~> 6.3.0"
 gem "social-share-button", "~> 1.2.4"
 gem "sprockets", "~> 4.1.1"
@@ -72,24 +72,24 @@ end
 group :development, :test do
   gem "bullet", "~> 7.0.3"
   gem "byebug", "~> 11.1.3"
-  gem "factory_bot_rails", "~> 6.2.0"
+  gem "factory_bot_rails", "~> 6.3.0"
   gem "faker", "~> 2.22.0"
-  gem "i18n-tasks", "~> 0.9.37"
+  gem "i18n-tasks", "~> 1.0.0"
   gem "knapsack_pro", "~> 3.3.1"
   gem "launchy", "~> 2.5.0"
-  gem "letter_opener_web", "~> 2.0.0"
+  gem "letter_opener_web", "~> 3.0.0"
   gem "spring", "~> 2.1.1"
   gem "spring-commands-rspec", "~> 1.0.4"
 end
 
 group :test do
-  gem "capybara", "~> 3.37.1"
-  gem "capybara-webmock", "~> 0.6.0"
+  gem "capybara", "~> 3.38.0"
+  gem "capybara-webmock", "~> 0.7.0"
   gem "coveralls", "~> 0.8.23", require: false
   gem "email_spec", "~> 2.2.0"
-  gem "rspec-rails", "~> 5.1.2"
+  gem "rspec-rails", "~> 6.0.0"
   gem "selenium-webdriver", "~> 3.142"
-  gem "webdrivers", "~> 4.7.0"
+  gem "webdrivers", "~> 5.0.0"
 end
 
 group :development do
@@ -98,13 +98,13 @@ group :development do
   gem "capistrano-rails", "~> 1.6.2", require: false
   gem "capistrano3-delayed-job", "~> 1.7.6"
   gem "capistrano3-puma", "~> 5.2.0"
-  gem "erb_lint", "~> 0.0.37", require: false
+  gem "erb_lint", "~> 0.1.0", require: false
   gem "github_changelog_generator", "~> 1.15.2"
   gem "mdl", "~> 0.11.0", require: false
-  gem "pronto", "~> 0.11.0", require: false
-  gem "pronto-erb_lint", "~> 0.1.5", require: false
-  gem "pronto-eslint", "~> 0.11.0", require: false
-  gem "pronto-rubocop", "~> 0.11.2", require: false
+  gem "pronto", "~> 0.11.1", require: false
+  gem "pronto-erb_lint", "~> 0.1.6", require: false
+  gem "pronto-eslint", "~> 0.11.1", require: false
+  gem "pronto-rubocop", "~> 0.11.3", require: false
   gem "pronto-scss", "~> 0.11.0", require: false
   gem "rubocop", "~> 1.35.1", require: false
   gem "rubocop-performance", "~> 1.11.4", require: false
@@ -112,7 +112,7 @@ group :development do
   gem "rubocop-rspec", "~> 2.4.0", require: false
   gem "rvm1-capistrano3", "~> 1.4.0", require: false
   gem "scss_lint", "~> 0.59.0", require: false
-  gem "web-console", "~> 4.2.0"
+  gem "web-console", "~> 4.2.1"
 end
 
 eval_gemfile "./Gemfile_custom"