fix: Gemfile & Gemfile.lock to reduce vulnerabilities

snyk-bot · snyk-bot · commit 3d9648f32a59 · 2024-01-04T01:28:06.000Z
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
diff --git a/Gemfile b/Gemfile
@@ -26,7 +26,7 @@ gem "jsbundling-rails", ">= 1.2.0"
 gem "turbo-rails", ">= 1.5.0"
 
 # Hotwire's modest JavaScript framework [https://stimulus.hotwired.dev]
-gem "stimulus-rails", ">= 1.3.0"
+gem "stimulus-rails", ">= 1.3.1"
 
 gem "sentry-ruby"
 gem "sentry-rails"
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -272,9 +272,9 @@ GEM
     newrelic_rpm (9.6.0)
       base64
     nio4r (2.5.9)
-    nokogiri (1.15.5-arm64-darwin)
+    nokogiri (1.16.0-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.15.5-x86_64-linux)
+    nokogiri (1.16.0-x86_64-linux)
       racc (~> 1.4)
     orm_adapter (0.5.0)
     pagy (6.0.4)
@@ -490,7 +490,7 @@ GEM
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
-    stimulus-rails (1.3.0)
+    stimulus-rails (1.3.3)
       railties (>= 6.0.0)
     thor (1.3.0)
     thread_safe (0.3.6)
@@ -599,7 +599,7 @@ DEPENDENCIES
   spreadsheet_architect
   spring (~> 3.0.0)
   sprockets-rails
-  stimulus-rails (>= 1.3.0)
+  stimulus-rails (>= 1.3.1)
   turbo-rails (>= 1.5.0)
   tzinfo-data
   vcr
@@ -611,4 +611,4 @@ RUBY VERSION
    ruby 3.2.2p53
 
 BUNDLED WITH
-   2.4.20
+   2.4.6
