From f786ea9993750afe900035d524ac27474af28cf6 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 6 Oct 2023 08:05:29 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3237242
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-3360028
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598
- https://snyk.io/vuln/SNYK-RUBY-ERUBIS-20482
- https://snyk.io/vuln/SNYK-RUBY-GLOBALID-3237234
- https://snyk.io/vuln/SNYK-RUBY-I18N-72582
- https://snyk.io/vuln/SNYK-RUBY-JSON-560838
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-22023
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-474102
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-72548
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1055008
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1293239
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1583442
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1726792
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20277
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20299
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20367
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20368
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20432
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-22013
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-22014
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2413994
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2620374
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630623
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2630898
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-2840634
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3357693
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-459107
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-534637
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-72433
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
- https://snyk.io/vuln/SNYK-RUBY-RACK-2848599
- https://snyk.io/vuln/SNYK-RUBY-RACK-2848600
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237240
- https://snyk.io/vuln/SNYK-RUBY-RACK-3356639
- https://snyk.io/vuln/SNYK-RUBY-RACK-538324
- https://snyk.io/vuln/SNYK-RUBY-RACK-569066
- https://snyk.io/vuln/SNYK-RUBY-RACK-572377
- https://snyk.io/vuln/SNYK-RUBY-RACK-72567
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-22025
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-2935879
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648
- https://snyk.io/vuln/SNYK-RUBY-TZINFO-2958048
---
 Gemfile | 58 ++++++++++++++++++++++++++++-----------------------------
 1 file changed, 29 insertions(+), 29 deletions(-)

diff --git a/Gemfile b/Gemfile
index b897dc0a7412c..142c0b33dddf5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,10 +1,10 @@
 source "https://rubygems.org"
 
-gem 'rails', '4.2.6'
+gem 'rails', '7.1.0'
 gem 'rails-deprecated_sanitizer', '~> 1.0.3'
 
 # Responders respond_to and respond_with
-gem 'responders', '~> 2.0'
+gem 'responders', '~> 3.0', '>= 3.0.0'
 
 # Specify a sprockets version due to increased performance
 # See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069
@@ -18,9 +18,9 @@ gem "mysql2", '~> 0.3.16', group: :mysql
 gem "pg", '~> 0.18.2', group: :postgres
 
 # Authentication libraries
-gem 'devise',                 '~> 3.5.4'
-gem 'doorkeeper',             '~> 3.1'
-gem 'devise-async',           '~> 0.9.0'
+gem 'devise', '~> 4.7.0'
+gem 'doorkeeper', '~> 4.0', '>= 4.0.0'
+gem 'devise-async', '~> 1.0.0'
 gem 'omniauth',               '~> 1.3.1'
 gem 'omniauth-auth0',         '~> 1.4.1'
 gem 'omniauth-azure-oauth2',  '~> 0.0.6'
@@ -43,7 +43,7 @@ gem 'recaptcha', require: 'recaptcha/rails'
 gem 'akismet', '~> 2.0'
 
 # Two-factor authentication
-gem 'devise-two-factor', '~> 2.0.0'
+gem 'devise-two-factor', '~> 3.0.0'
 gem 'rqrcode-rails3', '~> 0.1.7'
 gem 'attr_encrypted', '~> 1.3.4'
 
@@ -73,16 +73,16 @@ gem 'grape-entity', '~> 0.4.2'
 gem 'rack-cors',    '~> 0.4.0', require: 'rack/cors'
 
 # Pagination
-gem "kaminari", "~> 0.16.3"
+gem "kaminari", "~> 0.17.0"
 
 # HAML
-gem "haml-rails", '~> 0.9.0'
+gem "haml-rails", "~> 2.1.0"
 
 # Files attachments
 gem "carrierwave", '~> 0.10.0'
 
 # Drag and Drop UI
-gem 'dropzonejs-rails', '~> 0.7.1'
+gem 'dropzonejs-rails', '~> 0.7.3'
 
 # for aws storage
 gem "fog", "~> 1.36.0"
@@ -148,7 +148,7 @@ gem 'settingslogic', '~> 2.0.9'
 gem 'version_sorter', '~> 2.0.0'
 
 # Cache
-gem "redis-rails", '~> 4.0.0'
+gem "redis-rails", "~> 5.0.2"
 
 # Redis
 gem 'redis', '~> 3.2'
@@ -176,7 +176,7 @@ gem 'asana', '~> 0.4.0'
 gem 'ruby-fogbugz', '~> 0.2.1'
 
 # d3
-gem 'd3_rails', '~> 3.5.0'
+gem 'd3_rails', '~> 3.5.12'
 
 # underscore-rails
 gem "underscore-rails", "~> 1.8.0"
@@ -203,20 +203,20 @@ gem 'mousetrap-rails', '~> 1.4.6'
 # Detect and convert string character encoding
 gem 'charlock_holmes', '~> 0.7.3'
 
-gem "sass-rails", '~> 5.0.0'
-gem "coffee-rails", '~> 4.1.0'
+gem "sass-rails", "~> 5.0.8"
+gem "coffee-rails", "~> 4.2.2"
 gem "uglifier", '~> 2.7.2'
-gem 'turbolinks', '~> 2.5.0'
+gem 'turbolinks', '~> 2.5.4'
 gem 'jquery-turbolinks', '~> 2.1.0'
 
 gem 'addressable',        '~> 2.3.8'
 gem 'bootstrap-sass',     '~> 3.3.0'
-gem 'font-awesome-rails', '~> 4.2'
+gem 'font-awesome-rails', '~> 4.7', '>= 4.7.0.8'
 gem 'gitlab_emoji',       '~> 0.3.0'
-gem 'gon',                '~> 6.0.1'
+gem 'gon', '~> 6.1.0'
 gem 'jquery-atwho-rails', '~> 1.3.2'
-gem 'jquery-rails',       '~> 4.1.0'
-gem 'jquery-ui-rails',    '~> 5.0.0'
+gem 'jquery-rails', '~> 4.2.0'
+gem 'jquery-ui-rails', '~> 6.0.0'
 gem 'raphael-rails',      '~> 2.1.2'
 gem 'request_store',      '~> 1.3.0'
 gem 'select2-rails',      '~> 3.5.9'
@@ -227,7 +227,7 @@ gem 'base32',             '~> 0.3.0'
 # Sentry integration
 gem 'sentry-raven', '~> 0.15'
 
-gem 'premailer-rails', '~> 1.9.0'
+gem 'premailer-rails', '~> 1.10.3'
 
 # Metrics
 group :metrics do
@@ -238,17 +238,17 @@ end
 
 group :development do
   gem "foreman"
-  gem 'brakeman', '~> 3.2.0', require: false
+  gem 'brakeman', '~> 3.3.0', require: false
 
-  gem 'letter_opener_web', '~> 1.3.0'
+  gem 'letter_opener_web', '~> 1.3.1'
   gem 'quiet_assets', '~> 1.0.2'
   gem 'rerun', '~> 0.11.0'
   gem 'bullet', require: false
   gem 'rblineprof', platform: :mri, require: false
-  gem 'web-console', '~> 2.0'
+  gem 'web-console', '~> 3.0', '>= 3.0.0'
 
   # Better errors handler
-  gem 'better_errors', '~> 1.0.1'
+  gem 'better_errors', '~> 2.3.0'
   gem 'binding_of_caller', '~> 0.7.2'
 
   # Docs generator
@@ -266,8 +266,8 @@ group :development, :test do
   gem 'fuubar', '~> 2.0.0'
 
   gem 'database_cleaner',   '~> 1.4.0'
-  gem 'factory_girl_rails', '~> 4.6.0'
-  gem 'rspec-rails',        '~> 3.4.0'
+  gem 'factory_girl_rails', '~> 4.7.0'
+  gem 'rspec-rails', '~> 3.5.0'
   gem 'rspec-retry'
   gem 'spinach-rails',      '~> 0.2.1'
   gem 'spinach-rerun-reporter', '~> 0.0.2'
@@ -282,8 +282,8 @@ group :development, :test do
   gem 'capybara-screenshot', '~> 1.0.0'
   gem 'poltergeist',         '~> 1.9.0'
 
-  gem 'teaspoon', '~> 1.1.0'
-  gem 'teaspoon-jasmine', '~> 2.2.0'
+  gem 'teaspoon', '~> 1.2.0'
+  gem 'teaspoon-jasmine', '~> 2.3.4'
 
   gem 'spring',                   '~> 1.7.0'
   gem 'spring-commands-rspec',    '~> 1.0.4'
@@ -323,7 +323,7 @@ gem "mail_room", "~> 0.7"
 gem 'email_reply_parser', '~> 0.5.8'
 
 ## CI
-gem 'activerecord-session_store', '~> 1.0.0'
+gem 'activerecord-session_store', '~> 1.1.1'
 gem "nested_form", '~> 0.3.2'
 
 # OAuth
@@ -333,4 +333,4 @@ gem 'oauth2', '~> 1.0.0'
 gem "paranoia", "~> 2.0"
 
 # Health check
-gem 'health_check', '~> 1.5.1'
+gem 'health_check', '~> 1.7.2'