fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-7462086
346design · Jul 18, 2024 · 3d27586 · 3d27586
1 parent cf3c8bb
commit 3d27586
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/Gemfile b/Gemfile
@@ -4,7 +4,7 @@ source 'https://rubygems.org'
 ruby '>= 2.6.0', '< 3.1.0'
 
 gem 'pkg-config', '~> 1.4'
-gem 'rexml', '~> 3.2'
+gem 'rexml', '~> 3.3', '>= 3.3.2'
 
 gem 'puma', '~> 5.6'
 gem 'rails', '~> 6.1.7'
@@ -39,7 +39,7 @@ end
 
 gem 'net-ldap', '~> 0.17'
 gem 'omniauth-cas', '~> 2.0'
-gem 'omniauth-saml', '~> 1.10'
+gem 'omniauth-saml', '~> 2.0', '>= 2.0.0'
 gem 'gitlab-omniauth-openid-connect', '~>0.10.0', require: 'omniauth_openid_connect'
 gem 'omniauth', '~> 1.9'
 gem 'omniauth-rails_csrf_protection', '~> 0.1'
@@ -120,7 +120,7 @@ group :test do
   gem 'rails-controller-testing', '~> 1.0'
   gem 'rspec-sidekiq', '~> 3.1'
   gem 'simplecov', '~> 0.21', require: false
-  gem 'webmock', '~> 3.18'
+  gem 'webmock', '~> 3.19', '>= 3.19.0'
   gem 'rspec_junit_formatter', '~> 0.6'
   gem 'rack-test', '~> 2.0'
 end
@@ -132,10 +132,10 @@ group :development do
   gem 'binding_of_caller', '~> 1.0'
   gem 'bullet', '~> 7.0'
   gem 'letter_opener', '~> 1.8'
-  gem 'letter_opener_web', '~> 2.0'
+  gem 'letter_opener_web', '~> 3.0', '>= 3.0.0'
   gem 'memory_profiler'
-  gem 'rubocop', '~> 1.30', require: false
-  gem 'rubocop-rails', '~> 2.15', require: false
+  gem 'rubocop', '~> 1.31', '>= 1.31.0', require: false
+  gem 'rubocop-rails', '~> 2.15', '>= 2.15.1', require: false
   gem 'brakeman', '~> 5.3', require: false
   gem 'bundler-audit', '~> 0.9', require: false