From 034998325e19bea76692b437433eefb34e2171bc Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Aug 2024 00:37:45 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-REXML-7814166
---
 Gemfile      |  4 ++--
 Gemfile.lock | 20 +++++++++++---------
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/Gemfile b/Gemfile
index 689593b..9841504 100644
--- a/Gemfile
+++ b/Gemfile
@@ -6,8 +6,8 @@ ruby '~> 3.2.2'
 gem 'aws-sdk-s3', '~> 1.30'
 gem 'dotenv'
 gem 'hashie'
-gem 'rexml'
-gem 'ruby-saml', '>= 1.9.0'
+gem 'rexml', '>= 3.3.6'
+gem 'ruby-saml', '>= 1.15.0'
 gem 'rack-test', '>= 2.0.0'
 gem 'rake'
 gem 'sinatra', '>= 3.0.4'
diff --git a/Gemfile.lock b/Gemfile.lock
index 1fd7503..747f101 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -31,12 +31,12 @@ GEM
       concurrent-ruby (~> 1.0)
     jmespath (1.6.1)
     method_source (1.0.0)
-    mini_portile2 (2.8.5)
+    mini_portile2 (2.8.7)
     minitest (5.19.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
     nio4r (2.7.0)
-    nokogiri (1.16.2)
+    nokogiri (1.16.7)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     power_assert (2.0.2)
@@ -45,14 +45,15 @@ GEM
       method_source (~> 1.0)
     puma (6.4.2)
       nio4r (~> 2.0)
-    racc (1.7.3)
+    racc (1.8.1)
     rack (2.2.8.1)
     rack-protection (3.0.4)
       rack
     rack-test (2.0.2)
       rack (>= 1.3)
     rake (13.0.1)
-    rexml (3.2.5)
+    rexml (3.3.6)
+      strscan
     rspec (3.13.0)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
@@ -66,8 +67,8 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
     rspec-support (3.13.1)
-    ruby-saml (1.14.0)
-      nokogiri (>= 1.10.5)
+    ruby-saml (1.16.0)
+      nokogiri (>= 1.13.10)
       rexml
     ruby2_keywords (0.0.5)
     sinatra (3.0.4)
@@ -75,6 +76,7 @@ GEM
       rack (~> 2.2, >= 2.2.4)
       rack-protection (= 3.0.4)
       tilt (~> 2.0)
+    strscan (3.1.0)
     test-unit (3.5.7)
       power_assert
     tilt (2.0.11)
@@ -94,9 +96,9 @@ DEPENDENCIES
   puma
   rack-test (>= 2.0.0)
   rake
-  rexml
+  rexml (>= 3.3.6)
   rspec
-  ruby-saml (>= 1.9.0)
+  ruby-saml (>= 1.15.0)
   sinatra (>= 3.0.4)
   test-unit
 
@@ -104,4 +106,4 @@ RUBY VERSION
    ruby 3.2.2p223
 
 BUNDLED WITH
-   2.2.33
+   2.4.6