From 6383a971f898df96bd650c058edfbe87da788277 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 20 Feb 2025 05:47:23 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732769
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-8732779
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577227
- https://snyk.io/vuln/SNYK-RUBY-REXML-7814166
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577228
- https://snyk.io/vuln/SNYK-RUBY-REXML-8309365
- https://snyk.io/vuln/SNYK-RUBY-REXML-7462086
---
 Gemfile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Gemfile b/Gemfile
index 0ac360f48639..1aaeb7f1ef2d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -87,7 +87,7 @@ gem "commonmarker", "~> 1.1.3"
 
 # HTML pipeline for transformations on text formatter output
 # such as sanitization or additional features
-gem "html-pipeline", "~> 2.14.0"
+gem "html-pipeline", "~> 3.0.0"
 # Tasklist parsing and renderer
 gem "deckar01-task_list", "~> 2.3.1"
 # Requires escape-utils for faster escaping
@@ -188,7 +188,7 @@ gem "puma", "~> 6.4"
 gem "puma-plugin-statsd", "~> 2.0"
 gem "rack-timeout", "~> 0.7.0", require: "rack/timeout/base"
 
-gem "nokogiri", "~> 1.16.0"
+gem "nokogiri", "~> 1.18.3"
 
 gem "carrierwave", "~> 1.3.4"
 gem "carrierwave_direct", "~> 2.1.0"
@@ -331,9 +331,9 @@ group :development, :test do
   gem "rubocop", require: false
   gem "rubocop-capybara", require: false
   gem "rubocop-factory_bot", require: false
-  gem "rubocop-performance", require: false
-  gem "rubocop-rails", require: false
-  gem "rubocop-rspec", require: false
+  gem "rubocop-performance", ">= 1.24.0", require: false
+  gem "rubocop-rails", ">= 2.30.0", require: false
+  gem "rubocop-rspec", ">= 3.5.0", require: false
   gem "rubocop-rspec_rails", require: false
 
   # erb linting