From 042cfbeb1f2bf936ecb8a50117142dfda3827a1a Mon Sep 17 00:00:00 2001
From: Anton Georgiev <antobinary@users.noreply.github.com>
Date: Wed, 11 Oct 2023 14:19:24 -0400
Subject: [PATCH] [Snyk] Fix for 1 vulnerabilities (#5442)

* fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917

* Update Gemfile.lock

---------

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>
---
 Gemfile      |  4 ++--
 Gemfile.lock | 16 ++++++++--------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/Gemfile b/Gemfile
index 592a2c02..04f52710 100644
--- a/Gemfile
+++ b/Gemfile
@@ -5,14 +5,14 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
 ruby '>= 3.0'
 
-gem 'active_model_serializers'
+gem 'active_model_serializers', '>= 0.10.14'
 gem 'active_storage_validations', '>= 1.0.4'
 gem 'aws-sdk-s3', require: false
 gem 'bcrypt', '~> 3.1.7'
 gem 'bigbluebutton-api-ruby', '1.9.1'
 gem 'bootsnap', require: false
 gem 'cssbundling-rails', '>= 1.3.3'
-gem 'data_migrate', '>= 9.1.0'
+gem 'data_migrate', '>= 9.2.0'
 gem 'dotenv-rails'
 gem 'google-cloud-storage', '~> 1.44', require: false
 gem 'hcaptcha'
diff --git a/Gemfile.lock b/Gemfile.lock
index ac27fb6f..d7f07432 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -46,9 +46,9 @@ GEM
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    active_model_serializers (0.10.13)
-      actionpack (>= 4.1, < 7.1)
-      activemodel (>= 4.1, < 7.1)
+    active_model_serializers (0.10.14)
+      actionpack (>= 4.1)
+      activemodel (>= 4.1)
       case_transform (>= 0.2)
       jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
     active_storage_validations (1.0.4)
@@ -130,9 +130,9 @@ GEM
     crass (1.0.6)
     cssbundling-rails (1.3.3)
       railties (>= 6.0.0)
-    data_migrate (9.1.1)
-      activerecord (>= 6.0)
-      railties (>= 6.0)
+    data_migrate (9.2.0)
+      activerecord (>= 6.1)
+      railties (>= 6.1)
     date (3.3.3)
     debug (1.7.1)
       irb (>= 1.5.0)
@@ -470,7 +470,7 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
-  active_model_serializers
+  active_model_serializers (>= 0.10.14)
   active_storage_validations (>= 1.0.4)
   aws-sdk-s3
   bcrypt (~> 3.1.7)
@@ -478,7 +478,7 @@ DEPENDENCIES
   bootsnap
   capybara
   cssbundling-rails (>= 1.3.3)
-  data_migrate (>= 9.1.0)
+  data_migrate (>= 9.2.0)
   debug
   dotenv-rails
   factory_bot_rails
-- 
GitLab