From 699fa24f8beb9f48ec755bf1b25c36223a065680 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 23 Oct 2022 22:41:47 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
---
 Gemfile | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/Gemfile b/Gemfile
index 7c23ddc2fde..8ea37fb9d0d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -3,7 +3,7 @@ git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }
 
 ruby "~> #{File.read(File.join(__dir__, '.ruby-version')).strip}"
 
-gem 'rails', '~> 7.0.0'
+gem 'rails', '~> 7.0.4'
 
 gem 'ahoy_matey', '~> 3.0'
 gem 'aws-sdk-kms', '~> 1.4'
@@ -18,12 +18,12 @@ gem 'bootsnap', '~> 1.9.0', require: false
 gem 'browser'
 gem 'connection_pool'
 gem 'cssbundling-rails'
-gem 'devise', '~> 4.8'
+gem 'devise', '~> 4.8', '>= 4.8.1'
 gem 'dotiw', '>= 4.0.1'
 gem 'faraday'
 gem 'faraday_middleware'
 gem 'foundation_emails'
-gem 'good_job', '~> 3.0'
+gem 'good_job', '~> 3.4', '>= 3.4.4'
 gem 'hashie', '~> 4.1'
 gem 'http_accept_language'
 gem 'identity-hostdata', github: '18F/identity-hostdata', tag: 'v3.4.1'
@@ -43,9 +43,9 @@ gem 'pg'
 gem 'phonelib'
 gem 'premailer-rails', '>= 1.11.1'
 gem 'profanity_filter'
-gem 'rack', '>= 2.2.3.1'
+gem 'rack', '>= 3.0.0'
 gem 'rack-attack', '>= 6.2.1'
-gem 'rack-cors', '>= 1.0.5', require: 'rack/cors'
+gem 'rack-cors', '>= 1.1.1', require: 'rack/cors'
 gem 'rack-headers_filter'
 gem 'rack-timeout', require: false
 gem 'redacted_struct'
@@ -60,7 +60,7 @@ gem 'ruby-saml'
 gem 'safe_target_blank', '>= 1.0.2'
 gem 'saml_idp', github: '18F/saml_idp', tag: '0.18.0-18f'
 gem 'scrypt'
-gem 'simple_form', '>= 5.0.2'
+gem 'simple_form', '>= 5.1.0'
 gem 'sprockets-rails'
 gem 'stringex', require: false
 gem 'strong_migrations', '>= 0.4.2'
@@ -78,13 +78,13 @@ gem 'yard'
 gem 'zxcvbn', '0.1.7'
 
 group :development do
-  gem 'better_errors', '>= 2.5.1'
+  gem 'better_errors', '>= 2.9.1'
   gem 'binding_of_caller'
-  gem 'derailed_benchmarks', '~> 1.8'
+  gem 'derailed_benchmarks', '~> 1.8', '>= 1.8.1'
   gem 'guard-rspec', require: false
   gem 'irb'
   gem 'octokit', '>= 4.25.0'
-  gem 'rack-mini-profiler', '>= 1.1.3', require: false
+  gem 'rack-mini-profiler', '>= 2.3.3', require: false
   gem 'rails-erd', '>= 1.6.0'
 end
 
@@ -95,7 +95,7 @@ group :development, :test do
   gem 'capybara-webmock', git: 'https://github.com/hashrocket/capybara-webmock.git', ref: '63d790a0'
   gem 'data_uri', require: false
   gem 'erb_lint', '~> 0.1.0', require: false
-  gem 'i18n-tasks', '>= 0.9.31'
+  gem 'i18n-tasks', '>= 0.9.37'
   gem 'knapsack'
   gem 'nokogiri', '~> 1.13.9'
   gem 'parallel_tests'
@@ -105,10 +105,10 @@ group :development, :test do
   gem 'pry-rails'
   gem 'psych'
   gem 'puma'
-  gem 'rspec-rails', '6.0.0.rc1'
+  gem 'rspec-rails', '6.0.0'
   gem 'rubocop', '~> 1.29.1', require: false
   gem 'rubocop-performance', '~> 1.14.0', require: false
-  gem 'rubocop-rails', '>= 2.5.2', require: false
+  gem 'rubocop-rails', '>= 2.12.4', require: false
 end
 
 group :test do
@@ -121,8 +121,8 @@ group :test do
   gem 'factory_bot_rails', '>= 6.2.0'
   gem 'faker'
   gem 'rack_session_access', '>= 0.2.0'
-  gem 'rack-test', '>= 1.1.0'
-  gem 'rails-controller-testing', '>= 1.0.4'
+  gem 'rack-test', '>= 2.0.2'
+  gem 'rails-controller-testing', '>= 1.0.5'
   gem 'rspec-retry'
   gem 'shoulda-matchers', '~> 4.0', require: false
   gem 'webdrivers', '~> 5.2.0'