From 9775df4747ad92cf6397890c33b69a5de6e7f63a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 13 Oct 2025 10:31:49 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-13378928
- https://snyk.io/vuln/SNYK-RUBY-RACK-13378930
- https://snyk.io/vuln/SNYK-RUBY-RACK-13378932
- https://snyk.io/vuln/SNYK-RUBY-RACK-13535097
- https://snyk.io/vuln/SNYK-RUBY-RACK-13524628
- https://snyk.io/vuln/SNYK-RUBY-URI-13506785
---
 Gemfile | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/Gemfile b/Gemfile
index 2e64acb..0545867 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,21 +1,21 @@
 source "https://rubygems.org"
 
 # Bundle edge Rails instead: gem "rails", github: "rails/rails", branch: "main"
-gem "rails", "~> 8.0.2.1"
+gem "rails", "~> 8.0.3.0"
 # The modern asset pipeline for Rails [https://github.com/rails/propshaft]
-gem "propshaft"
+gem "propshaft", ">= 1.2.0"
 # Use postgresql as the database for Active Record
 gem "pg", "~> 1.1"
 # Use the Puma web server [https://github.com/puma/puma]
 gem "puma", ">= 5.0"
 # Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]
-gem "importmap-rails"
+gem "importmap-rails", ">= 2.2.0"
 # Hotwire's SPA-like page accelerator [https://turbo.hotwired.dev]
-gem "turbo-rails"
+gem "turbo-rails", ">= 2.0.17"
 # Hotwire's modest JavaScript framework [https://stimulus.hotwired.dev]
 gem "stimulus-rails"
 # Build JSON APIs with ease [https://github.com/rails/jbuilder]
-gem "jbuilder"
+gem "jbuilder", ">= 2.14.0"
 
 # Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
 # gem "bcrypt", "~> 3.1.7"
@@ -24,9 +24,9 @@ gem "jbuilder"
 gem "tzinfo-data", platforms: %i[ windows jruby ]
 
 # Use the database-backed adapters for Rails.cache, Active Job, and Action Cable
-gem "solid_cache"
+gem "solid_cache", ">= 1.0.8"
 gem "solid_queue"
-gem "solid_cable"
+gem "solid_cable", ">= 3.0.12"
 
 # Reduces boot times through caching; required in config/boot.rb
 gem "bootsnap", require: false
@@ -41,7 +41,7 @@ gem "thruster", require: false
 # gem "image_processing", "~> 1.2"
 
 gem 'devise'
-gem 'faraday'
+gem 'faraday', '>= 2.13.3'
 gem 'figaro'
 
 gem 'font-awesome-sass', '~> 5.15.1'
@@ -58,7 +58,7 @@ group :development, :test do
 
   gem "bundler-audit"
 
-  gem 'rspec-rails', '~> 8.0.0'
+  gem 'rspec-rails', '~> 8.0.2'
 end
 
 group :development do
@@ -83,12 +83,12 @@ gem 'action_policy'
 gem 'traco'
 
 gem 'pagy', '~> 9.3' # omit patch digit
-gem 'ransack'
+gem 'ransack', '>= 4.4.0'
 # gem 'surveyor', path: 'vendor/gems/surveyor'
 
-gem 'positioning'
+gem 'positioning', '>= 0.4.7'
 
-gem 'friendly_id', '~> 5.4.0'
+gem 'friendly_id', '~> 5.5.0'
 
 # Security updates
 gem 'nokogiri', '>= 1.18.9'