From a17c1295140409a2d13fc3c171731976fd97b8a9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 16 Feb 2026 15:48:23 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-FARADAY-15253521
---
 Gemfile      |  2 +-
 Gemfile.lock | 34 ++++++++++++++++++++++++----------
 2 files changed, 25 insertions(+), 11 deletions(-)

diff --git a/Gemfile b/Gemfile
index 213eec9..d3c89f2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,5 +1,5 @@
 source 'https://rubygems.org'
 
-gem 'octokit'
+gem 'octokit', '>= 4.23.0'
 gem 'rspec'
 gem 'cucumber'
diff --git a/Gemfile.lock b/Gemfile.lock
index 29b22a0..5f12608 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,7 +1,8 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.3.5)
+    addressable (2.8.8)
+      public_suffix (>= 2.0.2, < 8.0)
     builder (3.2.2)
     cucumber (1.3.10)
       builder (>= 2.1.2)
@@ -10,15 +11,24 @@ GEM
       multi_json (>= 1.7.5, < 2.0)
       multi_test (>= 0.0.2)
     diff-lcs (1.2.5)
-    faraday (0.9.0)
-      multipart-post (>= 1.2, < 3)
+    faraday (2.14.1)
+      faraday-net_http (>= 2.0, < 3.5)
+      json
+      logger
+    faraday-net_http (3.4.2)
+      net-http (~> 0.5)
     gherkin (2.12.2)
       multi_json (~> 1.3)
+    json (2.18.1)
+    logger (1.7.0)
     multi_json (1.9.0)
     multi_test (0.0.3)
-    multipart-post (2.0.0)
-    octokit (2.7.1)
-      sawyer (~> 0.5.2)
+    net-http (0.9.1)
+      uri (>= 0.11.1)
+    octokit (10.0.0)
+      faraday (>= 1, < 3)
+      sawyer (~> 0.9)
+    public_suffix (6.0.2)
     rspec (2.14.1)
       rspec-core (~> 2.14.0)
       rspec-expectations (~> 2.14.0)
@@ -27,14 +37,18 @@ GEM
     rspec-expectations (2.14.5)
       diff-lcs (>= 1.1.3, < 2.0)
     rspec-mocks (2.14.6)
-    sawyer (0.5.3)
-      addressable (~> 2.3.5)
-      faraday (~> 0.8, < 0.10)
+    sawyer (0.9.3)
+      addressable (>= 2.3.5)
+      faraday (>= 0.17.3, < 3)
+    uri (1.1.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   cucumber
-  octokit
+  octokit (>= 4.23.0)
   rspec
+
+BUNDLED WITH
+   2.3.27