From f8e6308cafa63ebf670c63d4485bf006c3d27fa0 Mon Sep 17 00:00:00 2001
From: Sojan Jose <sojan@pepalo.com>
Date: Thu, 15 Dec 2022 14:10:50 +0300
Subject: [PATCH] chore: [Snyk] Fix for 7 vulnerabilities (#6075)

* fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168318
- https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168649
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647
- https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648

* chore: update gemlock

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 Gemfile      | 8 ++++----
 Gemfile.lock | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/Gemfile b/Gemfile
index d47b5e449..77720f414 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,7 +4,7 @@ ruby '3.0.4'
 
 ##-- base gems for rails --##
 gem 'rack-cors', require: 'rack/cors'
-gem 'rails', '~>6.1'
+gem 'rails', '~> 6.1', '>= 6.1.6.1'
 # Reduces boot times through caching; required in config/boot.rb
 gem 'bootsnap', require: false
 
@@ -56,7 +56,7 @@ gem 'activerecord-import'
 gem 'dotenv-rails'
 gem 'foreman'
 gem 'puma'
-gem 'webpacker', '~> 5.x'
+gem 'webpacker', '~> 5.4', '>= 5.4.3'
 # metrics on heroku
 gem 'barnes'
 
@@ -94,7 +94,7 @@ gem 'ddtrace'
 gem 'elastic-apm'
 gem 'newrelic_rpm'
 gem 'scout_apm'
-gem 'sentry-rails', '~> 5.3'
+gem 'sentry-rails', '~> 5.3', '>= 5.3.1'
 gem 'sentry-ruby', '~> 5.3'
 gem 'sentry-sidekiq', '~> 5.3'
 
@@ -175,7 +175,7 @@ group :development, :test do
   gem 'mock_redis'
   gem 'pry-rails'
   gem 'rspec_junit_formatter'
-  gem 'rspec-rails', '~> 5.0.0'
+  gem 'rspec-rails', '~> 5.0.3'
   gem 'rubocop', require: false
   gem 'rubocop-performance', require: false
   gem 'rubocop-rails', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index 4a233f3a9..e96ae1b9e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -765,12 +765,12 @@ DEPENDENCIES
   rack-attack
   rack-cors
   rack-timeout
-  rails (~> 6.1)
+  rails (~> 6.1, >= 6.1.6.1)
   redis
   redis-namespace
   responders
   rest-client
-  rspec-rails (~> 5.0.0)
+  rspec-rails (~> 5.0.3)
   rspec_junit_formatter
   rubocop
   rubocop-performance
@@ -778,7 +778,7 @@ DEPENDENCIES
   rubocop-rspec
   scout_apm
   seed_dump
-  sentry-rails (~> 5.3)
+  sentry-rails (~> 5.3, >= 5.3.1)
   sentry-ruby (~> 5.3)
   sentry-sidekiq (~> 5.3)
   shoulda-matchers
@@ -799,7 +799,7 @@ DEPENDENCIES
   valid_email2
   web-console
   webmock
-  webpacker (~> 5.x)
+  webpacker (~> 5.4, >= 5.4.3)
   webpush
   wisper (= 2.0.0)
   working_hours