From 8b591ffe612406a57d763c9d64a0e8c61ca685b2 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 14 Jul 2025 03:46:19 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577227
- https://snyk.io/vuln/SNYK-RUBY-REXML-7814166
- https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242
- https://snyk.io/vuln/SNYK-RUBY-REXML-7577228
- https://snyk.io/vuln/SNYK-RUBY-REXML-8309365
- https://snyk.io/vuln/SNYK-RUBY-KRAMDOWN-1087436
- https://snyk.io/vuln/SNYK-RUBY-REXML-6861566
- https://snyk.io/vuln/SNYK-RUBY-REXML-7462086
- https://snyk.io/vuln/SNYK-RUBY-REXML-1244518
---
 Gemfile      |  2 +-
 Gemfile.lock | 72 +++++++++++++++++++++++++++++-----------------------
 2 files changed, 41 insertions(+), 33 deletions(-)

diff --git a/Gemfile b/Gemfile
index 814ec895f79ad..c43c11254aa60 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,5 +1,5 @@
 source "https://rubygems.org"
 
-gem 'danger'
+gem 'danger', '>= 7.0.0'
 gem 'image_size', '~> 2.0'
 gem 'json-schema'
\ No newline at end of file
diff --git a/Gemfile.lock b/Gemfile.lock
index 3a00bb1c5b030..319750d678795 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,9 +1,10 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.7.0)
-      public_suffix (>= 2.0.2, < 5.0)
-    claide (1.0.3)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
+    base64 (0.3.0)
+    claide (1.1.0)
     claide-plugins (0.9.2)
       cork
       nap
@@ -11,56 +12,63 @@ GEM
     colored2 (3.1.2)
     cork (0.3.0)
       colored2 (~> 3.1)
-    danger (6.3.2)
+    danger (9.5.3)
+      base64 (~> 0.2)
       claide (~> 1.0)
       claide-plugins (>= 0.9.2)
-      colored2 (~> 3.1)
+      colored2 (>= 3.1, < 5)
       cork (~> 0.1)
-      faraday (~> 0.9)
+      faraday (>= 0.9.0, < 3.0)
       faraday-http-cache (~> 2.0)
-      git (~> 1.6)
-      kramdown (~> 2.0)
+      git (>= 1.13, < 3.0)
+      kramdown (>= 2.5.1, < 3.0)
       kramdown-parser-gfm (~> 1.0)
-      no_proxy_fix
-      octokit (~> 4.7)
-      terminal-table (~> 1)
-    faraday (0.17.3)
-      multipart-post (>= 1.2, < 3)
-    faraday-http-cache (2.1.0)
-      faraday (~> 0.8)
-    git (1.6.0)
+      octokit (>= 4.0)
+      pstore (~> 0.1)
+      terminal-table (>= 1, < 5)
+    faraday (2.8.1)
+      base64
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-http-cache (2.5.1)
+      faraday (>= 0.8)
+    faraday-net_http (3.0.2)
+    git (1.19.1)
+      addressable (~> 2.8)
       rchardet (~> 1.8)
     image_size (2.0.2)
     json-schema (2.8.1)
       addressable (>= 2.4)
-    kramdown (2.3.0)
-      rexml
+    kramdown (2.5.1)
+      rexml (>= 3.3.9)
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
-    multipart-post (2.1.1)
     nap (1.1.0)
-    no_proxy_fix (0.1.2)
-    octokit (4.18.0)
-      faraday (>= 0.9)
-      sawyer (~> 0.8.0, >= 0.5.3)
+    octokit (10.0.0)
+      faraday (>= 1, < 3)
+      sawyer (~> 0.9)
     open4 (1.3.4)
-    public_suffix (4.0.4)
+    pstore (0.2.0)
+    public_suffix (5.1.1)
     rchardet (1.8.0)
-    rexml (3.2.4)
-    sawyer (0.8.2)
+    rexml (3.4.1)
+    ruby2_keywords (0.0.5)
+    sawyer (0.9.2)
       addressable (>= 2.3.5)
-      faraday (> 0.8, < 2.0)
-    terminal-table (1.8.0)
-      unicode-display_width (~> 1.1, >= 1.1.1)
-    unicode-display_width (1.7.0)
+      faraday (>= 0.17.3, < 3)
+    terminal-table (4.0.0)
+      unicode-display_width (>= 1.1.1, < 4)
+    unicode-display_width (3.1.4)
+      unicode-emoji (~> 4.0, >= 4.0.4)
+    unicode-emoji (4.0.4)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  danger
+  danger (>= 7.0.0)
   image_size (~> 2.0)
   json-schema
 
 BUNDLED WITH
-   1.17.2
+   1.17.3