From 0c521280a53910096343f4f8de9a8413c12c4c5d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 14 Jul 2025 22:02:48 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-FFI-22037
- https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242
- https://snyk.io/vuln/SNYK-RUBY-JEKYLL-451462
- https://snyk.io/vuln/SNYK-RUBY-KRAMDOWN-585939
---
 Gemfile      | 10 ++++----
 Gemfile.lock | 66 ++++++++++++++++++++++++++++------------------------
 2 files changed, 40 insertions(+), 36 deletions(-)

diff --git a/Gemfile b/Gemfile
index 6ac80f6..b9e5a81 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,17 +1,17 @@
 source "https://rubygems.org"
 ruby RUBY_VERSION
 
-gem "jekyll", "3.4.3"
+gem "jekyll", "3.4.4"
 
 # to use GitHub Pages
 # gem "github-pages", group: :jekyll_plugins
 
 # If you have any plugins, put them here!
 group :jekyll_plugins do
-   gem "jekyll-feed"
-   gem "jekyll-sitemap"
-   gem "jekyll-redirect-from"
-   gem "jekyll-seo-tag"
+   gem "jekyll-feed", ">= 0.9.3"
+   gem "jekyll-sitemap", ">= 1.2.0"
+   gem "jekyll-redirect-from", ">= 0.13.0"
+   gem "jekyll-seo-tag", ">= 2.2.3"
 end
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
diff --git a/Gemfile.lock b/Gemfile.lock
index c7cddcb..89fe05f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,12 +1,12 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.5.1)
-      public_suffix (~> 2.0, >= 2.0.2)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     colorator (1.1.0)
-    ffi (1.9.18)
+    ffi (1.17.2)
     forwardable-extended (2.6.0)
-    jekyll (3.4.3)
+    jekyll (3.4.4)
       addressable (~> 2.4)
       colorator (~> 1.0)
       jekyll-sass-converter (~> 1.0)
@@ -17,47 +17,51 @@ GEM
       pathutil (~> 0.9)
       rouge (~> 1.7)
       safe_yaml (~> 1.0)
-    jekyll-feed (0.9.2)
+    jekyll-feed (0.11.0)
       jekyll (~> 3.3)
-    jekyll-redirect-from (0.12.1)
-      jekyll (~> 3.3)
-    jekyll-sass-converter (1.5.0)
+    jekyll-redirect-from (0.16.0)
+      jekyll (>= 3.3, < 5.0)
+    jekyll-sass-converter (1.5.2)
       sass (~> 3.4)
-    jekyll-seo-tag (2.2.2)
-      jekyll (~> 3.3)
-    jekyll-sitemap (1.1.1)
+    jekyll-seo-tag (2.6.1)
+      jekyll (>= 3.3, < 5.0)
+    jekyll-sitemap (1.2.0)
       jekyll (~> 3.3)
-    jekyll-watch (1.5.0)
-      listen (~> 3.0, < 3.1)
-    kramdown (1.13.2)
+    jekyll-watch (1.5.1)
+      listen (~> 3.0)
+    kramdown (1.17.0)
     liquid (3.0.6)
-    listen (3.0.8)
-      rb-fsevent (~> 0.9, >= 0.9.4)
-      rb-inotify (~> 0.9, >= 0.9.7)
+    listen (3.9.0)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
     mercenary (0.3.6)
-    pathutil (0.14.0)
+    pathutil (0.16.2)
       forwardable-extended (~> 2.6)
-    public_suffix (2.0.5)
-    rb-fsevent (0.9.8)
-    rb-inotify (0.9.8)
-      ffi (>= 0.5.0)
+    public_suffix (5.1.1)
+    rb-fsevent (0.11.2)
+    rb-inotify (0.11.1)
+      ffi (~> 1.0)
     rouge (1.11.1)
-    safe_yaml (1.0.4)
-    sass (3.4.23)
+    safe_yaml (1.0.5)
+    sass (3.7.4)
+      sass-listen (~> 4.0.0)
+    sass-listen (4.0.0)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  jekyll (= 3.4.3)
-  jekyll-feed
-  jekyll-redirect-from
-  jekyll-seo-tag
-  jekyll-sitemap
+  jekyll (= 3.4.4)
+  jekyll-feed (>= 0.9.3)
+  jekyll-redirect-from (>= 0.13.0)
+  jekyll-seo-tag (>= 2.2.3)
+  jekyll-sitemap (>= 1.2.0)
   tzinfo-data
 
 RUBY VERSION
-   ruby 2.3.1p112
+   ruby 2.7.8p225
 
 BUNDLED WITH
-   1.14.6
+   1.17.3