From 9bf1d5ee82f2b608971b5692debf157b6754b322 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 29 Sep 2021 01:06:46 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-1726792
---
 Gemfile      |  2 +-
 Gemfile.lock | 51 +++++++++++++++++++++++++++------------------------
 2 files changed, 28 insertions(+), 25 deletions(-)

diff --git a/Gemfile b/Gemfile
index 58b9a36..1e2ac2e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,7 +4,7 @@ gem 'mercurial-ruby', :require => false
 gem 'pdfkit'
 gem 'rake'
 gem 'rugged', '~> 0.24.0'
-gem 'trac4r', :require => false
+gem 'trac4r', '>= 1.2.4', :require => false
 gem 'docopt'
 gem 'ruby-fogbugz', :require => false
 gem 'flexmock'
diff --git a/Gemfile.lock b/Gemfile.lock
index 1433c98..9324395 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -2,7 +2,7 @@ GEM
   remote: https://rubygems.org/
   specs:
     addressable (2.4.0)
-    builder (3.2.3)
+    builder (3.2.4)
     ci_reporter (2.0.0)
       builder (>= 2.1.2)
     ci_reporter_test_unit (1.0.1)
@@ -20,7 +20,8 @@ GEM
     flexmock (2.3.6)
     gash (0.1.4)
       open4 (>= 0.9.6)
-    git (1.4.0)
+    git (1.9.1)
+      rchardet (~> 1.8)
     github_api (0.16.0)
       addressable (~> 2.4.0)
       descendants_tracker (~> 0.0.4)
@@ -28,11 +29,11 @@ GEM
       hashie (>= 3.4)
       mime-types (>= 1.16, < 3.0)
       oauth2 (~> 1.0)
-    gli (2.17.1)
+    gli (2.20.1)
     grancher (0.1.5)
       gash
-    hashie (3.5.7)
-    highline (2.0.0)
+    hashie (4.1.0)
+    highline (2.0.3)
     jeweler (2.3.9)
       builder
       bundler
@@ -45,34 +46,36 @@ GEM
       rdoc
       semver2
     json (2.1.0)
-    jwt (1.5.6)
+    jwt (2.2.3)
     liquid (4.0.0)
     mercurial-ruby (0.7.12)
       open4 (~> 1.3.0)
     mime-types (2.99.3)
-    mini_portile2 (2.3.0)
-    multi_json (1.13.1)
+    mini_portile2 (2.6.1)
+    multi_json (1.15.0)
     multi_xml (0.6.0)
-    multipart-post (2.0.0)
-    nokogiri (1.8.3)
-      mini_portile2 (~> 2.3.0)
-    nokogiri (1.8.3-x64-mingw32)
-      mini_portile2 (~> 2.3.0)
-    oauth2 (1.4.0)
-      faraday (>= 0.8, < 0.13)
-      jwt (~> 1.0)
+    multipart-post (2.1.1)
+    nokogiri (1.12.5)
+      mini_portile2 (~> 2.6.1)
+      racc (~> 1.4)
+    nokogiri (1.12.5-x64-mingw32)
+      racc (~> 1.4)
+    oauth2 (1.4.7)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
     open4 (1.3.4)
     pdfkit (0.8.2)
     power_assert (1.1.3)
-    psych (3.0.2)
-    psych (3.0.2-x64-mingw32)
-    rack (2.0.5)
+    psych (4.0.1)
+    racc (1.5.2)
+    rack (2.2.3)
     rainbow (3.0.0)
-    rake (12.3.1)
-    rdoc (6.0.4)
+    rake (13.0.6)
+    rchardet (1.8.0)
+    rdoc (6.3.2)
     rspec (3.7.0)
       rspec-core (~> 3.7.0)
       rspec-expectations (~> 3.7.0)
@@ -91,7 +94,7 @@ GEM
       multipart-post (~> 2.0)
     rugged (0.24.6.1)
     safe_yaml (1.0.4)
-    sdoc (1.0.0)
+    sdoc (2.2.0)
       rdoc (>= 5.0)
     semver2 (3.4.2)
     simplecov (0.16.1)
@@ -133,10 +136,10 @@ DEPENDENCIES
   rugged (~> 0.24.0)
   simplecov
   simplecov-rcov
-  trac4r
+  trac4r (>= 1.2.4)
   xml-simple (~> 1.1, >= 1.1.5)
   xmlrpc
   zip
 
 BUNDLED WITH
-   1.14.6
+   1.17.3