From 8700d10ec0d8b8f3f3331bfd581d9f6a0ecb724d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 22 Jul 2025 22:48:07 +0000
Subject: [PATCH] fix: Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674179
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674176
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674184
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674192
- https://snyk.io/vuln/SNYK-RUBY-THOR-10843853
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-10674188
---
 Gemfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index 9c7e044f4..b8dcad9a7 100644
--- a/Gemfile
+++ b/Gemfile
@@ -17,7 +17,7 @@ gem 'email_validator', require: 'email_validator/strict'
 
 # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
 # gem 'jbuilder', '~> 2.7', '>= 2.7.0'
-gem 'jbuilder', '~> 2.12', '>= 2.12.0'
+gem 'jbuilder', '~> 2.13', '>= 2.13.0'
 
 # JSON API
 gem 'jsonapi-rails'
@@ -85,7 +85,7 @@ gem 'parslet'
 gem 'rack-maintenance', '~> 3.0'
 
 # For parsing and manipulating excel docs
-gem 'rubyXL', '~> 3.4', '>= 3.4.26'
+gem 'rubyXL', '~> 3.4', '>= 3.4.28'
 
 # SOAP-related libraries for Workday integration
 gem 'lolsoap', '>= 0.11.0', require: false
@@ -96,7 +96,7 @@ gem 'http', '>= 4.0.0'
 gem 'hashdiff', require: false
 
 # Manually set Nokgiri version, to update version.
-gem 'nokogiri', '>= 1.18.8'
+gem 'nokogiri', '>= 1.18.9'
 
 # Fix for already initialized constant warning, see: https://stackoverflow.com/questions/67773514/getting-warning-already-initialized-constant-on-assets-precompile-at-the-time
 gem 'net-http', '>= 0.4.0'
@@ -109,7 +109,7 @@ group :development, :test do
   gem 'dotenv-rails', '>= 3.1.3'
   gem 'factory_bot_rails', '~> 6.4', '>= 6.4.4'
   gem 'pry-rails'
-  gem 'rspec-rails', '~> 6.1', '>= 6.1.3'
+  gem 'rspec-rails', '~> 7.0', '>= 7.0.0'
 end
 
 group :development do