From c09a2f907ac5bdd99957b28b5f7115cb254fe834 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 18 Sep 2024 08:17:13 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-SIDEKIQUNIQUEJOBS-7986098
---
 Gemfile      |  2 +-
 Gemfile.lock | 33 ++++++++++++++++++++-------------
 2 files changed, 21 insertions(+), 14 deletions(-)

diff --git a/Gemfile b/Gemfile
index 055221253dc039..9bd5503939ac2c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -80,7 +80,7 @@ gem 'sanitize', '~> 6.0'
 gem 'scenic', '~> 1.6'
 gem 'sidekiq', '~> 6.4'
 gem 'sidekiq-scheduler', '~> 3.1'
-gem 'sidekiq-unique-jobs', '~> 7.1'
+gem 'sidekiq-unique-jobs', '~> 7.1', '>= 7.1.33'
 gem 'sidekiq-bulk', '~>0.2.0'
 gem 'simple-navigation', '~> 4.3'
 gem 'simple_form', '~> 5.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 24a37d71fbffd0..7187b5354475d9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -118,9 +118,9 @@ GEM
       msgpack (~> 1.2)
     brakeman (5.2.2)
     browser (4.2.0)
-    brpoplpush-redis_script (0.1.2)
+    brpoplpush-redis_script (0.1.3)
       concurrent-ruby (~> 1.0, >= 1.0.5)
-      redis (>= 1.0, <= 5.0)
+      redis (>= 1.0, < 6)
     builder (3.2.4)
     bullet (7.0.1)
       activesupport (>= 3.0.0)
@@ -165,8 +165,8 @@ GEM
     climate_control (0.2.0)
     coderay (1.1.3)
     color_diff (0.1)
-    concurrent-ruby (1.1.10)
-    connection_pool (2.2.5)
+    concurrent-ruby (1.3.4)
+    connection_pool (2.4.1)
     cose (1.0.0)
       cbor (~> 0.5.9)
       openssl-signature_algorithm (~> 0.4.0)
@@ -475,7 +475,7 @@ GEM
       activesupport (>= 3.0.0)
     raabro (1.4.0)
     racc (1.6.0)
-    rack (2.2.3)
+    rack (2.2.9)
     rack-attack (6.6.0)
       rack (>= 1.0, < 3)
     rack-cors (1.1.1)
@@ -531,7 +531,7 @@ GEM
       link_header (~> 0.0, >= 0.0.8)
     rdf-normalize (0.5.0)
       rdf (~> 3.2)
-    redis (4.5.1)
+    redis (4.8.1)
     redis-namespace (1.8.2)
       redis (>= 3.0.4)
     regexp_parser (2.3.0)
@@ -601,10 +601,10 @@ GEM
       railties (>= 4.0.0)
     securecompare (1.0.0)
     semantic_range (3.0.0)
-    sidekiq (6.4.1)
-      connection_pool (>= 2.2.2)
+    sidekiq (6.5.12)
+      connection_pool (>= 2.2.5, < 3)
       rack (~> 2.0)
-      redis (>= 4.2.0)
+      redis (>= 4.5.0, < 5)
     sidekiq-bulk (0.2.0)
       sidekiq
     sidekiq-scheduler (3.1.1)
@@ -614,10 +614,11 @@ GEM
       sidekiq (>= 3)
       thwait
       tilt (>= 1.4.0)
-    sidekiq-unique-jobs (7.1.19)
+    sidekiq-unique-jobs (7.1.33)
       brpoplpush-redis_script (> 0.1.1, <= 2.0.0)
       concurrent-ruby (~> 1.0, >= 1.0.5)
-      sidekiq (>= 5.0, < 8.0)
+      redis (< 5.0)
+      sidekiq (>= 5.0, < 7.0)
       thor (>= 0.20, < 3.0)
     simple-navigation (4.3.0)
       activesupport (>= 2.3.2)
@@ -655,7 +656,7 @@ GEM
       unicode-display_width (>= 1.1.1, < 3)
     terrapin (0.6.0)
       climate_control (>= 0.0.3, < 1.0)
-    thor (1.2.1)
+    thor (1.2.2)
     thwait (0.2.0)
       e2mmap
     tilt (2.0.10)
@@ -833,7 +834,7 @@ DEPENDENCIES
   sidekiq (~> 6.4)
   sidekiq-bulk (~> 0.2.0)
   sidekiq-scheduler (~> 3.1)
-  sidekiq-unique-jobs (~> 7.1)
+  sidekiq-unique-jobs (~> 7.1, >= 7.1.33)
   simple-navigation (~> 4.3)
   simple_form (~> 5.1)
   simplecov (~> 0.21)
@@ -851,3 +852,9 @@ DEPENDENCIES
   webpacker (~> 5.4)
   webpush (~> 0.3)
   xorcist (~> 1.1)
+
+RUBY VERSION
+   ruby 2.5.3p105
+
+BUNDLED WITH
+   1.17.3