From e43a34540693c9298d0eb903788b1743da352c67 Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Wed, 10 Dec 2025 01:47:10 +0000
Subject: [PATCH] fix:
 test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile &
 test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile.lock to
 reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-569156
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-20432
- https://snyk.io/vuln/SNYK-RUBY-ACTIONVIEW-20262
- https://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-20264
---
 .../mono-repo-project-manifests-only/Gemfile  |   2 +-
 .../Gemfile.lock                              | 122 +++++++++++-------
 2 files changed, 73 insertions(+), 51 deletions(-)

diff --git a/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile b/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile
index eaaf55a49f..22f359b283 100644
--- a/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile
+++ b/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile
@@ -3,4 +3,4 @@ source :rubygems
 gem "sinatra"
 gem "haml"
 gem "httparty"
-gem "actionpack"
+gem "actionpack", ">= 5.2.4.3"
diff --git a/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile.lock b/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile.lock
index c204545ac4..5cb49503d6 100644
--- a/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile.lock
+++ b/test/acceptance/workspaces/mono-repo-project-manifests-only/Gemfile.lock
@@ -1,71 +1,93 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    actionpack (4.2.5)
-      actionview (= 4.2.5)
-      activesupport (= 4.2.5)
-      rack (~> 1.6)
-      rack-test (~> 0.6.2)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.5)
-      activesupport (= 4.2.5)
+    actionpack (7.2.3)
+      actionview (= 7.2.3)
+      activesupport (= 7.2.3)
+      cgi
+      nokogiri (>= 1.8.5)
+      racc
+      rack (>= 2.2.4, < 3.3)
+      rack-session (>= 1.0.1)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+      useragent (~> 0.16)
+    actionview (7.2.3)
+      activesupport (= 7.2.3)
       builder (~> 3.1)
-      erubis (~> 2.7.0)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activesupport (4.2.5)
-      i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
-      minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
-      tzinfo (~> 1.1)
-    builder (3.2.2)
-    erubis (2.7.0)
+      cgi
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activesupport (7.2.3)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
+      i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
+      minitest (>= 5.1)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+    base64 (0.3.0)
+    benchmark (0.5.0)
+    bigdecimal (3.3.1)
+    builder (3.3.0)
+    cgi (0.5.0)
+    concurrent-ruby (1.3.5)
+    connection_pool (2.5.5)
+    crass (1.0.6)
+    drb (2.2.3)
+    erubi (1.13.1)
     haml (3.1.4)
     httparty (0.8.1)
       multi_json
       multi_xml
-    i18n (0.7.0)
-    json (1.8.3)
-    loofah (2.0.3)
-      nokogiri (>= 1.5.9)
-    mini_portile2 (2.1.0)
-    minitest (5.9.1)
+    i18n (1.14.7)
+      concurrent-ruby (~> 1.0)
+    logger (1.7.0)
+    loofah (2.24.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.12.0)
+    mini_portile2 (2.8.9)
+    minitest (5.26.2)
     multi_json (1.12.1)
     multi_xml (0.5.5)
-    nokogiri (1.6.8.1)
-      mini_portile2 (~> 2.1.0)
-    rack (1.6.4)
-    rack-protection (1.5.3)
-      rack
-    rack-test (0.6.3)
+    nokogiri (1.18.10)
+      mini_portile2 (~> 2.8.2)
+      racc (~> 1.4)
+    racc (1.8.1)
+    rack (3.2.4)
+    rack-session (2.1.1)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0)
+    rack-test (2.2.0)
+      rack (>= 1.3)
+    rails-dom-testing (2.3.0)
+      activesupport (>= 5.0.0)
+      minitest
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.6.2)
+      loofah (~> 2.21)
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
+    securerandom (0.4.1)
+    sinatra (1.0)
       rack (>= 1.0)
-    rails-deprecated_sanitizer (1.0.3)
-      activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
-      activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
-      rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
-    sinatra (1.3.2)
-      rack (~> 1.3, >= 1.3.6)
-      rack-protection (~> 1.2)
-      tilt (~> 1.3, >= 1.3.3)
-    thread_safe (0.3.5)
-    tilt (1.4.1)
-    tzinfo (1.2.2)
-      thread_safe (~> 0.1)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    useragent (0.16.11)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  actionpack
+  actionpack (>= 5.2.4.3)
   haml
   httparty
   sinatra
 
 BUNDLED WITH
-   1.13.2
+   2.3.27