From 302030786de87de3c763c448db4be8336140f027 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 11 Mar 2023 14:17:40 +0000
Subject: [PATCH] fix: docs/Gemfile & docs/Gemfile.lock to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3052880
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3357692
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-3357693
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-459107
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-534637
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-552159
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-72433
- https://snyk.io/vuln/SNYK-RUBY-RAKE-552000
- https://snyk.io/vuln/SNYK-RUBY-REDCARPET-1059089
- https://snyk.io/vuln/SNYK-RUBY-SANITIZE-22024
---
 docs/Gemfile      |  6 +++---
 docs/Gemfile.lock | 34 +++++++++++++++++++---------------
 2 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/docs/Gemfile b/docs/Gemfile
index f144584eff3..0ed768fecad 100644
--- a/docs/Gemfile
+++ b/docs/Gemfile
@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-gem 'rake'
+gem 'rake', '>= 12.3.3'
 
 # jekyll, which builds it all
 # 3.0 includes sass processing
@@ -17,10 +17,10 @@ gem 'json'
 gem 'rb-fsevent'
 
 # For markdown header cleanup
-gem 'sanitize', '~>2.0'
+gem 'sanitize', '~> 4.6', '>= 4.6.3'
 
 # Markdown
-gem 'redcarpet'
+gem 'redcarpet', '>= 3.5.1'
 
 # Syntax highlighting
 gem 'pygments.rb'
diff --git a/docs/Gemfile.lock b/docs/Gemfile.lock
index bd775465628..0fa19b50fee 100644
--- a/docs/Gemfile.lock
+++ b/docs/Gemfile.lock
@@ -2,6 +2,7 @@ GEM
   remote: https://rubygems.org/
   specs:
     colorator (0.1)
+    crass (1.0.6)
     ffi (1.9.14)
     ffi (1.9.14-x64-mingw32)
     jekyll (3.1.6)
@@ -27,27 +28,30 @@ GEM
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
     mercenary (0.3.6)
-    mini_portile2 (2.1.0)
-    nokogiri (1.6.8)
-      mini_portile2 (~> 2.1.0)
-      pkg-config (~> 1.1.7)
-    nokogiri (1.6.8-x64-mingw32)
-      mini_portile2 (~> 2.1.0)
-      pkg-config (~> 1.1.7)
-    pkg-config (1.1.7)
+    mini_portile2 (2.8.1)
+    nokogiri (1.14.2)
+      mini_portile2 (~> 2.8.0)
+      racc (~> 1.4)
+    nokogiri (1.14.2-x64-mingw32)
+      racc (~> 1.4)
+    nokogumbo (1.5.0)
+      nokogiri
     posix-spawn (0.3.11)
     pygments.rb (0.6.3)
       posix-spawn (~> 0.3.6)
       yajl-ruby (~> 1.2.0)
-    rake (11.2.2)
+    racc (1.6.2)
+    rake (13.0.6)
     rb-fsevent (0.9.7)
     rb-inotify (0.9.7)
       ffi (>= 0.5.0)
-    redcarpet (3.3.4)
+    redcarpet (3.6.0)
     rouge (1.11.1)
     safe_yaml (1.0.4)
-    sanitize (2.1.0)
+    sanitize (4.6.6)
+      crass (~> 1.0.2)
       nokogiri (>= 1.4.4)
+      nokogumbo (~> 1.4)
     sass (3.4.22)
     yajl-ruby (1.2.1)
 
@@ -61,10 +65,10 @@ DEPENDENCIES
   jekyll-redirect-from
   json
   pygments.rb
-  rake
+  rake (>= 12.3.3)
   rb-fsevent
-  redcarpet
-  sanitize (~> 2.0)
+  redcarpet (>= 3.5.1)
+  sanitize (~> 4.6, >= 4.6.3)
 
 BUNDLED WITH
-   1.11.2
+   1.17.3