From 62b6ba22f2505cffc4575bb1d31ab81e3db2ecff Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 31 May 2024 01:49:28 +0000
Subject: [PATCH] fix: site/Gemfile & site/Gemfile.lock to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-NOKOGIRI-7164639
---
 site/Gemfile      |   8 +-
 site/Gemfile.lock | 196 ++++++++++++++++++++--------------------------
 2 files changed, 91 insertions(+), 113 deletions(-)

diff --git a/site/Gemfile b/site/Gemfile
index c0df4e1b627..512a11417ed 100644
--- a/site/Gemfile
+++ b/site/Gemfile
@@ -1,9 +1,9 @@
 source 'https://rubygems.org'
 
-gem 'middleman', '~>3'
-gem 'middleman-livereload', '~>3'
-gem 'middleman-syntax', '~>3'
-gem 'middleman-blog', '~>3'
+gem 'middleman', '~> 4', '>= 4.0.0'
+gem 'middleman-livereload', '~> 3', '>= 3.4.7'
+gem 'middleman-syntax', '~> 3', '>= 3.3.0'
+gem 'middleman-blog', '~> 4', '>= 4.0.0'
 
 # Middleman has an undeclared dependency on `tzinfo-data` for
 # generating timestamps.
diff --git a/site/Gemfile.lock b/site/Gemfile.lock
index 3cf5f472f6b..8839be0ef9e 100644
--- a/site/Gemfile.lock
+++ b/site/Gemfile.lock
@@ -1,164 +1,142 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (4.2.11.1)
-      i18n (~> 0.7)
+    activesupport (5.2.8.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
-    addressable (2.3.8)
-    capybara (2.4.4)
-      mime-types (>= 1.16)
-      nokogiri (>= 1.3.3)
-      rack (>= 1.0.0)
-      rack-test (>= 0.5.4)
-      xpath (~> 2.0)
-    chunky_png (1.3.11)
+    addressable (2.8.6)
+      public_suffix (>= 2.0.2, < 6.0)
+    backports (3.25.0)
     coffee-script (2.4.1)
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    compass (1.0.3)
-      chunky_png (~> 1.2)
-      compass-core (~> 1.0.2)
-      compass-import-once (~> 1.0.5)
-      rb-fsevent (>= 0.9.3)
-      rb-inotify (>= 0.9)
-      sass (>= 3.3.13, < 3.5)
-    compass-core (1.0.3)
-      multi_json (~> 1.0)
-      sass (>= 3.3.0, < 3.5)
-    compass-import-once (1.0.5)
-      sass (>= 3.2, < 3.5)
-    em-websocket (0.5.1)
+    concurrent-ruby (1.3.1)
+    contracts (0.13.0)
+    dotenv (2.8.1)
+    em-websocket (0.5.3)
       eventmachine (>= 0.12.9)
-      http_parser.rb (~> 0.6.0)
+      http_parser.rb (~> 0)
     erubis (2.7.0)
     eventmachine (1.2.7)
-    execjs (2.7.0)
-    ffi (1.11.1)
-    haml (5.1.2)
-      temple (>= 0.8.0)
+    execjs (2.9.1)
+    fast_blank (1.0.1)
+    fastimage (2.3.1)
+    ffi (1.16.3)
+    haml (6.3.0)
+      temple (>= 0.8.2)
+      thor
       tilt
-    hike (1.2.3)
-    hooks (0.4.1)
-      uber (~> 0.0.14)
+    hamster (3.0.0)
+      concurrent-ruby (~> 1.0)
+    hashie (3.6.0)
     htmlentities (4.3.4)
-    http_parser.rb (0.6.0)
-    i18n (0.7.0)
-    json (2.2.0)
-    kramdown (1.17.0)
+    http_parser.rb (0.8.0)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    kramdown (2.4.0)
+      rexml
     libv8 (3.16.14.19)
     listen (3.0.8)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
-    middleman (3.4.1)
+    memoist (0.16.2)
+    middleman (4.3.11)
       coffee-script (~> 2.2)
-      compass (>= 1.0.0, < 2.0.0)
-      compass-import-once (= 1.0.5)
-      execjs (~> 2.0)
       haml (>= 4.0.5)
-      kramdown (~> 1.2)
-      middleman-core (= 3.4.1)
-      middleman-sprockets (>= 3.1.2)
-      sass (>= 3.4.0, < 4.0)
-      uglifier (~> 2.5)
-    middleman-blog (3.5.3)
-      addressable (~> 2.3.5)
-      middleman-core (~> 3.2)
+      kramdown (>= 2.3.0)
+      middleman-cli (= 4.3.11)
+      middleman-core (= 4.3.11)
+    middleman-blog (4.0.3)
+      addressable (~> 2.3)
+      middleman-core (>= 4.0.0)
       tzinfo (>= 0.3.0)
-    middleman-core (3.4.1)
-      activesupport (~> 4.1)
-      bundler (~> 1.1)
-      capybara (~> 2.4.4)
+    middleman-cli (4.3.11)
+      thor (>= 0.17.0, < 2.0)
+    middleman-core (4.3.11)
+      activesupport (>= 4.2, < 6.0)
+      addressable (~> 2.3)
+      backports (~> 3.6)
+      bundler
+      contracts (~> 0.13.0)
+      dotenv
       erubis
-      hooks (~> 0.3)
-      i18n (~> 0.7.0)
-      listen (~> 3.0.3)
-      padrino-helpers (~> 0.12.3)
-      rack (>= 1.4.5, < 2.0)
-      thor (>= 0.15.2, < 2.0)
-      tilt (~> 1.4.1, < 2.0)
-    middleman-livereload (3.4.6)
+      execjs (~> 2.0)
+      fast_blank
+      fastimage (~> 2.0)
+      hamster (~> 3.0)
+      hashie (~> 3.4)
+      i18n (~> 0.9.0)
+      listen (~> 3.0.0)
+      memoist (~> 0.14)
+      padrino-helpers (~> 0.13.0)
+      parallel
+      rack (>= 1.4.5, < 3)
+      sassc (~> 2.0)
+      servolux
+      tilt (~> 2.0.9)
+      uglifier (~> 3.0)
+    middleman-livereload (3.4.7)
       em-websocket (~> 0.5.1)
       middleman-core (>= 3.3)
       rack-livereload (~> 0.3.15)
-    middleman-sprockets (3.5.0)
-      middleman-core (>= 3.3)
-      sprockets (~> 2.12.1)
-      sprockets-helpers (~> 1.1.0)
-      sprockets-sass (~> 1.3.0)
-    middleman-syntax (3.2.0)
+    middleman-syntax (3.4.0)
       middleman-core (>= 3.2)
       rouge (~> 3.2)
-    mime-types (3.2.2)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2019.0331)
-    mini_portile2 (2.4.0)
-    minitest (5.11.3)
-    multi_json (1.13.1)
-    nokogiri (1.10.4)
-      mini_portile2 (~> 2.4.0)
-    padrino-helpers (0.12.9)
+    minitest (5.23.1)
+    padrino-helpers (0.13.3.4)
       i18n (~> 0.6, >= 0.6.7)
-      padrino-support (= 0.12.9)
+      padrino-support (= 0.13.3.4)
       tilt (>= 1.4.1, < 3)
-    padrino-support (0.12.9)
+    padrino-support (0.13.3.4)
       activesupport (>= 3.1)
-    rack (1.6.12)
+    parallel (1.24.0)
+    public_suffix (5.0.5)
+    rack (2.2.9)
     rack-livereload (0.3.17)
       rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
     rake (12.3.3)
-    rb-fsevent (0.10.3)
-    rb-inotify (0.10.0)
+    rb-fsevent (0.11.2)
+    rb-inotify (0.11.1)
       ffi (~> 1.0)
     rdiscount (2.2.0.1)
     ref (2.0.0)
-    rouge (3.9.0)
-    sass (3.4.25)
-    sprockets (2.12.5)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
-    sprockets-helpers (1.1.0)
-      sprockets (~> 2.0)
-    sprockets-sass (1.3.1)
-      sprockets (~> 2.0)
-      tilt (~> 1.1)
-    temple (0.8.1)
+    rexml (3.2.8)
+      strscan (>= 3.0.9)
+    rouge (3.30.0)
+    sassc (2.4.0)
+      ffi (~> 1.9)
+    servolux (0.13.0)
+    strscan (3.1.0)
+    temple (0.10.3)
     therubyracer (0.12.3)
       libv8 (~> 3.16.14.15)
       ref
-    thor (0.20.3)
+    thor (1.3.1)
     thread_safe (0.3.6)
-    tilt (1.4.1)
-    tzinfo (1.2.5)
+    tilt (2.0.11)
+    tzinfo (1.2.11)
       thread_safe (~> 0.1)
     tzinfo-data (1.2019.2)
       tzinfo (>= 1.0.0)
-    uber (0.0.15)
-    uglifier (2.7.2)
-      execjs (>= 0.3.0)
-      json (>= 1.8.0)
-    xpath (2.1.0)
-      nokogiri (~> 1.3)
+    uglifier (3.2.0)
+      execjs (>= 0.3.0, < 3)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   htmlentities
-  middleman (~> 3)
-  middleman-blog (~> 3)
-  middleman-livereload (~> 3)
-  middleman-syntax (~> 3)
+  middleman (~> 4, >= 4.0.0)
+  middleman-blog (~> 4, >= 4.0.0)
+  middleman-livereload (~> 3, >= 3.4.7)
+  middleman-syntax (~> 3, >= 3.3.0)
   rake
   rdiscount (= 2.2.0.1)
   therubyracer
   tzinfo-data
 
 BUNDLED WITH
-   1.17.2
+   1.17.3