From 48f01c5efad4e1c64916156963e78d72508ae30f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 24 Jul 2025 01:39:27 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-THOR-10843853
---
 Gemfile      |   2 +-
 Gemfile.lock | 174 +++++++++++++++++++++++----------------------------
 2 files changed, 81 insertions(+), 95 deletions(-)

diff --git a/Gemfile b/Gemfile
index b19b738..a127236 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-gem 'middleman'
+gem 'middleman', '>= 3.4.0'
 gem 'httparty'
 gem 'psych'
 gem 'colorize'
diff --git a/Gemfile.lock b/Gemfile.lock
index cb81bd2..c4f2b97 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -9,117 +9,103 @@ GIT
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (4.1.14)
-      i18n (~> 0.6, >= 0.6.9)
-      json (~> 1.7, >= 1.7.7)
+    activesupport (5.2.8.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
-      thread_safe (~> 0.1)
       tzinfo (~> 1.1)
-    celluloid (0.16.0)
-      timers (~> 4.0.0)
-    chunky_png (1.3.5)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
+    backports (3.25.1)
     coffee-script (2.4.1)
       coffee-script-source
       execjs
-    coffee-script-source (1.10.0)
+    coffee-script-source (1.12.2)
     colorize (0.8.1)
-    compass (1.0.3)
-      chunky_png (~> 1.2)
-      compass-core (~> 1.0.2)
-      compass-import-once (~> 1.0.5)
-      rb-fsevent (>= 0.9.3)
-      rb-inotify (>= 0.9)
-      sass (>= 3.3.13, < 3.5)
-    compass-core (1.0.3)
-      multi_json (~> 1.0)
-      sass (>= 3.3.0, < 3.5)
-    compass-import-once (1.0.5)
-      sass (>= 3.2, < 3.5)
+    concurrent-ruby (1.3.5)
+    contracts (0.13.0)
+    dotenv (2.8.1)
     erubis (2.7.0)
-    execjs (2.6.0)
-    ffi (1.9.25)
-    haml (4.0.7)
+    execjs (2.10.0)
+    fast_blank (1.0.1)
+    fastimage (2.4.0)
+    ffi (1.17.2)
+    haml (6.3.0)
+      temple (>= 0.8.2)
+      thor
       tilt
-    hike (1.2.3)
-    hitimes (1.2.3)
-    hooks (0.4.1)
-      uber (~> 0.0.14)
+    hamster (3.0.0)
+      concurrent-ruby (~> 1.0)
+    hashie (3.6.0)
     httparty (0.16.0)
       multi_xml (>= 0.5.2)
-    i18n (0.7.0)
-    json (1.8.6)
-    kramdown (1.9.0)
-    listen (2.10.1)
-      celluloid (~> 0.16.0)
-      rb-fsevent (>= 0.9.3)
-      rb-inotify (>= 0.9)
-    middleman (3.3.12)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    kramdown (2.5.1)
+      rexml (>= 3.3.9)
+    listen (3.0.8)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
+    memoist (0.16.2)
+    middleman (4.3.11)
       coffee-script (~> 2.2)
-      compass (>= 1.0.0, < 2.0.0)
-      compass-import-once (= 1.0.5)
-      execjs (~> 2.0)
       haml (>= 4.0.5)
-      kramdown (~> 1.2)
-      middleman-core (= 3.3.12)
-      middleman-sprockets (>= 3.1.2)
-      sass (>= 3.4.0, < 4.0)
-      uglifier (~> 2.5)
-    middleman-core (3.3.12)
-      activesupport (~> 4.1.0)
-      bundler (~> 1.1)
+      kramdown (>= 2.3.0)
+      middleman-cli (= 4.3.11)
+      middleman-core (= 4.3.11)
+    middleman-cli (4.3.11)
+      thor (>= 0.17.0, < 2.0)
+    middleman-core (4.3.11)
+      activesupport (>= 4.2, < 6.0)
+      addressable (~> 2.3)
+      backports (~> 3.6)
+      bundler
+      contracts (~> 0.13.0)
+      dotenv
       erubis
-      hooks (~> 0.3)
-      i18n (~> 0.7.0)
-      listen (>= 2.7.9, < 3.0)
-      padrino-helpers (~> 0.12.3)
-      rack (>= 1.4.5, < 2.0)
-      rack-test (~> 0.6.2)
-      thor (>= 0.15.2, < 2.0)
-      tilt (~> 1.4.1, < 2.0)
-    middleman-sprockets (3.4.2)
-      middleman-core (>= 3.3)
-      sprockets (~> 2.12.1)
-      sprockets-helpers (~> 1.1.0)
-      sprockets-sass (~> 1.3.0)
-    minitest (5.8.3)
-    multi_json (1.13.1)
+      execjs (~> 2.0)
+      fast_blank
+      fastimage (~> 2.0)
+      hamster (~> 3.0)
+      hashie (~> 3.4)
+      i18n (~> 0.9.0)
+      listen (~> 3.0.0)
+      memoist (~> 0.14)
+      padrino-helpers (~> 0.13.0)
+      parallel
+      rack (>= 1.4.5, < 3)
+      sassc (~> 2.0)
+      servolux
+      tilt (~> 2.0.9)
+      uglifier (~> 3.0)
+    minitest (5.25.5)
     multi_xml (0.6.0)
-    padrino-helpers (0.12.5)
+    padrino-helpers (0.13.3.4)
       i18n (~> 0.6, >= 0.6.7)
-      padrino-support (= 0.12.5)
-      tilt (~> 1.4.1)
-    padrino-support (0.12.5)
+      padrino-support (= 0.13.3.4)
+      tilt (>= 1.4.1, < 3)
+    padrino-support (0.13.3.4)
       activesupport (>= 3.1)
+    parallel (1.27.0)
     psych (3.0.2)
-    rack (1.6.10)
-    rack-test (0.6.3)
-      rack (>= 1.0)
+    public_suffix (5.1.1)
+    rack (2.2.17)
     rake (12.3.1)
-    rb-fsevent (0.9.6)
-    rb-inotify (0.9.5)
-      ffi (>= 0.5.0)
-    sass (3.4.20)
-    sprockets (2.12.5)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
-    sprockets-helpers (1.1.0)
-      sprockets (~> 2.0)
-    sprockets-sass (1.3.1)
-      sprockets (~> 2.0)
-      tilt (~> 1.1)
-    thor (0.19.1)
-    thread_safe (0.3.5)
-    tilt (1.4.1)
-    timers (4.0.4)
-      hitimes
-    tzinfo (1.2.2)
+    rb-fsevent (0.11.2)
+    rb-inotify (0.11.1)
+      ffi (~> 1.0)
+    rexml (3.4.1)
+    sassc (2.4.0)
+      ffi (~> 1.9)
+    servolux (0.13.0)
+    temple (0.10.3)
+    thor (1.4.0)
+    thread_safe (0.3.6)
+    tilt (2.0.11)
+    tzinfo (1.2.11)
       thread_safe (~> 0.1)
-    uber (0.0.15)
-    uglifier (2.7.2)
-      execjs (>= 0.3.0)
-      json (>= 1.8.0)
+    uglifier (3.2.0)
+      execjs (>= 0.3.0, < 3)
 
 PLATFORMS
   ruby
@@ -127,9 +113,9 @@ PLATFORMS
 DEPENDENCIES
   colorize
   httparty
-  middleman
+  middleman (>= 3.4.0)
   middleman-gh-pages!
   psych
 
 BUNDLED WITH
-   1.16.2
+   1.17.3