From 077532bca77903e864814506fc478771f9bce581 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 16 Feb 2026 17:08:56 +0000
Subject: [PATCH] fix: build/Gemfile & build/Gemfile.lock to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-FARADAY-15253521
---
 build/Gemfile      |  2 +-
 build/Gemfile.lock | 50 +++++++++++++++++++---------------------------
 2 files changed, 22 insertions(+), 30 deletions(-)

diff --git a/build/Gemfile b/build/Gemfile
index cfa19ad8e..5a828116b 100644
--- a/build/Gemfile
+++ b/build/Gemfile
@@ -1,6 +1,6 @@
 
 source 'https://rubygems.org'
-gem 'octokit', '>= 4.6.0'
+gem 'octokit', '>= 4.23.0'
 gem 'netrc'
 gem 'mime-types'
 
diff --git a/build/Gemfile.lock b/build/Gemfile.lock
index ab9571ce1..fdeae4cda 100644
--- a/build/Gemfile.lock
+++ b/build/Gemfile.lock
@@ -1,38 +1,30 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
-    faraday (1.5.0)
-      faraday-em_http (~> 1.0)
-      faraday-em_synchrony (~> 1.0)
-      faraday-excon (~> 1.1)
-      faraday-httpclient (~> 1.0.1)
-      faraday-net_http (~> 1.0)
-      faraday-net_http_persistent (~> 1.1)
-      faraday-patron (~> 1.0)
-      multipart-post (>= 1.2, < 3)
-      ruby2_keywords (>= 0.0.4)
-    faraday-em_http (1.0.0)
-    faraday-em_synchrony (1.0.0)
-    faraday-excon (1.1.0)
-    faraday-httpclient (1.0.1)
-    faraday-net_http (1.0.1)
-    faraday-net_http_persistent (1.1.0)
-    faraday-patron (1.0.0)
+    addressable (2.8.8)
+      public_suffix (>= 2.0.2, < 8.0)
+    faraday (2.14.1)
+      faraday-net_http (>= 2.0, < 3.5)
+      json
+      logger
+    faraday-net_http (3.4.2)
+      net-http (~> 0.5)
+    json (2.18.1)
+    logger (1.7.0)
     mime-types (3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
-    multipart-post (2.1.1)
+    net-http (0.9.1)
+      uri (>= 0.11.1)
     netrc (0.11.0)
-    octokit (4.21.0)
-      faraday (>= 0.9)
-      sawyer (~> 0.8.0, >= 0.5.3)
-    public_suffix (4.0.6)
-    ruby2_keywords (0.0.4)
-    sawyer (0.8.2)
+    octokit (10.0.0)
+      faraday (>= 1, < 3)
+      sawyer (~> 0.9)
+    public_suffix (6.0.2)
+    sawyer (0.9.3)
       addressable (>= 2.3.5)
-      faraday (> 0.8, < 2.0)
+      faraday (>= 0.17.3, < 3)
+    uri (1.1.1)
 
 PLATFORMS
   ruby
@@ -40,7 +32,7 @@ PLATFORMS
 DEPENDENCIES
   mime-types
   netrc
-  octokit (>= 4.6.0)
+  octokit (>= 4.23.0)
 
 BUNDLED WITH
-   1.17.3
+   2.3.27