From 445e2c7c819dc8f1dac54bdafdd3090aa761a110 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 7 Jun 2022 16:51:43 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-JMESPATH-2859799
---
 Gemfile      |  2 +-
 Gemfile.lock | 20 +++++++++++---------
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/Gemfile b/Gemfile
index d423050..0d8d69b 100644
--- a/Gemfile
+++ b/Gemfile
@@ -11,7 +11,7 @@ gem 'validate_url'
 
 gem 'slim'
 
-gem 'aws-sdk', '~> 2'
+gem 'aws-sdk', '~> 2', '>= 2.10.53'
 gem 'dotenv'
 
 gem 'bigdecimal'
diff --git a/Gemfile.lock b/Gemfile.lock
index 4e535d1..7782ddc 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -15,14 +15,16 @@ GEM
     addressable (2.5.2)
       public_suffix (>= 2.0.2, < 4.0)
     arel (8.0.0)
-    aws-sdk (2.10.53)
-      aws-sdk-resources (= 2.10.53)
-    aws-sdk-core (2.10.53)
+    aws-eventstream (1.2.0)
+    aws-sdk (2.11.632)
+      aws-sdk-resources (= 2.11.632)
+    aws-sdk-core (2.11.632)
       aws-sigv4 (~> 1.0)
       jmespath (~> 1.0)
-    aws-sdk-resources (2.10.53)
-      aws-sdk-core (= 2.10.53)
-    aws-sigv4 (1.0.2)
+    aws-sdk-resources (2.11.632)
+      aws-sdk-core (= 2.11.632)
+    aws-sigv4 (1.5.0)
+      aws-eventstream (~> 1, >= 1.0.2)
     backports (3.8.0)
     bigdecimal (1.3.2)
     capybara (2.15.1)
@@ -42,7 +44,7 @@ GEM
       activesupport (>= 3.0.0)
     ffi (1.9.18)
     i18n (0.8.6)
-    jmespath (1.3.1)
+    jmespath (1.6.1)
     launchy (2.4.3)
       addressable (~> 2.3)
     listen (3.1.5)
@@ -132,7 +134,7 @@ PLATFORMS
 
 DEPENDENCIES
   activerecord
-  aws-sdk (~> 2)
+  aws-sdk (~> 2, >= 2.10.53)
   bigdecimal
   database_cleaner
   dotenv
@@ -153,4 +155,4 @@ DEPENDENCIES
   validate_url
 
 BUNDLED WITH
-   1.15.3
+   1.17.3