fix(deps): upgrade dev dependencies to resolve Snyk security vulnerab… (#704)

Author: arpit-jn

.snyk

@@ -9,3 +9,6 @@ ignore:
     - dotenv-rails > railties > actionpack > rack-test:
         reason: No direct upgrade available
         expires: "2023-11-02T12:00:00.000Z"
+  snyk:lic:rubygems:json:Ruby:
+    - '*':
+        reason: Ruby standard library gem, Ruby license is acceptable

Gemfile

@@ -5,10 +5,8 @@ gemspec
 
 group :development do
   gem 'terminal-notifier-guard', require: false unless ENV['CIRCLECI']
-  gem 'coveralls', require: false
   gem 'rubocop', require: false
   gem 'rubocop-rails', require: false
-  gem 'irb', require: false
 end
 
 group :test do

Gemfile.lock

@@ -11,22 +11,6 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (8.1.2)
-      actionview (= 8.1.2)
-      activesupport (= 8.1.2)
-      nokogiri (>= 1.8.5)
-      rack (>= 2.2.4)
-      rack-session (>= 1.0.1)
-      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
-      useragent (~> 0.16)
-    actionview (8.1.2)
-      activesupport (= 8.1.2)
-      builder (~> 3.1)
-      erubi (~> 1.11)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
     activesupport (8.1.2)
       base64
       bigdecimal
@@ -45,31 +29,17 @@ GEM
     ast (2.4.3)
     base64 (0.3.0)
     bigdecimal (4.0.1)
-    builder (3.3.0)
     coderay (1.1.3)
     concurrent-ruby (1.3.6)
     connection_pool (3.0.2)
-    coveralls (0.7.1)
-      multi_json (~> 1.3)
-      rest-client
-      simplecov (>= 0.7)
-      term-ansicolor
-      thor
     crack (1.0.0)
       bigdecimal
       rexml
-    crass (1.0.6)
-    date (3.5.1)
     diff-lcs (1.6.2)
     docile (1.4.1)
     domain_name (0.6.20240107)
-    dotenv (2.8.1)
-    dotenv-rails (2.8.1)
-      dotenv (= 2.8.1)
-      railties (>= 3.2)
+    dotenv (3.2.0)
     drb (2.2.3)
-    erb (6.0.1)
-    erubi (1.13.0)
     faker (2.23.0)
       i18n (>= 1.8.11, < 2)
     ffi (1.17.0-aarch64-linux-gnu)
@@ -106,11 +76,6 @@ GEM
       domain_name (~> 0.5)
     i18n (1.14.8)
       concurrent-ruby (~> 1.0)
-    io-console (0.8.2)
-    irb (1.16.0)
-      pp (>= 0.6.0)
-      rdoc (>= 4.0.0)
-      reline (>= 0.4.2)
     json (2.18.0)
     jwt (2.10.2)
       base64
@@ -120,40 +85,16 @@ GEM
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     logger (1.7.0)
-    loofah (2.23.1)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
     lumberjack (1.2.10)
     method_source (1.1.0)
     mime-types (3.6.0)
       logger
       mime-types-data (~> 3.2015)
     mime-types-data (3.2024.1105)
-    mini_portile2 (2.8.9)
     minitest (6.0.1)
       prism (~> 1.5)
-    multi_json (1.15.0)
     nenv (0.3.0)
     netrc (0.11.0)
-    nokogiri (1.19.1)
-      mini_portile2 (~> 2.8.2)
-      racc (~> 1.4)
-    nokogiri (1.19.1-aarch64-linux-gnu)
-      racc (~> 1.4)
-    nokogiri (1.19.1-aarch64-linux-musl)
-      racc (~> 1.4)
-    nokogiri (1.19.1-arm-linux-gnu)
-      racc (~> 1.4)
-    nokogiri (1.19.1-arm-linux-musl)
-      racc (~> 1.4)
-    nokogiri (1.19.1-arm64-darwin)
-      racc (~> 1.4)
-    nokogiri (1.19.1-x86_64-darwin)
-      racc (~> 1.4)
-    nokogiri (1.19.1-x86_64-linux-gnu)
-      racc (~> 1.4)
-    nokogiri (1.19.1-x86_64-linux-musl)
-      racc (~> 1.4)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
@@ -168,54 +109,22 @@ GEM
     pry (0.15.0)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    psych (5.3.1)
-      date
-      stringio
     public_suffix (7.0.0)
     racc (1.8.1)
     rack (3.2.5)
-    rack-session (2.1.1)
-      base64 (>= 0.1.0)
-      rack (>= 3.0.0)
-    rack-test (2.1.0)
-      rack (>= 1.3)
-    rackup (2.2.1)
-      rack (>= 3)
-    rails-dom-testing (2.2.0)
-      activesupport (>= 5.0.0)
-      minitest
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.0)
-      loofah (~> 2.21)
-      nokogiri (~> 1.14)
-    railties (8.1.2)
-      actionpack (= 8.1.2)
-      activesupport (= 8.1.2)
-      irb (~> 1.13)
-      rackup (>= 1.0.0)
-      rake (>= 12.2)
-      thor (~> 1.0, >= 1.2.2)
-      tsort (>= 0.2)
-      zeitwerk (~> 2.6)
     rainbow (3.1.1)
     rake (13.3.1)
     rb-fsevent (0.11.2)
     rb-inotify (0.11.1)
       ffi (~> 1.0)
-    rdoc (7.1.0)
-      erb
-      psych (>= 4.0.0)
-      tsort
     regexp_parser (2.11.3)
-    reline (0.6.3)
-      io-console (~> 0.5)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
     retryable (3.0.5)
-    rexml (3.3.9)
+    rexml (3.4.4)
     rspec (3.13.2)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
@@ -256,36 +165,26 @@ GEM
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-cobertura (2.1.0)
+    simplecov-cobertura (3.1.0)
       rexml
       simplecov (~> 0.19)
     simplecov-html (0.13.1)
     simplecov_json_formatter (0.1.4)
-    stringio (3.2.0)
-    sync (0.5.0)
-    term-ansicolor (1.11.2)
-      tins (~> 1.0)
     terminal-notifier-guard (1.7.0)
-    thor (1.3.2)
+    thor (1.5.0)
     timecop (0.9.10)
-    tins (1.37.0)
-      bigdecimal
-      sync
-    tsort (0.2.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (3.2.0)
       unicode-emoji (~> 4.1)
     unicode-emoji (4.2.0)
     uri (1.1.1)
-    useragent (0.16.10)
     vcr (6.4.0)
-    webmock (3.24.0)
+    webmock (3.26.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
     zache (0.15.2)
-    zeitwerk (2.7.1)
 
 PLATFORMS
   aarch64-linux
@@ -306,12 +205,10 @@ PLATFORMS
 DEPENDENCIES
   auth0!
   bundler
-  coveralls
-  dotenv-rails (~> 2.0)
+  dotenv (~> 3.0)
   faker (~> 2.0)
   fuubar (~> 2.0)
   guard-rspec (~> 4.5)
-  irb
   pp
   rake (~> 13.0)
   rspec (~> 3.11)

auth0.gemspec

@@ -26,7 +26,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'rake', '~> 13.0'
   s.add_development_dependency 'fuubar', '~> 2.0'
   s.add_development_dependency 'guard-rspec', '~> 4.5' unless ENV['CIRCLECI']
-  s.add_development_dependency 'dotenv-rails', '~> 2.0'
+  s.add_development_dependency 'dotenv', '~> 3.0'
   s.add_development_dependency 'rspec', '~> 3.11'
   s.add_development_dependency 'simplecov', '~> 0.9'
   s.add_development_dependency 'faker', '~> 2.0'