From e3999984174a5d70f185395ce83fea8a4e5c90ba Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Sat, 20 Dec 2025 22:12:31 +0000
Subject: [PATCH] fix: apps/mobile/Gemfile & apps/mobile/Gemfile.lock to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-AWSSDKS3-14465282
---
 apps/mobile/Gemfile      |  2 +-
 apps/mobile/Gemfile.lock | 48 ++++++++++++++++++----------------------
 2 files changed, 23 insertions(+), 27 deletions(-)

diff --git a/apps/mobile/Gemfile b/apps/mobile/Gemfile
index a9e494ea9a1..9ca02152c75 100644
--- a/apps/mobile/Gemfile
+++ b/apps/mobile/Gemfile
@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gem 'fastlane', '2.215.0'
+gem 'fastlane', '2.215.1'
 # Exclude problematic versions of cocoapods and activesupport that causes build failures.
 gem 'cocoapods', '1.15.0'
 gem 'activesupport', '7.1.2'
diff --git a/apps/mobile/Gemfile.lock b/apps/mobile/Gemfile.lock
index 1cc3a294c88..9bf204faf39 100644
--- a/apps/mobile/Gemfile.lock
+++ b/apps/mobile/Gemfile.lock
@@ -1,10 +1,7 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    CFPropertyList (3.0.7)
-      base64
-      nkf
-      rexml
+    CFPropertyList (3.0.9)
     activesupport (7.1.2)
       base64
       bigdecimal
@@ -15,16 +12,16 @@ GEM
       minitest (>= 5.1)
       mutex_m
       tzinfo (~> 2.0)
-    addressable (2.8.7)
-      public_suffix (>= 2.0.2, < 7.0)
+    addressable (2.8.8)
+      public_suffix (>= 2.0.2, < 8.0)
     algoliasearch (1.27.5)
       httpclient (~> 2.8, >= 2.8.3)
       json (>= 1.5.1)
     artifactory (3.0.17)
     atomos (0.1.3)
     aws-eventstream (1.4.0)
-    aws-partitions (1.1170.0)
-    aws-sdk-core (3.233.0)
+    aws-partitions (1.1198.0)
+    aws-sdk-core (3.240.0)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.992.0)
       aws-sigv4 (~> 1.9)
@@ -32,18 +29,18 @@ GEM
       bigdecimal
       jmespath (~> 1, >= 1.6.1)
       logger
-    aws-sdk-kms (1.113.0)
-      aws-sdk-core (~> 3, >= 3.231.0)
+    aws-sdk-kms (1.118.0)
+      aws-sdk-core (~> 3, >= 3.239.1)
       aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.199.1)
-      aws-sdk-core (~> 3, >= 3.231.0)
+    aws-sdk-s3 (1.208.0)
+      aws-sdk-core (~> 3, >= 3.234.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.5)
     aws-sigv4 (1.12.1)
       aws-eventstream (~> 1, >= 1.0.2)
     babosa (1.0.4)
     base64 (0.3.0)
-    bigdecimal (3.3.1)
+    bigdecimal (4.0.1)
     claide (1.1.0)
     cocoapods (1.15.0)
       addressable (~> 2.8)
@@ -111,9 +108,9 @@ GEM
       faraday-rack (~> 1.0)
       faraday-retry (~> 1.0)
       ruby2_keywords (>= 0.0.4)
-    faraday-cookie_jar (0.0.7)
+    faraday-cookie_jar (0.0.8)
       faraday (>= 0.8.0)
-      http-cookie (~> 1.0.0)
+      http-cookie (>= 1.0.0)
     faraday-em_http (1.0.0)
     faraday-em_synchrony (1.0.1)
     faraday-excon (1.1.0)
@@ -128,7 +125,7 @@ GEM
     faraday_middleware (1.2.1)
       faraday (~> 1.0)
     fastimage (2.4.0)
-    fastlane (2.215.0)
+    fastlane (2.215.1)
       CFPropertyList (>= 2.3, < 4.0.0)
       addressable (>= 2.8, < 3.0.0)
       artifactory (~> 3.0)
@@ -172,7 +169,7 @@ GEM
     fourflusher (2.3.1)
     fuzzy_match (2.0.4)
     gh_inspector (1.1.3)
-    google-apis-androidpublisher_v3 (0.87.0)
+    google-apis-androidpublisher_v3 (0.92.0)
       google-apis-core (>= 0.15.0, < 2.a)
     google-apis-core (0.18.0)
       addressable (~> 2.5, >= 2.5.1)
@@ -182,11 +179,11 @@ GEM
       mutex_m
       representable (~> 3.0)
       retriable (>= 2.0, < 4.a)
-    google-apis-iamcredentials_v1 (0.24.0)
+    google-apis-iamcredentials_v1 (0.26.0)
       google-apis-core (>= 0.15.0, < 2.a)
     google-apis-playcustomapp_v1 (0.17.0)
       google-apis-core (>= 0.15.0, < 2.a)
-    google-apis-storage_v1 (0.57.0)
+    google-apis-storage_v1 (0.58.0)
       google-apis-core (>= 0.15.0, < 2.a)
     google-cloud-core (1.8.0)
       google-cloud-env (>= 1.0, < 3.a)
@@ -195,7 +192,7 @@ GEM
       base64 (~> 0.2)
       faraday (>= 1.0, < 3.a)
     google-cloud-errors (1.5.0)
-    google-cloud-storage (1.57.0)
+    google-cloud-storage (1.57.1)
       addressable (~> 2.8)
       digest-crc (~> 0.4)
       google-apis-core (>= 0.18, < 2)
@@ -205,7 +202,7 @@ GEM
       googleauth (~> 1.9)
       mini_mime (~> 1.0)
     google-logging-utils (0.2.0)
-    googleauth (1.15.0)
+    googleauth (1.16.0)
       faraday (>= 1.0, < 3.a)
       google-cloud-env (~> 2.2)
       google-logging-utils (~> 0.1)
@@ -221,7 +218,7 @@ GEM
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
     jmespath (1.6.2)
-    json (2.15.1)
+    json (2.18.0)
     jwt (2.10.2)
       base64
     logger (1.7.0)
@@ -229,19 +226,18 @@ GEM
     mini_mime (1.1.5)
     minitest (5.26.0)
     molinillo (0.8.0)
-    multi_json (1.17.0)
+    multi_json (1.18.0)
     multipart-post (2.4.1)
     mutex_m (0.3.0)
     nanaimo (0.4.0)
     nap (1.1.0)
     naturally (2.3.0)
     netrc (0.11.0)
-    nkf (0.2.0)
     optparse (0.1.1)
     os (1.1.4)
     plist (3.7.2)
     public_suffix (4.0.7)
-    rake (13.3.0)
+    rake (13.3.1)
     representable (3.2.0)
       declarative (< 0.1.0)
       trailblazer-option (>= 0.1.1, < 0.2.0)
@@ -295,7 +291,7 @@ DEPENDENCIES
   activesupport (= 7.1.2)
   cocoapods (= 1.15.0)
   concurrent-ruby (= 1.3.4)
-  fastlane (= 2.215.0)
+  fastlane (= 2.215.1)
   xcodeproj (= 1.27.0)
 
 BUNDLED WITH