From 2945d3bcbb987c7237006fa43d9d4cd34fbd7735 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Tue, 10 Sep 2019 02:10:56 +0000
Subject: [PATCH] [Security] Bump devise from 3.5.3 to 4.7.1

Bumps [devise](https://github.com/plataformatec/devise) from 3.5.3 to 4.7.1. **This update includes security fixes.**
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/plataformatec/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v3.5.3...v4.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 Gemfile      |  2 +-
 Gemfile.lock | 20 ++++++++++----------
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/Gemfile b/Gemfile
index ca4b82139..29ca0eefe 100644
--- a/Gemfile
+++ b/Gemfile
@@ -30,7 +30,7 @@ end
 # Use ActiveModel has_secure_password
 gem 'bcrypt', '~> 3.1.12'
 
-gem 'devise',           '~> 3.5.2'
+gem 'devise',           '~> 4.7.1'
 gem 'devise_invitable', '~> 1.5.2'
 
 gem 'figaro'
diff --git a/Gemfile.lock b/Gemfile.lock
index 4d4ec7644..35f9b5151 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -103,12 +103,11 @@ GEM
     delayed_job_active_record (4.1.3)
       activerecord (>= 3.0, < 5.3)
       delayed_job (>= 3.0, < 5)
-    devise (3.5.3)
+    devise (4.7.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 3.2.6, < 5)
+      railties (>= 4.1.0)
       responders
-      thread_safe (~> 0.1)
       warden (~> 1.2.3)
     devise_invitable (1.5.5)
       actionmailer (>= 3.2.6, < 5)
@@ -195,7 +194,7 @@ GEM
     multi_json (1.13.1)
     multi_test (0.1.2)
     netrc (0.11.0)
-    nokogiri (1.10.2)
+    nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
     orm_adapter (0.5.0)
     pg (0.18.4)
@@ -233,7 +232,7 @@ GEM
       activesupport (>= 4.2.0, < 5.0)
       nokogiri (~> 1.6)
       rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.4)
+    rails-html-sanitizer (1.2.0)
       loofah (~> 2.2, >= 2.2.2)
     rails_12factor (0.0.3)
       rails_serve_static_assets
@@ -245,7 +244,7 @@ GEM
       activesupport (= 4.2.11.1)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rake (12.3.2)
+    rake (12.3.3)
     ransack (1.8.9)
       actionpack (>= 3.0, <= 5.1.1)
       activerecord (>= 3.0, <= 5.1.1)
@@ -256,8 +255,9 @@ GEM
       ffi (>= 0.5.0, < 2)
     rbtree3 (0.5.0)
     rdoc (6.1.1)
-    responders (2.1.1)
-      railties (>= 4.2.0, < 5.1)
+    responders (2.4.1)
+      actionpack (>= 4.2.0, < 6.0)
+      railties (>= 4.2.0, < 6.0)
     rest-client (2.0.2)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
@@ -327,7 +327,7 @@ GEM
       unf_ext
     unf_ext (0.0.7.5)
     uniform_notifier (1.12.1)
-    warden (1.2.4)
+    warden (1.2.7)
       rack (>= 1.0)
     web-console (3.3.0)
       activemodel (>= 4.2)
@@ -359,7 +359,7 @@ DEPENDENCIES
   cucumber-rails
   database_cleaner
   delayed_job_active_record
-  devise (~> 3.5.2)
+  devise (~> 4.7.1)
   devise_invitable (~> 1.5.2)
   email_spec
   factory_bot_rails