From cfc2f9631a8587cbe1f80deb4f4ffefda0e30177 Mon Sep 17 00:00:00 2001
From: Eric Boehs <eric@boehs.com>
Date: Tue, 23 Apr 2024 09:31:22 -0500
Subject: [PATCH] fix: upgrade Ruby to 3.3.1 to address CVE

---
 .ruby-version        |  2 +-
 Dockerfile           |  2 +-
 Dockerfile-k8s       |  2 +-
 Gemfile              |  2 +-
 Gemfile.lock         | 15 +++++++++++++--
 docs/setup/native.md |  2 +-
 6 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/.ruby-version b/.ruby-version
index b347b11eac8..bea438e9ade 100644
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-3.2.3
+3.3.1
diff --git a/Dockerfile b/Dockerfile
index 18de6769058..2599a922ccb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ruby:3.2.3-slim-bookworm AS rubyimg
+FROM ruby:3.3.1-slim-bookworm AS rubyimg
 FROM rubyimg AS modules
 
 WORKDIR /tmp
diff --git a/Dockerfile-k8s b/Dockerfile-k8s
index 92323fabfa6..c4f7e150047 100644
--- a/Dockerfile-k8s
+++ b/Dockerfile-k8s
@@ -1,4 +1,4 @@
-FROM ruby:3.2.3-slim-bullseye AS rubyimg
+FROM ruby:3.3.1-slim-bullseye AS rubyimg
 FROM rubyimg AS modules
 
 WORKDIR /tmp
diff --git a/Gemfile b/Gemfile
index de030b10c38..2d1a96b0822 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,7 +2,7 @@
 
 source 'https://rubygems.org'
 
-ruby '~> 3.2.3'
+ruby '~> 3.3.1'
 
 # Modules
 path 'modules' do
diff --git a/Gemfile.lock b/Gemfile.lock
index 8b6064d8824..400b80df11d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -440,6 +440,7 @@ GEM
       faraday (>= 0.9.0)
     fastimage (2.3.1)
     ffi (1.16.3)
+    ffi (1.16.3-java)
     ffi-compiler (1.0.1)
       ffi (>= 1.0.0)
       rake
@@ -511,6 +512,12 @@ GEM
       faraday (>= 1.0, < 3.a)
     google-protobuf (4.26.1)
       rake (>= 13)
+    google-protobuf (4.26.1-java)
+      ffi (~> 1)
+      ffi-compiler (~> 1)
+      rake (>= 13)
+    google-protobuf (4.26.1-x86_64-linux)
+      rake (>= 13)
     googleauth (1.11.0)
       faraday (>= 1.0, < 3.a)
       google-cloud-env (~> 2.1)
@@ -663,6 +670,10 @@ GEM
     nokogiri (1.16.4)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
+    nokogiri (1.16.4-java)
+      racc (~> 1.4)
+    nokogiri (1.16.4-x86_64-linux)
+      racc (~> 1.4)
     nori (2.7.0)
       bigdecimal
     notiffany (0.1.3)
@@ -1280,7 +1291,7 @@ DEPENDENCIES
   yard
 
 RUBY VERSION
-   ruby 3.2.3p157
+   ruby 3.3.1p55
 
 BUNDLED WITH
-   2.4.9
+   2.5.9
diff --git a/docs/setup/native.md b/docs/setup/native.md
index 36bf6c0547a..e7cc743edaf 100644
--- a/docs/setup/native.md
+++ b/docs/setup/native.md
@@ -2,7 +2,7 @@
 
 Vets API requires:
 
-- Ruby 3.2.3
+- Ruby 3.3.1
 - PostgreSQL 15.x (including PostGIS 3)
 - Redis 6.2.x