[Snyk] Security upgrade webmock from 3.14.0 to 3.15.1

[snyk-io]

Snyk has created this PR to fix 1 vulnerabilities in the rubygems dependencies of this project.

Snyk changed the following file(s):

• Gemfile

⚠️ Warning

Failed to update the Gemfile.lock, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ADDRESSABLE-15924312	721

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[snyk-io]

This upgrade for webmock raises the minimum required Ruby version to 2.3. While this is a minor version bump, the change in runtime requirements classifies it as a medium risk, requiring environment verification.

Key Changes:

• Minimum Ruby Version: Version 3.15.1, which replaces the yanked version 3.15.0, requires Ruby 2.3 or newer. [6, 7] Projects running on older Ruby versions will need to upgrade their runtime.
• Enhancements: Version 3.15.0 introduced support for http.rb >= 5.0.2 and improved body matching for requests with a charset in the content type header. [1]

Recommendation:
Verify that your application is running on Ruby version 2.3 or higher. As Ruby 2.3 reached its end-of-life in March 2019, most modern environments will not be affected.

Source: GitHub Changelog

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[hivel-marco]

PR Complexity Score: 1.2 - Trivial

View Breakdown

• Lines Changed: 2
• Files Changed: 1
• Complexity Added: 0
• Raw Score: 3.04

Overview

This PR updates a development/test dependency version in the Gemfile. It focuses solely on keeping the webmock gem up to date within the defined version constraints.

Key Changes

• Bumps the webmock gem from ~> 3.14.0 to ~> 3.15.1 in the development and test group to pick up bug fixes or minor improvements while staying within the same major/minor line.

Risks & Considerations

• Potential for minor behavior changes in webmock that could affect existing tests, especially around HTTP request stubbing or matching.
• May require updating any brittle tests that rely on internal or undocumented webmock behavior.

File-level change summary

File	Change summary
Gemfile	Updated the webmock gem version constraint from ~> 3.14.0 to ~> 3.15.1 in the development and test group.