From de087cd0a3c175ad28741f96112ce56fbd75fc47 Mon Sep 17 00:00:00 2001
From: Eric Amorde <eric.amorde@gmail.com>
Date: Wed, 2 Oct 2024 19:19:17 -0700
Subject: [PATCH] Bump minimum rexml version to 3.3.6 to address CVE-2024-43398

---
 Gemfile.lock      | 6 ++----
 xcodeproj.gemspec | 2 +-
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 7a013833..7c2a6771 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -20,7 +20,7 @@ PATH
       claide (>= 1.0.2, < 2.0)
       colored2 (~> 3.1)
       nanaimo (~> 0.3.0)
-      rexml (>= 3.3.2, < 4.0)
+      rexml (>= 3.3.6, < 4.0)
 
 GEM
   remote: https://rubygems.org/
@@ -98,8 +98,7 @@ GEM
       ffi (>= 0.5.0)
     rb-kqueue (0.2.4)
       ffi (>= 0.5.0)
-    rexml (3.3.4)
-      strscan
+    rexml (3.3.8)
     rubocop (0.47.1)
       parser (>= 2.3.3.1, < 3.0)
       powerpack (~> 0.1)
@@ -115,7 +114,6 @@ GEM
       multi_json (~> 1.0)
       simplecov-html (~> 0.9.0)
     simplecov-html (0.9.0)
-    strscan (3.1.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     unicode-display_width (1.4.0)
diff --git a/xcodeproj.gemspec b/xcodeproj.gemspec
index 15fa248c..4c1f41fa 100644
--- a/xcodeproj.gemspec
+++ b/xcodeproj.gemspec
@@ -26,7 +26,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'claide',         '>= 1.0.2', '< 2.0'
   s.add_runtime_dependency 'colored2',       '~> 3.1'
   s.add_runtime_dependency 'nanaimo',        '~> 0.3.0'
-  s.add_runtime_dependency 'rexml',          '>= 3.3.2', '< 4.0'
+  s.add_runtime_dependency 'rexml',          '>= 3.3.6', '< 4.0'
 
   ## Make sure you can build the gem on older versions of RubyGems too:
   s.rubygems_version = '1.6.2'