From 36875246d680b9f3eba20f4f9a3aaf3e28e5a30a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 1 Dec 2025 00:03:41 +0000
Subject: [PATCH] Bump omniauth from 1.8.1 to 2.1.4 in /backend

Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.8.1 to 2.1.4.
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.8.1...v2.1.4)

---
updated-dependencies:
- dependency-name: omniauth
  dependency-version: 2.1.4
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 backend/Gemfile      |  2 +-
 backend/Gemfile.lock | 50 +++++++++++++++++++++++++++-----------------
 2 files changed, 32 insertions(+), 20 deletions(-)

diff --git a/backend/Gemfile b/backend/Gemfile
index 7d2a28f7..c109e890 100644
--- a/backend/Gemfile
+++ b/backend/Gemfile
@@ -25,7 +25,7 @@ gem "cancancan", "~> 3.6.1"
 gem "cancancan-mongoid", "~> 2.0"
 gem "devise", "~> 4.8"
 gem "devise_invitable", "~> 2.0"
-gem "omniauth", "~> 1.8"
+gem "omniauth", "~> 2.1"
 gem "omniauth-facebook", "~> 3.0"
 
 # Colored output to console
diff --git a/backend/Gemfile.lock b/backend/Gemfile.lock
index 3ffebe8a..8440d357 100644
--- a/backend/Gemfile.lock
+++ b/backend/Gemfile.lock
@@ -221,7 +221,7 @@ GEM
       activerecord (>= 4.2, < 7.2)
       request_store (~> 1.0)
     hashdiff (1.2.1)
-    hashie (3.5.7)
+    hashie (5.0.0)
     httpclient (2.8.3)
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
@@ -297,20 +297,24 @@ GEM
     nokogiri (1.18.10)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    oauth2 (1.4.7)
-      faraday (>= 0.8, < 2.0)
-      jwt (>= 1.0, < 3.0)
-      multi_json (~> 1.3)
+    oauth2 (2.0.18)
+      faraday (>= 0.17.3, < 4.0)
+      jwt (>= 1.0, < 4.0)
+      logger (~> 1.2)
       multi_xml (~> 0.5)
-      rack (>= 1.2, < 3)
-    omniauth (1.8.1)
-      hashie (>= 3.4.6, < 3.6.0)
-      rack (>= 1.6.2, < 3)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0, >= 2.0.3)
+      version_gem (~> 1.1, >= 1.1.9)
+    omniauth (2.1.4)
+      hashie (>= 3.4.6)
+      logger
+      rack (>= 2.2.3)
+      rack-protection
     omniauth-facebook (3.0.0)
       omniauth-oauth2 (~> 1.2)
-    omniauth-oauth2 (1.5.0)
-      oauth2 (~> 1.1)
-      omniauth (~> 1.2)
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
     orm_adapter (0.5.0)
     parallel (1.24.0)
     parser (3.3.0.5)
@@ -343,17 +347,21 @@ GEM
       pusher-signature (~> 0.1.8)
     pusher-signature (0.1.8)
     racc (1.8.1)
-    rack (2.2.21)
+    rack (3.2.4)
     rack-cors (2.0.1)
       rack (>= 2.0.0)
-    rack-session (1.0.2)
-      rack (< 3)
+    rack-protection (4.2.1)
+      base64 (>= 0.1.0)
+      logger (>= 1.6.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.1.1)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0)
     rack-test (2.2.0)
       rack (>= 1.3)
     rack-timeout (0.7.0)
-    rackup (1.0.1)
-      rack (< 3)
-      webrick
+    rackup (2.2.1)
+      rack (>= 3)
     rails (7.1.5.2)
       actioncable (= 7.1.5.2)
       actionmailbox (= 7.1.5.2)
@@ -461,6 +469,9 @@ GEM
     simplecov_json_formatter (0.1.4)
     sixarm_ruby_unaccent (1.2.0)
     smart_properties (1.17.0)
+    snaky_hash (2.0.3)
+      hashie (>= 0.1.0, < 6)
+      version_gem (>= 1.1.8, < 3)
     sprockets (4.2.2)
       concurrent-ruby (~> 1.0)
       logger
@@ -497,6 +508,7 @@ GEM
     uniform_notifier (1.16.0)
     vcr (6.3.1)
       base64
+    version_gem (1.1.9)
     warden (1.2.9)
       rack (>= 2.0.9)
     webmock (3.26.1)
@@ -547,7 +559,7 @@ DEPENDENCIES
   mongoid (= 8.1.3)
   mongoid-rspec
   nearest_time_zone
-  omniauth (~> 1.8)
+  omniauth (~> 2.1)
   omniauth-facebook (~> 3.0)
   pg
   pry-byebug