[Snyk] Fix for 3 vulnerabilities

[sashawood]

Snyk has created this PR to fix 3 vulnerabilities in the rubygems dependencies of this project.

Snyk changed the following file(s):

• Gemfile
• Gemfile.lock

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Allocation of Resources Without Limits or Throttling SNYK-RUBY-ACTIVESUPPORT-15762697	721
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-ACTIVESUPPORT-15762331	631
	Cross-site Scripting (XSS) SNYK-RUBY-ACTIVESUPPORT-15762701	551

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Allocation of Resources Without Limits or Throttling
🦉 Cross-site Scripting (XSS)

[sashawood]

This upgrade contains significant breaking changes, particularly for CocoaPods, and requires careful review and potential environment updates.

cocoapods 1.6.0.beta.2 → 1.12.0 (High Risk)

This is a substantial upgrade across multiple major versions, introducing several breaking changes and new features. Key changes include:

• Ruby Version Requirement: The minimum required Ruby version has been increased twice. Version 1.10.0 requires at least Ruby 2.3.3, and version 1.11.0 raises this to Ruby 2.6. Your development and CI/CD environments must be updated.
• Default Spec Repo Source: Starting in version 1.8.0, CocoaPods uses the CDN as the default spec source instead of the git-based master repo. If your Podfile relies on the git repo, you must now explicitly add source 'https://github.com/CocoaPods/Specs.git' to it.
• XCFrameworks Support: Support for XCFrameworks was added in 1.9.0 and the integration logic was significantly changed in 1.10.0. The old Prepare Artifacts script was replaced, which may break custom build scripts.
• Podfile DSL Changes: New DSL options have been added, such as static linkage with use_frameworks!, a post_integrate hook, and support for on-demand resources.

Recommendation: Due to the number of breaking changes, test this upgrade in a separate branch. Verify your Ruby environment and Podfile source configurations. Pay close attention to build and archive processes, especially if you use XCFrameworks or have custom scripts.

jazzy 0.9.4 → 0.10.0 (Medium Risk)

This upgrade introduces a new runtime dependency that may affect your build environment.

• Environment Dependency: jazzy version 0.10.0 requires the Swift 5 Runtime for Command Line Tools. On macOS versions older than 10.14.4, this must be installed manually, or you must upgrade macOS or Xcode (to 10.2+). This can cause failures in CI/CD environments running older OS versions.

Recommendation: Ensure your build environment meets the new Swift 5 runtime requirement before upgrading.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.