Fix vulnerabilities in HelloWorld's Gemfile (#52873)

cipolleschi · facebook-github-bot · commit cda32c3119d1 · 2025-07-28T10:32:44.000-07:00
Summary: Pull Request resolved: #52873 Our tooling detected a vulnerability in HelloWorld's Gemfile. This change fixes them. bypass-github-export-checks ## Changelog: [Internal] - Reviewed By: cortinico Differential Revision: D79084217 fbshipit-source-id: 7a0c85a0b2e79792c43226f43a19f27414cfee2a
diff --git a/private/helloworld/Gemfile b/private/helloworld/Gemfile
@@ -12,3 +12,5 @@ gem 'bigdecimal'
 gem 'logger'
 gem 'benchmark'
 gem 'mutex_m'
+gem 'ffi',  '>= 1.17.2'
+gem 'rexml', '>= 3.3.9'
diff --git a/private/helloworld/Gemfile.lock b/private/helloworld/Gemfile.lock
@@ -62,7 +62,7 @@ GEM
     escape (0.0.4)
     ethon (0.16.0)
       ffi (>= 1.15.0)
-    ffi (1.17.0)
+    ffi (1.17.2)
     fourflusher (2.3.1)
     fuzzy_match (2.0.4)
     gh_inspector (1.1.3)
@@ -79,10 +79,8 @@ GEM
     netrc (0.11.0)
     nkf (0.2.0)
     public_suffix (4.0.7)
-    rexml (3.3.5)
-      strscan
+    rexml (3.4.1)
     ruby-macho (2.5.1)
-    strscan (3.1.0)
     typhoeus (1.4.1)
       ethon (>= 0.9.0)
     tzinfo (2.0.6)
@@ -104,8 +102,10 @@ DEPENDENCIES
   bigdecimal
   cocoapods (~> 1.13, != 1.15.1, != 1.15.0)
   concurrent-ruby (<= 1.3.4)
+  ffi (>= 1.17.2)
   logger
   mutex_m
+  rexml (>= 3.3.9)
   xcodeproj (< 1.26.0)
 
 RUBY VERSION
