[Infra] Bump bundler dependency (#7444)

The old version, from 2022, pulled a dependency on rexml with a security
vulnerability:
https://github.com/firebase/firebase-android-sdk/security/dependabot/42

The update brings us to the latest released version of bundler and up to
date deps.

Author: rlazo

.github/workflows/changelog.yml

@@ -17,9 +17,9 @@ jobs:
       with:
         fetch-depth: 100
         submodules: true
-    - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # v1.227.0
+    - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0
       with:
-        ruby-version: '2.7'
+        ruby-version: '3.4'
     - name: Setup Bundler
       run: ./ci/danger/setup_bundler.sh
     - name: Danger CHANGELOG verifier

ci/danger/Gemfile

@@ -2,4 +2,4 @@
 # commit Gemfile and Gemfile.lock.
 source 'https://rubygems.org'
 
-gem 'danger', '8.4.5'
+gem 'danger', '9.5.3'

ci/danger/Gemfile.lock

@@ -1,86 +1,102 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.1)
-      public_suffix (>= 2.0.2, < 6.0)
+    activesupport (8.0.3)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
+      i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
+      minitest (>= 5.1)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+      uri (>= 0.13.1)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
+    base64 (0.3.0)
+    benchmark (0.4.1)
+    bigdecimal (3.3.0)
     claide (1.1.0)
     claide-plugins (0.9.2)
       cork
       nap
       open4 (~> 1.3)
     colored2 (3.1.2)
+    concurrent-ruby (1.3.5)
+    connection_pool (2.5.4)
     cork (0.3.0)
       colored2 (~> 3.1)
-    danger (8.4.5)
+    danger (9.5.3)
+      base64 (~> 0.2)
       claide (~> 1.0)
       claide-plugins (>= 0.9.2)
-      colored2 (~> 3.1)
+      colored2 (>= 3.1, < 5)
       cork (~> 0.1)
-      faraday (>= 0.9.0, < 2.0)
+      faraday (>= 0.9.0, < 3.0)
       faraday-http-cache (~> 2.0)
-      git (~> 1.7)
-      kramdown (~> 2.3)
+      git (>= 1.13, < 3.0)
+      kramdown (>= 2.5.1, < 3.0)
       kramdown-parser-gfm (~> 1.0)
-      no_proxy_fix
-      octokit (~> 4.7)
-      terminal-table (>= 1, < 4)
-    faraday (1.10.1)
-      faraday-em_http (~> 1.0)
-      faraday-em_synchrony (~> 1.0)
-      faraday-excon (~> 1.1)
-      faraday-httpclient (~> 1.0)
-      faraday-multipart (~> 1.0)
-      faraday-net_http (~> 1.0)
-      faraday-net_http_persistent (~> 1.0)
-      faraday-patron (~> 1.0)
-      faraday-rack (~> 1.0)
-      faraday-retry (~> 1.0)
-      ruby2_keywords (>= 0.0.4)
-    faraday-em_http (1.0.0)
-    faraday-em_synchrony (1.0.0)
-    faraday-excon (1.1.0)
-    faraday-http-cache (2.4.1)
+      octokit (>= 4.0)
+      pstore (~> 0.1)
+      terminal-table (>= 1, < 5)
+    drb (2.2.3)
+    faraday (2.14.0)
+      faraday-net_http (>= 2.0, < 3.5)
+      json
+      logger
+    faraday-http-cache (2.5.1)
       faraday (>= 0.8)
-    faraday-httpclient (1.0.1)
-    faraday-multipart (1.0.4)
-      multipart-post (~> 2)
-    faraday-net_http (1.0.1)
-    faraday-net_http_persistent (1.2.0)
-    faraday-patron (1.0.0)
-    faraday-rack (1.0.0)
-    faraday-retry (1.0.3)
-    git (1.13.1)
+    faraday-net_http (3.4.1)
+      net-http (>= 0.5.0)
+    git (2.3.3)
+      activesupport (>= 5.0)
       addressable (~> 2.8)
+      process_executer (~> 1.1)
       rchardet (~> 1.8)
-    kramdown (2.4.0)
-      rexml
+    i18n (1.14.7)
+      concurrent-ruby (~> 1.0)
+    json (2.15.1)
+    kramdown (2.5.1)
+      rexml (>= 3.3.9)
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
-    multipart-post (2.2.3)
+    logger (1.7.0)
+    minitest (5.25.5)
     nap (1.1.0)
-    no_proxy_fix (0.1.2)
-    octokit (4.25.1)
+    net-http (0.6.0)
+      uri
+    octokit (10.0.0)
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
     open4 (1.3.4)
-    public_suffix (5.0.1)
-    rchardet (1.8.0)
-    rexml (3.2.8)
-      strscan (>= 3.0.9)
-    ruby2_keywords (0.0.5)
+    process_executer (1.3.0)
+    pstore (0.2.0)
+    public_suffix (6.0.2)
+    rchardet (1.10.0)
+    rexml (3.4.4)
     sawyer (0.9.2)
       addressable (>= 2.3.5)
       faraday (>= 0.17.3, < 3)
-    strscan (3.1.0)
-    terminal-table (3.0.2)
-      unicode-display_width (>= 1.1.1, < 3)
-    unicode-display_width (2.2.0)
+    securerandom (0.4.1)
+    terminal-table (4.0.0)
+      unicode-display_width (>= 1.1.1, < 4)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (3.2.0)
+      unicode-emoji (~> 4.1)
+    unicode-emoji (4.1.0)
+    uri (1.0.4)
 
 PLATFORMS
+  arm64-darwin-24
   ruby
 
 DEPENDENCIES
-  danger (= 8.4.5)
+  danger (= 9.5.3)
 
 BUNDLED WITH
-   1.17.2
+   2.7.2