This PR merges all ruby security dependency updates made as part of https://github.com/epimorphics/hmlr-linked-data/issues/127 into the lift and shift branch. I've left the npm security dependency updates out of this PR as npm packages on dev-infrastructure are a bit different than dev, and replacing yarn.lock with the one from dev crashes the app. Since dependabot works against the main branch, the best way forward with this is to wait for the lift and shift to happen, make dev-infrastructure the new main branch afterwards, and let dependabot re-run all the checks against the new branch. After this we can address the remaining alerts
This PR merges all
rubysecurity dependency updates made as part of https://github.com/epimorphics/hmlr-linked-data/issues/127 into the lift and shift branch. I've left thenpmsecurity dependency updates out of this PR asnpmpackages ondev-infrastructureare a bit different thandev, and replacingyarn.lockwith the one fromdevcrashes the app. Since dependabot works against the main branch, the best way forward with this is to wait for the lift and shift to happen, makedev-infrastructurethe new main branch afterwards, and let dependabot re-run all the checks against the new branch. After this we can address the remaining alerts