From f2965bba4d7e2d65316db9e0adc0fe83c5eee321 Mon Sep 17 00:00:00 2001
From: Ana Ulin <ana@ulin.org>
Date: Thu, 2 Feb 2023 10:30:26 -0800
Subject: [PATCH] Skip low-confidence Brakeman warnings in CI (#765)

* Update Ruby to 2.7.7

* Update Brakeman to latest.

* Skip low-confidence Brakeman warnings for now.
---
 .github/workflows/security.yml | 3 ++-
 .ruby-version                  | 2 +-
 Gemfile                        | 2 +-
 Gemfile.lock                   | 4 ++--
 4 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index ca452861..2dae5940 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -30,4 +30,5 @@ jobs:
           bundler-cache: true
 
       - name: brakeman
-        run: bundle exec brakeman
+        # Skip "low confidence" warnings with -w2
+        run: bundle exec brakeman -w2
diff --git a/.ruby-version b/.ruby-version
index 49cdd668..1f7da99d 100644
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-2.7.6
+2.7.7
diff --git a/Gemfile b/Gemfile
index 43fbf3db..a2fcb8d6 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-ruby "2.7.6"
+ruby File.read(".ruby-version").strip
 
 gem "rails", "~>6.0"
 gem "jquery-rails", ">= 4.3.5"
diff --git a/Gemfile.lock b/Gemfile.lock
index 92858640..86a9cc37 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -104,7 +104,7 @@ GEM
     bootstrap-sass (3.4.1)
       autoprefixer-rails (>= 5.2.1)
       sassc (>= 2.0.0)
-    brakeman (5.3.1)
+    brakeman (5.4.0)
     bugsnag (6.24.2)
       concurrent-ruby (~> 1.0)
     builder (3.2.4)
@@ -489,7 +489,7 @@ DEPENDENCIES
   webdrivers
 
 RUBY VERSION
-   ruby 2.7.6p219
+   ruby 2.7.7p221
 
 BUNDLED WITH
    2.1.4