From 573e561b8279b3da3beb80733a9b61efd8d10a35 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20Bj=C3=B6rkert?= <jonas@bjorkert.se>
Date: Thu, 9 Apr 2026 10:59:29 +0200
Subject: [PATCH] Bump addressable from 2.8.8 to 2.9.0

Fixes GHSA-h27x-rffw-24p4 (CVE-2026-35611), a high-severity ReDoS
vulnerability in Addressable URI template matching.
---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index f80c23ed6..54a0a20a8 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -3,7 +3,7 @@ GEM
   specs:
     CFPropertyList (3.0.8)
     abbrev (0.1.2)
-    addressable (2.8.8)
+    addressable (2.9.0)
       public_suffix (>= 2.0.2, < 8.0)
     artifactory (3.0.17)
     atomos (0.1.3)