From 0b889f014887bbc32a22b1b71c809f0b1a5a3821 Mon Sep 17 00:00:00 2001
From: habdul-razak <habdul-razak@gitlab.com>
Date: Wed, 7 May 2025 14:39:30 -0400
Subject: [PATCH] Upgrade devise-two-factor and pbkdf2

- pbkdf2 is a fallback to the default hasher, bcrypt

Changelog: added
---
 Gemfile                                              |  2 +-
 Gemfile.checksum                                     |  2 +-
 Gemfile.lock                                         | 11 +++++------
 Gemfile.next.checksum                                |  2 +-
 Gemfile.next.lock                                    | 11 +++++------
 vendor/gems/devise-pbkdf2-encryptable/Gemfile.lock   | 12 ++++--------
 .../devise-pbkdf2-encryptable.gemspec                |  2 +-
 7 files changed, 18 insertions(+), 24 deletions(-)

diff --git a/Gemfile b/Gemfile
index f3c8a05097a06a..ac194a89b04a48 100644
--- a/Gemfile
+++ b/Gemfile
@@ -125,7 +125,7 @@ gem 'akismet', '~> 3.0', feature_category: :insider_threat
 gem 'invisible_captcha', '~> 2.1.0', feature_category: :insider_threat
 
 # Two-factor authentication
-gem 'devise-two-factor', '~> 4.1.1', feature_category: :system_access
+gem 'devise-two-factor', '~> 6.1.0', feature_category: :system_access
 gem 'rqrcode', '~> 2.2', feature_category: :system_access
 
 gem 'attr_encrypted', '~> 3.2.4', path: 'vendor/gems/attr_encrypted', feature_category: :shared
diff --git a/Gemfile.checksum b/Gemfile.checksum
index 4905e7b9091c7c..a0110e3fbeb589 100644
--- a/Gemfile.checksum
+++ b/Gemfile.checksum
@@ -119,7 +119,7 @@
 {"name":"devfile","version":"0.4.4","platform":"x86_64-linux","checksum":"8713cca9e7e9d485f398d8e57b40eeee475d29d2e722173a2819c3d753d9f5f7"},
 {"name":"device_detector","version":"1.0.0","platform":"ruby","checksum":"b800fb3150b00c23e87b6768011808ac1771fffaae74c3238ebaf2b782947a7d"},
 {"name":"devise","version":"4.9.4","platform":"ruby","checksum":"920042fe5e704c548aa4eb65ebdd65980b83ffae67feb32c697206bfd975a7f8"},
-{"name":"devise-two-factor","version":"4.1.1","platform":"ruby","checksum":"c95f5b07533e62217aaed3c386874d94e2d472fb5f2b6598afe8600fc17a8b95"},
+{"name":"devise-two-factor","version":"6.1.0","platform":"ruby","checksum":"90389ea00e6eab999f1868311972b6f4c84e6d7d6d1e90990eea8fcaf3372c10"},
 {"name":"diff-lcs","version":"1.5.0","platform":"ruby","checksum":"49b934001c8c6aedb37ba19daec5c634da27b318a7a3c654ae979d6ba1929b67"},
 {"name":"diffy","version":"3.4.3","platform":"ruby","checksum":"4264b9e7db00d1cd426fcd32e36565779163cedc2340a95b0e6f025e71f9aaa7"},
 {"name":"digest-crc","version":"0.6.5","platform":"ruby","checksum":"5ca456f3352dc5ff17eb95deb3dd5a79dc79f8bf751d8005abca5b7b9b252124"},
diff --git a/Gemfile.lock b/Gemfile.lock
index fc435c9e9b06e7..3163055bab3917 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -150,7 +150,7 @@ PATH
   specs:
     devise-pbkdf2-encryptable (0.0.0)
       devise (~> 4.0)
-      devise-two-factor (~> 4.1.1)
+      devise-two-factor (~> 6.1.0)
 
 PATH
   remote: vendor/gems/diff_match_patch
@@ -544,11 +544,10 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (4.1.1)
-      activesupport (~> 7.0)
-      attr_encrypted (>= 1.3, < 5, != 2)
+    devise-two-factor (6.1.0)
+      activesupport (>= 7.0, < 8.1)
       devise (~> 4.0)
-      railties (~> 7.0)
+      railties (>= 7.0, < 8.1)
       rotp (~> 6.0)
     diff-lcs (1.5.0)
     diffy (3.4.3)
@@ -2120,7 +2119,7 @@ DEPENDENCIES
   device_detector
   devise (~> 4.9.3)
   devise-pbkdf2-encryptable (~> 0.0.0)!
-  devise-two-factor (~> 4.1.1)
+  devise-two-factor (~> 6.1.0)
   diff_match_patch (~> 0.1.0)!
   diffy (~> 3.4)
   discordrb-webhooks (~> 3.5)
diff --git a/Gemfile.next.checksum b/Gemfile.next.checksum
index 4905e7b9091c7c..a0110e3fbeb589 100644
--- a/Gemfile.next.checksum
+++ b/Gemfile.next.checksum
@@ -119,7 +119,7 @@
 {"name":"devfile","version":"0.4.4","platform":"x86_64-linux","checksum":"8713cca9e7e9d485f398d8e57b40eeee475d29d2e722173a2819c3d753d9f5f7"},
 {"name":"device_detector","version":"1.0.0","platform":"ruby","checksum":"b800fb3150b00c23e87b6768011808ac1771fffaae74c3238ebaf2b782947a7d"},
 {"name":"devise","version":"4.9.4","platform":"ruby","checksum":"920042fe5e704c548aa4eb65ebdd65980b83ffae67feb32c697206bfd975a7f8"},
-{"name":"devise-two-factor","version":"4.1.1","platform":"ruby","checksum":"c95f5b07533e62217aaed3c386874d94e2d472fb5f2b6598afe8600fc17a8b95"},
+{"name":"devise-two-factor","version":"6.1.0","platform":"ruby","checksum":"90389ea00e6eab999f1868311972b6f4c84e6d7d6d1e90990eea8fcaf3372c10"},
 {"name":"diff-lcs","version":"1.5.0","platform":"ruby","checksum":"49b934001c8c6aedb37ba19daec5c634da27b318a7a3c654ae979d6ba1929b67"},
 {"name":"diffy","version":"3.4.3","platform":"ruby","checksum":"4264b9e7db00d1cd426fcd32e36565779163cedc2340a95b0e6f025e71f9aaa7"},
 {"name":"digest-crc","version":"0.6.5","platform":"ruby","checksum":"5ca456f3352dc5ff17eb95deb3dd5a79dc79f8bf751d8005abca5b7b9b252124"},
diff --git a/Gemfile.next.lock b/Gemfile.next.lock
index fc435c9e9b06e7..3163055bab3917 100644
--- a/Gemfile.next.lock
+++ b/Gemfile.next.lock
@@ -150,7 +150,7 @@ PATH
   specs:
     devise-pbkdf2-encryptable (0.0.0)
       devise (~> 4.0)
-      devise-two-factor (~> 4.1.1)
+      devise-two-factor (~> 6.1.0)
 
 PATH
   remote: vendor/gems/diff_match_patch
@@ -544,11 +544,10 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (4.1.1)
-      activesupport (~> 7.0)
-      attr_encrypted (>= 1.3, < 5, != 2)
+    devise-two-factor (6.1.0)
+      activesupport (>= 7.0, < 8.1)
       devise (~> 4.0)
-      railties (~> 7.0)
+      railties (>= 7.0, < 8.1)
       rotp (~> 6.0)
     diff-lcs (1.5.0)
     diffy (3.4.3)
@@ -2120,7 +2119,7 @@ DEPENDENCIES
   device_detector
   devise (~> 4.9.3)
   devise-pbkdf2-encryptable (~> 0.0.0)!
-  devise-two-factor (~> 4.1.1)
+  devise-two-factor (~> 6.1.0)
   diff_match_patch (~> 0.1.0)!
   diffy (~> 3.4)
   discordrb-webhooks (~> 3.5)
diff --git a/vendor/gems/devise-pbkdf2-encryptable/Gemfile.lock b/vendor/gems/devise-pbkdf2-encryptable/Gemfile.lock
index 47191da2a011d3..190ade85bf0307 100644
--- a/vendor/gems/devise-pbkdf2-encryptable/Gemfile.lock
+++ b/vendor/gems/devise-pbkdf2-encryptable/Gemfile.lock
@@ -3,7 +3,7 @@ PATH
   specs:
     devise-pbkdf2-encryptable (0.0.0)
       devise (~> 4.0)
-      devise-two-factor (~> 4.1.1)
+      devise-two-factor (~> 6.1.0)
 
 GEM
   remote: https://rubygems.org/
@@ -35,8 +35,6 @@ GEM
       minitest (>= 5.1)
       mutex_m
       tzinfo (~> 2.0)
-    attr_encrypted (4.0.0)
-      encryptor (~> 3.0.0)
     base64 (0.1.1)
     bcrypt (3.1.19)
     bigdecimal (3.1.4)
@@ -50,16 +48,14 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (4.1.1)
-      activesupport (~> 7.0)
-      attr_encrypted (>= 1.3, < 5, != 2)
+    devise-two-factor (6.1.0)
+      activesupport (>= 7.0, < 8.1)
       devise (~> 4.0)
-      railties (~> 7.0)
+      railties (>= 7.0, < 8.1)
       rotp (~> 6.0)
     diff-lcs (1.5.0)
     drb (2.1.1)
       ruby2_keywords
-    encryptor (3.0.0)
     erubi (1.12.0)
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
diff --git a/vendor/gems/devise-pbkdf2-encryptable/devise-pbkdf2-encryptable.gemspec b/vendor/gems/devise-pbkdf2-encryptable/devise-pbkdf2-encryptable.gemspec
index cd2c62b457d065..18af7d60ead45b 100644
--- a/vendor/gems/devise-pbkdf2-encryptable/devise-pbkdf2-encryptable.gemspec
+++ b/vendor/gems/devise-pbkdf2-encryptable/devise-pbkdf2-encryptable.gemspec
@@ -19,7 +19,7 @@ Gem::Specification.new do |spec|
   spec.version = '0.0.0'
 
   spec.add_runtime_dependency 'devise', '~> 4.0'
-  spec.add_runtime_dependency 'devise-two-factor', '~> 4.1.1'
+  spec.add_runtime_dependency 'devise-two-factor', '~> 6.1.0'
 
   spec.add_development_dependency 'activemodel', '~> 7.0', '< 8'
   spec.add_development_dependency 'rspec', '~> 3.10.0'
-- 
GitLab