diff --git a/Gemfile b/Gemfile
index 3c98dfbee..db55b3c6f 100644
--- a/Gemfile
+++ b/Gemfile
@@ -34,7 +34,7 @@ gem 'selectize-rails'
 gem 'uglifier', '>= 1.3.0'
 gem 'underscore-rails'
 
-gem 'devise', '~> 4.8'
+gem 'devise', '~> 4.9'
 gem 'omniauth-github'
 gem 'omniauth-twitter'
 gem "omniauth-rails_csrf_protection", "~> 1.0"
diff --git a/Gemfile.lock b/Gemfile.lock
index b2cf8bdf5..01eeea745 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -112,7 +112,7 @@ GEM
       babel-source (>= 4.0, < 6)
       execjs (~> 2.0)
     base64 (0.2.0)
-    bcrypt (3.1.18)
+    bcrypt (3.1.20)
     better_errors (2.10.1)
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
@@ -158,7 +158,7 @@ GEM
     database_cleaner-core (2.0.1)
     date (3.4.1)
     debug_inspector (1.1.0)
-    devise (4.8.1)
+    devise (4.9.4)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -392,9 +392,9 @@ GEM
       activesupport (>= 5.0.0)
       minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.0)
+    rails-html-sanitizer (1.6.2)
       loofah (~> 2.21)
-      nokogiri (~> 1.14)
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
     railties (6.1.7.10)
       actionpack (= 6.1.7.10)
       activesupport (= 6.1.7.10)
@@ -417,7 +417,7 @@ GEM
     regexp_parser (2.7.0)
     request_store (1.7.0)
       rack (>= 1.4)
-    responders (3.1.0)
+    responders (3.1.1)
       actionpack (>= 5.2)
       railties (>= 5.2)
     rexml (3.4.0)
@@ -546,7 +546,7 @@ DEPENDENCIES
   coderay (~> 1.0)
   country_select (~> 10.0)
   database_cleaner (~> 2.1)
-  devise (~> 4.8)
+  devise (~> 4.9)
   diffy
   dotenv-rails
   draper (~> 4.0)