All dependencies are very old and some have security issues pointed out by Dependabot.

The npm dependencies are not urgent as we don't actually use them in the building process (very little even if we do use them). The ruby dependencies (gems) should be updated first. Most of the blocking issues pointed out in the Gemfile have already been resolved.

This is medium priority, but since I'm not too familiar with how gem works and dependencies are likely going to break the current site, this might take some time.