From 2dd2d8eec6888f77804e1aef1cccac3d51b0c700 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 9 Jan 2024 14:46:53 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-6146928
---
 Gemfile      | 2 +-
 Gemfile.lock | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index 87600f8..621515d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -10,7 +10,7 @@ gem 'rails', '~> 7.0.5', '>= 7.0.5.1'
 # Use postgresql as the database for Active Record
 gem 'pg', '~> 1.1'
 # Use Puma as the app server
-gem 'puma', '~> 5.6', '>= 5.6.4'
+gem 'puma', '~> 5.6', '>= 5.6.8'
 # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
 # gem 'jbuilder', '~> 2.7'
 # Use Redis adapter to run Action Cable in production
diff --git a/Gemfile.lock b/Gemfile.lock
index a46a303..abe87dd 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -134,11 +134,11 @@ GEM
     net-smtp (0.3.3)
       net-protocol
     netrc (0.11.0)
-    nio4r (2.5.9)
+    nio4r (2.7.0)
     nokogiri (1.15.2-x86_64-linux)
       racc (~> 1.4)
     pg (1.4.5)
-    puma (5.6.5)
+    puma (5.6.8)
       nio4r (~> 2.0)
     racc (1.7.1)
     rack (2.2.7)
@@ -232,7 +232,7 @@ DEPENDENCIES
   listen (~> 3.3)
   net-smtp (~> 0.3.1)
   pg (~> 1.1)
-  puma (~> 5.6, >= 5.6.4)
+  puma (~> 5.6, >= 5.6.8)
   rack-cors (~> 1.1.1)
   rails (~> 7.0.5, >= 7.0.5.1)
   rails-erd (~> 1.6.1)