From 317bfe860b684e33f97b0a154a7ab87468aa3980 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 19 Jan 2024 16:02:00 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 --- Gemfile | 2 +- Gemfile.lock | 27 ++++++++++++++++----------- 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/Gemfile b/Gemfile index ba5bd29..d5f4ecd 100644 --- a/Gemfile +++ b/Gemfile @@ -4,4 +4,4 @@ gem "rake" gem "rspec" gem "redis" gem "curb" -gem "sinatra" +gem "sinatra", ">= 4.0.0" diff --git a/Gemfile.lock b/Gemfile.lock index fd0e3a0..66da739 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,13 +1,17 @@ GEM remote: https://rubygems.org/ specs: + base64 (0.2.0) curb (0.9.10) diff-lcs (1.3) - mustermann (1.1.1) + mustermann (3.0.0) ruby2_keywords (~> 0.0.1) - rack (2.2.3) - rack-protection (2.0.8.1) - rack + rack (3.0.8) + rack-protection (4.0.0) + base64 (>= 0.1.0) + rack (>= 3.0.0, < 4) + rack-session (2.0.0) + rack (>= 3.0.0) rake (13.0.1) redis (4.2.1) rspec (3.9.0) @@ -23,13 +27,14 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.9.0) rspec-support (3.9.3) - ruby2_keywords (0.0.2) - sinatra (2.0.8.1) - mustermann (~> 1.0) - rack (~> 2.0) - rack-protection (= 2.0.8.1) + ruby2_keywords (0.0.5) + sinatra (4.0.0) + mustermann (~> 3.0) + rack (>= 3.0.0, < 4) + rack-protection (= 4.0.0) + rack-session (>= 2.0.0, < 3) tilt (~> 2.0) - tilt (2.0.10) + tilt (2.3.0) PLATFORMS ruby @@ -39,7 +44,7 @@ DEPENDENCIES rake redis rspec - sinatra + sinatra (>= 4.0.0) BUNDLED WITH 2.1.4