From 980458b60b820e56b908e733020ddd0a2e6a0a90 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 4 Apr 2024 20:19:05 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-6274383 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274384 - https://snyk.io/vuln/SNYK-RUBY-RACK-6274385 --- Gemfile | 2 +- Gemfile.lock | 27 ++++++++++++++++----------- 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/Gemfile b/Gemfile index ba5bd29..602a012 100644 --- a/Gemfile +++ b/Gemfile @@ -4,4 +4,4 @@ gem "rake" gem "rspec" gem "redis" gem "curb" -gem "sinatra" +gem "sinatra", ">= 2.1.0" diff --git a/Gemfile.lock b/Gemfile.lock index fd0e3a0..f2fd195 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,13 +1,17 @@ GEM remote: https://rubygems.org/ specs: + base64 (0.2.0) curb (0.9.10) diff-lcs (1.3) - mustermann (1.1.1) + mustermann (3.0.0) ruby2_keywords (~> 0.0.1) - rack (2.2.3) - rack-protection (2.0.8.1) - rack + rack (3.0.10) + rack-protection (4.0.0) + base64 (>= 0.1.0) + rack (>= 3.0.0, < 4) + rack-session (2.0.0) + rack (>= 3.0.0) rake (13.0.1) redis (4.2.1) rspec (3.9.0) @@ -23,13 +27,14 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.9.0) rspec-support (3.9.3) - ruby2_keywords (0.0.2) - sinatra (2.0.8.1) - mustermann (~> 1.0) - rack (~> 2.0) - rack-protection (= 2.0.8.1) + ruby2_keywords (0.0.5) + sinatra (4.0.0) + mustermann (~> 3.0) + rack (>= 3.0.0, < 4) + rack-protection (= 4.0.0) + rack-session (>= 2.0.0, < 3) tilt (~> 2.0) - tilt (2.0.10) + tilt (2.3.0) PLATFORMS ruby @@ -39,7 +44,7 @@ DEPENDENCIES rake redis rspec - sinatra + sinatra (>= 2.1.0) BUNDLED WITH 2.1.4