From 33d35bca8dfdabb36be8c383224d935a1c449f9d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 20 Aug 2023 17:38:50 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-PUMA-5846204 --- Gemfile | 4 ++-- Gemfile.lock | 16 ++++++++-------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Gemfile b/Gemfile index a6cfe07..bb80734 100644 --- a/Gemfile +++ b/Gemfile @@ -5,8 +5,8 @@ source "https://rubygems.org" git_source(:github) {|repo_name| "https://github.com/#{repo_name}" } gem "sinatra", "2.0.1" -gem "puma", "4.2.1" -gem 'puma-metrics' +gem "puma", "5.6.7" +gem 'puma-metrics', '>= 1.2.0' group :test do gem 'rake' diff --git a/Gemfile.lock b/Gemfile.lock index ccc5069..932f52c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -4,13 +4,13 @@ GEM diff-lcs (1.3) mustermann (1.1.1) ruby2_keywords (~> 0.0.1) - nio4r (2.5.2) - prometheus-client (0.10.0) - puma (4.2.1) + nio4r (2.5.9) + prometheus-client (4.2.1) + puma (5.6.7) nio4r (~> 2.0) - puma-metrics (1.1.0) - prometheus-client (~> 0.10) - puma (>= 3.0) + puma-metrics (1.2.5) + prometheus-client (>= 0.10) + puma (>= 5.0) rack (2.2.2) rack-protection (2.0.1) rack @@ -42,8 +42,8 @@ PLATFORMS ruby DEPENDENCIES - puma (= 4.2.1) - puma-metrics + puma (= 5.6.7) + puma-metrics (>= 1.2.0) rack-test rake rspec