From d37dc8afba4e5866bc2daa1f1ce19af2f4d32559 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 29 Nov 2022 17:03:31 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-SINATRA-3150405 --- Gemfile | 4 ++-- Gemfile.lock | 36 +++++++++++++++++------------------- 2 files changed, 19 insertions(+), 21 deletions(-) diff --git a/Gemfile b/Gemfile index 4b42903..16a4439 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,7 @@ source 'https://rubygems.org' -gem 'sinatra', '2.0.2' -gem 'sinatra-contrib', '2.0.2' +gem 'sinatra', '2.2.3' +gem 'sinatra-contrib', '2.2.3' gem 'rake', '>= 12.3.3' gem 'json', '>= 2.3.0' gem 'puma', '>= 3.12.4' diff --git a/Gemfile.lock b/Gemfile.lock index 790cc50..ea8faf1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,35 +1,33 @@ GEM remote: https://rubygems.org/ specs: - backports (2.8.2) httparty (0.14.0) multi_xml (>= 0.5.2) json (2.3.0) - multi_json (1.14.1) + multi_json (1.15.0) multi_xml (0.6.0) - mustermann (1.1.1) + mustermann (2.0.2) ruby2_keywords (~> 0.0.1) nio4r (2.5.2) puma (4.3.3) nio4r (~> 2.0) - rack (2.2.3) - rack-protection (2.0.2) + rack (2.2.4) + rack-protection (2.2.3) rack rake (13.0.1) - ruby2_keywords (0.0.2) - sinatra (2.0.2) - mustermann (~> 1.0) - rack (~> 2.0) - rack-protection (= 2.0.2) + ruby2_keywords (0.0.5) + sinatra (2.2.3) + mustermann (~> 2.0) + rack (~> 2.2) + rack-protection (= 2.2.3) tilt (~> 2.0) - sinatra-contrib (2.0.2) - backports (~> 2.8.2) + sinatra-contrib (2.2.3) multi_json - mustermann (~> 1.0) - rack-protection (= 2.0.2) - sinatra (= 2.0.2) - tilt (>= 1.3, < 3) - tilt (2.0.10) + mustermann (~> 2.0) + rack-protection (= 2.2.3) + sinatra (= 2.2.3) + tilt (~> 2.0) + tilt (2.0.11) PLATFORMS ruby @@ -40,8 +38,8 @@ DEPENDENCIES json (>= 2.3.0) puma (>= 3.12.4) rake (>= 12.3.3) - sinatra (= 2.0.2) - sinatra-contrib (= 2.0.2) + sinatra (= 2.2.3) + sinatra-contrib (= 2.2.3) BUNDLED WITH 1.17.3