From cb6abcf655ff28051a4aa454879364061f0dfe69 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 4 Apr 2023 19:34:15 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-HTTPARTY-3188560 - https://snyk.io/vuln/SNYK-RUBY-PUMA-1291014 - https://snyk.io/vuln/SNYK-RUBY-PUMA-1730572 - https://snyk.io/vuln/SNYK-RUBY-PUMA-2400629 - https://snyk.io/vuln/SNYK-RUBY-PUMA-2437090 - https://snyk.io/vuln/SNYK-RUBY-PUMA-570205 - https://snyk.io/vuln/SNYK-RUBY-PUMA-570206 - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848599 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848600 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237233 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237237 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-3360233 - https://snyk.io/vuln/SNYK-RUBY-SINATRA-2806372 - https://snyk.io/vuln/SNYK-RUBY-SINATRA-3150405 --- Gemfile | 8 ++++---- Gemfile.lock | 48 ++++++++++++++++++++++++------------------------ 2 files changed, 28 insertions(+), 28 deletions(-) diff --git a/Gemfile b/Gemfile index 4b42903..a2a1449 100644 --- a/Gemfile +++ b/Gemfile @@ -1,9 +1,9 @@ source 'https://rubygems.org' -gem 'sinatra', '2.0.2' -gem 'sinatra-contrib', '2.0.2' +gem 'sinatra', '2.2.3' +gem 'sinatra-contrib', '2.2.3' gem 'rake', '>= 12.3.3' gem 'json', '>= 2.3.0' -gem 'puma', '>= 3.12.4' +gem 'puma', '>= 4.3.12' -gem 'httparty', '0.14.0' \ No newline at end of file +gem 'httparty', '0.21.0' \ No newline at end of file diff --git a/Gemfile.lock b/Gemfile.lock index 790cc50..e32ca17 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,47 +1,47 @@ GEM remote: https://rubygems.org/ specs: - backports (2.8.2) - httparty (0.14.0) + httparty (0.21.0) + mini_mime (>= 1.0.0) multi_xml (>= 0.5.2) json (2.3.0) - multi_json (1.14.1) + mini_mime (1.1.2) + multi_json (1.15.0) multi_xml (0.6.0) - mustermann (1.1.1) + mustermann (2.0.2) ruby2_keywords (~> 0.0.1) - nio4r (2.5.2) - puma (4.3.3) + nio4r (2.5.9) + puma (6.2.1) nio4r (~> 2.0) - rack (2.2.3) - rack-protection (2.0.2) + rack (2.2.6.4) + rack-protection (2.2.3) rack rake (13.0.1) - ruby2_keywords (0.0.2) - sinatra (2.0.2) - mustermann (~> 1.0) - rack (~> 2.0) - rack-protection (= 2.0.2) + ruby2_keywords (0.0.5) + sinatra (2.2.3) + mustermann (~> 2.0) + rack (~> 2.2) + rack-protection (= 2.2.3) tilt (~> 2.0) - sinatra-contrib (2.0.2) - backports (~> 2.8.2) + sinatra-contrib (2.2.3) multi_json - mustermann (~> 1.0) - rack-protection (= 2.0.2) - sinatra (= 2.0.2) - tilt (>= 1.3, < 3) - tilt (2.0.10) + mustermann (~> 2.0) + rack-protection (= 2.2.3) + sinatra (= 2.2.3) + tilt (~> 2.0) + tilt (2.1.0) PLATFORMS ruby x64-mingw32 DEPENDENCIES - httparty (= 0.14.0) + httparty (= 0.21.0) json (>= 2.3.0) - puma (>= 3.12.4) + puma (>= 4.3.12) rake (>= 12.3.3) - sinatra (= 2.0.2) - sinatra-contrib (= 2.0.2) + sinatra (= 2.2.3) + sinatra-contrib (= 2.2.3) BUNDLED WITH 1.17.3