From 94d068dda2c341a3b29dda7a5094d2c6182a4fd8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 11 Jul 2025 06:46:51 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-8720151
- https://snyk.io/vuln/SNYK-RUBY-RACK-10074187
- https://snyk.io/vuln/SNYK-RUBY-RACK-9398129
- https://snyk.io/vuln/SNYK-RUBY-RACK-3356639
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274385
- https://snyk.io/vuln/SNYK-RUBY-RACK-9058602
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237233
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237240
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237237
- https://snyk.io/vuln/SNYK-RUBY-RACK-3360233
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274383
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274384
---
 Gemfile      |  4 ++--
 Gemfile.lock | 58 ++++++++++++++++++++++++++++++++++++++--------------
 2 files changed, 45 insertions(+), 17 deletions(-)

diff --git a/Gemfile b/Gemfile
index 4b42903..2a86a7f 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,7 +1,7 @@
 source 'https://rubygems.org'
 
-gem 'sinatra', '2.0.2'
-gem 'sinatra-contrib', '2.0.2'
+gem 'sinatra', '2.0.3'
+gem 'sinatra-contrib', '2.0.3'
 gem 'rake', '>= 12.3.3'
 gem 'json', '>= 2.3.0'
 gem 'puma', '>= 3.12.4'
diff --git a/Gemfile.lock b/Gemfile.lock
index 790cc50..4457cfe 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,35 +1,63 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    backports (2.8.2)
+    activesupport (7.1.5.1)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
+      i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
+      minitest (>= 5.1)
+      mutex_m
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0)
+    backports (3.25.1)
+    base64 (0.3.0)
+    benchmark (0.4.1)
+    bigdecimal (3.2.2)
+    concurrent-ruby (1.3.5)
+    connection_pool (2.5.3)
+    drb (2.2.3)
     httparty (0.14.0)
       multi_xml (>= 0.5.2)
+    i18n (1.14.7)
+      concurrent-ruby (~> 1.0)
     json (2.3.0)
-    multi_json (1.14.1)
+    logger (1.7.0)
+    minitest (5.25.5)
+    multi_json (1.15.0)
     multi_xml (0.6.0)
-    mustermann (1.1.1)
+    mustermann (1.1.2)
       ruby2_keywords (~> 0.0.1)
+    mutex_m (0.3.0)
     nio4r (2.5.2)
     puma (4.3.3)
       nio4r (~> 2.0)
-    rack (2.2.3)
-    rack-protection (2.0.2)
+    rack (2.2.17)
+    rack-protection (2.0.3)
       rack
     rake (13.0.1)
-    ruby2_keywords (0.0.2)
-    sinatra (2.0.2)
+    ruby2_keywords (0.0.5)
+    securerandom (0.3.2)
+    sinatra (2.0.3)
       mustermann (~> 1.0)
       rack (~> 2.0)
-      rack-protection (= 2.0.2)
+      rack-protection (= 2.0.3)
       tilt (~> 2.0)
-    sinatra-contrib (2.0.2)
-      backports (~> 2.8.2)
+    sinatra-contrib (2.0.3)
+      activesupport (>= 4.0.0)
+      backports (>= 2.8.2)
       multi_json
       mustermann (~> 1.0)
-      rack-protection (= 2.0.2)
-      sinatra (= 2.0.2)
+      rack-protection (= 2.0.3)
+      sinatra (= 2.0.3)
       tilt (>= 1.3, < 3)
-    tilt (2.0.10)
+    tilt (2.6.1)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
 
 PLATFORMS
   ruby
@@ -40,8 +68,8 @@ DEPENDENCIES
   json (>= 2.3.0)
   puma (>= 3.12.4)
   rake (>= 12.3.3)
-  sinatra (= 2.0.2)
-  sinatra-contrib (= 2.0.2)
+  sinatra (= 2.0.3)
+  sinatra-contrib (= 2.0.3)
 
 BUNDLED WITH
    1.17.3