From 2eaced40f61d8d394b6fb94658efea92c554ddec Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 21 Nov 2024 19:56:08 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-SINATRA-6483832 --- Gemfile | 2 +- Gemfile.lock | 17 ++++++++++------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/Gemfile b/Gemfile index bb5e97f..5854185 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source 'https://rubygems.org' -gem 'sinatra', '~> 4.0.0' +gem 'sinatra', '~> 4.1.0' gem 'prometheus-client' gem 'puma' gem 'newrelic_rpm' diff --git a/Gemfile.lock b/Gemfile.lock index c8faee0..fec0d45 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -19,11 +19,12 @@ GEM selenium-webdriver coderay (1.1.3) diff-lcs (1.5.1) + logger (1.6.1) matrix (0.4.2) method_source (1.0.0) mini_mime (1.1.5) mini_portile2 (2.8.5) - mustermann (3.0.0) + mustermann (3.0.3) ruby2_keywords (~> 0.0.1) newrelic_rpm (9.7.1) nio4r (2.7.0) @@ -41,9 +42,10 @@ GEM puma (6.4.2) nio4r (~> 2.0) racc (1.7.3) - rack (3.0.9.1) - rack-protection (4.0.0) + rack (3.0.11) + rack-protection (4.1.1) base64 (>= 0.1.0) + logger (>= 1.6.0) rack (>= 3.0.0, < 4) rack-session (2.0.0) rack (>= 3.0.0) @@ -75,13 +77,14 @@ GEM rexml (~> 3.2, >= 3.2.5) rubyzip (>= 1.2.2, < 3.0) websocket (~> 1.0) - sinatra (4.0.0) + sinatra (4.1.1) + logger (>= 1.6.0) mustermann (~> 3.0) rack (>= 3.0.0, < 4) - rack-protection (= 4.0.0) + rack-protection (= 4.1.1) rack-session (>= 2.0.0, < 3) tilt (~> 2.0) - tilt (2.3.0) + tilt (2.4.0) webrick (1.8.1) websocket (1.2.10) xpath (3.2.0) @@ -103,7 +106,7 @@ DEPENDENCIES rackup rake (~> 13.0.0) rspec - sinatra (~> 4.0.0) + sinatra (~> 4.1.0) BUNDLED WITH 2.5.6