From 0465e3a7e54bf7c1397dfeb91e69716729b66fac Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 20 Jan 2024 04:25:20 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 --- Gemfile | 2 +- Gemfile.lock | 29 ++++++++++++++++++----------- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/Gemfile b/Gemfile index 8f8381e21..241149937 100644 --- a/Gemfile +++ b/Gemfile @@ -2,4 +2,4 @@ source 'https://rubygems.org' gem 'aruba', '~> 1.0.0.pre.alpha.4' gem 'cucumber', '~> 3.1.2' -gem 'sinatra' +gem 'sinatra', '>= 4.0.0' diff --git a/Gemfile.lock b/Gemfile.lock index 4b44e821b..bcdf07d19 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,6 +9,7 @@ GEM rspec-expectations (~> 3.4) thor (~> 0.19) backports (3.15.0) + base64 (0.2.0) builder (3.2.3) childprocess (1.0.1) rake (< 13.0) @@ -35,22 +36,28 @@ GEM gherkin (5.1.0) multi_json (1.13.1) multi_test (0.1.2) - mustermann (1.0.3) - rack (2.0.7) - rack-protection (2.0.5) - rack + mustermann (3.0.0) + ruby2_keywords (~> 0.0.1) + rack (3.0.8) + rack-protection (4.0.0) + base64 (>= 0.1.0) + rack (>= 3.0.0, < 4) + rack-session (2.0.0) + rack (>= 3.0.0) rake (12.3.3) rspec-expectations (3.8.4) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) rspec-support (3.8.2) - sinatra (2.0.5) - mustermann (~> 1.0) - rack (~> 2.0) - rack-protection (= 2.0.5) + ruby2_keywords (0.0.5) + sinatra (4.0.0) + mustermann (~> 3.0) + rack (>= 3.0.0, < 4) + rack-protection (= 4.0.0) + rack-session (>= 2.0.0, < 3) tilt (~> 2.0) thor (0.20.3) - tilt (2.0.9) + tilt (2.3.0) PLATFORMS java @@ -59,7 +66,7 @@ PLATFORMS DEPENDENCIES aruba (~> 1.0.0.pre.alpha.4) cucumber (~> 3.1.2) - sinatra + sinatra (>= 4.0.0) BUNDLED WITH - 1.17.1 + 1.17.3