From 264c7171ec999d6159d45f1cf1aaa955cc0ebcbd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 18 Nov 2024 17:48:12 +0000 Subject: [PATCH] fix: demo/Gemfile & demo/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-SINATRA-6483832 --- demo/Gemfile | 2 +- demo/Gemfile.lock | 33 ++++++++++++++++++++++++--------- 2 files changed, 25 insertions(+), 10 deletions(-) diff --git a/demo/Gemfile b/demo/Gemfile index 9f5d663..1925665 100644 --- a/demo/Gemfile +++ b/demo/Gemfile @@ -1,5 +1,5 @@ source 'http://rubygems.org' -gem 'sinatra' +gem 'sinatra', '>= 4.1.0' gem 'fat_fingers' gem 'pony' \ No newline at end of file diff --git a/demo/Gemfile.lock b/demo/Gemfile.lock index 8670547..2d5d6ab 100644 --- a/demo/Gemfile.lock +++ b/demo/Gemfile.lock @@ -1,24 +1,36 @@ GEM remote: http://rubygems.org/ specs: + base64 (0.2.0) fat_fingers (0.1.12) i18n (0.6.1) + logger (1.6.1) mail (2.5.3) i18n (>= 0.4.0) mime-types (~> 1.16) treetop (~> 1.4.8) mime-types (1.21) + mustermann (3.0.3) + ruby2_keywords (~> 0.0.1) polyglot (0.3.3) pony (1.4) mail (> 2.0) - rack (1.5.2) - rack-protection (1.3.2) - rack - sinatra (1.3.5) - rack (~> 1.4) - rack-protection (~> 1.3) - tilt (~> 1.3, >= 1.3.3) - tilt (1.3.3) + rack (3.1.8) + rack-protection (4.1.0) + base64 (>= 0.1.0) + logger (>= 1.6.0) + rack (>= 3.0.0, < 4) + rack-session (2.0.0) + rack (>= 3.0.0) + ruby2_keywords (0.0.5) + sinatra (4.1.0) + logger (>= 1.6.0) + mustermann (~> 3.0) + rack (>= 3.0.0, < 4) + rack-protection (= 4.1.0) + rack-session (>= 2.0.0, < 3) + tilt (~> 2.0) + tilt (2.4.0) treetop (1.4.12) polyglot polyglot (>= 0.3.1) @@ -29,4 +41,7 @@ PLATFORMS DEPENDENCIES fat_fingers pony - sinatra + sinatra (>= 4.1.0) + +BUNDLED WITH + 2.1.4