From 86113250ae82007773964a67a4da6f460b42640c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 20 Jan 2024 03:57:04 +0000
Subject: [PATCH] fix: demo/Gemfile & demo/Gemfile.lock to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
---
 demo/Gemfile      |  2 +-
 demo/Gemfile.lock | 30 +++++++++++++++++++++---------
 2 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/demo/Gemfile b/demo/Gemfile
index 9f5d663..26ed329 100644
--- a/demo/Gemfile
+++ b/demo/Gemfile
@@ -1,5 +1,5 @@
 source 'http://rubygems.org'
 
-gem 'sinatra'
+gem 'sinatra', '>= 4.0.0'
 gem 'fat_fingers'
 gem 'pony'
\ No newline at end of file
diff --git a/demo/Gemfile.lock b/demo/Gemfile.lock
index 8670547..6a6968b 100644
--- a/demo/Gemfile.lock
+++ b/demo/Gemfile.lock
@@ -1,6 +1,7 @@
 GEM
   remote: http://rubygems.org/
   specs:
+    base64 (0.2.0)
     fat_fingers (0.1.12)
     i18n (0.6.1)
     mail (2.5.3)
@@ -8,17 +9,25 @@ GEM
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     mime-types (1.21)
+    mustermann (3.0.0)
+      ruby2_keywords (~> 0.0.1)
     polyglot (0.3.3)
     pony (1.4)
       mail (> 2.0)
-    rack (1.5.2)
-    rack-protection (1.3.2)
-      rack
-    sinatra (1.3.5)
-      rack (~> 1.4)
-      rack-protection (~> 1.3)
-      tilt (~> 1.3, >= 1.3.3)
-    tilt (1.3.3)
+    rack (3.0.8)
+    rack-protection (4.0.0)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
+    ruby2_keywords (0.0.5)
+    sinatra (4.0.0)
+      mustermann (~> 3.0)
+      rack (>= 3.0.0, < 4)
+      rack-protection (= 4.0.0)
+      rack-session (>= 2.0.0, < 3)
+      tilt (~> 2.0)
+    tilt (2.3.0)
     treetop (1.4.12)
       polyglot
       polyglot (>= 0.3.1)
@@ -29,4 +38,7 @@ PLATFORMS
 DEPENDENCIES
   fat_fingers
   pony
-  sinatra
+  sinatra (>= 4.0.0)
+
+BUNDLED WITH
+   2.1.4