From 33ae3055f3c1b8a6eabd8e780b7773b370c3bf3f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 17 Jun 2020 02:48:41 +0000 Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-572377 --- Gemfile | 4 ++-- Gemfile.lock | 30 +++++++++++++++++------------- 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/Gemfile b/Gemfile index a88f281a..1b1b77da 100644 --- a/Gemfile +++ b/Gemfile @@ -4,10 +4,10 @@ gem 'rake' gem 'rest-client' group :scripts do - gem 'sinatra' + gem 'sinatra', '>= 2.0.0' gem 'pusher' gem 'json' - gem 'thin' + gem 'thin', '>= 1.7.0' gem 'uuid' end diff --git a/Gemfile.lock b/Gemfile.lock index acab6ddc..58a9793c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -57,11 +57,11 @@ GEM netrc (= 0.7.8) cocoapods-try (1.1.0) colored (1.2) - daemons (1.2.3) + daemons (1.3.1) domain_name (0.5.20160615) unf (>= 0.0.5, < 1.0.0) escape (0.0.4) - eventmachine (1.2.0.1) + eventmachine (1.2.7) fourflusher (2.0.1) fuzzy_match (2.0.4) gh_inspector (1.0.3) @@ -76,6 +76,8 @@ GEM minitest (5.10.1) molinillo (0.5.7) multi_json (1.12.1) + mustermann (1.1.1) + ruby2_keywords (~> 0.0.1) nanaimo (0.2.3) nap (1.1.0) netrc (0.7.8) @@ -84,8 +86,8 @@ GEM multi_json (~> 1.0) pusher-signature (~> 0.1.8) pusher-signature (0.1.8) - rack (1.6.12) - rack-protection (1.5.5) + rack (2.2.3) + rack-protection (2.0.8.1) rack rake (11.2.2) rest-client (1.8.0) @@ -93,18 +95,20 @@ GEM mime-types (>= 1.16, < 3.0) netrc (~> 0.7) ruby-macho (0.2.6) - sinatra (1.4.7) - rack (~> 1.5) - rack-protection (~> 1.4) - tilt (>= 1.3, < 3) + ruby2_keywords (0.0.2) + sinatra (2.0.8.1) + mustermann (~> 1.0) + rack (~> 2.0) + rack-protection (= 2.0.8.1) + tilt (~> 2.0) state_machine (1.1.2) systemu (2.6.5) - thin (1.7.0) + thin (1.7.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) thread_safe (0.3.6) - tilt (2.0.5) + tilt (2.0.10) tzinfo (1.2.2) thread_safe (~> 0.1) unf (0.1.4) @@ -129,11 +133,11 @@ DEPENDENCIES pusher rake rest-client - sinatra - thin + sinatra (>= 2.0.0) + thin (>= 1.7.0) uuid xcodebuild-rb! xcodeproj BUNDLED WITH - 1.13.6 + 1.17.3