From 638dc794199ec39bd2b7e38e6985d0f375d4f0bb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 5 Apr 2023 01:08:03 +0000 Subject: [PATCH] fix: bundler-app/Gemfile & bundler-app/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848599 - https://snyk.io/vuln/SNYK-RUBY-RACK-2848600 - https://snyk.io/vuln/SNYK-RUBY-RACK-3237240 - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 - https://snyk.io/vuln/SNYK-RUBY-RACK-538324 - https://snyk.io/vuln/SNYK-RUBY-RACK-569066 - https://snyk.io/vuln/SNYK-RUBY-RACK-572377 - https://snyk.io/vuln/SNYK-RUBY-RACK-72567 - https://snyk.io/vuln/SNYK-RUBY-RACKCACHE-20031 - https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20394 - https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20395 - https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-22019 --- bundler-app/Gemfile | 6 +++--- bundler-app/Gemfile.lock | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/bundler-app/Gemfile b/bundler-app/Gemfile index 882706091..f273db722 100644 --- a/bundler-app/Gemfile +++ b/bundler-app/Gemfile @@ -1,5 +1,5 @@ source "https://rubygems.org" -gem "rack-cache", "~> 1.1.0" -gem "rack", "~> 1.6.2" -gem "rack-protection", "~> 1.5.0" +gem "rack-cache", "~> 1.2.0" +gem "rack", "~> 3.0.0" +gem "rack-protection", "~> 2.0.0" diff --git a/bundler-app/Gemfile.lock b/bundler-app/Gemfile.lock index f8cd4503f..7e0286ca6 100644 --- a/bundler-app/Gemfile.lock +++ b/bundler-app/Gemfile.lock @@ -1,19 +1,19 @@ GEM remote: https://rubygems.org/ specs: - rack (1.6.5) - rack-cache (1.1) + rack (3.0.7) + rack-cache (1.2) rack (>= 0.4) - rack-protection (1.5.3) + rack-protection (2.0.8.1) rack PLATFORMS ruby DEPENDENCIES - rack (~> 1.6.2) - rack-cache (~> 1.1.0) - rack-protection (~> 1.5.0) + rack (~> 3.0.0) + rack-cache (~> 1.2.0) + rack-protection (~> 2.0.0) BUNDLED WITH - 1.14.3 + 1.17.3