fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-PUMA-5846204
garethr · Aug 20, 2023 · 33d35bc · 33d35bc
1 parent 33059cf
commit 33d35bc
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 10 deletions.
diff --git a/Gemfile b/Gemfile
@@ -5,8 +5,8 @@ source "https://rubygems.org"
 git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
 
 gem "sinatra", "2.0.1"
-gem "puma", "4.2.1" 
-gem 'puma-metrics'
+gem "puma", "5.6.7"
+gem 'puma-metrics', '>= 1.2.0'
 
 group :test do
   gem 'rake'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -4,13 +4,13 @@ GEM
     diff-lcs (1.3)
     mustermann (1.1.1)
       ruby2_keywords (~> 0.0.1)
-    nio4r (2.5.2)
-    prometheus-client (0.10.0)
-    puma (4.2.1)
+    nio4r (2.5.9)
+    prometheus-client (4.2.1)
+    puma (5.6.7)
       nio4r (~> 2.0)
-    puma-metrics (1.1.0)
-      prometheus-client (~> 0.10)
-      puma (>= 3.0)
+    puma-metrics (1.2.5)
+      prometheus-client (>= 0.10)
+      puma (>= 5.0)
     rack (2.2.2)
     rack-protection (2.0.1)
       rack
@@ -42,8 +42,8 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  puma (= 4.2.1)
-  puma-metrics
+  puma (= 5.6.7)
+  puma-metrics (>= 1.2.0)
   rack-test
   rake
   rspec