From 4ee5b048cc648b605bb43f37d421fae4bde05823 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 13 Oct 2021 19:36:55 +0000 Subject: [PATCH] fix: alpha-blog/Gemfile & alpha-blog/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-PUMA-1730572 --- alpha-blog/Gemfile | 2 +- alpha-blog/Gemfile.lock | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/alpha-blog/Gemfile b/alpha-blog/Gemfile index af3b0b6..4244ebb 100644 --- a/alpha-blog/Gemfile +++ b/alpha-blog/Gemfile @@ -17,7 +17,7 @@ gem 'bcrypt', '~> 3.1.7' gem 'will_paginate', '3.1.5' gem 'bootstrap-will_paginate', '1.0.0' # Use Puma as the app server -gem 'puma', '~> 3.7' +gem 'puma', '~> 4.3', '>= 4.3.9' # Use SCSS for stylesheets gem 'bootstrap-sass', '~> 3.3.7' gem 'jquery-rails' diff --git a/alpha-blog/Gemfile.lock b/alpha-blog/Gemfile.lock index 427db4d..9470605 100644 --- a/alpha-blog/Gemfile.lock +++ b/alpha-blog/Gemfile.lock @@ -110,7 +110,8 @@ GEM mini_portile2 (~> 2.4.0) pg (1.1.4) public_suffix (3.1.1) - puma (3.12.1) + puma (4.3.10) + nio4r (~> 2.0) rack (2.0.7) rack-test (1.1.0) rack (>= 1.0, < 3) @@ -227,7 +228,7 @@ DEPENDENCIES listen (>= 3.0.5, < 3.2) minitest-reporters pg - puma (~> 3.7) + puma (~> 4.3, >= 4.3.9) rails (~> 5.1.6) rails-controller-testing rails_12factor @@ -240,7 +241,6 @@ DEPENDENCIES sqlite3 therubyracer turbolinks (~> 5) - tzinfo-data uglifier (>= 1.3.0) web-console (>= 3.3.0) will_paginate (= 3.1.5) @@ -249,5 +249,4 @@ RUBY VERSION ruby 2.5.1p57 BUNDLED WITH - 2.0.2 - + 1.17.3