From 83dd3a9786720d3c3c3276d748fcd0fc060cbae9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 29 Nov 2022 17:57:12 +0000 Subject: [PATCH] fix: api/ruby/delivering-deployments/Gemfile & api/ruby/delivering-deployments/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-SINATRA-3150405 --- api/ruby/delivering-deployments/Gemfile | 2 +- api/ruby/delivering-deployments/Gemfile.lock | 22 ++++++++++++-------- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/api/ruby/delivering-deployments/Gemfile b/api/ruby/delivering-deployments/Gemfile index de581d11f..af8f799eb 100644 --- a/api/ruby/delivering-deployments/Gemfile +++ b/api/ruby/delivering-deployments/Gemfile @@ -1,6 +1,6 @@ source "http://rubygems.org" gem "json", "~> 1.8" -gem 'sinatra', '~> 1.3.5' +gem 'sinatra', '~> 2.2.3' gem "shotgun" gem "octokit", '~> 3.0' diff --git a/api/ruby/delivering-deployments/Gemfile.lock b/api/ruby/delivering-deployments/Gemfile.lock index 6261cde48..b319db355 100644 --- a/api/ruby/delivering-deployments/Gemfile.lock +++ b/api/ruby/delivering-deployments/Gemfile.lock @@ -6,21 +6,25 @@ GEM multipart-post (>= 1.2, < 3) json (1.8.3) multipart-post (2.0.0) + mustermann (2.0.2) + ruby2_keywords (~> 0.0.1) octokit (3.0.0) sawyer (~> 0.5.3) - rack (1.5.2) - rack-protection (1.5.2) + rack (2.2.4) + rack-protection (2.2.3) rack + ruby2_keywords (0.0.5) sawyer (0.5.4) addressable (~> 2.3.5) faraday (~> 0.8, < 0.10) shotgun (0.9) rack (>= 1.0) - sinatra (1.3.6) - rack (~> 1.4) - rack-protection (~> 1.3) - tilt (~> 1.3, >= 1.3.3) - tilt (1.4.1) + sinatra (2.2.3) + mustermann (~> 2.0) + rack (~> 2.2) + rack-protection (= 2.2.3) + tilt (~> 2.0) + tilt (2.0.11) PLATFORMS ruby @@ -29,7 +33,7 @@ DEPENDENCIES json (~> 1.8) octokit (~> 3.0) shotgun - sinatra (~> 1.3.5) + sinatra (~> 2.2.3) BUNDLED WITH - 1.11.2 + 1.17.3