From 4f5dd325d9eba7f8e5c7d14bf2878d7742e33ec8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 23 May 2020 16:14:50 +1000 Subject: [PATCH 1/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-PUMA-570205 - https://snyk.io/vuln/SNYK-RUBY-PUMA-570206 --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 7a1bbe4..f0fedd5 100644 --- a/Gemfile +++ b/Gemfile @@ -17,7 +17,7 @@ gem 'turbolinks' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder gem 'jbuilder', '~> 2.0' # Use Puma as the app server -gem 'puma' +gem 'puma', '>= 3.12.6' gem 'lingq' # Use ActiveModel has_secure_password # gem 'bcrypt', '~> 3.1.7' From 564a4e9803c6ec8e26f9ac11044b78a6d45aa284 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 23 May 2020 16:14:51 +1000 Subject: [PATCH 2/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-PUMA-570205 - https://snyk.io/vuln/SNYK-RUBY-PUMA-570206 --- Gemfile.lock | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 9631435..ae700a4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -174,6 +174,7 @@ GEM neat (1.7.4) bourbon (>= 4.0) sass (>= 3.3) + nio4r (2.5.2) nokogiri (1.6.7.2) mini_portile2 (~> 2.0.0.rc2) normalize-rails (3.0.3) @@ -194,7 +195,8 @@ GEM premailer-rails (1.9.2) actionmailer (>= 3, < 6) premailer (~> 1.7, >= 1.7.9) - puma (3.4.0) + puma (4.3.5) + nio4r (~> 2.0) rabl (0.11.8) activesupport (>= 2.3.14) rack (1.6.4) @@ -360,7 +362,7 @@ DEPENDENCIES jbuilder (~> 2.0) jquery-rails lingq - puma + puma (>= 3.12.6) rails (= 4.2.5) sinatra (= 1.1.4) spree (= 3.0.7) @@ -372,4 +374,4 @@ DEPENDENCIES web-console BUNDLED WITH - 1.12.4 + 1.17.3