fix: Gemfile & Gemfile.lock to reduce vulnerabilities

snyk-bot · snyk-bot · commit 9baa0f16bc19 · 2025-09-28T08:13:18.000Z
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-13052974
diff --git a/Gemfile b/Gemfile
@@ -4,12 +4,12 @@ source "https://rubygems.org"
 
 git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
 
-gem "sinatra", "2.0.1"
+gem "sinatra", "2.0.2"
 gem "puma", "4.2.1" 
 gem 'puma-metrics'
 
 group :test do
   gem 'rake'
   gem 'rspec'
-  gem 'rack-test'
+  gem 'rack-test', '>= 2.0.0'
 end
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -2,7 +2,7 @@ GEM
   remote: https://rubygems.org/
   specs:
     diff-lcs (1.3)
-    mustermann (1.1.1)
+    mustermann (1.1.2)
       ruby2_keywords (~> 0.0.1)
     nio4r (2.5.2)
     prometheus-client (0.10.0)
@@ -11,11 +11,11 @@ GEM
     puma-metrics (1.1.0)
       prometheus-client (~> 0.10)
       puma (>= 3.0)
-    rack (2.2.2)
-    rack-protection (2.0.1)
+    rack (2.2.18)
+    rack-protection (2.0.2)
       rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
+    rack-test (2.2.0)
+      rack (>= 1.3)
     rake (13.0.1)
     rspec (3.9.0)
       rspec-core (~> 3.9.0)
@@ -30,24 +30,24 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.2)
-    ruby2_keywords (0.0.2)
-    sinatra (2.0.1)
+    ruby2_keywords (0.0.5)
+    sinatra (2.0.2)
       mustermann (~> 1.0)
       rack (~> 2.0)
-      rack-protection (= 2.0.1)
+      rack-protection (= 2.0.2)
       tilt (~> 2.0)
-    tilt (2.0.10)
+    tilt (2.6.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   puma (= 4.2.1)
   puma-metrics
-  rack-test
+  rack-test (>= 2.0.0)
   rake
   rspec
-  sinatra (= 2.0.1)
+  sinatra (= 2.0.2)
 
 BUNDLED WITH
-   2.1.4
+   2.3.26
