From b11c51bbab2c3c2ce204cea6bb23814751e51209 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 14 Oct 2021 01:54:40 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-1730572
---
 Gemfile      | 2 +-
 Gemfile.lock | 8 +++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index 50057d8..5c1da1b 100644
--- a/Gemfile
+++ b/Gemfile
@@ -17,7 +17,7 @@ gem 'turbolinks'
 # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
 gem 'jbuilder', '~> 2.0'
 # Use Puma as the app server
-gem 'puma'
+gem 'puma', '>= 4.3.9'
 gem 'lingq'
 # Use ActiveModel has_secure_password
 # gem 'bcrypt', '~> 3.1.7'
diff --git a/Gemfile.lock b/Gemfile.lock
index ece6bbf..d43f92b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -174,6 +174,7 @@ GEM
     neat (1.7.4)
       bourbon (>= 4.0)
       sass (>= 3.3)
+    nio4r (2.5.8)
     nokogiri (1.6.7.2)
       mini_portile2 (~> 2.0.0.rc2)
     normalize-rails (3.0.3)
@@ -194,7 +195,8 @@ GEM
     premailer-rails (1.9.2)
       actionmailer (>= 3, < 6)
       premailer (~> 1.7, >= 1.7.9)
-    puma (3.4.0)
+    puma (5.5.2)
+      nio4r (~> 2.0)
     rabl (0.11.8)
       activesupport (>= 2.3.14)
     rack (1.6.4)
@@ -362,7 +364,7 @@ DEPENDENCIES
   jbuilder (~> 2.0)
   jquery-rails
   lingq
-  puma
+  puma (>= 4.3.9)
   rack-ssl (= 1.0.0)
   rails (= 4.2.5)
   sinatra (= 1.1.4)
@@ -375,4 +377,4 @@ DEPENDENCIES
   web-console
 
 BUNDLED WITH
-   1.13.1
+   1.17.3