From e0a23d274af5f4051b9e920177a25da3f3b31b7f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 13 Jul 2025 09:08:59 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-8062124
- https://snyk.io/vuln/SNYK-RUBY-RACK-2848599
- https://snyk.io/vuln/SNYK-RUBY-RACK-10074187
- https://snyk.io/vuln/SNYK-RUBY-RACK-9398129
- https://snyk.io/vuln/SNYK-RUBY-RACK-572377
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
- https://snyk.io/vuln/SNYK-RUBY-RACK-2848600
- https://snyk.io/vuln/SNYK-RUBY-RACK-3356639
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274385
- https://snyk.io/vuln/SNYK-RUBY-PUMA-5846204
- https://snyk.io/vuln/SNYK-RUBY-RACK-8720151
- https://snyk.io/vuln/SNYK-RUBY-RACK-9058602
- https://snyk.io/vuln/SNYK-RUBY-PUMA-6146928
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237233
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237237
- https://snyk.io/vuln/SNYK-RUBY-RACK-3237240
- https://snyk.io/vuln/SNYK-RUBY-RACK-3360233
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274383
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274384
- https://snyk.io/vuln/SNYK-RUBY-RACK-10074188
---
 Gemfile      |  6 +++---
 Gemfile.lock | 34 ++++++++++++++++++----------------
 2 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/Gemfile b/Gemfile
index a6cfe07..c99bbf0 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,12 +4,12 @@ source "https://rubygems.org"
 
 git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
 
-gem "sinatra", "2.0.1"
+gem "sinatra", "2.0.2"
 gem "puma", "4.2.1" 
-gem 'puma-metrics'
+gem 'puma-metrics', '>= 1.2.0'
 
 group :test do
   gem 'rake'
   gem 'rspec'
-  gem 'rack-test'
+  gem 'rack-test', '>= 2.0.0'
 end
diff --git a/Gemfile.lock b/Gemfile.lock
index ccc5069..93ea04a 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,21 +1,23 @@
 GEM
   remote: https://rubygems.org/
   specs:
+    base64 (0.3.0)
     diff-lcs (1.3)
-    mustermann (1.1.1)
+    mustermann (1.1.2)
       ruby2_keywords (~> 0.0.1)
-    nio4r (2.5.2)
-    prometheus-client (0.10.0)
+    nio4r (2.7.4)
+    prometheus-client (4.2.5)
+      base64
     puma (4.2.1)
       nio4r (~> 2.0)
-    puma-metrics (1.1.0)
-      prometheus-client (~> 0.10)
+    puma-metrics (1.2.4)
+      prometheus-client (>= 0.10)
       puma (>= 3.0)
-    rack (2.2.2)
-    rack-protection (2.0.1)
+    rack (2.2.17)
+    rack-protection (2.0.2)
       rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
+    rack-test (2.2.0)
+      rack (>= 1.3)
     rake (13.0.1)
     rspec (3.9.0)
       rspec-core (~> 3.9.0)
@@ -30,24 +32,24 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.2)
-    ruby2_keywords (0.0.2)
-    sinatra (2.0.1)
+    ruby2_keywords (0.0.5)
+    sinatra (2.0.2)
       mustermann (~> 1.0)
       rack (~> 2.0)
-      rack-protection (= 2.0.1)
+      rack-protection (= 2.0.2)
       tilt (~> 2.0)
-    tilt (2.0.10)
+    tilt (2.6.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   puma (= 4.2.1)
-  puma-metrics
-  rack-test
+  puma-metrics (>= 1.2.0)
+  rack-test (>= 2.0.0)
   rake
   rspec
-  sinatra (= 2.0.1)
+  sinatra (= 2.0.2)
 
 BUNDLED WITH
    2.1.4