From 0545cf106927014ea261094c175d0cca534f7ce2 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 14 Jun 2018 00:25:15 +0000
Subject: [PATCH] fix: Gemfile.lock & Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-20028
- https://snyk.io/vuln/SNYK-RUBY-RACK-20045
- https://snyk.io/vuln/SNYK-RUBY-RACK-20052
- https://snyk.io/vuln/SNYK-RUBY-RACK-20058
- https://snyk.io/vuln/SNYK-RUBY-RACK-20059
- https://snyk.io/vuln/SNYK-RUBY-RACK-20230
- https://snyk.io/vuln/SNYK-RUBY-RACK-20399
- https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20394
- https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-20395
- https://snyk.io/vuln/SNYK-RUBY-RACKPROTECTION-22019
- https://snyk.io/vuln/SNYK-RUBY-SINATRA-20488
- https://snyk.io/vuln/SNYK-RUBY-SINATRA-22027
---
 Gemfile      |  2 +-
 Gemfile.lock | 21 ++++++++++++---------
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/Gemfile b/Gemfile
index cfe43f76c..8e6eda2ed 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,5 +2,5 @@ source 'https://rubygems.org'
 
 gem 'aruba', '~> 0.5.3'
 gem 'cucumber', '~> 1.3.9'
-gem 'sinatra'
+gem 'sinatra', '>= 2.0.2'
 gem 'ronn'
diff --git a/Gemfile.lock b/Gemfile.lock
index f38ffb94b..c8f755dcf 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -22,11 +22,13 @@ GEM
     gherkin (2.12.2-java)
       multi_json (~> 1.3)
     hpricot (0.8.4)
+    hpricot (0.8.4-java)
     multi_json (1.10.1)
     multi_test (0.1.1)
     mustache (0.99.4)
-    rack (1.4.1)
-    rack-protection (1.2.0)
+    mustermann (1.0.2)
+    rack (2.0.5)
+    rack-protection (2.0.3)
       rack
     rdiscount (1.6.8)
     ronn (0.7.3)
@@ -37,11 +39,12 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.0.0)
     rspec-support (3.0.2)
-    sinatra (1.3.2)
-      rack (~> 1.3, >= 1.3.6)
-      rack-protection (~> 1.2)
-      tilt (~> 1.3, >= 1.3.3)
-    tilt (1.3.3)
+    sinatra (2.0.3)
+      mustermann (~> 1.0)
+      rack (~> 2.0)
+      rack-protection (= 2.0.3)
+      tilt (~> 2.0)
+    tilt (2.0.8)
 
 PLATFORMS
   java
@@ -51,7 +54,7 @@ DEPENDENCIES
   aruba (~> 0.5.3)
   cucumber (~> 1.3.9)
   ronn
-  sinatra
+  sinatra (>= 2.0.2)
 
 BUNDLED WITH
-   1.11.2
+   1.16.1