From d7373c42bd13b0f60010e98c0ab6e393d68b0544 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 23 Oct 2022 22:42:55 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-1061917
---
 Gemfile      |  6 +++---
 Gemfile.lock | 32 ++++++++++++++++----------------
 2 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/Gemfile b/Gemfile
index c3b87a8f..0309ddbf 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,8 +1,8 @@
 source 'https://rubygems.org'
 ruby "~> 2.7.0"
 
-gem "sinatra", "~> 2.1"
-gem "sinatra-contrib", "~> 2.1"
+gem "sinatra", "~> 2.1", ">= 2.1.0"
+gem "sinatra-contrib", "~> 2.1", ">= 2.1.0"
 gem "erector", ">=0.9.0"
 gem "puma", "~> 5.1"
 gem "activesupport", "~> 6.0", ">= 6.0.3.1"
@@ -17,7 +17,7 @@ gem "barnes", "~> 0.0.7"
 gem "nokogiri", "~> 1.10", ">= 1.10.10" # fixed versions, for Windows
 gem 'newrelic_rpm', '~> 6.12', ">= 6.12.0.367"
 gem "oj", "~> 3.10", ">= 3.10.13"
-gem "rack-cache", "~> 1.12", ">= 1.12.0"
+gem "rack-cache", "~> 1.12", ">= 1.12.1"
 gem "rake", "~> 13.0"
 gem "rake-notes", "~> 0.2"
 gem "rspec", "~> 3.8"
diff --git a/Gemfile.lock b/Gemfile.lock
index b347fb75..3272e687 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -63,7 +63,7 @@ GEM
     mini_portile2 (2.5.0)
     minitest (5.14.3)
     multi_json (1.15.0)
-    mustermann (1.1.1)
+    mustermann (2.0.2)
       ruby2_keywords (~> 0.0.1)
     newrelic_rpm (6.14.0)
     nio4r (2.5.4)
@@ -80,10 +80,10 @@ GEM
     puma (5.1.1)
       nio4r (~> 2.0)
     racc (1.5.2)
-    rack (2.2.3)
-    rack-cache (1.12.1)
+    rack (2.2.4)
+    rack-cache (1.13.0)
       rack (>= 0.4)
-    rack-protection (2.1.0)
+    rack-protection (2.2.2)
       rack
     rack-rewrite (1.5.1)
     rack-ssl (1.4.1)
@@ -110,7 +110,7 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-support (3.10.1)
-    ruby2_keywords (0.0.2)
+    ruby2_keywords (0.0.5)
     ruby2ruby (2.4.4)
       ruby_parser (~> 3.1)
       sexp_processor (~> 4.6)
@@ -119,23 +119,23 @@ GEM
     sassc (2.4.0)
       ffi (~> 1.9)
     sexp_processor (4.15.2)
-    sinatra (2.1.0)
-      mustermann (~> 1.0)
+    sinatra (2.2.2)
+      mustermann (~> 2.0)
       rack (~> 2.2)
-      rack-protection (= 2.1.0)
+      rack-protection (= 2.2.2)
       tilt (~> 2.0)
-    sinatra-contrib (2.1.0)
+    sinatra-contrib (2.2.2)
       multi_json
-      mustermann (~> 1.0)
-      rack-protection (= 2.1.0)
-      sinatra (= 2.1.0)
+      mustermann (~> 2.0)
+      rack-protection (= 2.2.2)
+      sinatra (= 2.2.2)
       tilt (~> 2.0)
     statsd-ruby (1.5.0)
     thin (1.8.0)
       daemons (~> 1.0, >= 1.0.9)
       eventmachine (~> 1.0, >= 1.0.4)
       rack (>= 1, < 3)
-    tilt (2.0.10)
+    tilt (2.0.11)
     treetop (1.6.11)
       polyglot (~> 0.3)
     tzinfo (2.0.4)
@@ -160,7 +160,7 @@ DEPENDENCIES
   oj (~> 3.10, >= 3.10.13)
   pry (~> 0.13)
   puma (~> 5.1)
-  rack-cache (~> 1.12, >= 1.12.0)
+  rack-cache (~> 1.12, >= 1.12.1)
   rack-rewrite (~> 1.5)
   rack-ssl (~> 1.4, >= 1.4.1)
   rake (~> 13.0)
@@ -170,8 +170,8 @@ DEPENDENCIES
   rollbar (~> 3.0, >= 3.0.0)
   rspec (~> 3.8)
   sassc (~> 2.4, >= 2.4.0)
-  sinatra (~> 2.1)
-  sinatra-contrib (~> 2.1)
+  sinatra (~> 2.1, >= 2.1.0)
+  sinatra-contrib (~> 2.1, >= 2.1.0)
   wrong!
 
 RUBY VERSION