From 873c816cf763aff9a85b66437a920be237183b6b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 17 Oct 2025 11:59:06 +0000
Subject: [PATCH] fix: backend/Gemfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-13535097
- https://snyk.io/vuln/SNYK-RUBY-RACK-13524628
---
 backend/Gemfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/Gemfile b/backend/Gemfile
index 450d67b63..f93dd931b 100644
--- a/backend/Gemfile
+++ b/backend/Gemfile
@@ -4,7 +4,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 ruby '2.7.2'
 
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem 'rails', '~> 6.0.3', '>= 6.0.3.6'
+gem 'rails', '~> 6.0.4'
 # Use sqlite3 as the database for Active Record
 gem 'sqlite3', '~> 1.4'
 # Use Puma as the app server
@@ -23,7 +23,7 @@ gem 'puma', '~> 4.1'
 gem 'bootsnap', '>= 1.4.2', require: false
 
 # Use Rack CORS for handling Cross-Origin Resource Sharing (CORS), making cross-origin AJAX possible
-gem 'rack-cors'
+gem 'rack-cors', '>= 2.0.0'
 
 gem 'mysql2'