From c7d6dbaaa5fcec4d4ab64d1b0c6341554cad336d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 12 Oct 2025 23:58:43 +0000 Subject: [PATCH] fix: builders/testdata/ruby/rails/Gemfile & builders/testdata/ruby/rails/Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-13535097 - https://snyk.io/vuln/SNYK-RUBY-SINATRA-13535098 --- builders/testdata/ruby/rails/Gemfile | 2 +- builders/testdata/ruby/rails/Gemfile.lock | 33 +++++++++++++++-------- 2 files changed, 23 insertions(+), 12 deletions(-) diff --git a/builders/testdata/ruby/rails/Gemfile b/builders/testdata/ruby/rails/Gemfile index e0d23eec9..c818561de 100644 --- a/builders/testdata/ruby/rails/Gemfile +++ b/builders/testdata/ruby/rails/Gemfile @@ -13,4 +13,4 @@ # limitations under the License. source "https://rubygems.org" -gem "sinatra", "~> 2.0" +gem "sinatra", "~> 4.2", ">= 4.2.0" diff --git a/builders/testdata/ruby/rails/Gemfile.lock b/builders/testdata/ruby/rails/Gemfile.lock index 30eaa2b3f..37bc317ce 100644 --- a/builders/testdata/ruby/rails/Gemfile.lock +++ b/builders/testdata/ruby/rails/Gemfile.lock @@ -1,22 +1,33 @@ GEM remote: https://rubygems.org/ specs: - mustermann (1.0.3) - rack (2.0.6) - rack-protection (2.0.4) - rack - sinatra (2.0.4) - mustermann (~> 1.0) - rack (~> 2.0) - rack-protection (= 2.0.4) + base64 (0.3.0) + logger (1.7.0) + mustermann (3.0.4) + ruby2_keywords (~> 0.0.1) + rack (3.2.3) + rack-protection (4.2.1) + base64 (>= 0.1.0) + logger (>= 1.6.0) + rack (>= 3.0.0, < 4) + rack-session (2.1.1) + base64 (>= 0.1.0) + rack (>= 3.0.0) + ruby2_keywords (0.0.5) + sinatra (4.2.1) + logger (>= 1.6.0) + mustermann (~> 3.0) + rack (>= 3.0.0, < 4) + rack-protection (= 4.2.1) + rack-session (>= 2.0.0, < 3) tilt (~> 2.0) - tilt (2.0.8) + tilt (2.6.1) PLATFORMS ruby DEPENDENCIES - sinatra (~> 2.0) + sinatra (~> 4.2, >= 4.2.0) BUNDLED WITH - 1.17.1 + 2.3.27