From 33d35bca8dfdabb36be8c383224d935a1c449f9d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 20 Aug 2023 17:38:50 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-5846204
---
 Gemfile      |  4 ++--
 Gemfile.lock | 16 ++++++++--------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/Gemfile b/Gemfile
index a6cfe07..bb80734 100644
--- a/Gemfile
+++ b/Gemfile
@@ -5,8 +5,8 @@ source "https://rubygems.org"
 git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
 
 gem "sinatra", "2.0.1"
-gem "puma", "4.2.1" 
-gem 'puma-metrics'
+gem "puma", "5.6.7"
+gem 'puma-metrics', '>= 1.2.0'
 
 group :test do
   gem 'rake'
diff --git a/Gemfile.lock b/Gemfile.lock
index ccc5069..932f52c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -4,13 +4,13 @@ GEM
     diff-lcs (1.3)
     mustermann (1.1.1)
       ruby2_keywords (~> 0.0.1)
-    nio4r (2.5.2)
-    prometheus-client (0.10.0)
-    puma (4.2.1)
+    nio4r (2.5.9)
+    prometheus-client (4.2.1)
+    puma (5.6.7)
       nio4r (~> 2.0)
-    puma-metrics (1.1.0)
-      prometheus-client (~> 0.10)
-      puma (>= 3.0)
+    puma-metrics (1.2.5)
+      prometheus-client (>= 0.10)
+      puma (>= 5.0)
     rack (2.2.2)
     rack-protection (2.0.1)
       rack
@@ -42,8 +42,8 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  puma (= 4.2.1)
-  puma-metrics
+  puma (= 5.6.7)
+  puma-metrics (>= 1.2.0)
   rack-test
   rake
   rspec