From d1cef48eb66c9d4871862dd017d1986e12a28bcf Mon Sep 17 00:00:00 2001
From: Matt Fellows <53900+mefellows@users.noreply.github.com>
Date: Wed, 24 Jan 2024 01:51:26 +1100
Subject: [PATCH] fix: pact_broker/Gemfile & pact_broker/Gemfile.lock to reduce
 vulnerabilities (#159)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-6146928

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 pact_broker/Gemfile      | 2 +-
 pact_broker/Gemfile.lock | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/pact_broker/Gemfile b/pact_broker/Gemfile
index b45d2f2..570e6b3 100644
--- a/pact_broker/Gemfile
+++ b/pact_broker/Gemfile
@@ -2,7 +2,7 @@ source 'https://rubygems.org'
 
 gem "pact_broker"
 gem "pg", "~>1.5"
-gem "puma", "~> 5.6", ">= 5.6.7"
+gem "puma", "~> 5.6", ">= 5.6.8"
 gem "mysql2", "~>0.3"
 gem "sqlite3", "~>1.6"
 gem "rake", "~> 13.0"
diff --git a/pact_broker/Gemfile.lock b/pact_broker/Gemfile.lock
index 3ac4461..f3603b9 100644
--- a/pact_broker/Gemfile.lock
+++ b/pact_broker/Gemfile.lock
@@ -111,7 +111,7 @@ GEM
     pg (1.5.4)
     psych (4.0.6)
       stringio
-    puma (5.6.7)
+    puma (5.6.8)
       nio4r (~> 2.0)
     racc (1.7.3)
     rack (2.2.8)
@@ -172,7 +172,7 @@ DEPENDENCIES
   mysql2 (~> 0.3)
   pact_broker
   pg (~> 1.5)
-  puma (~> 5.6, >= 5.6.7)
+  puma (~> 5.6, >= 5.6.8)
   rake (~> 13.0)
   sqlite3 (~> 1.6)
   sucker_punch!