From 64198e6b1c6af6f32d82c5d7c7a83264e56bd81e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 12 May 2021 23:31:19 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-1291014
---
 Gemfile      |  2 +-
 Gemfile.lock | 11 ++++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/Gemfile b/Gemfile
index 7da382d..89ce8ca 100644
--- a/Gemfile
+++ b/Gemfile
@@ -23,7 +23,7 @@ gem 'jbuilder', '~> 2.0'
 gem 'sdoc', '~> 0.4.0', group: :doc
 
 gem 'rails_12factor', group: :production
-gem 'puma'
+gem 'puma', '>= 4.3.8'
 
 # Use ActiveModel has_secure_password
 # gem 'bcrypt', '~> 3.1.7'
diff --git a/Gemfile.lock b/Gemfile.lock
index 379496d..742a8b8 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -70,12 +70,13 @@ GEM
     mini_portile (0.6.2)
     minitest (5.5.1)
     multi_json (1.11.0)
+    nio4r (2.5.7)
     nokogiri (1.6.6.2)
       mini_portile (~> 0.6.0)
     pg (0.18.1)
-    puma (2.11.1)
-      rack (>= 1.1, < 2.0)
-    rack (1.6.0)
+    puma (5.3.1)
+      nio4r (~> 2.0)
+    rack (1.6.13)
     rack-test (0.6.3)
       rack (>= 1.0)
     rails (4.2.1)
@@ -149,7 +150,7 @@ DEPENDENCIES
   jbuilder (~> 2.0)
   jquery-rails
   pg
-  puma
+  puma (>= 4.3.8)
   rails (~> 4.2.1)
   rails_12factor
   sass-rails (~> 5.0)
@@ -159,4 +160,4 @@ DEPENDENCIES
   uglifier (>= 1.3.0)
 
 BUNDLED WITH
-   1.10.6
+   1.17.3