From 4df3f3ff3f9364ba9949962946475462c38b0ab1 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 23 Nov 2024 02:09:59 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-SINATRA-6483832
---
 Gemfile      |  2 +-
 Gemfile.lock | 30 +++++++++++++++++++-----------
 2 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/Gemfile b/Gemfile
index 81a33a9..81fbf17 100644
--- a/Gemfile
+++ b/Gemfile
@@ -10,7 +10,7 @@ gem 'rexml'
 gem 'ruby-saml', '>= 1.9.0'
 gem 'rack-test', '>= 2.0.0'
 gem 'rake'
-gem 'sinatra', '>= 3.0.4'
+gem 'sinatra', '>= 4.1.0'
 gem 'test-unit'
 gem 'activesupport'
 gem 'puma'
diff --git a/Gemfile.lock b/Gemfile.lock
index 9b3cd52..64ca1f5 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -24,6 +24,7 @@ GEM
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.0)
     aws-sigv4 (1.0.3)
+    base64 (0.2.0)
     bigdecimal (3.1.8)
     coderay (1.1.3)
     concurrent-ruby (1.2.2)
@@ -38,10 +39,11 @@ GEM
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
     jmespath (1.6.1)
+    logger (1.6.1)
     method_source (1.0.0)
     mini_portile2 (2.8.5)
     minitest (5.19.0)
-    mustermann (3.0.0)
+    mustermann (3.0.3)
       ruby2_keywords (~> 0.0.1)
     nio4r (2.7.0)
     nokogiri (1.16.2)
@@ -55,9 +57,13 @@ GEM
     puma (6.4.2)
       nio4r (~> 2.0)
     racc (1.7.3)
-    rack (2.2.8.1)
-    rack-protection (3.0.4)
-      rack
+    rack (3.1.8)
+    rack-protection (4.1.1)
+      base64 (>= 0.1.0)
+      logger (>= 1.6.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
     rack-test (2.0.2)
       rack (>= 1.3)
     rake (13.0.1)
@@ -85,14 +91,16 @@ GEM
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.13.1)
     simplecov_json_formatter (0.1.4)
-    sinatra (3.0.4)
+    sinatra (4.1.1)
+      logger (>= 1.6.0)
       mustermann (~> 3.0)
-      rack (~> 2.2, >= 2.2.4)
-      rack-protection (= 3.0.4)
+      rack (>= 3.0.0, < 4)
+      rack-protection (= 4.1.1)
+      rack-session (>= 2.0.0, < 3)
       tilt (~> 2.0)
     test-unit (3.5.7)
       power_assert
-    tilt (2.0.11)
+    tilt (2.4.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     webmock (3.18.1)
@@ -117,12 +125,12 @@ DEPENDENCIES
   rspec
   ruby-saml (>= 1.9.0)
   simplecov
-  sinatra (>= 3.0.4)
+  sinatra (>= 4.1.0)
   test-unit
   webmock
 
 RUBY VERSION
-   ruby 3.3.4p94
+   ruby 2.7.8p225
 
 BUNDLED WITH
-   2.2.33
+   2.1.4