From 6424e0313b4004f9ee49b763df1474d267e58dab Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 19 Oct 2025 04:13:53 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-13535097
- https://snyk.io/vuln/SNYK-RUBY-SINATRA-13535098
---
 Gemfile      |  6 +++---
 Gemfile.lock | 51 ++++++++++++++++++++++++++++++++++-----------------
 2 files changed, 37 insertions(+), 20 deletions(-)

diff --git a/Gemfile b/Gemfile
index aca39a6b..c7c93edb 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-gem 'sinatra', '~> 1.0'
-gem 'shotgun', :group => :reloadable
-gem 'thin', :group => :reloadable
+gem 'sinatra', '~> 4.2', '>= 4.2.0'
+gem 'shotgun', '>= 0.9.1', :group => :reloadable
+gem 'thin', '>= 1.7.0', :group => :reloadable
 gem 'rake'
diff --git a/Gemfile.lock b/Gemfile.lock
index 8ced3297..e0c41b46 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,29 +1,46 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    daemons (1.1.9)
-    eventmachine (1.0.4)
-    rack (1.6.0)
-    rack-protection (1.5.3)
-      rack
+    base64 (0.3.0)
+    daemons (1.4.1)
+    eventmachine (1.2.7)
+    logger (1.7.0)
+    mustermann (3.0.4)
+      ruby2_keywords (~> 0.0.1)
+    rack (3.2.3)
+    rack-protection (4.2.1)
+      base64 (>= 0.1.0)
+      logger (>= 1.6.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.1.1)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0)
     rake (10.4.2)
-    shotgun (0.9)
+    ruby2_keywords (0.0.5)
+    shotgun (0.9.2)
       rack (>= 1.0)
-    sinatra (1.4.5)
-      rack (~> 1.4)
-      rack-protection (~> 1.4)
-      tilt (~> 1.3, >= 1.3.4)
-    thin (1.6.3)
+    sinatra (4.2.1)
+      logger (>= 1.6.0)
+      mustermann (~> 3.0)
+      rack (>= 3.0.0, < 4)
+      rack-protection (= 4.2.1)
+      rack-session (>= 2.0.0, < 3)
+      tilt (~> 2.0)
+    thin (2.0.1)
       daemons (~> 1.0, >= 1.0.9)
-      eventmachine (~> 1.0)
-      rack (~> 1.0)
-    tilt (1.4.1)
+      eventmachine (~> 1.0, >= 1.0.4)
+      logger
+      rack (>= 1, < 4)
+    tilt (2.6.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   rake
-  shotgun
-  sinatra (~> 1.0)
-  thin
+  shotgun (>= 0.9.1)
+  sinatra (~> 4.2, >= 4.2.0)
+  thin (>= 1.7.0)
+
+BUNDLED WITH
+   2.3.27