From 1e53ce721cbb25afd4c9001731b6349d7e813c78 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 31 Mar 2022 20:37:20 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-2437090
---
 Gemfile      | 2 +-
 Gemfile.lock | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index c4af8b4..ceedf86 100644
--- a/Gemfile
+++ b/Gemfile
@@ -12,7 +12,7 @@ gem 'rails', '~> 5.1.6'
 # Use sqlite3 as the database for Active Record
 gem 'sqlite3', '~> 1.3.7'
 # Use Puma as the app server
-gem 'puma', '~> 3.12'
+gem 'puma', '~> 4.3', '>= 4.3.12'
 # Use SCSS for stylesheets
 gem 'sass-rails', '~> 5.0'
 # Use Uglifier as compressor for JavaScript assets
diff --git a/Gemfile.lock b/Gemfile.lock
index 857e0d5..53cff64 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -145,7 +145,8 @@ GEM
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
     public_suffix (4.0.3)
-    puma (3.12.6)
+    puma (4.3.12)
+      nio4r (~> 2.0)
     rack (2.2.3)
     rack-protection (2.1.0)
       rack
@@ -255,7 +256,7 @@ DEPENDENCIES
   omniauth-rails_csrf_protection
   procore (~> 1.1)
   pry
-  puma (~> 3.12)
+  puma (~> 4.3, >= 4.3.12)
   rails (~> 5.1.6)
   rest-client
   sass-rails (~> 5.0)
@@ -269,4 +270,4 @@ DEPENDENCIES
   web-console
 
 BUNDLED WITH
-   2.2.13
+   2.1.4