From 57ebe413707bd7d52d7822f6db1e1728314fa335 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 20 Aug 2023 20:24:30 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-PUMA-5846204
---
 Gemfile      | 2 +-
 Gemfile.lock | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Gemfile b/Gemfile
index 525929f9..5ee375b5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -41,7 +41,7 @@ gem 'rails-html-sanitizer', '>= 1.4.4'
 gem 'parallel', require: false
 
 # use puma server
-gem 'puma', '~> 4.3', '>= 4.3.12'
+gem 'puma', '~> 5.6', '>= 5.6.7'
 
 # enable cors
 gem 'rack-cors'
diff --git a/Gemfile.lock b/Gemfile.lock
index b1cdbee0..b0360656 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -208,7 +208,7 @@ GEM
       digest
       net-protocol
       timeout
-    nio4r (2.5.8)
+    nio4r (2.5.9)
     nokogiri (1.13.10)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
@@ -229,7 +229,7 @@ GEM
     pry-rails (0.3.9)
       pry (>= 0.10.4)
     public_suffix (4.0.6)
-    puma (4.3.12)
+    puma (5.6.7)
       nio4r (~> 2.0)
     racc (1.6.1)
     rack (2.2.3)
@@ -405,7 +405,7 @@ DEPENDENCIES
   pg (>= 0.18, < 2.0)
   pre-commit
   pry-rails
-  puma (~> 4.3, >= 4.3.12)
+  puma (~> 5.6, >= 5.6.7)
   rack-brotli
   rack-cors
   rails (~> 7.0.2, >= 7.0.2.3)
@@ -428,4 +428,4 @@ RUBY VERSION
    ruby 3.1.0p0
 
 BUNDLED WITH
-   2.3.3
+   2.3.26