fix: pact_broker/Gemfile & pact_broker/Gemfile.lock to reduce vulnerabilities

snyk-bot · snyk-bot · commit 76db13978a4f · 2023-08-21T05:24:31.000Z
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-PUMA-5846204
diff --git a/pact_broker/Gemfile b/pact_broker/Gemfile
@@ -2,7 +2,7 @@ source 'https://rubygems.org'
 
 gem "pact_broker"
 gem "pg", "~>1.4"
-gem "puma", "~> 5.6"
+gem "puma", "~> 5.6", ">= 5.6.7"
 gem "mysql2", "~>0.3"
 gem "sqlite3", "~>1.6"
 gem "rake", "~> 13.0"
diff --git a/pact_broker/Gemfile.lock b/pact_broker/Gemfile.lock
@@ -109,7 +109,7 @@ GEM
     pg (1.5.3)
     psych (4.0.6)
       stringio
-    puma (5.6.6)
+    puma (5.6.7)
       nio4r (~> 2.0)
     racc (1.7.1)
     rack (2.2.8)
@@ -168,7 +168,7 @@ DEPENDENCIES
   mysql2 (~> 0.3)
   pact_broker
   pg (~> 1.4)
-  puma (~> 5.6)
+  puma (~> 5.6, >= 5.6.7)
   rake (~> 13.0)
   sqlite3 (~> 1.6)
   sucker_punch!
