From cf1ab39631d96cc630b1c2dda7c5c2e395b19bfd Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 28 Feb 2024 21:23:52 +0000
Subject: [PATCH] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274383
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274384
- https://snyk.io/vuln/SNYK-RUBY-RACK-6274385
---
 Gemfile      |  4 ++--
 Gemfile.lock | 27 ++++++++++++++++-----------
 2 files changed, 18 insertions(+), 13 deletions(-)

diff --git a/Gemfile b/Gemfile
index 49a6901..ecb3236 100644
--- a/Gemfile
+++ b/Gemfile
@@ -9,9 +9,9 @@ gem 'hashie'
 gem 'mocha'
 gem 'rexml'
 gem 'ruby-saml', '>= 1.9.0'
-gem 'rack-test', '>= 2.0.0'
+gem 'rack-test', '>= 2.1.0'
 gem 'rake'
-gem 'sinatra', '>= 3.0.4'
+gem 'sinatra', '>= 3.0.5'
 gem 'test-unit'
 gem 'activesupport'
 gem 'puma'
diff --git a/Gemfile.lock b/Gemfile.lock
index c192566..c68811c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -22,6 +22,7 @@ GEM
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.0)
     aws-sigv4 (1.0.3)
+    base64 (0.2.0)
     coderay (1.1.2)
     concurrent-ruby (1.2.2)
     dotenv (2.7.5)
@@ -48,10 +49,13 @@ GEM
     puma (6.4.2)
       nio4r (~> 2.0)
     racc (1.7.3)
-    rack (2.2.6.4)
-    rack-protection (3.0.4)
-      rack
-    rack-test (2.0.2)
+    rack (3.0.9.1)
+    rack-protection (4.0.0)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
+    rack-test (2.1.0)
       rack (>= 1.3)
     rake (13.0.1)
     rexml (3.2.5)
@@ -59,14 +63,15 @@ GEM
       nokogiri (>= 1.10.5)
       rexml
     ruby2_keywords (0.0.5)
-    sinatra (3.0.4)
+    sinatra (4.0.0)
       mustermann (~> 3.0)
-      rack (~> 2.2, >= 2.2.4)
-      rack-protection (= 3.0.4)
+      rack (>= 3.0.0, < 4)
+      rack-protection (= 4.0.0)
+      rack-session (>= 2.0.0, < 3)
       tilt (~> 2.0)
     test-unit (3.5.7)
       power_assert
-    tilt (2.0.11)
+    tilt (2.3.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     zeitwerk (2.6.11)
@@ -82,15 +87,15 @@ DEPENDENCIES
   mocha
   pry
   puma
-  rack-test (>= 2.0.0)
+  rack-test (>= 2.1.0)
   rake
   rexml
   ruby-saml (>= 1.9.0)
-  sinatra (>= 3.0.4)
+  sinatra (>= 3.0.5)
   test-unit
 
 RUBY VERSION
    ruby 3.1.4p223
 
 BUNDLED WITH
-   2.2.33
+   2.3.26