Matchu
06258b1dd5
So, Dependabot correctly reported that this version of puma is vulernable, which I fixed in the main app already—but I didn't notice we also use that version in this cute tiny placeholder app we use early in the deployment process. There's not a real security need to upgrade this, as this placeholder app has no access to useful data when it is run, but I think it's better to resolve this by fixing it than by silencing Dependabot! May as well!
16 lines
210 B
Text
16 lines
210 B
Text
GEM
|
|
remote: https://rubygems.org/
|
|
specs:
|
|
nio4r (2.5.9)
|
|
puma (6.4.0)
|
|
nio4r (~> 2.0)
|
|
|
|
PLATFORMS
|
|
x86_64-darwin-21
|
|
x86_64-linux
|
|
|
|
DEPENDENCIES
|
|
puma (~> 6.3, >= 6.3.1)
|
|
|
|
BUNDLED WITH
|
|
2.4.18
|