forked from OpenNeo/impress
Upgrade puma in the initial-placeholder app, to satisfy Dependabot
So, Dependabot correctly reported that this version of puma is vulernable, which I fixed in the main app already—but I didn't notice we also use that version in this cute tiny placeholder app we use early in the deployment process. There's not a real security need to upgrade this, as this placeholder app has no access to useful data when it is run, but I think it's better to resolve this by fixing it than by silencing Dependabot! May as well!
This commit is contained in:
parent
556d50c4ed
commit
06258b1dd5
2 changed files with 3 additions and 3 deletions
|
@ -1,2 +1,2 @@
|
|||
source 'https://rubygems.org'
|
||||
gem 'puma', '~> 6.3'
|
||||
gem 'puma', '~> 6.3', '>= 6.3.1'
|
|
@ -2,7 +2,7 @@ GEM
|
|||
remote: https://rubygems.org/
|
||||
specs:
|
||||
nio4r (2.5.9)
|
||||
puma (6.3.0)
|
||||
puma (6.4.0)
|
||||
nio4r (~> 2.0)
|
||||
|
||||
PLATFORMS
|
||||
|
@ -10,7 +10,7 @@ PLATFORMS
|
|||
x86_64-linux
|
||||
|
||||
DEPENDENCIES
|
||||
puma (~> 6.3)
|
||||
puma (~> 6.3, >= 6.3.1)
|
||||
|
||||
BUNDLED WITH
|
||||
2.4.18
|
||||
|
|
Loading…
Reference in a new issue