1
0
Fork 0
forked from OpenNeo/impress

Upgrade puma in the initial-placeholder app, to satisfy Dependabot

So, Dependabot correctly reported that this version of puma is
vulernable, which I fixed in the main app already—but I didn't notice we
also use that version in this cute tiny placeholder app we use early in
the deployment process.

There's not a real security need to upgrade this, as this placeholder
app has no access to useful data when it is run, but I think it's better
to resolve this by fixing it than by silencing Dependabot! May as well!
This commit is contained in:
Emi Matchu 2023-10-26 14:48:21 -07:00
parent 556d50c4ed
commit 06258b1dd5
2 changed files with 3 additions and 3 deletions

View file

@ -1,2 +1,2 @@
source 'https://rubygems.org' source 'https://rubygems.org'
gem 'puma', '~> 6.3' gem 'puma', '~> 6.3', '>= 6.3.1'

View file

@ -2,7 +2,7 @@ GEM
remote: https://rubygems.org/ remote: https://rubygems.org/
specs: specs:
nio4r (2.5.9) nio4r (2.5.9)
puma (6.3.0) puma (6.4.0)
nio4r (~> 2.0) nio4r (~> 2.0)
PLATFORMS PLATFORMS
@ -10,7 +10,7 @@ PLATFORMS
x86_64-linux x86_64-linux
DEPENDENCIES DEPENDENCIES
puma (~> 6.3) puma (~> 6.3, >= 6.3.1)
BUNDLED WITH BUNDLED WITH
2.4.18 2.4.18