From 0465d2a3ce52b21d264d64bfa2c3bb299c6a15ca Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Fri, 6 Dec 2019 19:44:09 +0100 Subject: [PATCH] [Security] Bump puma from 4.2.0 to 4.3.1 (#12559) Bumps [puma](https://github.com/puma/puma) from 4.2.0 to 4.3.1. **This update includes a security fix.** - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v4.2.0...v4.3.1) Signed-off-by: dependabot-preview[bot] --- Gemfile | 2 +- Gemfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 85220332dc..a259bd53d0 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ ruby '>= 2.4.0', '< 2.7.0' gem 'pkg-config', '~> 1.4' -gem 'puma', '~> 4.2' +gem 'puma', '~> 4.3' gem 'rails', '~> 5.2.3' gem 'thor', '~> 0.20' diff --git a/Gemfile.lock b/Gemfile.lock index 9a840fd7c5..86b2c0feb8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -387,7 +387,7 @@ GEM net-scp (2.0.0) net-ssh (>= 2.6.5, < 6.0.0) net-ssh (5.2.0) - nio4r (2.5.1) + nio4r (2.5.2) nokogiri (1.10.5) mini_portile2 (~> 2.4.0) nokogumbo (2.0.1) @@ -453,7 +453,7 @@ GEM pry-rails (0.3.9) pry (>= 0.10.4) public_suffix (4.0.1) - puma (4.2.0) + puma (4.3.1) nio4r (~> 2.0) pundit (2.1.0) activesupport (>= 3.0.0) @@ -763,7 +763,7 @@ DEPENDENCIES private_address_check (~> 0.5) pry-byebug (~> 3.7) pry-rails (~> 0.3) - puma (~> 4.2) + puma (~> 4.3) pundit (~> 2.1) rack-attack (~> 6.2) rack-cors (~> 1.1)