From 4d7ffa3b99dcd18b29fb82b2d86fd24c86f7cfe2 Mon Sep 17 00:00:00 2001 From: "depfu[bot]" <23717796+depfu[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 09:26:30 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=9A=A8=20[security]=20Update=20sinatra=20?= =?UTF-8?q?4.0.0=20=E2=86=92=204.1.0=20(minor)=20(#265)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: depfu[bot] <23717796+depfu[bot]@users.noreply.github.com> Co-authored-by: Tommaso Barbato --- Gemfile.lock | 12 +++++++----- app.rb | 1 + 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index fcfe811..f1bd4fa 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -38,7 +38,7 @@ GEM logger (1.6.1) mock_redis (0.45.0) multipart-post (2.4.1) - mustermann (3.0.0) + mustermann (3.0.3) ruby2_keywords (~> 0.0.1) net-http (0.4.1) uri @@ -56,8 +56,9 @@ GEM rack (3.1.8) rack-cors (2.0.2) rack (>= 2.0.0) - rack-protection (4.0.0) + rack-protection (4.1.0) base64 (>= 0.1.0) + logger (>= 1.6.0) rack (>= 3.0.0, < 4) rack-session (2.0.0) rack (>= 3.0.0) @@ -119,14 +120,15 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - sinatra (4.0.0) + sinatra (4.1.0) + logger (>= 1.6.0) mustermann (~> 3.0) rack (>= 3.0.0, < 4) - rack-protection (= 4.0.0) + rack-protection (= 4.1.0) rack-session (>= 2.0.0, < 3) tilt (~> 2.0) stringio (3.1.1) - tilt (2.3.0) + tilt (2.4.0) unicode-display_width (2.6.0) unicorn (6.1.0) kgio (~> 2.6) diff --git a/app.rb b/app.rb index 9f3f721..3849ce0 100644 --- a/app.rb +++ b/app.rb @@ -11,6 +11,7 @@ class Rubies < Sinatra::Base configure do set :logging, true set :protection, except: [:json_csrf] + set :host_authorization, { permitted_hosts: [] } end configure :production do