From 91119357cb81b24bac59e7c9f4a9b4d555b22517 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 20 May 2020 10:41:06 +0200
Subject: [PATCH 1/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598
---
 Gemfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 25efdd9..a9fbe8e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -28,6 +28,6 @@ end
 
 gem 'sinatra'
 gem 'tilt', '~> 1.4.1'
-gem 'tilt-jbuilder', require: 'sinatra/jbuilder'
+gem 'tilt-jbuilder', '>= 0.6.1', require: 'sinatra/jbuilder'
 gem 'endpoint_base', :github => 'spree/endpoint_base'
 gem 'rake'

From ac229e50f81d3bd96890e8af273513a57bcbcfa0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 20 May 2020 10:41:07 +0200
Subject: [PATCH 2/2] fix: Gemfile & Gemfile.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-RUBY-ACTIVESUPPORT-569598
---
 Gemfile.lock | 31 +++++++++++++++----------------
 1 file changed, 15 insertions(+), 16 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 6726a43..a4fd4db 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -10,11 +10,10 @@ GIT
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (4.1.5)
-      i18n (~> 0.6, >= 0.6.9)
-      json (~> 1.7, >= 1.7.7)
+    activesupport (5.2.4.3)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
-      thread_safe (~> 0.1)
       tzinfo (~> 1.1)
     addressable (2.3.6)
     aws-eventstream (1.0.3)
@@ -786,6 +785,7 @@ GEM
       timers (~> 1.1.0)
     coderay (1.1.0)
     columnize (0.8.9)
+    concurrent-ruby (1.1.6)
     crack (0.4.2)
       safe_yaml (~> 1.0.0)
     debugger-linecache (1.2.0)
@@ -811,10 +811,10 @@ GEM
     httparty (0.13.1)
       json (~> 1.8)
       multi_xml (>= 0.5.2)
-    i18n (0.6.11)
-    jbuilder (2.1.3)
-      activesupport (>= 3.0.0, < 5)
-      multi_json (~> 1.2)
+    i18n (1.8.2)
+      concurrent-ruby (~> 1.0)
+    jbuilder (2.10.0)
+      activesupport (>= 5.0.0)
     jmespath (1.4.0)
     json (1.8.6)
     json (1.8.6-java)
@@ -826,9 +826,8 @@ GEM
     lumberjack (1.0.9)
     method_source (0.8.2)
     mini_portile2 (2.4.0)
-    minitest (5.4.0)
+    minitest (5.14.1)
     model_un (0.2.1)
-    multi_json (1.10.1)
     multi_xml (0.5.5)
     nokogiri (1.10.8)
       mini_portile2 (~> 2.4.0)
@@ -877,15 +876,15 @@ GEM
       ffi
     terminal-notifier-guard (1.5.3)
     thor (0.19.1)
-    thread_safe (0.3.4)
-    thread_safe (0.3.4-java)
+    thread_safe (0.3.6)
+    thread_safe (0.3.6-java)
     tilt (1.4.1)
-    tilt-jbuilder (0.6.1)
+    tilt-jbuilder (0.7.1)
       jbuilder
-      tilt (<= 1.5.0)
+      tilt (>= 1.3.0, < 3)
     timecop (0.7.1)
     timers (1.1.0)
-    tzinfo (1.2.2)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     unicorn (4.8.3)
       kgio (~> 2.6)
@@ -917,7 +916,7 @@ DEPENDENCIES
   sinatra
   terminal-notifier-guard
   tilt (~> 1.4.1)
-  tilt-jbuilder
+  tilt-jbuilder (>= 0.6.1)
   timecop
   unicorn
   vcr