[Snyk] Fix for 2 vulnerabilities

[samawad]

Snyk has created this PR to fix 2 vulnerabilities in the rubygems dependencies of this project.

Snyk changed the following file(s):

• Gemfile

⚠️ Warning

Failed to update the Gemfile.lock, please update manually before merging.

---

This upgrade contains multiple major version jumps for core frameworks, introducing significant breaking changes. The highest risks are the upgrades of Sinatra from 1.3.6 to 4.2.0 and Capybara from 1.1.4 to 2.0.0, which require dependency updates and code modifications.

Sinatra (1.3.6 → 4.2.0): high
This major version upgrade drops support for older Ruby and Rack versions, requiring environment and dependency updates. [4, 22]

Highlights:

• Update Ruby and Rack: Support for Ruby versions below 2.7 and Rack versions below 3.0 has been removed. [4, 22]
• Check Routing: The internal router was replaced with Mustermann in v2.0, which may affect complex route definitions. [4]

Source: Package documentation
Recommendation: Update runtime environment and dependencies first, then validate routing behavior before merging.

Capybara (1.1.4 → 2.0.0): high
This major version upgrade introduces breaking changes to finder behavior and removes deprecated methods.

Highlights:

• Update Finder Logic: The first method now raises an ElementNotFound error instead of returning nil when no element is found. [11]
• Check Waiting Behavior: The all method now waits for at least one matching element by default. [11]

Source: Package documentation
Recommendation: Audit tests that rely on first returning nil or all returning an empty array immediately.

Additional upgrades:

• poltergeist (1.0.3 → 1.1.0): medium - No specific breaking changes were cited in official sources for this minor update; manual validation is recommended due to limited information.
• thin (1.5.1 → 1.6.0): medium - No specific breaking changes were cited in official sources for this minor update; manual validation is recommended due to limited information.

Notice 🤖: This content was generated using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.
Was this summary helpful 👍? Not helpful 👎?

---

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Allocation of Resources Without Limits or Throttling SNYK-RUBY-RACK-13535097	721
	Regular Expression Denial of Service (ReDoS) SNYK-RUBY-SINATRA-13535098	631

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling
🦉 Regular Expression Denial of Service (ReDoS)