[Security] Bump puma from 4.2.0 to 4.3.1 (#12559)

Bumps [puma](https://github.com/puma/puma) from 4.2.0 to 4.3.1. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.2.0...v4.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

diff --git a/Gemfile b/Gemfile
index 85220332dcd6923a7f97930e751ee34ac27d4561..a259bd53d00f4da0eb6d40b6a7486a6e3219f743 100644 (file)
--- a/Gemfile
+++ b/Gemfile
@@ -5,7 +5,7 @@ ruby '>= 2.4.0', '< 2.7.0'
 
 gem 'pkg-config', '~> 1.4'
 
-gem 'puma', '~> 4.2'
+gem 'puma', '~> 4.3'
 gem 'rails', '~> 5.2.3'
 gem 'thor', '~> 0.20'
 

diff --git a/Gemfile.lock b/Gemfile.lock
index 9a840fd7c5cb5094e52a2e88ba52083c16edf806..86b2c0feb81666846d762034dcc1f87d93f4ada9 100644 (file)
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -387,7 +387,7 @@ GEM
     net-scp (2.0.0)
       net-ssh (>= 2.6.5, < 6.0.0)
     net-ssh (5.2.0)
-    nio4r (2.5.1)
+    nio4r (2.5.2)
     nokogiri (1.10.5)
       mini_portile2 (~> 2.4.0)
     nokogumbo (2.0.1)
@@ -453,7 +453,7 @@ GEM
     pry-rails (0.3.9)
       pry (>= 0.10.4)
     public_suffix (4.0.1)
-    puma (4.2.0)
+    puma (4.3.1)
       nio4r (~> 2.0)
     pundit (2.1.0)
       activesupport (>= 3.0.0)
@@ -763,7 +763,7 @@ DEPENDENCIES
   private_address_check (~> 0.5)
   pry-byebug (~> 3.7)
   pry-rails (~> 0.3)
-  puma (~> 4.2)
+  puma (~> 4.3)
   pundit (~> 2.1)
   rack-attack (~> 6.2)
   rack-cors (~> 1.1)