From 08ba1cb7004cc9488d6a68a9fb1f63c21dc8f088 Mon Sep 17 00:00:00 2001
From: Beth Skurrie <beth@bethesque.com>
Date: Mon, 26 Feb 2018 14:09:38 +1100
Subject: [PATCH] feat: upgrade to latest versions of padrino-core and sinatra
 to fix CVE-2018-7212

---
 pact_broker.gemspec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pact_broker.gemspec b/pact_broker.gemspec
index 250953e23..f552a53cd 100644
--- a/pact_broker.gemspec
+++ b/pact_broker.gemspec
@@ -32,8 +32,8 @@ Gem::Specification.new do |gem|
   gem.add_runtime_dependency 'rack', '~>2.0'
   gem.add_runtime_dependency 'redcarpet', '>=3.3.2', '~>3.3'
   gem.add_runtime_dependency 'pact-support'
-  gem.add_runtime_dependency 'padrino-core', '0.14.1' #locked due to https://travis-ci.org/pact-foundation/pact_broker/builds/343646988 TODO work out why and fix it
-  gem.add_runtime_dependency 'sinatra', '2.0.0' #locked due to https://travis-ci.org/pact-foundation/pact_broker/builds/343646988 TODO work out why and fix it
+  gem.add_runtime_dependency 'padrino-core', '>= 0.14.3', '~> 0.14'
+  gem.add_runtime_dependency 'sinatra', '>= 2.0.1'
   gem.add_runtime_dependency 'haml', '~>4.0'
   gem.add_runtime_dependency 'sucker_punch', '~>2.0'
   gem.add_runtime_dependency 'rack-protection', '~>2.0'