From 7cfc6bad6fffab6f6a6b26a73a56a61d6092b4e9 Mon Sep 17 00:00:00 2001
From: Josh Nichols <josh.nichols@gusto.com>
Date: Wed, 17 Jun 2026 17:26:12 -0400
Subject: [PATCH 1/2] fix(deps): Upgrade rack gem version >= 3.1.21 to mitigate
 Unbounded-Parameter DoS vulnerability

---
 Gemfile      | 1 +
 Gemfile.lock | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 23d4346..97f38d2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -18,3 +18,4 @@ gem 'rubocop-performance'
 gem 'rubocop-sorbet'
 gem 'sorbet'
 gem 'tapioca'
+gem 'rack', '>= 3.1.21'
diff --git a/Gemfile.lock b/Gemfile.lock
index 15b917b..1f6864a 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -201,7 +201,7 @@ GEM
       stringio
     public_suffix (6.0.1)
     racc (1.8.1)
-    rack (3.1.12)
+    rack (3.2.6)
     rack-session (2.1.2)
       base64 (>= 0.1.0)
       rack (>= 3.0.0)
@@ -345,6 +345,7 @@ DEPENDENCIES
   danger-packwerk!
   packwerk!
   pry
+  rack (>= 3.1.21)
   railties
   rake
   rspec (~> 3.0)

From bc44b08a534be77452278836b50f3847bb98bd5f Mon Sep 17 00:00:00 2001
From: Josh Nichols <josh.nichols@gusto.com>
Date: Wed, 17 Jun 2026 17:27:46 -0400
Subject: [PATCH 2/2] style(deps): Run rubocop auto-correct on Gemfile for
 proper gem ordering

---
 Gemfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 97f38d2..57f134d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -10,6 +10,7 @@ gem 'packwerk', github: 'Shopify/packwerk', branch: 'main'
 
 # Development dependencies
 gem 'pry'
+gem 'rack', '>= 3.1.21'
 gem 'railties'
 gem 'rake'
 gem 'rspec', '~> 3.0'
@@ -18,4 +19,3 @@ gem 'rubocop-performance'
 gem 'rubocop-sorbet'
 gem 'sorbet'
 gem 'tapioca'
-gem 'rack', '>= 3.1.21'