Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

sinatra

Ecosystem:
rubygems
Package URL:
pkg:gem/sinatra
Total PRs:
283 Dependabot PRs
Latest PR:
2 months ago
Unique Repositories:
211 repositories
Unique Repos (30 days):
2 repositories
Security Advisories
Sinatra Cross-site Scripting vulnerability
GHSA-mq35-wqvf-r23c CVE-2018-11627 MODERATE published about 8 years ago • updated 2 months ago
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
Sinatra is vulnerable to ReDoS through ETag header value generation
GHSA-mr3q-g2mv-mr4q CVE-2025-61921 LOW published 8 months ago • updated 7 days ago
### Summary There is a denial of service vulnerability in the `If-Match` and `If-None-Match` header parsing component of Sinatra, if the `etag` me...
Sinatra Path Traversal vulnerability
GHSA-h29f-7f56-j8wh CVE-2018-7212 MODERATE published over 8 years ago • updated 12 days ago
An issue was discovered in `rack-protection/lib/rack/protection/path_traversal.rb` in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possib...
sinatra does not validate expanded path matches
GHSA-qp49-3pvw-x4m5 CVE-2022-29970 HIGH published about 4 years ago • updated about 2 months ago
Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.
Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision
GHSA-hxx2-7vcw-mqr3 CVE-2024-21510 MODERATE published over 1 year ago • updated 3 days ago
Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) hea...
View all 6 advisories
Recent PRs
RSS Feed
build(deps): bump the bundler group across 2 directories with 5 updates

burhanuddin-anw/opentelemetry-demo #248

4.1.1 → 4.2.0 Minor PR
Open 2 months ago 1 comment
burhanuddin-anw
Bump the bundler group across 1 directory with 8 updates

AKJUS/octopress #1

1.3.3 → 4.2.1 Major PR
Open 2 months ago 1 comment
AKJUS
build(deps): bump the bundler group across 10 directories with 10 updates

danwdart/nixpkgs #27

2.0.5 → 4.2.0 Major PR
Closed 2 months ago 1 comment
danwdart
build(deps): bump the bundler group across 2 directories with 3 updates

burhanuddin-anw/opentelemetry-demo #217

4.1.1 → 4.2.0 Minor PR
Closed 3 months ago 3 comments
burhanuddin-anw
Update sinatra requirement from ~> 3 to ~> 4 in /gemfiles/sequel-4

skylightio/skylight-ruby #510

~> 3 → ~> 4
Closed 3 months ago 3 comments
skylightio
Update sinatra requirement from ~> 3 to ~> 4 in /gemfiles/sequel-5

skylightio/skylight-ruby #497

~> 3 → ~> 4
Open 3 months ago 2 comments
skylightio
Update sinatra requirement from ~> 2.0 to >= 2, < 5

geminabox/geminabox #708

~> 2.0 → >= 2, < 5
Open 4 months ago 2 comments
geminabox
build(deps): bump the bundler group across 15 directories with 14 updates

dataheld/nixpkgs #6

4.1.1 → 4.2.0 Minor PR
Closed 4 months ago 1 comment
dataheld
build(deps): bump the bundler group across 8 directories with 11 updates

mpusch88/nixpkgs #5

2.2.4 → 4.2.0 Major PR
Closed 4 months ago 1 comment
mpusch88
Bump sinatra from 1.4.5 to 1.4.8

Codename-shaShank/Skin-skeleton #1

1.4.5 → 1.4.8 Patch PR
Open 4 months ago 2 comments
Codename-shaShank
Bump sinatra from 1.4.5 to 1.4.8

Codename-shaShank/Skeleton #3

1.4.5 → 1.4.8 Patch PR
Open 4 months ago 2 comments
Codename-shaShank
chore(deps): update sinatra requirement from ~> 3.0 to ~> 4.2 in /prebuilt-checkout-page/server/ruby

renjeff1014/accept-a-payment #14

~> 3.0 → ~> 4.2
Closed 4 months ago 1 comment
renjeff1014
chore(deps): bump sinatra from 2.1.0 to 3.2.0

Codename-shaShank/Sample-ruby-app #9

2.1.0 → 3.2.0 Major PR
Closed 5 months ago 2 comments
Codename-shaShank
build(deps): bump the bundler group across 1 directory with 4 updates

bigbluebutton/bigbluebutton #24533

3.1.0 → 4.2.0 Major PR
Open 5 months ago 4 comments
bigbluebutton
build(deps): bump the bundler group across 1 directory with 4 updates

bigbluebutton/bigbluebutton #24526

3.1.0 → 4.2.0 Major PR
Open 5 months ago 4 comments
bigbluebutton
Bump sinatra from 4.1.1 to 4.2.0

etchteam/firepit #6

4.1.1 → 4.2.0 Minor PR
Open 5 months ago 1 comment
etchteam
Bump the bundler group across 1 directory with 8 updates

lilith/link-checker #1

1.3.3 → 4.2.1 Major PR
Closed 5 months ago 1 comment
lilith
Bump the bundler group across 1 directory with 70 updates

ministryofjustice/hmcts-common-platform-mock-api #1031

4.1.1 → 4.2.1 Minor PR
Closed 5 months ago 1 comment
ministryofjustice
chore(deps): bump sinatra and sinatra-contrib in /new_app_ruby

DevOps-Valgfag/WhoKnows #137

3.2.0 → 4.2.1 Major PR
Open 5 months ago 2 comments
DevOps-Valgfag
Bump the bundler group across 1 directory with 6 updates

cezary13k/rails #1

4.1.1 → 4.2.0 Minor PR
Closed 6 months ago 1 comment
cezary13k
deps(deps): update sinatra requirement from ~> 3.1 to ~> 4.2

johnvteixido/aura-lang #2

~> 3.1 → ~> 4.2
Open 6 months ago 1 comment
johnvteixido
Bump the bundler group across 1 directory with 4 updates

glowfic-constellation/glowfic #2616

4.1.1 → 4.2.0 Minor PR
Open 6 months ago 1 comment
glowfic-constellation
Bump the bundler group across 1 directory with 60 updates

ministryofjustice/hmcts-common-platform-mock-api #1024

4.1.1 → 4.2.1 Minor PR
Closed 6 months ago 1 comment
ministryofjustice
Bump the bundler group across 1 directory with 55 updates

ministryofjustice/hmcts-common-platform-mock-api #1021

4.1.1 → 4.2.1 Minor PR
Closed 6 months ago 1 comment
ministryofjustice
Bump the ruby-dependencies group across 1 directory with 4 updates

DataDog/serverless-gcp-sample-apps #110

4.1.1 → 4.2.1 Minor PR
Closed 6 months ago 1 comment
DataDog
build(deps): bump the bundler-production-dependencies group across 1 directory with 7 updates

VardhanLearn/Opentelemetry #64

4.1.1 → 4.2.1 Minor PR
Closed 6 months ago 3 comments
VardhanLearn
build(deps): bump the bundler-production-dependencies group across 1 directory with 7 updates

observability-guy/otel-turing-test #93

4.1.1 → 4.2.1 Minor PR
Closed 6 months ago 3 comments
observability-guy
build(deps): bump the bundler-production-dependencies group across 1 directory with 7 updates

BHBbhb123/otel-demo-gateway #93

4.1.1 → 4.2.1 Minor PR
Open 6 months ago 3 comments
BHBbhb123
Bump the bundler-production-dependencies group across 1 directory with 7 updates

Mide69/Open-Telementry-project-demo #89

4.1.1 → 4.2.1 Minor PR
Open 6 months ago 3 comments
Mide69
Bump the bundler-production-dependencies group across 1 directory with 7 updates

PraveenKumarDova/opentelemetry-demo #93

4.1.1 → 4.2.1 Minor PR
Open 6 months ago 1 comment
PraveenKumarDova
Bump the bundler group across 1 directory with 59 updates

ministryofjustice/laa-court-data-adaptor #1490

4.1.1 → 4.2.1 Minor PR
Closed 7 months ago 1 comment
ministryofjustice
deps(deps): bump sinatra from 3.2.0 to 4.2.1 in /cryptotronbot_frontend

iFocus-Innovations-LLC/cryptotronbot-portfolio #28

3.2.0 → 4.2.1 Major PR
Open 7 months ago 1 comment
iFocus-Innovations-LLC
Update sinatra requirement from ~> 3.1 to ~> 4.2 in /ruby

analisaperlengkapan/web-server-benchmark #10

~> 3.1 → ~> 4.2
Open 7 months ago 1 comment
analisaperlengkapan
Bump sinatra and rack in /examples/sinatra

gocd-contrib/jruby-rack #42

3.2.0 → 4.2.1 Major PR
Closed 7 months ago 2 comments
gocd-contrib
Bump the bundler group across 1 directory with 58 updates

ministryofjustice/laa-court-data-adaptor #1488

4.1.1 → 4.2.1 Minor PR
Closed 7 months ago 1 comment
ministryofjustice
1.2.x: Bump the ruby-deps group across 4 directories with 15 updates

chadlwilson/jruby-rack #36

3.2.0 → 4.2.1 Major PR
Closed 8 months ago 1 comment
chadlwilson
Bump the ruby-deps group across 4 directories with 7 updates

chadlwilson/jruby-rack #34

3.2.0 → 4.2.1 Major PR
Closed 8 months ago 1 comment
chadlwilson
Bump sinatra from 3.0.5 to 4.2.1

babywyrm/beef #443

3.0.5 → 4.2.1 Major PR
Closed 8 months ago 2 comments
babywyrm
build(deps): bump sinatra from 4.1.1 to 4.2.0

umts/strap #225

4.1.1 → 4.2.0 Minor PR
Closed 8 months ago 1 comment
umts
Bump the bundler-production-dependencies group across 1 directory with 6 updates

niteshautomates/opentelemetry-catalog #113

4.1.1 → 4.2.1 Minor PR
Open 8 months ago 1 comment
niteshautomates
build(deps): bump the bundler-production-dependencies group across 1 directory with 5 updates

dtamura/otel-demo-ja #76

4.1.1 → 4.2.0 Minor PR
Closed 8 months ago 1 comment
dtamura
Bump the bundler-production-dependencies group across 1 directory with 5 updates

kkdevopsb5/opentelemetry-demo-k8s #39

4.1.1 → 4.2.0 Minor PR
Closed 8 months ago 1 comment
kkdevopsb5
build(deps): bump the bundler-production-dependencies group across 1 directory with 5 updates

khushboo-sah/opentelemetry-demo #72

4.1.1 → 4.2.0 Minor PR
Closed 8 months ago 1 comment
khushboo-sah
chore(deps): bump sinatra from 4.1.1 to 4.2.0 in /proxies/ruby

DevCycleHQ/test-harness #568

4.1.1 → 4.2.0 Minor PR
Open 8 months ago 1 comment
DevCycleHQ
Bump the bundler-production-dependencies group across 1 directory with 6 updates

kkdevopsb5/opentelemetry-demo-k8s #40

4.1.1 → 4.2.1 Minor PR
Closed 8 months ago 1 comment
kkdevopsb5
Bump the bundler-production-dependencies group across 1 directory with 6 updates

PraveenKumarDova/opentelemetry-demo #82

4.1.1 → 4.2.1 Minor PR
Open 8 months ago 1 comment
PraveenKumarDova
build(deps): bump the bundler-production-dependencies group across 1 directory with 5 updates

VardhanLearn/Opentelemetry #58

4.1.1 → 4.2.0 Minor PR
Closed 8 months ago 1 comment
VardhanLearn
Update sinatra requirement from ~> 2.1 to >= 2.1, < 5.0

tamakishiroa/unlockxcel #1

~> 2.1 → >= 2.1, < 5.0
Open 8 months ago
tamakishiroa
build(deps): bump the bundler-production-dependencies group across 1 directory with 6 updates

burhanuddin-anw/opentelemetry-demo #81

4.1.1 → 4.2.1 Minor PR
Open 8 months ago
burhanuddin-anw
build(deps): bump the bundler-production-dependencies group across 1 directory with 5 updates

Vs7sai/cd-cd #112

4.1.1 → 4.2.0 Minor PR
Closed 8 months ago 1 comment
Vs7sai
Package Details
Name: sinatra
Ecosystem: rubygems
PURL Type: gem
Package URL: pkg:gem/sinatra
JSON API: View JSON
Security Advisories

6

Active advisories
HIGH 2
MODERATE 3
LOW 1
View All gem Advisories
Package Information
Description:

Sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.

Repository: https://github.com/sinatra/sinatra
Homepage: http://sinatrarb.com/
Latest Release: 4.1.1
over 1 year ago
Dependent Repos: 144,784
Dependent Packages: 3,239
Downloads: 303,945,342
Ranking: Top 0.1043% by dependent repos Top 0.0641% by downloads Top 0.0173% by dependent pkgs
PR Status
Open 122 (43.1%)
Merged 25 (8.8%)
Closed 122 (43.1%)
PR Types
Major 136 (48.1%)
Minor 96 (33.9%)
Patch 16 (5.7%)