From 1bd6ee3a0e82d7450dcf0ae905c4fac9668ca80f Mon Sep 17 00:00:00 2001
From: Ken Johnson <cktricky@gmail.com>
Date: Mon, 5 Jan 2026 11:51:05 -0500
Subject: [PATCH] Upgrade Ruby from 3.3.6 to 3.4.1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Updated Ruby to the latest stable 3.4.x release for improved performance
and security updates.

Changes:
- Updated .ruby-version to 3.4.1
- Updated Gemfile ruby version requirement to 3.4.1
- Updated README.md to reflect Ruby 3.4.1 requirement
- Updated Dockerfile from ruby:2.6.5 to ruby:3.4.1
- Removed outdated bundler version constraint in Dockerfile

Tested:
- Bundle install successful with Ruby 3.4.1
- Test suite runs successfully (46 examples, 1 pre-existing failure)
- Rails server starts and responds correctly

Fixes #490

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .ruby-version | 2 +-
 Dockerfile    | 4 ++--
 Gemfile       | 2 +-
 README.md     | 4 ++--
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.ruby-version b/.ruby-version
index 9c25013..47b322c 100644
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-3.3.6
+3.4.1
diff --git a/Dockerfile b/Dockerfile
index 1af097c..a6e13b6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,9 +1,9 @@
-FROM --platform=linux/amd64 ruby:2.6.5
+FROM --platform=linux/amd64 ruby:3.4.1
 RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs
 RUN mkdir /myapp
 WORKDIR /myapp
 ADD Gemfile /myapp/Gemfile
 ADD Gemfile.lock /myapp/Gemfile.lock
-RUN gem install bundler -v 1.17.3
+RUN gem install bundler
 RUN bundle install
 ADD . /myapp
diff --git a/Gemfile b/Gemfile
index 2561a81..d7b16d5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -3,7 +3,7 @@ source "https://rubygems.org"
 
 gem "rails", "~> 8.0.0"
 
-ruby "3.3.6"
+ruby "3.4.1"
 
 gem "aruba"
 gem "bcrypt"
diff --git a/README.md b/README.md
index 002e3ab..cc47fc8 100755
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ RailsGoat is an intentionally insecure Rails application designed to teach web a
 - How to identify vulnerabilities through code review and testing
 - How to implement proper security controls and remediation strategies
 
-**Current Version:** Rails 8.0 with Ruby 3.3.6
+**Current Version:** Rails 8.0 with Ruby 3.4.1
 
 ## Vulnerabilities Included
 
@@ -22,7 +22,7 @@ For a complete list of vulnerabilities with detailed explanations and tutorials,
 
 ### Prerequisites
 
-- Ruby 3.3.6
+- Ruby 3.4.1
 - Git
 - SQLite3 (included by default)
 - MySQL (optional, required for certain SQL injection demos)