Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the bundler group across 1 directories with 5 updates #1

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 18, 2023

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


Bumps the bundler group with 5 updates in the /. directory:

Package From To
rack 1.4.1 2.2.6.4
grape 0.2.1 1.1.0
activesupport 3.2.8 3.2.22.5
net-ldap 0.3.1 0.16.2
json 1.7.5 2.7.1

Updates rack from 1.4.1 to 2.2.6.4

Changelog

Sourced from rack's changelog.

Changelog

All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference Keep A Changelog.

Unreleased

SPEC Changes

  • rack.input is now optional. (#1997, [@​ioquatix])
  • Rack::Utils.escape_html is now delegated to CGI.escapeHTML. ' is escaped to [#39](https://github.com/rack/rack/issues/39); instead of #x27;. (decimal vs hexadecimal) (#2099, @​JunichiIto)

Changed

  • rack.input is now optional, and if missing, will raise an error. Use this to fail on multipart parsing a request without an input body. (#2018, [@​ioquatix])
  • Introduce module Rack::BadRequest which is included in multipart and query parser errors. (#2019, [@​ioquatix])
  • MIME type for JavaScript files (.js) changed from application/javascript to text/javascript (1bd0f15)
  • Add .mjs MIME type (#2057, [@​axilleas])
  • Update MIME types associated to .ttf, .woff, .woff2 and .otf extensions to use mondern font/* types. (#2065, [@​davidstosik])
  • set_cookie_header utility now supports the partitioned cookie attribute. This is required by Chrome in some embedded contexts. (#2131, [@​flavio-b])
  • Remove non-standard status codes 306, 509, & 510 and update descriptions for 413, 422, & 451. (#2137, [@​wtn])
  • Add fallback lookup and deprecation warning for obsolete status symbols. (#2137, [@​wtn])

[3.0.8] - 2023-06-14

[3.0.7] - 2023-03-16

[3.0.6.1] - 2023-03-13

[3.0.6] - 2023-03-13

  • Add QueryParser#missing_value for handling missing values + tests. (#2052, [@​ioquatix])

[3.0.5] - 2023-03-13

[3.0.4.2] - 2023-03-02

  • [CVE-2023-27530] Introduce multipart_total_part_limit to limit total parts

[3.0.4.1] - 2023-01-17

... (truncated)

Commits

Updates grape from 0.2.1 to 1.1.0

Changelog

Sourced from grape's changelog.

1.1.0 (2018/8/4)

Features

Fixes

1.0.3 (2018/4/23)

Fixes

1.0.2 (2018/1/10)

Features

Fixes

1.0.1 (2017/9/8)

Features

  • #1652: Add the original exception to the error_formatter the original exception - @​dcsg.

... (truncated)

Commits
  • 0fb170c Preparing for release, 1.1.0.
  • a152d98 Fix param aliases within 'given' blocks (#1771)
  • 2dcef9a Merge pull request #1765 from jdmurphy/415_status
  • 6209297 Use 415 status code when content type is not supported
  • d845a3a Merge pull request #1764 from budnik/patch-1
  • 03f7e4c Fixes few examples syntax
  • 6876b71 When returning an HTML error, make sure it's safe (#1763)
  • 9a4b939 Merge pull request #1758 from 2maz/master
  • 3ee2956 Fix expanding LOAD_PATH in gemspec
  • c951628 Merge pull request #1759 from zvkemp/instrument-serialization
  • Additional commits viewable in compare view

Updates activesupport from 3.2.8 to 3.2.22.5

Commits
  • e4b0a5f bumping version
  • c4e0169 bumping version
  • ebc3639 bumping version
  • 1ac2ddb Preparing for 3.2.22.2 release
  • 8d86637 bumping version
  • a6fa396 use secure string comparisons for basic auth username / password
  • 180aad3 Preparing for 3.2.22 release
  • 153cc84 enforce a depth limit on XML documents
  • abce1aa Fix ruby 2.2 comparable warnings
  • 8f92edb Remove hard dependency on test-unit
  • Additional commits viewable in compare view

Updates net-ldap from 0.3.1 to 0.16.2

Release notes

Sourced from net-ldap's releases.

v0.16.2

  • Net::LDAP#open does not cache bind result #334
  • Fix CI build #333
  • Fix to “undefined method 'result_code'” #308
  • Fixed Exception: incompatible character encodings: ASCII-8BIT and UTF-8 in filter.rb #285

v0.10.1

  • Bug fixes:
    • Fix Integer BER encoding of signed values
Changelog

Sourced from net-ldap's changelog.

=== Net::LDAP 0.16.2

=== Net::LDAP 0.16.1

=== Net::LDAP 0.16.0

=== Net::LDAP 0.15.0

=== Net::LDAP 0.14.0

=== Net::LDAP 0.13.0

Avoid this release for because of an backwards incompatibility in how encryption is initialized ruby-ldap/ruby-net-ldap#264. We did not yank it because people have already worked around it.

=== Net::LDAP 0.12.1

... (truncated)

Commits

Updates json from 1.7.5 to 2.7.1

Release notes

Sourced from json's releases.

v2.7.1

What's Changed

Improved

Fixed

Misc

New Contributors

Full Changelog: ruby/json@v2.7.0...v2.7.1

v2.7.0

What's Changed

Improved

Added

Fixed

Compatibility changes

... (truncated)

Changelog

Sourced from json's changelog.

2023-12-05 (2.7.1)

  • JSON.dump: handle unenclosed hashes regression #554
  • Overload kwargs in JSON.dump #556
  • [DOC] RDoc for additions #557
  • Fix JSON.dump overload combination #558

2023-12-01 (2.7.0)

  • Add a strict option to Generator #519
  • escape_slash option was renamed as script_safe and now also escape U+2028 and U+2029. escape_slash is now an alias of script_safe #525
  • Remove unnecessary initialization of create_id in JSON.parse() #454
  • Improvements to Hash#to_json in pure implementation generator #203
  • Use ruby_xfree to free buffers #518
  • Fix "unexpected token" offset for Infinity #507
  • Avoid using deprecated BigDecimal.new on JRuby #546
  • Removed code for Ruby 1.8 #540
  • Rename JSON::ParseError to JSON:ParserError #530
  • Call super in included hook #486
  • JRuby requires a minimum of Java 8 #516
  • Always indent even if empty #517

2022-11-30 (2.6.3)

  • bugfix json/pure mixing escaped with literal unicode raises Encoding::CompatibilityError #483
  • Stop including the parser source LINE in exceptions #470

2022-11-17 (2.6.2)

  • Remove unknown keyword arg from DateTime.parse #488
  • Ignore java artifacts by @​hsbt #489
  • Fix parser bug for empty string allocation #496

2021-10-24 (2.6.1)

  • Restore version.rb with 2.6.1

2021-10-14 (2.6.0)

  • Use rb_enc_interned_str if available to reduce allocations in freeze: true mode. #451.
  • Bump required_ruby_version to 2.3.
  • Fix compatibility with GC.compact.
  • Fix some compilation warnings. #469

2020-12-22 (2.5.1)

  • Restore the compatibility for constants of JSON class.

2020-12-22 (2.5.0)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the bundler group with 5 updates in the /. directory:

| Package | From | To |
| --- | --- | --- |
| [rack](https://github.com/rack/rack) | `1.4.1` | `2.2.6.4` |
| [grape](https://github.com/ruby-grape/grape) | `0.2.1` | `1.1.0` |
| [activesupport](https://github.com/rails/rails) | `3.2.8` | `3.2.22.5` |
| [net-ldap](https://github.com/ruby-ldap/ruby-net-ldap) | `0.3.1` | `0.16.2` |
| [json](https://github.com/flori/json) | `1.7.5` | `2.7.1` |


Updates `rack` from 1.4.1 to 2.2.6.4
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](rack/rack@1.4.1...v2.2.6.4)

Updates `grape` from 0.2.1 to 1.1.0
- [Changelog](https://github.com/ruby-grape/grape/blob/master/CHANGELOG.md)
- [Commits](ruby-grape/grape@v0.2.1...v1.1.0)

Updates `activesupport` from 3.2.8 to 3.2.22.5
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v7.1.2/activesupport/CHANGELOG.md)
- [Commits](rails/rails@v3.2.8...v3.2.22.5)

Updates `net-ldap` from 0.3.1 to 0.16.2
- [Release notes](https://github.com/ruby-ldap/ruby-net-ldap/releases)
- [Changelog](https://github.com/ruby-ldap/ruby-net-ldap/blob/master/History.rdoc)
- [Commits](https://github.com/ruby-ldap/ruby-net-ldap/commits/v0.16.2)

Updates `json` from 1.7.5 to 2.7.1
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](ruby/json@v1.7.5...v2.7.1)

---
updated-dependencies:
- dependency-name: rack
  dependency-type: direct:production
- dependency-name: grape
  dependency-type: direct:production
- dependency-name: activesupport
  dependency-type: direct:production
- dependency-name: net-ldap
  dependency-type: direct:production
- dependency-name: json
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 18, 2023
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 18, 2023

Dependabot can't resolve your Ruby dependency files. Because of this, Dependabot cannot update this pull request.

@GrantBirki
Copy link
Owner

@dependabot recreate

@GrantBirki GrantBirki closed this Dec 19, 2023
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 19, 2023

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

@GrantBirki GrantBirki deleted the dependabot/bundler/rack-and-grape-and-activesupport-and-net-ldap-and-json-2.2.6.4 branch December 19, 2023 16:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant