Update Mend: high confidence minor and patch dependency updates

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
aws-sdk-s3 (source, changelog)	1.142.0 -> 1.176.1
aws-sdk-sns (source, changelog)	1.70.0 -> 1.92.0
brakeman (source, changelog)	6.1.1 -> 6.2.2
capybara (changelog)	3.39.2 -> 3.40.0
cssbundling-rails (changelog)	1.3.3 -> 1.4.1
dalli (changelog)	3.2.6 -> 3.2.8
debug	1.9.1 -> 1.9.2
delayed_job (changelog)	4.1.11 -> 4.1.13
delayed_job_active_record	4.1.8 -> 4.1.11
eslint-plugin-import	2.27.5 -> 2.31.0
google-cloud-storage (source)	1.45.0 -> 1.54.0
image_processing	1.12.2 -> 1.13.0
jbuilder (changelog)	2.11.5 -> 2.13.0
jsbundling-rails (changelog)	1.2.1 -> 1.3.1
listen (changelog)	3.8.0 -> 3.9.0
propshaft	0.8.0 -> 0.9.1
qunit (source)	2.19.4 -> 2.23.1
rack (changelog)	3.0.8 -> 3.1.8
rake (changelog)	13.1.0 -> 13.2.1
redis (changelog)	5.0.8 -> 5.3.0
rubocop-minitest (source, changelog)	0.34.3 -> 0.36.0
rubocop-performance (source, changelog)	1.20.1 -> 1.23.0
sprockets-rails (changelog)	3.4.2 -> 3.5.2
stackprof (changelog)	0.2.25 -> 0.2.26
stimulus-rails (source)	1.3.0 -> 1.3.4
terser (changelog)	1.1.20 -> 1.2.4
webmock (changelog)	3.19.1 -> 3.24.0
webpack	4.46.0 -> 4.47.0
webrick	1.8.1 -> 1.9.1

---

Release Notes

aws/aws-sdk-ruby (aws-sdk-s3)

v1.176.1

• Issue - Do not normalize object keys when calling presigned_url or presigned_request.

v1.176.0

• Feature - Amazon S3 Metadata stores object metadata in read-only, fully managed Apache Iceberg metadata tables that you can query. You can create metadata table configurations for S3 general purpose buckets.

v1.175.0

• Feature - Amazon S3 introduces support for AWS Dedicated Local Zones

v1.174.0

• Feature - Amazon Simple Storage Service / Features: Add support for ETag based conditional writes in PutObject and CompleteMultiPartUpload APIs to prevent unintended object modifications.

v1.173.0

• Feature - Add support for conditional deletes for the S3 DeleteObject and DeleteObjects APIs. Add support for write offset bytes option used to append to objects with the S3 PutObject API.

v1.172.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.171.0

• Feature - This release updates the ListBuckets API Reference documentation in support of the new 10,000 general purpose bucket default quota on all AWS accounts. To increase your bucket quota from 10,000 to up to 1 million buckets, simply request a quota increase via Service Quotas.

v1.170.1

• Issue - Tighten regex used to check for S3 200 errors.

v1.170.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.169.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.168.0

• Feature - Add support for the new optional bucket-region and prefix query parameters in the ListBuckets API. For ListBuckets requests that express pagination, Amazon S3 will now return both the bucket names and associated AWS regions in the response.

v1.167.0

• Feature - This release introduces a header representing the minimum object size limit for Lifecycle transitions.

v1.166.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.165.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.164.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.163.0

• Feature - Added SSE-KMS support for directory buckets.

v1.162.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.161.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.160.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.159.0

• Feature - Amazon Simple Storage Service / Features : Add support for conditional writes for PutObject and CompleteMultipartUpload APIs.

v1.158.0

• Feature - Amazon Simple Storage Service / Features : Adds support for pagination in the S3 ListBuckets API.

v1.157.0

• Feature - Support head_bucket, get_object_attributes, delete_objects, and copy_object for Access Grants.

v1.156.0

• Feature - Added response overrides to Head Object requests.

v1.155.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.154.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.153.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.152.3

• Issue - Handle 200 errors for all S3 operations that do not have streaming responses.

v1.152.2

• Issue - Revert Handling of 200 errors for all S3 operations.

v1.152.1

• Issue - Handle 200 errors for all S3 operations that do not have streaming responses.

v1.152.0

• Feature - Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.

v1.151.0

• Feature - Updated a few x-id in the http uri traits

v1.150.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.149.1

• Issue - Fix bug where destination bucket default encryption was inadvertently overridden by source object encryption.

v1.149.0

• Feature - Support S3 Access Grants authentication. Access Grants can be enabled with the access_grants option, and custom options can be passed into the access_grants_credentials_provider option. This feature requires aws-sdk-s3control to be installed.

• Feature - Add RBS signatures for customizations of S3.

v1.148.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.147.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Omit ContentType plugin when generating presigned url.

v1.146.1

• Issue - Fix bug where thread_count option was not being respected for multipart uploads.

v1.146.0

• Feature - Fix two issues with response root node names.

v1.145.0

• Feature - Documentation updates for Amazon S3.

v1.144.0

• Feature - This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).

v1.143.1

• Issue - Include original part errors in message when aborting multipart upload fails (#​2990).

v1.143.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

aws/aws-sdk-ruby (aws-sdk-sns)

v1.92.0

• Feature - ArchivePolicy attribute added to Archive and Replay feature

v1.91.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.90.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.89.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.88.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.87.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.86.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.85.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.84.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.83.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.82.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.81.0

• Feature - Add v2 smoke tests and smithy smokeTests trait for SDK testing.

v1.80.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.79.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.78.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.77.0

• Feature - Doc-only update for SNS. These changes include customer-reported issues and TXC3 updates.

v1.76.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.75.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.74.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.73.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.72.0

• Feature - This release marks phone numbers as sensitive inputs.

v1.71.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

presidentbeef/brakeman (brakeman)

v6.2.2

Compare Source

• Ignore more native gems when building gem
• Revamp command injection in pipeline* calls
• New end-of-support dates for Rails

v6.2.1

Just a packaging fix for brakeman.gem

v6.2.0

• Add --show-ignored option (Gabriel Zayas)
• Add optional support for Prism parser
• Warn about unscoped finds with find_by!
• Treat ::X and X the same, for now (Jill Klang)
• Fix compatibility with default frozen string literals (Jean Boussier)
• Remediation advice for command injection (Nicholas Barone)
• Fix Ruby warnings in test suite (Jean Boussier)
• Support YAML aliases in secret configs (Chedli Bourguiba)
• Add initial Rails 8 support (Ron Shinall)
• Handle mass assignment with splats
• Add support for symbolic links (Lu Zhu)

v6.1.2

Compare Source

• Update Highline to 3.0
• Add EOL date for Ruby 3.3.0
• Avoid copying Sexps that are too large
• Avoid detecting ViewComponentContrib::Base as dynamic render paths (vividmuimui)
• Remove deprecated use of Kernel#open("|...")
• Remove safe_yaml gem dependency
• Avoid detecting Phlex components as dynamic render paths (Máximo Mussini)

teamcapybara/capybara (capybara)

v3.40.0

Compare Source

Release date: 2024-01-26

Changned

• Dropped support for Ruby 2.7, 3.0+ is now required
• Dropped support for Selenium < 4.8
• Use the new headless option on chromedriver with registered selenium driver [Neil Carvalho]

Added

• Capybara::Result#to_ary to support multiple assignment [Sean Doyle]
• has_element? and related matchers [Sean Doyle]
• Rack 3 support

Fixed

• Forward save_screenshot options to selenium - Issue 2738
• Rack test - don't auto submit forms with multiple inputs [Mitchell Henke]
• Table row selector matches cell values in order - Issue 2686 [Jeff Parr]
• Table row selector fixes for first column - Issue 2685 [Jeff Par]

rails/cssbundling-rails (cssbundling-rails)

v1.4.1

Compare Source

What's Changed

• Disable loading .env file when running foreman for development by @​Flixt in https://github.com/rails/cssbundling-rails/pull/155
• Overwrite bin/dev by force to deal with new default bin/dev file coming in Rails 8 by @​dhh

Full Changelog: rails/cssbundling-rails@v1.4.0...v1.4.1

v1.4.0

Compare Source

What's Changed

• Fix bun/bootstrap escaping issue by @​dhh in 09d81cb
• Synchronize bin/dev from jsbundling-rails to cssbundling-rails by @​dorianmarie in https://github.com/rails/cssbundling-rails/pull/151
• Use Thor's apply instead of a prerequisite task by @​jonathanhefner in https://github.com/rails/cssbundling-rails/pull/150
• Fix running "rails new --css bootstrap" on 7.1 by @​skipkayhil in https://github.com/rails/cssbundling-rails/pull/147
• PNPM Support by @​ksylvest in https://github.com/rails/cssbundling-rails/pull/145

New Contributors

• @​sedubois made their first contribution in https://github.com/rails/cssbundling-rails/pull/129
• @​dorianmarie made their first contribution in https://github.com/rails/cssbundling-rails/pull/151
• @​jonathanhefner made their first contribution in https://github.com/rails/cssbundling-rails/pull/150
• @​tylerpaige made their first contribution in https://github.com/rails/cssbundling-rails/pull/148
• @​skipkayhil made their first contribution in https://github.com/rails/cssbundling-rails/pull/147
• @​ksylvest made their first contribution in https://github.com/rails/cssbundling-rails/pull/145

Full Changelog: rails/cssbundling-rails@v1.3.3...v1.4.0

petergoldstein/dalli (dalli)

v3.2.8

Compare Source

==========

• Handle IO::TimeoutError when establishing connection (eugeneius)
• Drop dependency on base64 gem (Earlopain)
• Address incompatibility with resolv-replace (y9v)
• Add rubygems.org metadata (m-nakamura145)

v3.2.7

Compare Source

==========

• Fix cascading error when there's an underlying network error in a pipelined get (eugeneius)
• Ruby 3.4/head compatibility by adding base64 to gemspec (tagliala)
• Add Ruby 3.3 to CI (m-nakamura145)
• Use Socket's connect_timeout when available, and pass timeout to the socket's send and receive timeouts (mlarraz)

ruby/debug (debug)

v1.9.2

Compare Source

What's Changed

• config
  • Make irb_console toggleable with config update by @​st0012 in https://github.com/ruby/debug/pull/1057
• internal
  • Stop assuming Array#each is written in C by @​k0kubun in https://github.com/ruby/debug/pull/1061
  • Add base64 gem to the dependencies by @​y-yagi in https://github.com/ruby/debug/pull/1066
  • Support Ruby 3.4's new error message format by @​hsbt in https://github.com/ruby/debug/pull/1080
  • catch up ruby 3.4.0 error related changes by @​ko1 in https://github.com/ruby/debug/pull/1083
  • Fix syntax warnings by @​casperisfine in https://github.com/ruby/debug/pull/1072
  • Drop base64 dependency by @​Earlopain in https://github.com/ruby/debug/pull/1071
  • Fix ENOENT error when readline is not loaded by @​lazyatom in https://github.com/ruby/debug/pull/1073
  • Remove and Restore irb configuration like irbrc while irb console tests by @​hsbt in https://github.com/ruby/debug/pull/1067
  • Use rb_iseqw_to_iseq to get iseq pointer by @​peterzhu2118 in https://github.com/ruby/debug/pull/1093
• tests
  • Add Ruby 3.3 to CI matrix by @​st0012 in https://github.com/ruby/debug/pull/1058
  • Use ruby/actions workflow for ruby versions by @​m-nakamura145 in https://github.com/ruby/debug/pull/1065
  • Separate setup and execution steps in CI by @​ono-max in https://github.com/ruby/debug/pull/1088
  • Fix flakey test "test_reponse_returns_correct_threads_info" by @​ono-max in https://github.com/ruby/debug/pull/1089
  • Add Launchable in CI by @​ono-max in https://github.com/ruby/debug/pull/1090
• doc
  • Correct the irb command's description by @​st0012 in https://github.com/ruby/debug/pull/1056
  • Fix prelude doc example to use curly braces by @​adam12 in https://github.com/ruby/debug/pull/1052
  • Mention IRB console in readme by @​st0012 in https://github.com/ruby/debug/pull/1092

New Contributors

• @​Earlopain made their first contribution in https://github.com/ruby/debug/pull/1071
• @​lazyatom made their first contribution in https://github.com/ruby/debug/pull/1073
• @​m-nakamura145 made their first contribution in https://github.com/ruby/debug/pull/1065

Full Changelog: ruby/debug@v1.9.1...v1.9.2

collectiveidea/delayed_job (delayed_job)

v4.1.13

Compare Source

=======================

• Enable Rails 8

v4.1.12

Compare Source

=======================

• Add missing require for extract_options
• Fix rails 7.2 ActiveSupport::ProxyObject deprecation
• Multiple contributors on current and legacy test suite improvements

collectiveidea/delayed_job_active_record (delayed_job_active_record)

v4.1.11

Compare Source

What's Changed

• Rails 8 by @​albus522 in https://github.com/collectiveidea/delayed_job_active_record/pull/242
• Fix some typos by @​jdufresne in https://github.com/collectiveidea/delayed_job_active_record/pull/240
• Prepare 4.1.11 release by @​albus522 in https://github.com/collectiveidea/delayed_job_active_record/pull/243

New Contributors

• @​jdufresne made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/240

Full Changelog: collectiveidea/delayed_job_active_record@v4.1.10...v4.1.11

v4.1.10

Compare Source

What's Changed

• Fix error in updated clear_all_connections handling by @​albus522 in https://github.com/collectiveidea/delayed_job_active_record/pull/236

Full Changelog: collectiveidea/delayed_job_active_record@v4.1.9...v4.1.10

v4.1.9

Compare Source

What's Changed

• Fix deprecation warning for clear_all_connections! by @​c960657 in https://github.com/collectiveidea/delayed_job_active_record/pull/226
• Optimize PG reservation query for PG >=9.5 by @​stevenharman in https://github.com/collectiveidea/delayed_job_active_record/pull/215
• Optimize mysql query with trilogy gem by @​taketo1113 in https://github.com/collectiveidea/delayed_job_active_record/pull/222
• Add trilogy gem to CI by @​taketo1113 in https://github.com/collectiveidea/delayed_job_active_record/pull/223
• Multiple test suite update contributors

New Contributors

• @​taketo1113 made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/222
• @​m-nakamura145 made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/224
• @​c960657 made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/226
• @​stevenharman made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/215

Full Changelog: collectiveidea/delayed_job_active_record@v4.1.8...v4.1.9

import-js/eslint-plugin-import (eslint-plugin-import)

v2.31.0

Compare Source

Added

• support eslint v9 ([#​2996], thanks [@​G-Rath] [@​michaelfaith])
• [order]: allow validating named imports ([#​3043], thanks [@​manuth])
• [extensions]: add the checkTypeImports option ([#​2817], thanks [@​phryneas])

Fixed

• ExportMap / flat config: include languageOptions in context ([#​3052], thanks [@​michaelfaith])
• [no-named-as-default]: Allow using an identifier if the export is both a named and a default export ([#​3032], thanks [@​akwodkiewicz])
• [export]: False positive for exported overloaded functions in TS ([#​3065], thanks [@​liuxingbaoyu])
• exportMap: export map cache is tainted by unreliable parse results ([#​3062], thanks [@​michaelfaith])
• exportMap: improve cacheKey when using flat config ([#​3072], thanks [@​michaelfaith])
• adjust "is source type module" checks for flat config ([#​2996], thanks [@​G-Rath])

Changed

• [Docs] [no-relative-packages]: fix typo ([#​3066], thanks [@​joshuaobrien])
• [Performance] [no-cycle]: dont scc for each linted file ([#​3068], thanks [@​soryy708])
• [Docs] [no-cycle]: add disableScc to docs ([#​3070], thanks [@​soryy708])
• [Tests] use re-exported RuleTester ([#​3071], thanks [@​G-Rath])
• [Docs] [no-restricted-paths]: fix grammar ([#​3073], thanks [@​unbeauvoyage])
• [Tests] [no-default-export], [no-named-export]: add test case (thanks [@​G-Rath])

v2.30.0

Compare Source

Added

• [dynamic-import-chunkname]: add allowEmpty option to allow empty leading comments ([#​2942], thanks [@​JiangWeixian])

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box