Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the bundler group group with 4 updates #994

Merged
merged 1 commit into from
Feb 27, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 19, 2024

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


Bumps the bundler group group with 4 updates: govuk-components, govuk_design_system_formbuilder, pagy and view_component.

Updates govuk-components from 3.3.0 to 5.0.2

Release notes

Sourced from govuk-components's releases.

v5.0.2

Version 5.0.1

  • append the card title to summary card actions, thanks @​frankieroberto for spotting and reporting this #481
  • fix source map loading in the guide #485
  • add warning messages when action: or controller: args are passed to new link helpers
  • fix a bug where the #govuk_breadcrumb_link_to helper was adding govuk-breadcrumbs--link instead of govuk-breadcrumbs__link. Only really noticeable when using breadcrumbs with inverted colours. Thanks @​paulrobertlloyd for reporting.

Version 5.0.0

Release notes

⚠️ This is a breaking change release

Version 5.0.0 of the ruby govuk-components gem supports version 5.0.0 of the govuk-frontend npm package. Both contain breaking changes, and are dependent on each other – so you should update both at the same time.

These release notes for the ruby gem should be read alongside the release notes for govuk-frontend.

Upgrade instructions

1. Install both the gem AND the node package

Update the version of govuk-component in your Gemfile and run bundle install:

gem "govuk-components", "~> 5.0.0"

Update your version of govuk-frontend in your package.json and then run npm install or yarn install (depending on which you use).

"govuk-frontend": "5.0.0",

2. Check that your app still builds

The way that assets have been packaged in govuk-frontend has changed, so you may need to update your build process.

If you're using Sass, change

@import "govuk-frontend/govuk/all";

to

</tr></table> 

... (truncated)

Commits
  • b2424bb Release version 5.0.2
  • ea993ca Upgrade to rubocop-govuk 4.13.0 (#493)
  • c95cf76 Upgrade to rubocop-govuk 4.13.0
  • 1d7c7b6 Bump ViewComponent to v3.9.0 (#492)
  • eef1e42 HTML escape text in GovukComponent::TabComponent::Tab
  • 984cd31 Fix guide build to work with ViewComponent 3.9.0
  • 2913217 Bump ViewComponent to v3.9.0
  • a9e260d Add cannot_start_yet argument to the task list status component (#488)
  • 5fa1e33 Fail when there's both a href and cannot_start_yet
  • 4c1b49d Add cannot_start_yet argument to task list status
  • Additional commits viewable in compare view

Updates govuk_design_system_formbuilder from 3.3.0 to 5.0.0

Release notes

Sourced from govuk_design_system_formbuilder's releases.

Version 5.0.0

  • Add support for Version GOV.UK frontend version 5.0.0

Version 4.1.1

  • Allow merging data-aria-controls in addition to aria-controls. Thank you @​sobakasu #440

Version 4.1.0

Version 4.0.0

  • Upgrade to govuk-frontend 4.6.0
  • Remove classes argument from the few places it remained, custom classes can be set directly using class: thanks to html-attributes-utils' clever merging #409
  • Add support for extra_letter_spacing to text inputs which is useful when asking for long complex codes or IDs #424

Upgrade guide

  • Replace any classes: ... parameters with class: ...

Version 4.0.0rc1

No release notes provided.

Version 4.0.0a1

Preparing for the upcoming version 4.5.0 of GOV.UK frontend

Commits
  • 349383e Release version 5.0.0
  • b7df7b1 Merge pull request #452 from x-govuk/govuk-frontend-5.0.0
  • 0ee62f4 Upgrade to released version of govuk-frontend 5.0.0
  • 3826810 Merge pull request #454 from x-govuk/dependabot/bundler/slim-tw-5.2.0
  • c05f1d0 Update slim requirement from ~> 5.1.1 to ~> 5.2.0
  • dd1a79e Release version 5.0.0b1
  • 9e3b44d Upgrade guide to govuk-frontend 5.0.0-beta.2
  • 0f0b282 Merge pull request #450 from x-govuk/dependabot/npm_and_yarn/guide/sass-1.69.5
  • 5e9f56c Bump sass from 1.68.0 to 1.69.5 in /guide
  • 915ff26 Merge pull request #451 from x-govuk/dependabot/bundler/rouge-tw-4.2.0
  • Additional commits viewable in compare view

Updates pagy from 5.10.1 to 6.4.3

Changelog

Sourced from pagy's changelog.

Version 6.4.3

  • Exclude coverage for prepend conditional, ruby < 3.0 syntax for prepend

Version 6.4.2

  • Better module overrides in jsonapi
  • Replaced the is_a?(Hash) check for jsonapi reserved :page param with respond_to?(:Fetch) and prepended to the Frontend
  • Docs improvements and fixes

Version 6.4.1

  • Remove dependency on base64 (#618)Ruby 3.3 prints a warning if base64 is used without specifying it in the gemfile. Ruby 3.4 will error

Version 6.4.0

  • Implement JSON:API specifications
  • Added simpler nav generation, triggered by setting the size variable to a positive Integer
  • Fix for pagy_calendar_app.ru

Version 6.3.0

  • Calendar improvements:
    • Added the :fit_time option to page_at and pagy_calendar_url_at methods. It avoids the OutOfRangeError by returning the first or last page
    • Added starting_time_for and page_offset_at feedback methods to the Calendar base class
    • Prepended the pagy_calendar_url_at to the Frontend and Backend
    • Added calendar showtime
  • Updated node modules (dev on node 20)
  • Updated Gemfile and fixed new rubocop complaints

Version 6.2.0

  • Add Belarusian locale (#567)
  • Reordered RubyMine tasks (fix #541)

Version 6.1.0

  • Add Vietnamese locale (#550)
  • Maintenance (docs, test, gems and node modules updates) fixes and improvements

Version 6.0.4

  • Updated gems and npm modules
  • fix: Extras::Trim - fix trimming first page (#516)
  • Fix for new rubocop

Version 6.0.3

  • Updated Gemfile and npm modules

... (truncated)

Commits
  • 757d2e3 Merge branch 'dev'
  • a369429 Update workflows
  • c42ada9 Version 6.4.3
  • fd0bf65 Exclude coverage for prepend conditional, ruby < 3.0 syntax for prepend
  • 25fe110 Merge branch 'dev'
  • 5185a21 Version 6.4.2
  • 2059569 Better module overrides in jsonapi
  • 87f3cf1 Replaced the is_a?(Hash) check for jsonapi reserved :page param with respond_...
  • 0be1d3e Temporary fix for RM 3.3.2 console with ruby >= 3.3.0
  • e1e22d7 Docs: fix - add quotes around event handlers (#620)
  • Additional commits viewable in compare view

Updates view_component from 2.74.1 to 3.9.0

Release notes

Sourced from view_component's releases.

v3.9.0

  • Don’t break rails stats if ViewComponent path is missing.

    Claudio Baccigalupo

  • Add deprecation warnings for EOL ruby and Rails versions and patches associated with them.

    Reegan Viljoen

  • Add support for Ruby 3.3.

    *Reegan Viljoen*
    
  • Allow translations to be inherited and overridden in subclasses.

    Elia Schito

  • Resolve console warnings when running test suite.

    Joel Hawksley

  • Fix spelling in a local variable.

    Olle Jonsson

  • Avoid duplicating rendered string when output_postamble is blank.

    Mitchell Henke

  • Ensure HTML output safety.

    Cameron Dutro

v3.8.0

  • Use correct value for the config.action_dispatch.show_exceptions config option for edge Rails.

    Cameron Dutro

  • Remove unsupported versions of Rails & Ruby from CI matrix.

    Reegan Viljoen

  • Raise error when uncountable slot names are used in renders_many

    Hugo Chantelauze Reegan Viljoen

  • Replace usage of String#ends_with? with String#end_with? to reduce the dependency on ActiveSupport core extensions.

    halo

... (truncated)

Changelog

Sourced from view_component's changelog.

3.9.0

  • Don’t break rails stats if ViewComponent path is missing.

    Claudio Baccigalupo

  • Add deprecation warnings for EOL ruby and Rails versions and patches associated with them.

    Reegan Viljoen

  • Add support for Ruby 3.3.

    Reegan Viljoen

  • Allow translations to be inherited and overridden in subclasses.

    Elia Schito

  • Resolve console warnings when running test suite.

    Joel Hawksley

  • Fix spelling in a local variable.

    Olle Jonsson

  • Avoid duplicating rendered string when output_postamble is blank.

    Mitchell Henke

  • Ensure HTML output safety.

    Cameron Dutro

3.8.0

  • Use correct value for the config.action_dispatch.show_exceptions config option for edge Rails.

    Cameron Dutro

  • Remove unsupported versions of Rails & Ruby from CI matrix.

    Reegan Viljoen

  • Raise error when uncountable slot names are used in renders_many

    Hugo Chantelauze Reegan Viljoen

  • Replace usage of String#ends_with? with String#end_with? to reduce the dependency on ActiveSupport core extensions.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot requested a review from a team as a code owner January 19, 2024 10:52
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jan 19, 2024
@dependabot dependabot bot force-pushed the dependabot/bundler/bundler-security-group-f182ddc4af branch from 4aeb444 to 16a30f7 Compare January 19, 2024 11:42
@dependabot dependabot bot force-pushed the dependabot/bundler/bundler-security-group-f182ddc4af branch from 16a30f7 to 15c5d25 Compare January 30, 2024 11:07
Bumps the bundler group group with 4 updates: [govuk-components](https://github.com/x-govuk/govuk-components), [govuk_design_system_formbuilder](https://github.com/x-govuk/govuk-form-builder), [pagy](https://github.com/ddnexus/pagy) and [view_component](https://github.com/viewcomponent/view_component).

Updates `govuk-components` from 3.3.0 to 5.0.2
- [Release notes](https://github.com/x-govuk/govuk-components/releases)
- [Commits](x-govuk/govuk-components@v3.3.0...v5.0.2)

Updates `govuk_design_system_formbuilder` from 3.3.0 to 5.0.0
- [Release notes](https://github.com/x-govuk/govuk-form-builder/releases)
- [Commits](x-govuk/govuk-form-builder@v3.3.0...v5.0.0)

Updates `pagy` from 5.10.1 to 6.4.3
- [Changelog](https://github.com/ddnexus/pagy/blob/master/CHANGELOG.md)
- [Commits](ddnexus/pagy@5.10.1...6.4.3)

Updates `view_component` from 2.74.1 to 3.9.0
- [Release notes](https://github.com/viewcomponent/view_component/releases)
- [Changelog](https://github.com/ViewComponent/view_component/blob/main/docs/CHANGELOG.md)
- [Commits](ViewComponent/view_component@v2.74.1...v3.9.0)

---
updated-dependencies:
- dependency-name: govuk-components
  dependency-type: direct:production
  dependency-group: bundler-security-group
- dependency-name: govuk_design_system_formbuilder
  dependency-type: direct:production
  dependency-group: bundler-security-group
- dependency-name: pagy
  dependency-type: direct:production
  dependency-group: bundler-security-group
- dependency-name: view_component
  dependency-type: direct:production
  dependency-group: bundler-security-group
...

Signed-off-by: dependabot[bot] <[email protected]>
@gpeng gpeng force-pushed the dependabot/bundler/bundler-security-group-f182ddc4af branch from 15c5d25 to 1e8b0d1 Compare February 27, 2024 10:25
@gpeng gpeng merged commit 01fb0af into main Feb 27, 2024
11 checks passed
@gpeng gpeng deleted the dependabot/bundler/bundler-security-group-f182ddc4af branch February 27, 2024 10:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant