build(deps): bump the bundler group across 9 directories with 10 updates #31

dependabot · 2024-09-27T06:59:21Z

Bumps the bundler group with 1 update in the /pkgs/applications/misc/coltrane directory: activesupport.
Bumps the bundler group with 2 updates in the /pkgs/applications/misc/gollum directory: rexml and webrick.
Bumps the bundler group with 2 updates in the /pkgs/applications/misc/pt directory: addressable and excon.
Bumps the bundler group with 1 update in the /pkgs/applications/misc/taskjuggler directory: webrick.
Bumps the bundler group with 2 updates in the /pkgs/applications/office/ledger-web directory: rack and sinatra.
Bumps the bundler group with 3 updates in the /pkgs/applications/version-management/bitbucket-server-cli directory: json, addressable and git.
Bumps the bundler group with 4 updates in the /pkgs/applications/version-management/danger-gitlab directory: rexml, addressable, git and httparty.
Bumps the bundler group with 1 update in the /pkgs/applications/version-management/git-fame directory: activesupport.
Bumps the bundler group with 1 update in the /pkgs/by-name/ba/bashly directory: rexml.

Updates activesupport from 7.0.4.2 to 7.0.7.1

Release notes

Sourced from activesupport's releases.

7.0.7.1

Active Support

Use a temporary file for storing unencrypted files while editing

[CVE-2023-38037]

Active Model

No changes.

Active Record

No changes.

Action View

No changes.

Action Pack

No changes.

Active Job

No changes.

Action Mailer

No changes.

Action Cable

No changes.

... (truncated)

Commits

c92caef Preparing for 7.0.7.1 release
936587d updating version / changelog
a21d6ed Use a temporary file for storing unencrypted files while editing
522c86f Preparing for 7.0.7 release
5610cba Sync CHANGELOG with the changes in the repository
7e9ffc2 Fix to_s not using :default format with no args
a8e88e2 Fix Cache::NullStore with local caching for repeated reads
b18b9df Merge pull request #48800 from robinjam/fix-humanize-nil
b12fe80 Fix Enumerable#sum for Enumerator#lazy
e3f80f6 Add lower bound to Listen gem requirement
Additional commits viewable in compare view

Updates rexml from 3.3.2 to 3.3.6

Release notes

Sourced from rexml's releases.

REXML 3.3.6 - 2024-08-22

Improvements

Removed duplicated entity expansions for performance.

GH-194

Patch by Viktor Ivarsson.

Improved namespace conflicted attribute check performance. It was too slow for deep elements.

Reported by l33thaxor.

Fixes

Fixed a bug that default entity expansions are counted for security check. Default entity expansions should not be counted because they don't have a security risk.

GH-198

GH-199

Patch Viktor Ivarsson

Fixed a parser bug that parameter entity references in internal subsets are expanded. It's not allowed in the XML specification.

GH-191

Patch by NAITOH Jun.

Fixed a stream parser bug that user-defined entity references in text aren't expanded.

GH-200

Patch by NAITOH Jun.

Thanks

Viktor Ivarsson

NAITOH Jun

l33thaxor

REXML 3.3.5 - 2024-08-12

Fixes

Fixed a bug that REXML::Security.entity_expansion_text_limit check has wrong text size calculation in SAX and pull parsers.

GH-193

GH-195

Reported by Viktor Ivarsson.

Patch by NAITOH Jun.

... (truncated)

Changelog

Sourced from rexml's changelog.

3.3.6 - 2024-08-22 {#version-3-3-6}

Improvements

Removed duplicated entity expansions for performance.

GH-194

Patch by Viktor Ivarsson.

Improved namespace conflicted attribute check performance. It was too slow for deep elements.

Reported by l33thaxor.

Fixes

Fixed a bug that default entity expansions are counted for security check. Default entity expansions should not be counted because they don't have a security risk.

GH-198

GH-199

Patch Viktor Ivarsson

Fixed a parser bug that parameter entity references in internal subsets are expanded. It's not allowed in the XML specification.

GH-191

Patch by NAITOH Jun.

Fixed a stream parser bug that user-defined entity references in text aren't expanded.

GH-200

Patch by NAITOH Jun.

Thanks

Viktor Ivarsson

NAITOH Jun

l33thaxor

3.3.5 - 2024-08-12 {#version-3-3-5}

Fixes

Fixed a bug that REXML::Security.entity_expansion_text_limit check has wrong text size calculation in SAX and pull parsers.

GH-193

GH-195

Reported by Viktor Ivarsson.

Patch by NAITOH Jun.

... (truncated)

Commits

95871f3 Add 3.3.6 entry
7cb5eae parser tree: improve namespace conflicted attribute check performance
6109e01 Fix a bug that Stream parser doesn't expand the user-defined entity reference...
cb15858 parser: keep the current namespaces instead of stack of Set
2b47b16 parser: move duplicated end tag check to BaseParser
35e1681 test tree-parser: move common method to base class
6e00a14 test: fix indent
df3a0cc test: fix indent
fdbffe7 Use loop instead of recursive call for Element#namespace
6422fa3 Use loop instead of recursive call for Element#root
Additional commits viewable in compare view

Updates webrick from 1.8.1 to 1.8.2

Release notes

Sourced from webrick's releases.

v1.8.2

What's Changed

Drop commented-out line by @olleolleolle in ruby/webrick#108

Add Ruby 3.1 & 3.2 to CI matrix by @tricknotes in ruby/webrick#109

Fix/redos by @ooooooo-q in ruby/webrick#114

Raise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by @jeremyevans in ruby/webrick#120

Bump actions/checkout from 3 to 4 by @dependabot in ruby/webrick#121

Improve CI by @hsbt in ruby/webrick#123

Fix WEBrick::TestFileHandler#test_short_filename test not working on mswin by @KJTsanaktsidis in ruby/webrick#128

Fix bug chunk extension detection by @jeremyevans in ruby/webrick#125

Fix CI. by @ioquatix in ruby/webrick#131

Merge multiple cookie headers, preserving semantic correctness. by @ioquatix in ruby/webrick#130

Test on macos-latest by @byroot in ruby/webrick#132

Require CRLF line endings in request line and headers by @jeremyevans in ruby/webrick#138

Prefer squigly heredocs. by @ioquatix in ruby/webrick#143

Only strip space and horizontal tab in headers by @jeremyevans in ruby/webrick#141

Treat missing CRLF separator after headers as an EOFError by @jeremyevans in ruby/webrick#142

Return 400 response for chunked requests with unexpected data after chunk by @jeremyevans in ruby/webrick#136

Fix reference to URI::REGEXP::PATTERN::HOST by @casperisfine in ruby/webrick#144

Prevent request smuggling by @jeremyevans in ruby/webrick#146

New Contributors

@tricknotes made their first contribution in ruby/webrick#109

@ooooooo-q made their first contribution in ruby/webrick#114

@KJTsanaktsidis made their first contribution in ruby/webrick#128

@byroot made their first contribution in ruby/webrick#132

@casperisfine made their first contribution in ruby/webrick#144

Full Changelog: ruby/webrick@v1.8.1...v1.8.2

Commits

0fb9de6 Bump up v1.8.2
b9a4c81 Removed trailing spaces
f5faca9 Prevent request smuggling
0c600e1 Fix reference to URI::REGEXP::PATTERN::HOST
15a9391 Return 400 response for chunked requests with unexpected data after chunk
2b38d56 Treat missing CRLF separator after headers as an EOFError
e4efb4a Remove unnecessary gsub calls in test_httprequest.rb
426e214 Only strip space and horizontal tab in headers
e72cb69 Prefer squigly heredocs. (#143)
ee60354 Require CRLF line endings in request line and headers
Additional commits viewable in compare view

Updates addressable from 2.6.0 to 2.8.0

Changelog

Sourced from addressable's changelog.

Addressable 2.8.0

fixes ReDoS vulnerability in Addressable::Template#match

no longer replaces + with spaces in queries for non-http(s) schemes

fixed encoding ipv6 literals

the :compacted flag for normalized_query now dedupes parameters

fix broken escape_component alias

dropping support for Ruby 2.0 and 2.1

adding Ruby 3.0 compatibility for development tasks

drop support for rack-mount and remove Addressable::Template#generate

performance improvements

switch CI/CD to GitHub Actions

Addressable 2.7.0

added :compacted flag to normalized_query

heuristic_parse handles mailto: more intuitively

dropped explicit support for JRuby 9.0.5.0

compatibility w/ public_suffix 4.x

performance improvements

Commits

6469a23 Updating gemspec again
2433638 Merge branch 'main' of github.com:sporkmonger/addressable into main
e9c76b8 Merge pull request #378 from ashmaroli/flat-map
56c5cf7 Update the gemspec
c1fed1c Require a non-vulnerable rake
0d8a312 Adding note about ReDoS vulnerability
89c7613 Merge branch 'template-regexp' into main
cf8884f Note about alias fix
bb03f71 Merge pull request #371 from charleystran/add_missing_encode_component_doc_entry
6d1d809 Adding note about :compacted normalization
Additional commits viewable in compare view

Updates excon from 0.64.0 to 0.71.0

Changelog

Sourced from excon's changelog.

0.71.0 2019-12-12

fix for leftover data with interrupted persistent connections

0.70.0 2019-12-02

Update bundled certificates

0.69.1 2019-11-21

Fix mistake in proxy connection error handling

0.69.0 2019-11-21

Raise better proxy connection errors

0.68.0 2019-10-25

Updated bundled certs

0.67.0 2019-09-24

Properly redact user/pass info from proxy credentials Update bundled certs

0.66.0 2019-08-06

Add remote_ip to datum, enabling usage in middleware redirect follower now raises after following too many redirects (default 10) fixed stub clearing in tests to avoid race conditions

0.65.0 2019-07-22

fix yardoc formatting fix creating Proc without a block reduce/refine gem file contents update bundled certs readd bundled certs to gem file contents

Commits

1149d44 v0.71.0
ccb57d7 fix for leftover data with interrupted persistent connections
f8de8cf v0.70.0
93f4a21 v0.69.1
e89bbb7 Merge pull request #709 from jasquat/fix_response_status_check
5647437 fixed response status check when making a request with a valid proxy is set
f769176 v0.69.0
20c0748 define ProxyConnectionError
f44106a raise on failed proxy connect
d7ed5fe be thorough in unsubscribing to notifications in instrumentation tests
Additional commits viewable in compare view

Updates webrick from 1.8.1 to 1.8.2

Release notes

Sourced from webrick's releases.

v1.8.2

What's Changed

Drop commented-out line by @olleolleolle in ruby/webrick#108

Add Ruby 3.1 & 3.2 to CI matrix by @tricknotes in ruby/webrick#109

Fix/redos by @ooooooo-q in ruby/webrick#114

Raise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by @jeremyevans in ruby/webrick#120

Bump actions/checkout from 3 to 4 by @dependabot in ruby/webrick#121

Improve CI by @hsbt in ruby/webrick#123

Fix WEBrick::TestFileHandler#test_short_filename test not working on mswin by @KJTsanaktsidis in ruby/webrick#128

Fix bug chunk extension detection by @jeremyevans in ruby/webrick#125

Fix CI. by @ioquatix in ruby/webrick#131

Merge multiple cookie headers, preserving semantic correctness. by @ioquatix in ruby/webrick#130

Test on macos-latest by @byroot in ruby/webrick#132

Require CRLF line endings in request line and headers by @jeremyevans in ruby/webrick#138

Prefer squigly heredocs. by @ioquatix in ruby/webrick#143

Only strip space and horizontal tab in headers by @jeremyevans in ruby/webrick#141

Treat missing CRLF separator after headers as an EOFError by @jeremyevans in ruby/webrick#142

Return 400 response for chunked requests with unexpected data after chunk by @jeremyevans in ruby/webrick#136

Fix reference to URI::REGEXP::PATTERN::HOST by @casperisfine in ruby/webrick#144

Prevent request smuggling by @jeremyevans in ruby/webrick#146

New Contributors

@tricknotes made their first contribution in ruby/webrick#109

@ooooooo-q made their first contribution in ruby/webrick#114

@KJTsanaktsidis made their first contribution in ruby/webrick#128

@byroot made their first contribution in ruby/webrick#132

@casperisfine made their first contribution in ruby/webrick#144

Full Changelog: ruby/webrick@v1.8.1...v1.8.2

Commits

0fb9de6 Bump up v1.8.2
b9a4c81 Removed trailing spaces
f5faca9 Prevent request smuggling
0c600e1 Fix reference to URI::REGEXP::PATTERN::HOST
15a9391 Return 400 response for chunked requests with unexpected data after chunk
2b38d56 Treat missing CRLF separator after headers as an EOFError
e4efb4a Remove unnecessary gsub calls in test_httprequest.rb
426e214 Only strip space and horizontal tab in headers
e72cb69 Prefer squigly heredocs. (#143)
ee60354 Require CRLF line endings in request line and headers
Additional commits viewable in compare view

Updates rack from 2.0.7 to 2.2.8.1

Release notes

Sourced from rack's releases.

v2.2.8.1

What's Changed

Fixed ReDoS in Accept header parsing [CVE-2024-26146]

Fixed ReDoS in Content Type header parsing [CVE-2024-25126]

Reject Range headers which are too large [CVE-2024-26141]

Full Changelog: rack/rack@v2.2.8...v2.2.8.1

v2.2.8

What's Changed

Limit file extension length of multipart tempfiles (2.2 backport) by @dentarg in rack/rack#2075

CHANGELOG: Add missing 2.2.7 by @tisba in rack/rack#2081

Update cookie.rb by @dchandekstark in rack/rack#2092

Prefer ubuntu-latest for testing. by @ioquatix in rack/rack#2095

Fix inefficient assert pattern in Rack::Lint [2-2-stable] by @skipkayhil in rack/rack#2101

Regenerate SPEC [2-2-stable] by @skipkayhil in rack/rack#2102

New Contributors

@tisba made their first contribution in rack/rack#2081

@dchandekstark made their first contribution in rack/rack#2092

Full Changelog: rack/rack@v2.2.7...v2.2.8

v2.2.7

What's Changed

Correct the year number in the changelog by @kimulab in rack/rack#2015

Support underscore in host names for Rack 2.2 (Fixes #2070) by @jeremyevans in rack/rack#2071

New Contributors

@kimulab made their first contribution in rack/rack#2015

Full Changelog: rack/rack@v2.2.6.4...v2.2.7

v2.2.6.4

No release notes provided.

v2.1.4.4

What's Changed

Fixed ReDoS in Accept header parsing [CVE-2024-26146]

Full Changelog: rack/rack@v2.1.4.3...v2.1.4.4

v2.0.9.4

What's Changed

Fixed ReDoS in Accept header parsing [CVE-2024-26146]

Full Changelog: rack/rack@v2.0.9.3...v2.0.9.4

Changelog

Sourced from rack's changelog.

Changelog

All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference Keep A Changelog.

Unreleased

Added

Introduce Rack::VERSION constant. (#2199, [@ioquatix])

Changed

Invalid cookie keys will now raise an error. (#2193, [@ioquatix])

Rack::MediaType#params now handles empty strings. (#2229, [@jeremyevans])

Deprecated

Rack::Auth::AbstractRequest#request is deprecated without replacement. (#2229, [@jeremyevans])

Rack::Request#parse_multipart (private method designed to be overridden in subclasses) is deprecated without replacement. (#2229, [@jeremyevans])

Removed

Rack::Request#values_at is removed. (#2200, [@ioquatix])

Rack::Logger is removed with no replacement. (#2196, [@ioquatix])

Automatic cache invalidation in Rack::Request#{GET,POST} has been removed. (#2230, [@jeremyevans])

[3.1.7] - 2024-07-11

Fixed

Do not remove escaped opening/closing quotes for content-disposition filenames. (#2229, [@jeremyevans])

Fix encoding setting for non-binary IO-like objects in MockRequest#env_for. (#2227, [@jeremyevans])

Rack::Response should not generate invalid content-length header. (#2219, [@ioquatix])

Allow empty PATH_INFO. (#2214, [@ioquatix])

[3.1.6] - 2024-07-03

Fixed

Fix several edge cases in Rack::Request#parse_http_accept_header's implementation. (#2226, [@ioquatix])

[3.1.5] - 2024-07-02

Security

Fix potential ReDoS attack in Rack::Request#parse_http_accept_header. (GHSA-cj83-2ww7-mvq7, @dwisiswant0)

[3.1.4] - 2024-06-22

Fixed

... (truncated)

Commits

e830011 bump version
d9c163a Avoid 2nd degree polynomial regexp in MediaType
6245768 Return an empty array when ranges are too large
e4c1177 Fixing ReDoS in header parsing
f169ff7 Bump patch version.
0a46487 Regenerate SPEC (#2102)
cee73b3 Fix inefficient assert pattern in Rack::Lint (#2101)
1fdcf1f Prefer ubuntu-latest for testing. (#2095)
287fe43 Update cookie.rb (#2092)
e7f4869 adds missing 2.2.7 to CHANGELOG.md (#2081)
Additional commits viewable in compare view

Updates sinatra from 2.0.5 to 2.2.3

Changelog

Sourced from sinatra's changelog.

2.2.3 / 2022-11-25

Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai

Fix: fixed ReDoS for Rack::Protection::IPSpoofing. #1823 by @ooooooo-q

2.2.2 / 2022-07-23

Update mustermann dependency to version 2.

2.2.1 / 2022-07-15

Fix JRuby regression by using ruby2_keywords for delegation. #1750 by Patrik Ragnarsson

Add JRuby to CI. #1755 by Karol Bucek

2.2.0 / 2022-02-15

Breaking change: Add #select, #reject and #compact methods to Sinatra::IndifferentHash. If hash keys need to be converted to symbols, call #to_h to get a Hash instance first. #1711 by Olivier Bellone

Handle EOFError raised by Rack and return Bad Request 400 status. #1743 by tamazon

Minor refactors in base.rb. #1640 by ceclinux

Add escaping to the static 404 page. #1645 by Chris Gavin

Remove detect_rack_handler method. #1652 by ceclinux

Respect content type set in superclass before filter. Fixes #1647 #1649 by Jordan Owens

Revert "Use prepend instead of include for helpers. #1662 by namusyaka

Fix usage of inherited Sinatra::Base classes keyword arguments. Fixes #1669 #1670 by Cadu Ribeiro

Reduce RDoc generation time by not including every README. Fixes #1578 #1671 by Eloy Pérez

Add support for per form csrf tokens. Fixes #1616 #1653 by Jordan Owens

Update MAINTENANCE.md with the stable branch status. #1681 by Fredrik Rubensson

Validate expanded path matches public_dir when serving static files. #1683 by cji-stripe

Fix Delegator to pass keyword arguments for Ruby 3.0. #1684 by andrewtblake

Fix use with keyword arguments for Ruby 3.0. #1701 by Robin Wallin

Fix memory leaks for proc template. Fixes #1704 #1719 by Slevin

Remove unnecessary test_files from the gemspec. #1712 by Masataka Pocke Kuwabara

... (truncated)

Commits

0bdb254 2.2.3 release
43df742 Remove rdoc
580b271 fix ReDoS
9031a44 Pin haml to v5
0455c8e Pin Puma to v5
1808bcd escape filename in the Content-Disposition header
ee12b18 Note potential breaking change in 2.2.0 release
9c1ed08 Update CHANGELOG.md
a2b8243 2.2.2 release
6534799 Update mustermann to ~> 2.0
Additional commits viewable in compare view

Updates json from 2.0.2 to 2.3.0

Release notes

Sourced from json's releases.

v2.3.0

What's Changed

README: Docs at rubydoc.info, not on rubyforge by @olleolleolle in flori/json#376

Remove RubyForge homepage reference by @olleolleolle in flori/json#378

Add ascii_only option to JSON::Ext::Generator::State.new. by @sho-h in flori/json#367

Gemspec: Drop EOL'd property rubyforge_project by @olleolleolle in flori/json#381

Backport ruby core changes by @hsbt in flori/json#388

Minor cleanup for ruby 2.7 warnings and failures. by @zenspider in flori/json#389

relax test-unit version for old ruby by @hsbt in flori/json#390

Bump versions for 2.3.0. by @headius in flori/json#391

New Contributors

@zenspider made their first contribution in flori/json#389

Full Changelog: ruby/json@v2.2.0...v2.3.0

v2.2.0

What's Changed

Fixed json_create example to use create_additions = true by @perlun in flori/json#331

README: Fixed code examples to start in the left-most column by @perlun in flori/json#330

Added missing bigdecimal for its test by @hsbt in flori/json#335

README: Added note about json/add/exception by @perlun in flori/json#332

fix link in travis widget by @lostapathy in flori/json#340

[CI] Test against Ruby 2.5 by @nicolasleger in flori/json#352

Removed control characters from gemspec. by @hsbt in flori/json#360

Fix typos in README.md by @yui-knk in flori/json#363

Backport from Ruby core repository by @hsbt in flori/json#359

Fix for bigdecimal updates by @mrkn in flori/json#362

Fix a typo. by @sho-h in flori/json#369

fix JSON::Generator::State#ascii_only? document same as lib/json/pure/generator.rb. by @sho-h in flori/json#366

New Contributors

@lostapathy made their first contribution in flori/json#340

@nicolasleger made their first contribution in flori/json#352

@yui-knk made their first contribution in flori/json#363

Full Changelog: ruby/json@v2.1.0...v2.2.0

v2.1.0

What's Changed

README.md typo fix by @kaworu in flori/json#300

Correct documentation of OpenStruct.json_create by @kyanagi in flori/json#301

No Bignum by @nobu in flori/json#302

CHANGES.md: Fixed typo by @perlun in flori/json#306

Actually test BigDecimal parsing. by @xb in flori/json#321

Back-out change of directory of json-java.gemspec. by @xb in flori/json#323

New Contributors

@kaworu made their first contribution in flori/json#300

@kyanagi made their first contribution in flori/json#301

... (truncated)

Changelog

Sourced from json's changelog.

2019-12-11 (2.3.0)

Fix default of create_additions to always be false for JSON(user_input) and JSON.parse(user_input, nil). Note that JSON.load remains with default true and is meant for internal serialization of trusted data. [CVE-2020-10663]

Fix passing args all #to_json in json/add/*.

Fix encoding issues

Fix issues of keyword vs positional parameter

Fix JSON::Parser against bigdecimal updates

Bug fixes to JRuby port

2019-02-21 (2.2.0)

Adds support for 2.6 BigDecimal and ruby standard library Set datetype.

2017-04-18 (2.1.0)

Allow passing of decimal_class option to specify a class as which to parse JSON float numbers.

2017-03-23 (2.0.4)

Raise exception for incomplete unicode surrogates/character escape sequences. This problem was reported by Daniel Gollahon (dgollahon).

Fix arbitrary heap exposure problem. This problem was reported by Ahmad Sherif (ahmadsherif).

2017-01-12 (2.0.3)

Set required_ruby_version to 1.9

Some small fixes

Commits

92cf5c4 v2.3.0
579ae85 Add some more recent jruby
acabfeb Make tests green on jruby
c194360 Update travis config
49317c1 Ignore log files
d84439f Merge pull request #391 from headius/prep_2.3.0
38f68d1 Bump versions for 2.3.0.
40524a9 Merge pull request #390 from flori/relax-test-unit
87379e6 relax test-unit version for old ruby
05de02f Merge branch 'zenspider-zenspider/ruby-2.7'
Additional commits viewable in compare view

Updates addressable from 2.5.0 to 2.8.0

Changelog

Sourced from addressable's changelog.

Addressable 2.8.0

fixes ReDoS vulnerability in Addressable::Template#match

no longer replaces + with spaces in queries for non-http(s) schemes

fixed encoding ipv6 literals

the :compacted flag for normalized_query now dedupes parameters

fix broken escape_component alias

dropping support for Ruby 2.0 and 2.1

adding Ruby 3.0 compatibility for development tasks

drop support for rack-mount and remove Addressable::Template#generate

performance improvements

switch CI/CD to GitHub Actions

Addressable 2.7.0

added :compacted flag to normalized_query

heuristic_parse handles mailto: more intuitively

dropped explicit support for JRuby 9.0.5.0

compatibility w/ public_suffix 4.x

performance improvements

Commits

6469a23 Updating gemspec again
2433638 Merge branch 'main' of github.com:sporkmonger/addressable into main
e9c76b8 Merge pull request #378 from ashmaroli/flat-map
56c5cf7 Update the gemspec
c1fed1c Require a non-vulnerable rake
0d8a312 Adding note about ReDoS vulnerability
89c7613 Merge branch 'template-regexp' into main
cf8884f Note about alias fix
bb03f71 Merge pull request #371 from charleystran/add_missing_encode_component_doc_entry
6d1d809 Adding note about :compacted normalization
Additional commits viewable in compare view

Updates git from 1.3.0 to 1.13.0

Release notes

Sourced from git's releases.

v1.13.0

Full Changelog

ca8ff35 Release v1.13.0 (#603)

8349224 Update list of maintainers (#598)

4fe8738 In ls-files do not unescape file paths with eval (#602)

74b8e11 Add start_point option for checkout command (#597)

ff6dcf4 Do not assume the default branch is 'master' in tests

8279298 Fix exception when Git is autoloaded (#594)

Release v1.12.0

Full Changelog

ea79dad Release v1.12.0

e58cd29 Support the commit --no-gpg-sign flag (#589)

323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (#592)

609ab8b Allow the CI build to be run manually using the GitHub interface (#590)

4a96679 Fix windows build (#591)

6f2b3fd Support the --all option for git fetch (#583)

1b13ec1 Workaround to get JRuby build working (#582)

5f0adec Update README.md (#580)

45b467c Make the directory param to Git.clone optional (#578)

b92130c Make Git::URL.clone_to handle cloning to bare and mirror repos (#577)

13471d7 Add Git::URL #parse and #clone_to methods (#575)

0a43d8b Use the head version of yard (#573)

Release v1.11.0

Full Changelog

292087e Supress unneeded test output (#570)

19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)

018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)

c04d16e remove from maintainer (#567)

291ca09 Address command line injection in Git::Lib#fetch

521b8e7 Release v1.10.2 (#561)

Release v1.10.2

Full Changelog

57f941c Release v1.10.2

c987a74 Add create-release, setup, and console dev scripts (#560)

12e3d03 Store tempfile objects to prevent deletion during tests (#555)

Release v1.10.1

Full Changelog

c7b12af Release v1.10.1

ea28118 Properly escape double quotes in shell commands on Windows (#552)

db060fc Properly unescape diff paths (

Bumps the bundler group with 1 update in the /pkgs/applications/misc/coltrane directory: [activesupport](https://github.com/rails/rails). Bumps the bundler group with 2 updates in the /pkgs/applications/misc/gollum directory: [rexml](https://github.com/ruby/rexml) and [webrick](https://github.com/ruby/webrick). Bumps the bundler group with 2 updates in the /pkgs/applications/misc/pt directory: [addressable](https://github.com/sporkmonger/addressable) and [excon](https://github.com/excon/excon). Bumps the bundler group with 1 update in the /pkgs/applications/misc/taskjuggler directory: [webrick](https://github.com/ruby/webrick). Bumps the bundler group with 2 updates in the /pkgs/applications/office/ledger-web directory: [rack](https://github.com/rack/rack) and [sinatra](https://github.com/sinatra/sinatra). Bumps the bundler group with 3 updates in the /pkgs/applications/version-management/bitbucket-server-cli directory: [json](https://github.com/flori/json), [addressable](https://github.com/sporkmonger/addressable) and [git](https://github.com/ruby-git/ruby-git). Bumps the bundler group with 4 updates in the /pkgs/applications/version-management/danger-gitlab directory: [rexml](https://github.com/ruby/rexml), [addressable](https://github.com/sporkmonger/addressable), [git](https://github.com/ruby-git/ruby-git) and [httparty](https://github.com/jnunemaker/httparty). Bumps the bundler group with 1 update in the /pkgs/applications/version-management/git-fame directory: [activesupport](https://github.com/rails/rails). Bumps the bundler group with 1 update in the /pkgs/by-name/ba/bashly directory: [rexml](https://github.com/ruby/rexml). Updates `activesupport` from 7.0.4.2 to 7.0.7.1 - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v7.2.1/activesupport/CHANGELOG.md) - [Commits](rails/rails@v7.0.4.2...v7.0.7.1) Updates `rexml` from 3.3.2 to 3.3.6 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](ruby/rexml@v3.3.2...v3.3.6) Updates `webrick` from 1.8.1 to 1.8.2 - [Release notes](https://github.com/ruby/webrick/releases) - [Commits](ruby/webrick@v1.8.1...v1.8.2) Updates `addressable` from 2.6.0 to 2.8.0 - [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md) - [Commits](sporkmonger/addressable@addressable-2.6.0...addressable-2.8.0) Updates `excon` from 0.64.0 to 0.71.0 - [Changelog](https://github.com/excon/excon/blob/master/changelog.txt) - [Commits](excon/excon@v0.64.0...v0.71.0) Updates `webrick` from 1.8.1 to 1.8.2 - [Release notes](https://github.com/ruby/webrick/releases) - [Commits](ruby/webrick@v1.8.1...v1.8.2) Updates `rack` from 2.0.7 to 2.2.8.1 - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](rack/rack@2.0.7...v2.2.8.1) Updates `sinatra` from 2.0.5 to 2.2.3 - [Changelog](https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md) - [Commits](sinatra/sinatra@v2.0.5...v2.2.3) Updates `json` from 2.0.2 to 2.3.0 - [Release notes](https://github.com/flori/json/releases) - [Changelog](https://github.com/flori/json/blob/master/CHANGES.md) - [Commits](ruby/json@v2.0.2...v2.3.0) Updates `addressable` from 2.5.0 to 2.8.0 - [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md) - [Commits](sporkmonger/addressable@addressable-2.6.0...addressable-2.8.0) Updates `git` from 1.3.0 to 1.13.0 - [Release notes](https://github.com/ruby-git/ruby-git/releases) - [Changelog](https://github.com/ruby-git/ruby-git/blob/master/CHANGELOG.md) - [Commits](ruby-git/ruby-git@v1.3.0...v1.13.0) Updates `rexml` from 3.2.5 to 3.3.6 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](ruby/rexml@v3.3.2...v3.3.6) Updates `addressable` from 2.8.0 to 2.8.7 - [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md) - [Commits](sporkmonger/addressable@addressable-2.6.0...addressable-2.8.0) Updates `git` from 1.9.1 to 1.13.0 - [Release notes](https://github.com/ruby-git/ruby-git/releases) - [Changelog](https://github.com/ruby-git/ruby-git/blob/master/CHANGELOG.md) - [Commits](ruby-git/ruby-git@v1.3.0...v1.13.0) Updates `httparty` from 0.18.1 to 0.21.0 - [Release notes](https://github.com/jnunemaker/httparty/releases) - [Changelog](https://github.com/jnunemaker/httparty/blob/main/Changelog.md) - [Commits](jnunemaker/httparty@v0.18.1...v0.21.0) Updates `activesupport` from 7.0.6 to 7.0.7.1 - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v7.2.1/activesupport/CHANGELOG.md) - [Commits](rails/rails@v7.0.4.2...v7.0.7.1) Updates `rexml` from 3.2.6 to 3.3.6 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](ruby/rexml@v3.3.2...v3.3.6) --- updated-dependencies: - dependency-name: activesupport dependency-type: indirect dependency-group: bundler - dependency-name: rexml dependency-type: indirect dependency-group: bundler - dependency-name: webrick dependency-type: indirect dependency-group: bundler - dependency-name: addressable dependency-type: indirect dependency-group: bundler - dependency-name: excon dependency-type: indirect dependency-group: bundler - dependency-name: webrick dependency-type: direct:production dependency-group: bundler - dependency-name: rack dependency-type: indirect dependency-group: bundler - dependency-name: sinatra dependency-type: indirect dependency-group: bundler - dependency-name: json dependency-type: indirect dependency-group: bundler - dependency-name: addressable dependency-type: indirect dependency-group: bundler - dependency-name: git dependency-type: indirect dependency-group: bundler - dependency-name: rexml dependency-type: indirect dependency-group: bundler - dependency-name: addressable dependency-type: indirect dependency-group: bundler - dependency-name: git dependency-type: indirect dependency-group: bundler - dependency-name: httparty dependency-type: indirect dependency-group: bundler - dependency-name: activesupport dependency-type: indirect dependency-group: bundler - dependency-name: rexml dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Sep 27, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the bundler group across 9 directories with 10 updates #31

build(deps): bump the bundler group across 9 directories with 10 updates #31

dependabot bot commented on behalf of github Sep 27, 2024

build(deps): bump the bundler group across 9 directories with 10 updates #31

Are you sure you want to change the base?

build(deps): bump the bundler group across 9 directories with 10 updates #31

Conversation

dependabot bot commented on behalf of github Sep 27, 2024

7.0.7.1

Active Support

Active Model

Active Record

Action View

Action Pack

Active Job

Action Mailer

Action Cable

REXML 3.3.6 - 2024-08-22

Improvements

Fixes

Thanks

REXML 3.3.5 - 2024-08-12

Fixes

3.3.6 - 2024-08-22 {#version-3-3-6}

Improvements

Fixes

Thanks

3.3.5 - 2024-08-12 {#version-3-3-5}

Fixes

v1.8.2

What's Changed

New Contributors

Addressable 2.8.0

Addressable 2.7.0

0.71.0 2019-12-12

0.70.0 2019-12-02

0.69.1 2019-11-21

0.69.0 2019-11-21

0.68.0 2019-10-25

0.67.0 2019-09-24

0.66.0 2019-08-06

0.65.0 2019-07-22

v1.8.2

What's Changed

New Contributors

v2.2.8.1

What's Changed

v2.2.8

What's Changed

New Contributors

v2.2.7

What's Changed

New Contributors

v2.2.6.4

v2.1.4.4

What's Changed

v2.0.9.4

What's Changed

Changelog

Unreleased

Added

Changed

Deprecated

Removed

[3.1.7] - 2024-07-11

Fixed

[3.1.6] - 2024-07-03

Fixed

[3.1.5] - 2024-07-02

Security

[3.1.4] - 2024-06-22

Fixed

2.2.3 / 2022-11-25

2.2.2 / 2022-07-23

2.2.1 / 2022-07-15

2.2.0 / 2022-02-15

v2.3.0

What's Changed

New Contributors

v2.2.0

What's Changed

New Contributors

v2.1.0