Bump govuk_app_config from 7.1.0 to 9.5.0

[dependabot]

Bumps govuk_app_config from 7.1.0 to 9.5.0.

Changelog

Sourced from govuk_app_config's changelog.

9.5.0

• Allow gov.uk domains to embed pages in the global Content Security Policy (#325)

9.4.0

• Disallow any domain from embeding a page to prevent clickjacking (#322)
• Fix GovukContentSecurityPolicy test (#324)

9.3.0

• Get prometheus labels from controller, not params (#320)

9.2.0

• Default to Prometheus histograms, not summaries (#318)

9.1.0

• GovukAppConfig silences OpenTelemetry log output when running a rake task (#311)
• Update warning message for Prometheus metric server address already in use.
• Add ability to support custom collectors in the Prometheus exporter.

9.0.4

• Fix an issue with Rails.logger being not an instance of ActiveSupport::Logger. Rails expects Rails.logger to have methods that Ruby STD Logger does not provide. e.g. silence() (#309)

9.0.3

• When error is reported by Rails logger, the field is now logged as "error_message" in order to avoid overwriting the "message" field.

9.0.2

• GovukAppConfig no longer automatically initialises OpenTelemetry when running in rails console.

9.0.1

• Rename the "error" field in Rails logs from logstasher to "message" as error is supposed to be an object.

9.0.0

• BREAKING: JSON logs are no longer configured automatically for production Rails apps and are turned on with the GOVUK_RAILS_JSON_LOGGING environment variable (#302)
• Add govuk_request_id to JSON logging for apps with gds-api-adapters (#300)
• BREAKING: Remove $stdout, $stderr and $real_stdout redirections (#300)
• BREAKING: Change error log behaviour from logging JSON to full string (#300)
• Remove monkeypatch for errors (#300)

8.1.1

• Fix prometheus_exporter to method patching compatible with OpenTelemetry.

... (truncated)

Commits

• 37f62a6 Merge pull request #325 from alphagov/update-csp
• 08d598a Release 9.5.0
• ba97b9d Allow gov.uk domains to embed pages
• a4764a3 Merge pull request #323 from alphagov/new-relase
• ef78d94 Release version 9.4.0
• 4e81e17 Merge pull request #324 from alphagov/fix-test
• 6c709b2 Fix GovukContentSecurityPolicy test
• 6438507 Merge pull request #322 from alphagov/add-frame-ancestors-csp
• e845ded Disallow any domain from embeding a page to prevent clickjacking
• 4db5992 Merge pull request #321 from alphagov/bump-to-9-3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #1211.