Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the rails group across 1 directory with 4 updates #4731

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the rails group across 1 directory with 4 updates #4731

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 9, 2025
edited
Loading

Bumps the rails group with 3 updates in the / directory: rails, active_storage_validations and activerecord-import.

Updates rails from 7.1.5.1 to 7.2.2.1

Release notes

Sourced from rails's releases.

7.2.2.1

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits
  • 33beb0a Preparing for 7.2.2.1 release
  • d4b2a61 Update vendored trix version to 2.1.10
  • 3da2479 Add CSP directive validation
  • d0dcb8f Preparing for 7.2.2 release
  • 9f24f75 Add yarn.lock allowed dirty files
  • ad485aa Merge pull request #52951 from Ridhwana/Ridhwana/active-record-validations [c...
  • f6916e7 Merge pull request #53494 from zzak/re-53492
  • a7858b5 Merge pull request #53472 from p8/activerecord/improve-attributes-for-inspect...
  • e6a8acd Merge pull request #53475 from p8/activerecord/show-all-attributes-in-console
  • 91aac4a Merge pull request #53484 from zzak/query_cache-config-disable
  • Additional commits viewable in compare view

Updates activerecord-postgis-adapter from 9.0.2 to 10.0.1

Changelog

Sourced from activerecord-postgis-adapter's changelog.

10.0.1 / 2024-11-15

  • Fix Quoting of RGeo objects (JamesChevalier) #417
  • Fix loading issue in multi-db environments (dorner) #418

10.0.0 / 2024-11-04

  • ActiveRecord 7.2 support #405
Commits

Updates active_storage_validations from 1.3.0 to 2.0.2

Release notes

Sourced from active_storage_validations's releases.

2.0.2

2.0.1

2.0.0

What's Changed

We are happy to release the active_storage_validations version 2! This major version add several features such as:

  • Add support for video & audio files
    • dimension validator now supports video files
    • aspect_ratio validator now supports video files
    • processable_image validator is now processable_file validator and supports image/video/audio
  • New validator added:
    • duration validator has been added for audio / video files
  • Major performance improvement have been added: we now only perform the expensive io analysis operation on the newly attached files
  • All error messages have been given an upgrade and new variables that you can use
  • Complete rewrite of gem README
  • To upgrade from version 1.x to 2.x, please read the upgrade guide in the readme
  • Find the associated PRs here:

Full Changelog: igorkasyanchuk/active_storage_validations@1.4.0...2.0.0

1.4.0

What's Changed

New Contributors

Full Changelog: igorkasyanchuk/active_storage_validations@1.3.4...1.4.0

1.3.4

... (truncated)

Changelog

Sourced from active_storage_validations's changelog.

... (truncated)

Commits
  • dd27d44 2.0.2 release
  • 7072010 Merge pull request #358 from igorkasyanchuk/355-yaml-content-type-validation-...
  • fd5f611 [Gem] Fix issue with developers not able to deifne their own Marcel content_t...
  • d3176cf Merge pull request #357 from igorkasyanchuk/356-undesirable-mutation-of-marce...
  • 84f0596 [Validator] Fix issue with all_available_marcel_content_types mutating Marcel...
  • 9466e97 new release
  • b9f13e3 Merge pull request #353 from igorkasyanchuk/update-rails-load-hook
  • 878f9c6 [Blob] Correct Rails hook
  • 1396c53 [Metadata] Fix nasty bug due to AWS not allowing anything apart from String (...
  • c473600 Merge pull request #351 from igorkasyanchuk/350-20-aspect-ratio-validator-bre...
  • Additional commits viewable in compare view

Updates activerecord-import from 1.8.1 to 2.1.0

Changelog

Sourced from activerecord-import's changelog.

Changes in 2.1.0

New Features

  • Add Support for active_record_proxy_adapters gem thanks to @​stingrayzboy via #\867. Since Rails 7.1 makara no longer works and it is not currently maintained. The @​nasdaq team have written a gem called active_record_proxy_adapters that implements some makara functionality.

Changes in 2.0.0

Breaking Changes

  • Fix recursive_on_duplicate_key_update doesn't work with non-standard association name. Thanks to @​jacob-carlborg-apoex via #852. The documentation for the :recursive_on_duplicate_key_update option specifies that the hash key is the association name. But previously the name of associated table was used to look up the options. Now the behavior matches the documentation and the name of the association is used instead. This only affects associations that uses a name that doesn't follow the ActiveRecord naming conventions of associations and class names, i.e. when the class_name: option is used on an association.
Commits
  • e4f2a2c Merge pull request #867 from stingrayzboy/Add-Support-for-Active-Record-Proxy...
  • cc0a8f7 Update CHANGELOG.md
  • 64110a6 Add Support for Mysql2 Proxy
  • 99cdf23 Add Support for ActiveRecord Proxy Adapters
  • 25a53be Fix issue with missing Logger dependency
  • 2f61ccd Merge pull request #865 from zdennis/releases/v2.0.0
  • 3d2ae3d Update changelog for 2.0.0
  • 9fe062f Bump version to 2.0.0
  • c986418 Merge pull request #863 from smasato/chore/remove-deprecation
  • f0f3dda Merge pull request #862 from smasato/test/cleanup-legacy-test-support
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Feb 9, 2025
@dependabot dependabot bot mentioned this pull request Feb 9, 2025
Closed
@dependabot dependabot bot force-pushed the dependabot/bundler/rails-e755cf430f branch 3 times, most recently from e8cf9e7 to 148fbd7 Compare February 17, 2025 08:46
@dependabot
build(deps): bump the rails group across 1 directory with 4 updates
87ec1ed 
Bumps the rails group with 3 updates in the / directory: [rails](https://github.com/rails/rails), [active_storage_validations](https://github.com/igorkasyanchuk/active_storage_validations) and [activerecord-import](https://github.com/zdennis/activerecord-import).


Updates `rails` from 7.1.5.1 to 7.2.2.1
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v7.1.5.1...v7.2.2.1)

Updates `activerecord-postgis-adapter` from 9.0.2 to 10.0.1
- [Changelog](https://github.com/rgeo/activerecord-postgis-adapter/blob/master/History.md)
- [Commits](rgeo/activerecord-postgis-adapter@v9.0.2...v10.0.1)

Updates `active_storage_validations` from 1.3.0 to 2.0.2
- [Release notes](https://github.com/igorkasyanchuk/active_storage_validations/releases)
- [Changelog](https://github.com/igorkasyanchuk/active_storage_validations/blob/master/CHANGES.md)
- [Commits](igorkasyanchuk/active_storage_validations@1.3.0...2.0.2)

Updates `activerecord-import` from 1.8.1 to 2.1.0
- [Changelog](https://github.com/zdennis/activerecord-import/blob/master/CHANGELOG.md)
- [Commits](zdennis/activerecord-import@v1.8.1...v2.1.0)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rails
- dependency-name: activerecord-postgis-adapter
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: rails
- dependency-name: active_storage_validations
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: rails
- dependency-name: activerecord-import
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: rails
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/bundler/rails-e755cf430f branch from 148fbd7 to 87ec1ed Compare February 17, 2025 09:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants