profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/Georgy5/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Karl Keller Georgy5 Germany / Zimbabwe

Georgy5/apprentice 0

A compilation of tips and tricks on mentoring junior developers

Georgy5/Berkeley_CS169.2x 0

Berkeley_CS169.2x Saas course 2013. Personal solutions.

Georgy5/Best-websites-a-programmer-should-visit 0

:link: Some useful websites for programmers.

Georgy5/boids 0

A fast JavaScript implementation of the boids algorithm

Georgy5/Bs_website 0

Hair Salon Website

Georgy5/cheatsheets 0

A collection of code cheatsheets that I've written to easily remember the commonly used syntax of a language or software.

Georgy5/crucial_resources 0

Collection of resources focusing on Ruby on Rails

Georgy5/curriculum 0

The open curriculum for learning web development

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/nokogiri-1.11.4

created branch time in 3 hours

PR opened AgileVentures/WebsiteOne

[Security] Bump nokogiri from 1.10.8 to 1.11.4

Bumps nokogiri from 1.10.8 to 1.11.4. This update includes security fixes. <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-vr8q-g5c7-m54m">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>XXE in Nokogiri</strong></p> <h3>Severity</h3> <p>Nokogiri maintainers have evaluated this as <a href="https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N"><strong>Low Severity</strong> (CVSS3 2.6)</a>.</p> <h3>Description</h3> <p>In Nokogiri versions <= 1.11.0.rc3, XML Schemas parsed by <code>Nokogiri::XML::Schema</code> are <strong>trusted</strong> by default, allowing external resources to be accessed over the network, potentially enabling XXE or SSRF attacks.</p> <p>This behavior is counter to the security policy followed by Nokogiri maintainers, which is to treat all input as <strong>untrusted</strong> by default whenever possible.</p> <p>Please note that this security fix was pushed into a new minor version, 1.11.x, rather than a patch release to the 1.10.x branch, because it is a breaking change for some schemas and the risk was assessed to be "Low Severity".</p> <h3>Affected Versions</h3> <p>Nokogiri <code>&lt;= 1.10.10</code> as well as prereleases <code>1.11.0.rc1</code>, <code>1.11.0.rc2</code>, and <code>1.11.0.rc3</code></p> <h3>Mitigation</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> <blockquote> <p>Affected versions: <= 1.10.10</p> </blockquote> <p><em>Sourced from <a href="https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-26247.yml">The Ruby Advisory Database</a>.</em></p> <blockquote> <p><strong>Nokogiri::XML::Schema trusts input by default, exposing risk of an XXE vulnerability</strong></p> <h3>Description</h3> <p>In Nokogiri versions <= 1.11.0.rc3, XML Schemas parsed by <code>Nokogiri::XML::Schema</code> are <strong>trusted</strong> by default, allowing external resources to be accessed over the network, potentially enabling XXE or SSRF attacks.</p> <p>This behavior is counter to the security policy followed by Nokogiri maintainers, which is to treat all input as <strong>untrusted</strong> by default whenever possible.</p> <p>Please note that this security fix was pushed into a new minor version, 1.11.x, rather than a patch release to the 1.10.x branch, because it is a breaking change for some schemas and the risk was assessed to be "Low Severity".</p> <h3>Affected Versions</h3> <p>Nokogiri <code>&lt;= 1.10.10</code> as well as prereleases <code>1.11.0.rc1</code>, <code>1.11.0.rc2</code>, and <code>1.11.0.rc3</code></p> <h3>Mitigation</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> <blockquote> <p>Patched versions: >= 1.11.0.rc4 Unaffected versions: none</p> </blockquote> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-7rrm-v45f-jp64">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Update packaged dependency libxml2 from 2.9.10 to 2.9.12</strong></p> <h3>Summary</h3> <p>Nokogiri v1.11.4 updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses:</p> <ul> <li><a href="https://security.archlinux.org/CVE-2019-20388">CVE-2019-20388</a> (Medium severity)</li> <li><a href="https://security.archlinux.org/CVE-2020-24977">CVE-2020-24977</a> (Medium severity)</li> <li><a href="https://security.archlinux.org/CVE-2021-3517">CVE-2021-3517</a> (Medium severity)</li> <li><a href="https://security.archlinux.org/CVE-2021-3518">CVE-2021-3518</a> (Medium severity)</li> <li><a href="https://security.archlinux.org/CVE-2021-3537">CVE-2021-3537</a> (Low severity)</li> <li><a href="https://security.archlinux.org/CVE-2021-3541">CVE-2021-3541</a> (Low severity)</li> </ul> <p>Note that two additional CVEs were addressed upstream but are not relevant to this release. <a href="https://security.archlinux.org/CVE-2021-3516">CVE-2021-3516</a> via <code>xmllint</code> is not present in Nokogiri, and <a href="https://security.archlinux.org/CVE-2020-7595">CVE-2020-7595</a> has been patched in Nokogiri since v1.10.8 (see #1992).</p> <p>Please note that this advisory only applies to the CRuby implementation of Nokogiri <code>&lt; 1.11.4</code>, and only if the packaged version of libxml2 is being used. If you've overridden defaults at installation time to use system libraries instead of packaged libraries, you should instead pay attention to your distro's <code>libxml2</code> release announcements.</p> <h3>Mitigation</h3> <p>Upgrade to Nokogiri <code>&gt;= 1.11.4</code>.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> <blockquote> <p>Affected versions: < 1.11.4</p> </blockquote> </details> <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/releases">nokogiri's releases</a>.</em></p> <blockquote> <h2>1.11.4 / 2021-05-14</h2> <h3>Security</h3> <p>[CRuby] Vendored libxml2 upgraded to v2.9.12 which addresses:</p> <ul> <li><a href="https://security.archlinux.org/CVE-2019-20388">CVE-2019-20388</a></li> <li><a href="https://security.archlinux.org/CVE-2020-24977">CVE-2020-24977</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3517">CVE-2021-3517</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3518">CVE-2021-3518</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3537">CVE-2021-3537</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3541">CVE-2021-3541</a></li> </ul> <p>Note that two additional CVEs were addressed upstream but are not relevant to this release. <a href="https://security.archlinux.org/CVE-2021-3516">CVE-2021-3516</a> via <code>xmllint</code> is not present in Nokogiri, and <a href="https://security.archlinux.org/CVE-2020-7595">CVE-2020-7595</a> has been patched in Nokogiri since v1.10.8 (see <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1992">#1992</a>).</p> <p>Please see <a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-7rrm-v45f-jp64">nokogiri/GHSA-7rrm-v45f-jp64 </a> or <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2233">#2233</a> for a more complete analysis of these CVEs and patches.</p> <h3>Dependencies</h3> <ul> <li>[CRuby] vendored libxml2 is updated from 2.9.10 to 2.9.12. (Note that 2.9.11 was skipped because it was superseded by 2.9.12 a few hours after its release.)</li> </ul> <h2>1.11.3 / 2021-04-07</h2> <h3>Fixed</h3> <ul> <li>[CRuby] Passing non-<code>Node</code> objects to <code>Document#root=</code> now raises an <code>ArgumentError</code> exception. Previously this likely segfaulted. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1900">#1900</a>]</li> <li>[JRuby] Passing non-<code>Node</code> objects to <code>Document#root=</code> now raises an <code>ArgumentError</code> exception. Previously this raised a <code>TypeError</code> exception.</li> <li>[CRuby] arm64/aarch64 systems (like Apple's M1) can now compile libxml2 and libxslt from source (though we continue to strongly advise users to install the native gems for the best possible experience)</li> </ul> <h2>1.11.2 / 2021-03-11</h2> <h3>Fixed</h3> <ul> <li>[CRuby] <code>NodeSet</code> may now safely contain <code>Node</code> objects from multiple documents. Previously the GC lifecycle of the parent <code>Document</code> objects could lead to nodes being GCed while still in scope. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1952#issuecomment-770856928">#1952</a>]</li> <li>[CRuby] Patch libxml2 to avoid "huge input lookup" errors on large CDATA elements. (See upstream <a href="https://gitlab.gnome.org/GNOME/libxml2/-/issues/200">GNOME/libxml2#200</a> and <a href="https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/100">GNOME/libxml2!100</a>.) [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2132">#2132</a>].</li> <li>[CRuby+Windows] Enable Nokogumbo (and other downstream gems) to compile and link against <code>nokogiri.so</code> by including <code>LDFLAGS</code> in <code>Nokogiri::VERSION_INFO</code>. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2167">#2167</a>]</li> <li>[CRuby] <code>{XML,HTML}::Document.parse</code> now invokes <code>#initialize</code> exactly once. Previously <code>#initialize</code> was invoked twice on each object.</li> <li>[JRuby] <code>{XML,HTML}::Document.parse</code> now invokes <code>#initialize</code> exactly once. Previously <code>#initialize</code> was not called, which was a problem for subclassing such as done by <code>Loofah</code>.</li> </ul> <h3>Improved</h3> <ul> <li>Reduce the number of object allocations needed when parsing an HTML::DocumentFragment. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2087">#2087</a>] (Thanks, <a href="https://github.com/ashmaroli"><code>@​ashmaroli</code></a>!)</li> <li>[JRuby] Update the algorithm used to calculate <code>Node#line</code> to be wrong less-often. The underlying parser, Xerces, does not track line numbers, and so we've always used a hacky solution for this method. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1223">#1223</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2177">#2177</a>]</li> <li>Introduce <code>--enable-system-libraries</code> and <code>--disable-system-libraries</code> flags to <code>extconf.rb</code>. These flags provide the same functionality as <code>--use-system-libraries</code> and the <code>NOKOGIRI_USE_SYSTEM_LIBRARIES</code> environment variable, but are more idiomatic. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2193">#2193</a>] (Thanks, <a href="https://github.com/eregon"><code>@​eregon</code></a>!)</li> <li>[TruffleRuby] <code>--disable-static</code> is now the default on TruffleRuby when the packaged libraries are used. This is more flexible and compiles faster. (Note, though, that the default on TR is still to use system libraries.) [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2191#issuecomment-780724627">#2191</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2193">#2193</a>] (Thanks, <a href="https://github.com/eregon"><code>@​eregon</code></a>!)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md">nokogiri's changelog</a>.</em></p> <blockquote> <h2>1.11.4 / 2021-05-14</h2> <h3>Security</h3> <p>[CRuby] Vendored libxml2 upgraded to v2.9.12 which addresses:</p> <ul> <li><a href="https://security.archlinux.org/CVE-2019-20388">CVE-2019-20388</a></li> <li><a href="https://security.archlinux.org/CVE-2020-24977">CVE-2020-24977</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3517">CVE-2021-3517</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3518">CVE-2021-3518</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3537">CVE-2021-3537</a></li> <li><a href="https://security.archlinux.org/CVE-2021-3541">CVE-2021-3541</a></li> </ul> <p>Note that two additional CVEs were addressed upstream but are not relevant to this release. <a href="https://security.archlinux.org/CVE-2021-3516">CVE-2021-3516</a> via <code>xmllint</code> is not present in Nokogiri, and <a href="https://security.archlinux.org/CVE-2020-7595">CVE-2020-7595</a> has been patched in Nokogiri since v1.10.8 (see <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1992">#1992</a>).</p> <p>Please see <a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-7rrm-v45f-jp64">nokogiri/GHSA-7rrm-v45f-jp64 </a> or <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2233">#2233</a> for a more complete analysis of these CVEs and patches.</p> <h3>Dependencies</h3> <ul> <li>[CRuby] vendored libxml2 is updated from 2.9.10 to 2.9.12. (Note that 2.9.11 was skipped because it was superseded by 2.9.12 a few hours after its release.)</li> </ul> <h2>1.11.3 / 2021-04-07</h2> <h3>Fixed</h3> <ul> <li>[CRuby] Passing non-<code>Node</code> objects to <code>Document#root=</code> now raises an <code>ArgumentError</code> exception. Previously this likely segfaulted. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1900">#1900</a>]</li> <li>[JRuby] Passing non-<code>Node</code> objects to <code>Document#root=</code> now raises an <code>ArgumentError</code> exception. Previously this raised a <code>TypeError</code> exception.</li> <li>[CRuby] arm64/aarch64 systems (like Apple's M1) can now compile libxml2 and libxslt from source (though we continue to strongly advise users to install the native gems for the best possible experience)</li> </ul> <h2>1.11.2 / 2021-03-11</h2> <h3>Fixed</h3> <ul> <li>[CRuby] <code>NodeSet</code> may now safely contain <code>Node</code> objects from multiple documents. Previously the GC lifecycle of the parent <code>Document</code> objects could lead to nodes being GCed while still in scope. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1952#issuecomment-770856928">#1952</a>]</li> <li>[CRuby] Patch libxml2 to avoid "huge input lookup" errors on large CDATA elements. (See upstream <a href="https://gitlab.gnome.org/GNOME/libxml2/-/issues/200">GNOME/libxml2#200</a> and <a href="https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/100">GNOME/libxml2!100</a>.) [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2132">#2132</a>].</li> <li>[CRuby+Windows] Enable Nokogumbo (and other downstream gems) to compile and link against <code>nokogiri.so</code> by including <code>LDFLAGS</code> in <code>Nokogiri::VERSION_INFO</code>. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2167">#2167</a>]</li> <li>[CRuby] <code>{XML,HTML}::Document.parse</code> now invokes <code>#initialize</code> exactly once. Previously <code>#initialize</code> was invoked twice on each object.</li> <li>[JRuby] <code>{XML,HTML}::Document.parse</code> now invokes <code>#initialize</code> exactly once. Previously <code>#initialize</code> was not called, which was a problem for subclassing such as done by <code>Loofah</code>.</li> </ul> <h3>Improved</h3> <ul> <li>Reduce the number of object allocations needed when parsing an <code>HTML::DocumentFragment</code>. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2087">#2087</a>] (Thanks, <a href="https://github.com/ashmaroli"><code>@​ashmaroli</code></a>!)</li> <li>[JRuby] Update the algorithm used to calculate <code>Node#line</code> to be wrong less-often. The underlying parser, Xerces, does not track line numbers, and so we've always used a hacky solution for this method. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/1223">#1223</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2177">#2177</a>]</li> <li>Introduce <code>--enable-system-libraries</code> and <code>--disable-system-libraries</code> flags to <code>extconf.rb</code>. These flags provide the same functionality as <code>--use-system-libraries</code> and the <code>NOKOGIRI_USE_SYSTEM_LIBRARIES</code> environment variable, but are more idiomatic. [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2193">#2193</a>] (Thanks, <a href="https://github.com/eregon"><code>@​eregon</code></a>!)</li> <li>[TruffleRuby] <code>--disable-static</code> is now the default on TruffleRuby when the packaged libraries are used. This is more flexible and compiles faster. (Note, though, that the default on TR is still to use system libraries.) [<a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2191#issuecomment-780724627">#2191</a>, <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2193">#2193</a>] (Thanks, <a href="https://github.com/eregon"><code>@​eregon</code></a>!)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sparklemotion/nokogiri/commit/9d69b44ed3357b8069856083d39ee418cd10109b"><code>9d69b44</code></a> version bump to v1.11.4</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/058e87fdfda2cc2f309df098d18fe8856e785fcc"><code>058e87f</code></a> update CHANGELOG with complete CVE information</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/92852514a0d4621961deb6ce249441ff5140358f"><code>9285251</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sparklemotion/nokogiri/issues/2234">#2234</a> from sparklemotion/2233-upgrade-to-libxml-2-9-12</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/5436f6120f883e9f185d48b992f39118a4897760"><code>5436f61</code></a> update CHANGELOG</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/761d320af2872c61b91f7b147cf57481566e3c67"><code>761d320</code></a> patch: renumber libxml2 patches</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/889ee2a9cb1e190bfa664cbf3552585f4d0a09a7"><code>889ee2a</code></a> test: update behavior of namespaces in HTML</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/9751d852c005606447dac7bb17f1a56593014583"><code>9751d85</code></a> test: remove low-value HTML::SAX::PushParser encoding test</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/9fcb7d25eabfab5e701d882e72ecab3b2ea6b13c"><code>9fcb7d2</code></a> test: adjust xpath gc test to libxml2's max recursion depth</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/1c99019f5f1bee23e4bff6cf72871f470097f7b2"><code>1c99019</code></a> patch: backport libxslt configure.ac change for libxml2 config</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/82a253fe7c5bdfab5fbe4c1b0c536b5ce4c72ac3"><code>82a253f</code></a> patch: fix isnan/isinf patch to apply cleanly to libxml 2.9.12</li> <li>Additional commits viewable in <a href="https://github.com/sparklemotion/nokogiri/compare/v1.10.8...v1.11.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+10 -6

0 comment

2 changed files

pr created time in 3 hours

startedtypestack/class-transformer

started time in 7 hours

created repositoryandrerferrer/dbless-airbnb-605

created time in 8 hours

startedslidevjs/slidev

started time in 12 hours

startednotiz-dev/prisma-dbml-generator

started time in 12 hours

created repositoryandrerferrer/banana-app-605

Repo about bananas and rails.

created time in 17 hours

startedkrotik/eliasdb

started time in 17 hours

PR opened AgileVentures/WebsiteOne

Bump paypal-sdk-rest from 1.7.3 to 1.7.4

Bumps paypal-sdk-rest from 1.7.3 to 1.7.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/paypal/PayPal-Ruby-SDK/blob/master/CHANGELOG.md">paypal-sdk-rest's changelog</a>.</em></p> <blockquote> <h2>v1.7.4</h2> <ul> <li>Update Payouts API for latest schema <a href="https://github-redirect.dependabot.com/paypal/PayPal-Ruby-SDK/pull/388">#388</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/paypal/rest-api-sdk-ruby/commits">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+6 -4

0 comment

1 changed file

pr created time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump rspec-html-matchers from 0.9.2 to 0.9.4

Bumps rspec-html-matchers from 0.9.2 to 0.9.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md">rspec-html-matchers's changelog</a>.</em></p> <blockquote> <h2>0.9.4</h2> <ul> <li>html/body matching from now is forbidden (<a href="https://github-redirect.dependabot.com/kucaahbe/rspec-html-matchers/pull/75">#75</a>)</li> <li>make ruby 2.7 possible to fail on CI</li> </ul> <h2>0.9.3</h2> <ul> <li>fix for :seen option (<a href="https://github-redirect.dependabot.com/kucaahbe/rspec-html-matchers/issues/73">#73</a>)</li> <li>fix for html/body matching (<a href="https://github-redirect.dependabot.com/kucaahbe/rspec-html-matchers/issues/62">#62</a>)</li> <li>a bit of linting and refactoring</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/cf978359f7e7f0c9bea033d9402868d46854c219"><code>cf97835</code></a> version bump</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/1dd0944520dd86f8f8654941263cd71b52bf6bd4"><code>1dd0944</code></a> update changelog</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/111fb29b9ad45c9c4fd211b01e98c156160484f4"><code>111fb29</code></a> some rspec best practices :)</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/e9b1a717bc65776873dcd3ac4ba0751c2652efd9"><code>e9b1a71</code></a> [CI] since ruby 2.7 is stable, let's consider it</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/938522a7ca4577ea346c1f71eb2dae59965fd14d"><code>938522a</code></a> prevent error prone <html> and <body> matching</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/47462246a3527f67a1f676ab98276551ee267732"><code>4746224</code></a> Restore the support for matching <code>html</code> and <code>body</code></li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/df7124a630885a8d196890e714272982f6e82622"><code>df7124a</code></a> v. 0.9.3</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/c069389ac53f228920d731ecea786fce96d143d9"><code>c069389</code></a> Fix <a href="https://github-redirect.dependabot.com/kucaahbe/rspec-html-matchers/issues/73">#73</a>: :seen squeeze all non whitespace characters</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/306b8f41ba73280379bc1c6c88c615097a4091ce"><code>306b8f4</code></a> Fix <a href="https://github-redirect.dependabot.com/kucaahbe/rspec-html-matchers/issues/62">#62</a>: use Nokogiri::HTML::DocumentFragment for parent_scope</li> <li><a href="https://github.com/kucaahbe/rspec-html-matchers/commit/596a871e952e9df6e08a2728b0351653361d555a"><code>596a871</code></a> techdebt: refactor</li> <li>Additional commits viewable in <a href="https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.2...v0.9.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+5 -3

0 comment

1 changed file

pr created time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump acts_as_votable from 0.12.1 to 0.13.1

Bumps acts_as_votable from 0.12.1 to 0.13.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ryanto/acts_as_votable/releases">acts_as_votable's releases</a>.</em></p> <blockquote> <h2>v0.13.1</h2> <p><a href="https://github-redirect.dependabot.com/ryanto/acts_as_votable/issues/173">#173</a> Optimize db queries (<a href="https://github.com/fatkodima"><code>@​fatkodima</code></a>)</p> <h2>v0.13.0</h2> <p>💥 Breaking changes</p> <ul> <li>If you're using a cacheable strategy it needs to change from <code>update_attributes</code> to <code>update</code>. Example:</li> </ul> <pre lang="diff"><code>< cacheable_strategy: :update_attributes > cacheable_strategy: :update </code></pre> <ul> <li>Drop support for EOL rubies (2.3, 2.4) and EOL rails (4.x, 5.0). We now support Ruby 2.5, Ruby 2.6, Ruby 2.7 and Rails 5.1+</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ryanto/acts_as_votable/commit/f33008fce84042d2e4378776484248a2216bef80"><code>f33008f</code></a> bump version</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/5ca7643bd30885fa4ff620b183e2c9766a1e55c6"><code>5ca7643</code></a> update readme (<a href="https://github-redirect.dependabot.com/ryanto/acts_as_votable/issues/214">#214</a>)</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/bca33207e842c5ff232aeb0ab93f410a9d455f33"><code>bca3320</code></a> Optimize db queries in several places (<a href="https://github-redirect.dependabot.com/ryanto/acts_as_votable/issues/173">#173</a>)</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/f9c7307390d63e455d69ba19be5795d503e7e6d3"><code>f9c7307</code></a> Update README.md</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/52bfe6fdac58b111e558c4cd115c057daae9e4de"><code>52bfe6f</code></a> bump version</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/4f096742e8b4cea43557efa6ff69589dc61c5079"><code>4f09674</code></a> README: Update API calls for votes, likes, etc. (<a href="https://github-redirect.dependabot.com/ryanto/acts_as_votable/issues/197">#197</a>)</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/18ded6f025f8108b1318a66191a94d0ace0e90ae"><code>18ded6f</code></a> Setup GH actions (<a href="https://github-redirect.dependabot.com/ryanto/acts_as_votable/issues/213">#213</a>)</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/585020dd6ca734b41c35d8cef5193097fecd2705"><code>585020d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ryanto/acts_as_votable/issues/209">#209</a> from fatkodima/fix-sqlite3-version</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/f34865cf66447013c75edeabc4da77f8b61d6f42"><code>f34865c</code></a> Return back the old sqlite3 version</li> <li><a href="https://github.com/ryanto/acts_as_votable/commit/5673c1d0dabdc17058339b4509bfa8e6e9b9826d"><code>5673c1d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ryanto/acts_as_votable/issues/191">#191</a> from xenleme/update-readme</li> <li>Additional commits viewable in <a href="https://github.com/ryanto/acts_as_votable/compare/v0.12.1...v0.13.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+6 -4

0 comment

2 changed files

pr created time in 19 hours

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/bootsnap-1.7.5

created branch time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump bootsnap from 1.4.5 to 1.7.5

Bumps bootsnap from 1.4.5 to 1.7.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md">bootsnap's changelog</a>.</em></p> <blockquote> <h1>1.7.5</h1> <ul> <li>Handle a regression of Ruby 2.7.3 causing Bootsnap to call the deprecated <code>untaint</code> method. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/360">#360</a>)</li> <li>Gracefully handle read-only file system as well as other errors preventing to persist the load path cache. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/358">#358</a>)</li> </ul> <h1>1.7.4</h1> <ul> <li>Stop raising errors when encoutering various file system errors. The cache is now best effort, if somehow it can't be saved, bootsnapp will gracefully fallback to the original operation (e.g. <code>Kernel.require</code>). (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/353">#353</a>, <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/177">#177</a>, <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/262">#262</a>)</li> </ul> <h1>1.7.3</h1> <ul> <li>Disable YAML precompilation when encountering YAML tags. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/351">#351</a>)</li> </ul> <h1>1.7.2</h1> <ul> <li>Fix compatibility with msgpack < 1. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/349">#349</a>)</li> </ul> <h1>1.7.1</h1> <ul> <li>Warn Ruby 2.5 users if they turn ISeq caching on. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/327">#327</a>, <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/244">#244</a>)</li> <li>Disable ISeq caching for the whole 2.5.x series again.</li> <li>Better handle hashing of Ruby strings. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/318">#318</a>)</li> </ul> <h1>1.7.0</h1> <ul> <li>Fix detection of YAML files in gems.</li> <li>Adds an instrumentation API to monitor cache misses.</li> <li>Allow to control the behavior of <code>require 'bootsnap/setup'</code> using environment variables.</li> <li>Deprecate the <code>disable_trace</code> option.</li> <li>Deprecate the <code>ActiveSupport::Dependencies</code> (AKA Classic autoloader) integration. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/344">#344</a>)</li> </ul> <h1>1.6.0</h1> <ul> <li>Fix a Ruby 2.7/3.0 issue with <code>YAML.load_file</code> keyword arguments. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/342">#342</a>)</li> <li><code>bootsnap precompile</code> CLI use multiple processes to complete faster. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/341">#341</a>)</li> <li><code>bootsnap precompile</code> CLI also precompile YAML files. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/340">#340</a>)</li> <li>Changed the load path cache directory from <code>$BOOTSNAP_CACHE_DIR/bootsnap-load-path-cache</code> to <code>$BOOTSNAP_CACHE_DIR/bootsnap/load-path-cache</code> for ease of use. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/334">#334</a>)</li> <li>Changed the compile cache directory from <code>$BOOTSNAP_CACHE_DIR/bootsnap-compile-cache</code> to <code>$BOOTSNAP_CACHE_DIR/bootsnap/compile-cache</code> for ease of use. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/334">#334</a>)</li> </ul> <h1>1.5.1</h1> <ul> <li>Workaround a Ruby bug in InstructionSequence.compile_file. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/332">#332</a>)</li> </ul> <h1>1.5.0</h1> <ul> <li>Add a command line to statically precompile the ISeq cache. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/326">#326</a>)</li> </ul> <h1>1.4.9</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Shopify/bootsnap/commit/22b81ae866a6376326c1b8cb0371fca8bd7c5e4b"><code>22b81ae</code></a> Release 1.7.5</li> <li><a href="https://github.com/Shopify/bootsnap/commit/11fa1306826483d385e460ece3d90b7175f3263e"><code>11fa130</code></a> Make sure not to call untaint on Ruby 2.7+</li> <li><a href="https://github.com/Shopify/bootsnap/commit/2d40bd35d42aa262c3c2c479cfc789d0bf172d12"><code>2d40bd3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/358">#358</a> from metaskills/ReadOnlyFilesystem</li> <li><a href="https://github.com/Shopify/bootsnap/commit/4ccccfc9490deebceabda1c1f56d6c24b6eb9ec2"><code>4ccccfc</code></a> Use SystemCallError vs Errno::EROFS</li> <li><a href="https://github.com/Shopify/bootsnap/commit/4d1a4100a89341250d988258a01a3c69d40db284"><code>4d1a410</code></a> Ignore Read-Only Filesystems</li> <li><a href="https://github.com/Shopify/bootsnap/commit/a7b3628d541be22b4992c0bbc5a07ad4bb714d06"><code>a7b3628</code></a> Add a GitHub issue template to help contributors confirm their issue is with ...</li> <li><a href="https://github.com/Shopify/bootsnap/commit/c834dff885ef58e289b1935d2a6da4302c6d612d"><code>c834dff</code></a> Update rake-compiler</li> <li><a href="https://github.com/Shopify/bootsnap/commit/fa80667838ed9d90ef1c2030899504c49e0b8910"><code>fa80667</code></a> Handle bootsnap being disabled in BOOTSNAP_LOG</li> <li><a href="https://github.com/Shopify/bootsnap/commit/3e94307ebd665d2efdbddb0e99c7796f68cafb55"><code>3e94307</code></a> Release 1.7.4</li> <li><a href="https://github.com/Shopify/bootsnap/commit/503e9d50805769e9fc5034ed175062810e8f8f54"><code>503e9d5</code></a> Tread read errors as cache misses as well</li> <li>Additional commits viewable in <a href="https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.7.5">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+7 -5

0 comment

2 changed files

pr created time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump guard from 2.16.1 to 2.17.0

Bumps guard from 2.16.1 to 2.17.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/guard/guard/releases">guard's releases</a>.</em></p> <blockquote> <h2>v2.17.0</h2> <h2>✨ New Features</h2> <ul> <li>Refactor pry_wrapper.rb to be XDG compliant (<a href="https://github-redirect.dependabot.com/guard/guard/issues/962">#962</a>) <a href="https://github.com/quintrino"><code>@​quintrino</code></a></li> <li>Add Ruby 2.7.3 and 3.0.1 to the test matrix (<a href="https://github-redirect.dependabot.com/guard/guard/issues/969">#969</a>) <a href="https://github.com/rymai"><code>@​rymai</code></a></li> <li>Bring compatibility with Ruby 3 explicit keyword arguments (<a href="https://github-redirect.dependabot.com/guard/guard/issues/969">#969</a>) <a href="https://github.com/rymai"><code>@​rymai</code></a></li> </ul> <h2>v2.16.2</h2> <h2>🐛 Bug Fixes</h2> <ul> <li>Fix support for Pry 0.13 (<a href="https://github-redirect.dependabot.com/guard/guard/issues/958">#958</a>) <a href="https://github.com/rymai"><code>@​rymai</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/guard/guard/commit/4d5a233d2ff92fccdeb2fe6108600697d833fb4e"><code>4d5a233</code></a> Bump VERSION to 2.17.0 (<a href="https://github-redirect.dependabot.com/guard/guard/issues/971">#971</a>)</li> <li><a href="https://github.com/guard/guard/commit/df8fbc133da22717d8f0ecdacb8b678e0b9f7d36"><code>df8fbc1</code></a> Drop support for Ruby 2.3 (<a href="https://github-redirect.dependabot.com/guard/guard/issues/942">#942</a>)</li> <li><a href="https://github.com/guard/guard/commit/a5a0d83e5f3fd28298bf9cd6d3370f60c9bd7cca"><code>a5a0d83</code></a> Add Ruby 2.7.3 and 3.0.1 to the test matrix (<a href="https://github-redirect.dependabot.com/guard/guard/issues/969">#969</a>)</li> <li><a href="https://github.com/guard/guard/commit/40e5a3901f2c25f5488fd01a3578f21a0ff24663"><code>40e5a39</code></a> Refactor pry_wrapper.rb to be XDG compliant (<a href="https://github-redirect.dependabot.com/guard/guard/issues/962">#962</a>)</li> <li><a href="https://github.com/guard/guard/commit/4f5f763d05c113dc607ea39a909ec401441b340d"><code>4f5f763</code></a> Bump VERSION to 2.16.2 (<a href="https://github-redirect.dependabot.com/guard/guard/issues/959">#959</a>)</li> <li><a href="https://github.com/guard/guard/commit/cd42b456c11af7919fd5719ccfd1cc5b39921540"><code>cd42b45</code></a> Fix support for Pry 0.13 (<a href="https://github-redirect.dependabot.com/guard/guard/issues/958">#958</a>)</li> <li>See full diff in <a href="https://github.com/guard/guard/compare/v2.16.1...v2.17.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+12 -10

0 comment

1 changed file

pr created time in 19 hours

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/guard-2.17.0

created branch time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump jquery-rails from 4.3.5 to 4.4.0

Bumps jquery-rails from 4.3.5 to 4.4.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md">jquery-rails's changelog</a>.</em></p> <blockquote> <h2>4.4.0</h2> <ul> <li>update jquery to 3.5.1 (note: <a href="https://github.com/advisories/GHSA-jpcq-cgw6-v4j6">3.5.0 contains important security updates</a>)</li> <li>unescape dollar signs and backticks in <code>assert_select_jquery</code> to match Rails updated behavior.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rails/jquery-rails/commit/a8b003d726522cf663611c114d8f0e79abf8d200"><code>a8b003d</code></a> Release v4.4.0</li> <li><a href="https://github.com/rails/jquery-rails/commit/90826fdc955c830db19307d1085e08bd3ebf9c28"><code>90826fd</code></a> Bump jQuery version to 3.5.1</li> <li><a href="https://github.com/rails/jquery-rails/commit/ad3227ef6536687ad8a7b756822551f630e3aaab"><code>ad3227e</code></a> Test against latest Ruby versions</li> <li><a href="https://github.com/rails/jquery-rails/commit/6361d43027345c391731c9f403ed1a51b02ea467"><code>6361d43</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/jquery-rails/issues/269">#269</a> from repinel/fix-unescape-js</li> <li><a href="https://github.com/rails/jquery-rails/commit/b6d6e2514889ad576c23b8783127e0c346db0d43"><code>b6d6e25</code></a> Fix <code>unescape_js</code> to match changes in Action View</li> <li>See full diff in <a href="https://github.com/rails/jquery-rails/compare/v4.3.5...v4.4.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+10 -8

0 comment

1 changed file

pr created time in 19 hours

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/jquery-rails-4.4.0

created branch time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump rack-cache from 1.10.0 to 1.12.1

Bumps rack-cache from 1.10.0 to 1.12.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rtomayko/rack-cache/blob/master/CHANGES">rack-cache's changelog</a>.</em></p> <blockquote> <h2>1.12.0</h2> <ul> <li>Add a fault_tolerant flag to fail-over to stale cache</li> </ul> <h2>1.11.1</h2> <ul> <li>when ignoring parts of the query, remove query in key when all params are ignored</li> </ul> <h2>1.11.0</h2> <ul> <li>Add a proc to allow ignoring parts of the query string in the key</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rtomayko/rack-cache/commit/d4821f7c6063586a1e1ba7f706c107ce30a15d81"><code>d4821f7</code></a> v1.12.1</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/5260052a3c9d31063fe635d0846ca39d336bd76a"><code>5260052</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rtomayko/rack-cache/issues/171">#171</a> from ykitamura-mdsol/fix/reset_cache_control_on_dup</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/0ed321b09408dba82fcf5bfd2be62b6556faee38"><code>0ed321b</code></a> Reset <a href="https://github.com/cache"><code>@​cache</code></a>_control in Response when duplicating its instance</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/97819fb7cac8e80b5f2357400852cef49f088468"><code>97819fb</code></a> make users who do not use fault_tolerant not go into new code</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/46ddfdad93a9e63c3aa6f3391c5861a222c38434"><code>46ddfda</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rtomayko/rack-cache/issues/168">#168</a> from ykitamura-mdsol/feature/add_fault_tolerant</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/7a6a8108726c0cc66c22cf2242e20ae9c2c011dc"><code>7a6a810</code></a> Add a fault_tolerant flag to fail-over to stale cache</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/fb7d210670a10e0dd07c39b6ac46daa0cbc97cca"><code>fb7d210</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rtomayko/rack-cache/issues/167">#167</a> from olleolleolle/patch-2</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/639144e81576751bc6d44bff9643c6fe6207e627"><code>639144e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rtomayko/rack-cache/issues/166">#166</a> from olleolleolle/patch-1</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/09c312003ea11ef22bc2213339e30a36e6d534a6"><code>09c3120</code></a> README: Use https in hyperlinks</li> <li><a href="https://github.com/rtomayko/rack-cache/commit/226ef4290d52b47a696e393a639807b63408d4a8"><code>226ef42</code></a> CI: Drop unused sudo: false Travis directive</li> <li>Additional commits viewable in <a href="https://github.com/rtomayko/rack-cache/compare/v1.10.0...v1.12.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+4 -2

0 comment

1 changed file

pr created time in 19 hours

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/rack-cache-1.12.1

created branch time in 19 hours

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/rack-timeout-0.6.0

created branch time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump rack-timeout from 0.5.2 to 0.6.0

Bumps rack-timeout from 0.5.2 to 0.6.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sharpstone/rack-timeout/blob/master/CHANGELOG.md">rack-timeout's changelog</a>.</em></p> <blockquote> <h2>0.6.0</h2> <ul> <li>Allow sending SIGTERM to workers on timeout (<a href="https://github-redirect.dependabot.com/sharpstone/rack-timeout/pull/157">sharpstone/rack-timeout#157</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sharpstone/rack-timeout/commit/d1c08988d2ed54bafc6d8963e9d598d49415f343"><code>d1c0898</code></a> v0.6.0</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/7bc2c8177c9d744afb207657988aa0dd77b5ff1b"><code>7bc2c81</code></a> Use default values in timeout examples</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/3fbc469640a93512e43ab534221dea174e8c2c4a"><code>3fbc469</code></a> Whitespace</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/c328e4185e325d819822d4d01d16e04226f8525a"><code>c328e41</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sharpstone/rack-timeout/issues/157">#157</a> from schneems/schneems/stop-process</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/4aa4af5b04d1fa222511228cfb1fd8cf363b9efa"><code>4aa4af5</code></a> Update docs</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/6f32baaaf842371b46a15a13cb85f4a9ef86787d"><code>6f32baa</code></a> Allow sending SIGTERM to workers on timeout</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/6d39bbf779e6b60111a3d2a5352e9e72337d5179"><code>6d39bbf</code></a> Remove multiple assignment</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/9aa53ba9d92b1c9d5a45b748d16e223abfbd5f88"><code>9aa53ba</code></a> Whitespace</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/28a65c7f2735f2ef98516185bd1d350b6029e391"><code>28a65c7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sharpstone/rack-timeout/issues/156">#156</a> from olleolleolle/patch-1</li> <li><a href="https://github.com/sharpstone/rack-timeout/commit/84e8d696cfcfbb83683073f14de2dc75c89d7824"><code>84e8d69</code></a> README: Format code example, whitespace [ci skip]</li> <li>See full diff in <a href="https://github.com/sharpstone/rack-timeout/compare/v0.5.2...v0.6.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+4 -2

0 comment

1 changed file

pr created time in 19 hours

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/better_errors-2.9.1

created branch time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump better_errors from 2.5.1 to 2.9.1

Bumps better_errors from 2.5.1 to 2.9.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/BetterErrors/better_errors/releases">better_errors's releases</a>.</em></p> <blockquote> <h2>v2.9.1</h2> <ul> <li>Fix setting editor with symbol <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/492">#492</a></li> </ul> <h2>v2.9.0</h2> <ul> <li>Mention path in text response <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/487">#487</a></li> <li>Use Github Actions for CI <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/489">#489</a></li> <li>Exception Hints <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/302">#302</a></li> <li>Hide "live shell" hint after console has been used <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/490">#490</a></li> <li>Improve editor support for virtual environments <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/488">#488</a></li> <li>Fix "live shell" hint reappearing when frame changed <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/491">#491</a></li> </ul> <h2>v2.8.3</h2> <ul> <li>Fix 'uninitialized constant BetterErrors::Middleware::VERSION' <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/480">#480</a></li> <li>Fix CSRF_TOKEN_COOKIE_NAME wrong reference to VERSION constant <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/481">#481</a></li> </ul> <h2>v2.8.2</h2> <ul> <li>Fix path of CSRF Token cookie <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/478">#478</a></li> </ul> <h2>v2.8.1</h2> <ul> <li>Show real cause of ActionView::Template::Error with Rails 6 <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/477">#477</a></li> <li>Add TruffleRuby to CI builds <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/473">#473</a></li> </ul> <h2>v2.8.0</h2> <ul> <li>Support for Rails ActionableError <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/465">#465</a></li> <li>Allow editor links to work inside an iframe or with CSP that prohibits other protocols <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/440">#440</a></li> <li>Add CSRF protection to internal requests <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/474">#474</a></li> <li>Validate internal request method names <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/475">#475</a></li> </ul> <h2>v2.7.1</h2> <ul> <li>Show location of error in ActionView template error <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/463">#463</a></li> </ul> <h2>v2.7.0</h2> <ul> <li>Fix various specs that were passing incorrectly <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/453">#453</a> (<a href="https://github.com/RobinDaugherty"><code>@​RobinDaugherty</code></a>)</li> <li>CI tests for Ruby 2.6, 2.7; Rails 6.0 <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/452">#452</a> (<a href="https://github.com/RobinDaugherty"><code>@​RobinDaugherty</code></a>)</li> <li>CI: Drop unused sudo: false directive <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/457">#457</a> (<a href="https://github.com/olleolleolle"><code>@​olleolleolle</code></a>)</li> <li>Add editor preset for VSCodium <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/456">#456</a> (<a href="https://github.com/jaredmoody"><code>@​jaredmoody</code></a>)</li> <li>Show the last-raised error, not its "cause" <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/459">#459</a> (<a href="https://github.com/RobinDaugherty"><code>@​RobinDaugherty</code></a>)</li> <li>Fix warning: <strong>FILE</strong> in eval may not return location in binding <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/458">#458</a> (<a href="https://github.com/yuuu"><code>@​yuuu</code></a>)</li> <li>Allow skipping variable inspection by class name <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/449">#449</a> (<a href="https://github.com/felixbuenemann"><code>@​felixbuenemann</code></a>)</li> </ul> <h2>v2.6.0</h2> <ul> <li>Specify older kramdown and i18n for older ruby versions <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/437">#437</a></li> <li>Fix NoMethodError when variables cannot be retrieved from the stack frame <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/430">#430</a></li> <li>Allow passing IPAddrs to allow_ip <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/444">#444</a></li> <li>Update CI Ruby to fix Travis CI failures <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/450">#450</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/BetterErrors/better_errors/commit/fce143f9fc7eb7713feb87610b85139c7da1f836"><code>fce143f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/492">#492</a> from srachner/fix-setting-editor-with-symbol</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/1f65a70f1dbba0f6e294ee820dfd1e957c46572d"><code>1f65a70</code></a> Fix setting editor with symbol</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/afc1e3ef534aaf9888bfc12f6b407cc7f9e4ddb7"><code>afc1e3e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/491">#491</a> from BetterErrors/fix/hiding-hint-not-working-when-fr...</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/9d7256b441b4bc3becd90de663df887db7614186"><code>9d7256b</code></a> Fix "live shell" hint reappearing when frame changed</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/66f2949416c119edb18db51b040555c8f3244c1b"><code>66f2949</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/BetterErrors/better_errors/issues/488">#488</a> from BetterErrors/feature/editor-support-docker</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/123f9b327e8dc9c960c87dfaf876a8d519be57a4"><code>123f9b3</code></a> Test invalid editor</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/45915e6a1c5e777f5fb975ef3094642a75fb6b66"><code>45915e6</code></a> Support for virtual and host paths</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/6591cf998872940ae64086444aa59be30f1cbe9c"><code>6591cf9</code></a> Rename method and reorder</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/b95d3c334d749a94f162fba1b68c0b9e0f68aa4f"><code>b95d3c3</code></a> Create instances of Editor</li> <li><a href="https://github.com/BetterErrors/better_errors/commit/5931137088b0d688745462ca1a9c1553233ef4c6"><code>5931137</code></a> Specs for Editor module</li> <li>Additional commits viewable in <a href="https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.9.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+5 -3

0 comment

1 changed file

pr created time in 19 hours

PR opened AgileVentures/WebsiteOne

Bump newrelic_rpm from 6.7.0.359 to 7.0.0

Bumps newrelic_rpm from 6.7.0.359 to 7.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/newrelic/newrelic-ruby-agent/releases">newrelic_rpm's releases</a>.</em></p> <blockquote> <h2>pre-release 7.0.0</h2> <p>This is a pre-release of the upcoming 7.0.0 release and is intended for early access and validation for those wanting to try out the new release directly from GitHub prior to finalized release being published to rubygems.org.</p> <h2>pre-release 6.15.0</h2> <p>No release notes provided.</p> <h2>6.13.1-pre</h2> <p>Pre-release for 6.13.1</p> <h2>6.13.0 Prerelease</h2> <p>Prerelease version of 6.13.0 used for internal testing.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/newrelic/newrelic-ruby-agent/blob/dev/CHANGELOG.md">newrelic_rpm's changelog</a>.</em></p> <blockquote> <h1>New Relic Ruby Agent Release Notes</h1> <h2>v7.1.0</h2> <ul> <li> <p><strong>Update known conflicts with use of Module#Prepend</strong> With our release of v7.0.0, we updated our instrumentation to use Module#Prepend by default, instead of method chaining. We have received reports of conflicts and added a check for these known conflicts. If a known conflict with prepend is detected while using the default value of 'auto' for gem instrumentation, the agent will instead install method chaining instrumentation in order to avoid this conflict. This check can be bypassed by setting the instrumentation method for the gem to 'prepend'.</p> </li> <li> <p><strong>Bugfix: Updated support for ActiveRecord 6.1+ instrumentation</strong></p> <p>Previously, the agent depended on <code>connection_id</code> to be present in the Active Support instrumentation for <code>sql.active_record</code> to get the current ActiveRecord connection. As of Rails 6.1, <code>connection_id</code> has been dropped in favor of providing the connection object through the <code>connection</code> value exclusively. This resulted in datastore spans displaying fallback behavior, including showing "ActiveRecord" as the database vendor.</p> </li> </ul> <h2>v7.0.0</h2> <ul> <li> <p><strong>Ruby Agent 6.x to 7.x Migration Guide Available</strong></p> <p>Please see our <a href="https://docs.newrelic.com/docs/agents/ruby-agent/getting-started/migration-7x-guide/">Ruby Agent 6.x to 7.x migration guide</a> for helpful strategies and tips for migrating from earlier versions of the Ruby agent to 7.0.0. We cover new configuration settings, diagnosiing and installing SSL CA certificates and deprecated items and their replacements in this guide.</p> </li> <li> <p><strong>Ruby 2.0 and 2.1 Dropped</strong></p> <p>Support for Ruby 2.0 and 2.1 dropped with this release. No code changes that would prevent the agent from continuing to work with these releases are known. However, Rubies 2.0 and 2.1 are no longer included in our test matrices and are not supported for 7.0.0 and onward.</p> </li> <li> <p><strong>Implemented prepend auto-instrumentation strategies for most Ruby gems/libraries</strong></p> <p>This release brings the auto-instrumentation strategies for most gems into the modern era for Ruby by providing both prepend and method-chaining (a.k.a. method-aliasing) strategies for auto instrumenting. Prepend, which has been available since Ruby 2.0 is now the default strategy employed in auto-instrumenting. It is known that some external gems lead to Stack Level too Deep exceptions when prepend and method-chaining are mixed. In such known cases, auto-instrumenting strategy will fall back to method-chaining automatically.</p> <p>This release also deprecates many overlapping and inconsistently named configuration settings in favor of being able to control behavior of instrumentation per library with one setting that can be one of auto (the default), disabled, prepend, or chain.</p> <p>Please see the above-referenced migration guide for further details.</p> </li> <li> <p><strong>Removed SSL cert bundle</strong></p> <p>The agent will no longer ship this bundle and will rely on system certs.</p> </li> <li> <p><strong>Removed deprecated config options</strong></p> <p>The following config options were previously deprecated and are no longer available</p> <ul> <li><code>disable_active_record_4</code></li> <li><code>disable_active_record_5</code></li> <li><code>autostart.blacklisted_constants</code></li> <li><code>autostart.blacklisted_executables</code></li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/0962dc2e7a13638e7da4cac93359a1255a73637e"><code>0962dc2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/newrelic/newrelic-ruby-agent/issues/651">#651</a> from newrelic/dev</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/fe9ea7c2d6f10100aff13db37ebb65446bc154fa"><code>fe9ea7c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/newrelic/newrelic-ruby-agent/issues/650">#650</a> from newrelic/speedup_jruby</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/f1a1bbab2a762ff673f17d91e9f40bab35a56833"><code>f1a1bba</code></a> removed the <a href="https://github.com/thread"><code>@​thread</code></a>.pass call -- incorrect usage</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/f344679cecf9e46c84d3b799853961834428a109"><code>f344679</code></a> adding --dev JRUBY_OPTS flag</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/19759860292d24bdf5177d64ce767f08605c9c8a"><code>1975986</code></a> removed extraneous commented out line</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/ed7a40f3de7f60dd327ff55a9b017595cbc2f602"><code>ed7a40f</code></a> blind fix for webrick server shutdown thread error</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/b6bb4b5813eeb00af09a74ab26c2f31e8106d292"><code>b6bb4b5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/newrelic/newrelic-ruby-agent/issues/645">#645</a> from knapo/fix-passing-keyword-arguments-in-ruby-3</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/a63b25f1a59910dcb6e50f2ec1d387147c71a86b"><code>a63b25f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/newrelic/newrelic-ruby-agent/issues/643">#643</a> from newrelic/fix_pr_checklist</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/60b74de29541883d7a857c30f20c458f347b8d3a"><code>60b74de</code></a> Trigger CI build</li> <li><a href="https://github.com/newrelic/newrelic-ruby-agent/commit/01fff4a436a9e9ae04e283f78bf45eb11f3a154d"><code>01fff4a</code></a> Fix test by using ruby2_keywords</li> <li>Additional commits viewable in <a href="https://github.com/newrelic/newrelic-ruby-agent/compare/6.7.0.359...7.0.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+4 -2

0 comment

1 changed file

pr created time in 19 hours

create barnchAgileVentures/WebsiteOne

branch : dependabot/bundler/newrelic_rpm-7.0.0

created branch time in 19 hours

delete branch AgileVentures/WebsiteOne

delete branch : dependabot/bundler/rails-6.0.3.7

delete time in 19 hours

delete branch AgileVentures/WebsiteOne

delete branch : dependabot/bundler/devise-4.8.0

delete time in 19 hours