Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the bundler group with 16 updates #4466

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 6, 2025

Bumps the bundler group with 16 updates:

Package From To
rails 7.0.2.4 7.0.8.7
puma 6.4.2 6.4.3
sidekiq 6.5.5 7.3.7
nokogiri 1.16.5 1.18.1
dotenv-rails 3.1.2 3.1.7
rubocop-govuk 5.0.2 5.0.7
rexml 3.3.3 3.3.9
actionmailer 7.0.2.4 7.0.8.7
actionpack 7.0.2.4 7.0.8.7
actiontext 7.0.2.4 7.0.8.7
actionview 7.0.2.4 7.0.8.7
activerecord 7.0.2.4 7.0.8.7
activestorage 7.0.2.4 7.0.8.7
activesupport 7.0.2.4 7.0.8.7
fugit 1.11.0 1.11.1
rails-html-sanitizer 1.6.0 1.6.2

Updates rails from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from rails's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits
  • 778eab8 Preparing for 7.0.8.7 release
  • 15c6f15 Update vendored trix version to 1.3.4
  • cb16a3b Add CSP directive validation
  • bc979c5 Preparing for 7.0.8.6 release
  • 4a78225 Fix relesaser Gemfile to include blade and sprockets-export
  • 9951c3f Improvements to releaser
  • 07f5c9b Fix NoMethodError in ActionMailer block_format
  • f61f4ef Preparing for 7.0.8.5 release
  • d666c96 Update CHANGELOGs
  • 35bf08d Merge pull request #16 from rails/7-0-sec-relase
  • Additional commits viewable in compare view

Updates puma from 6.4.2 to 6.4.3

Release notes

Sourced from puma's releases.

6.4.3

  • Security
    • Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4)
Changelog

Sourced from puma's changelog.

6.4.3 / 2024-09-19

  • Security
    • Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4)
Commits

Updates sidekiq from 6.5.5 to 7.3.7

Changelog

Sourced from sidekiq's changelog.

7.3.7

  • Backport Sidekiq::Web.configure for compatibility with 8.0 #6532
  • Backport url_params(key) and route_params(key) for compatibility with 8.0 #6532
  • Various fixes for UI filtering #6508
  • Tune inspect for internal S::Components to keep size managable #6553

7.3.6

  • Forward compatibility fixes for Ruby 3.4
  • Filtering in the Web UI now works via GET so you can bookmark a filtered view. #6497

7.3.5

  • Reimplement retry_all and kill_all API methods to use ZPOPMIN, approximately 30-60% faster. #6481
  • Add preload testing binary at examples/testing/sidekiq_boot to verify your Rails app boots correctly with Sidekiq Enterprise's app preloading.
  • Fix circular require with ActiveJob adapter #6477
  • Fix potential race condition leading to incorrect serialized values for CurrentAttributes #6475
  • Restore missing elapsed time when default job logging is disabled

7.3.4

  • Fix FrozenError when starting Sidekiq #6470

7.3.3

  • Freeze global configuration once boot is complete, to avoid configuration race conditions [#6466, #6465]
  • Sidekiq now warns if a job iteration takes longer than the -t timeout setting (defaults to 25 seconds)
  • Iteration callbacks now have easy access to job arguments via the arguments method:
def on_stop
  p arguments # => `[123, "string", {"key" => "value"}]`
  id, str, hash = arguments
end
  • Iterable jobs can be cancelled via Sidekiq::Client#cancel!:
c = Sidekiq::Client.new
jid = c.push("class" => SomeJob, "args" => [123])
c.cancel!(jid) # => true
  • Take over support for ActiveJob's :sidekiq adapter [#6430, fatkodima]
  • Ensure CurrentAttributes are in scope when creating batch callbacks #6455
  • Add Sidekiq.gem_version API.

... (truncated)

Commits

Updates nokogiri from 1.16.5 to 1.18.1

Release notes

Sourced from nokogiri's releases.

v1.18.1 / 2024-12-29

Fixed

  • [CRuby] XML::SAX::ParserContext keeps a reference to the input to avoid a potential use-after-free issue that's existed since v1.4.0 (2009). (#3395) @​flavorjones
35837013800e34342fcbaca305f8c49231f6bd4f779bfa23fe7b4686ae82d5b8  nokogiri-1.18.1-aarch64-linux-gnu.gem
1b303402cd045f9075a6ee291767c1ffe654b426ed30911e5b47819c21855b22  nokogiri-1.18.1-aarch64-linux-musl.gem
d75193f284c899d225943a8944479faedd995a7573ddd5c8308ffbdf2ec55204  nokogiri-1.18.1-arm64-darwin.gem
3b873fd6b0cd1ad7c77e87af701075bdfd14c9a6b2f2965c5e00ed29a5627a37  nokogiri-1.18.1-arm-linux-gnu.gem
d6fe26f6d1425f403077fbf829fc0ef8e521545c924a13777d6fdf1a0c07c1f3  nokogiri-1.18.1-arm-linux-musl.gem
df18be7e96c34736b6abfdeda80c6e845134fb9afe2fe5d4fbc1cf1f89c68475  nokogiri-1.18.1.gem
e0e19b340f92d09b2b731e22d68895b2062d6555188aff370b05617516d3a781  nokogiri-1.18.1-java.gem
50d81e905a60dff706b99c980abefedaf1c3d2c434a3b49afaf1b69b80f7f5b4  nokogiri-1.18.1-x64-mingw-ucrt.gem
d94e3aa6483577495fc8969d6b4b5c075840ce6b1ab09636a6d4177ad171051d  nokogiri-1.18.1-x86_64-darwin.gem
e516cf16ccde67ed4cc595a2621ca5ddd42562ecb24928914b0045a20a41620e  nokogiri-1.18.1-x86_64-linux-gnu.gem
f2c389bc100541247edaeaabc6d875b31d72e897471b66a67987b2e4df0192d6  nokogiri-1.18.1-x86_64-linux-musl.gem

v1.18.0 / 2024-12-25

Notable Changes

Ruby

This release introduces native gem support for Ruby 3.4.

This release ends support for Ruby 3.0, for which upstream support ended 2024-04-23.

This release ships separate precompiled GNU and Musl gems for all linux platforms. Previously both GNU and Musl target systems could use and install the same gem, e.g., the platform gem for x86_64-linux. Now, however, the precompiled gem platforms would be x86_64-linux-gnu and x86_64-linux-musl. So long as you're on bundler >= 2.5.6 this should be seamless other than perhaps needing to update the platforms in your "Gemfile.lock".

This release drops precompiled native platform gems for x86-linux and x86-mingw32. These platforms are still supported. Users on these platforms must install the "ruby platform" gem which requires a compiler toolchain. See Installing the ruby platform gem in the installation docs. (#3369, #3081)

Improved

  • [CRuby] CSS and XPath queries are faster now that Node#xpath, Node#css, and related functions are using a faster XPathContext initialization process. We benchmarked a 1.9x improvement for a 6kb file. Big thanks to @​nwellnhof for helping with this one. (#3378, superseded by #3389) @​flavorjones
a240b4183b7a12d82cdd46d7a77255d785e01198ffb0c52c8aee1197daf0b465  nokogiri-1.18.0-aarch64-linux-gnu.gem
a12b764089d9c0e60f4794b685d29a97a3e2952caa1c4c87473c771edb7e9db5  nokogiri-1.18.0-aarch64-linux-musl.gem
e6e75760aa66adf5ea0dccfba2516c111526ba50f6475426975532d1a134173c  nokogiri-1.18.0-arm64-darwin.gem
</tr></table> 

... (truncated)

Changelog

Sourced from nokogiri's changelog.

v1.18.1 / 2024-12-29

Fixed

  • [CRuby] XML::SAX::ParserContext keeps a reference to the input to avoid a potential use-after-free issue that's existed since v1.4.0 (2009). (#3395) @​flavorjones

v1.18.0 / 2024-12-25

Notable Changes

Ruby

This release introduces native gem support for Ruby 3.4.

This release ends support for Ruby 3.0, for which upstream support ended 2024-04-23.

This release ships separate precompiled GNU and Musl gems for all linux platforms. Previously both GNU and Musl target systems could use and install the same gem, e.g., the platform gem for x86_64-linux. Now, however, the precompiled gem platforms would be x86_64-linux-gnu and x86_64-linux-musl. So long as you're on bundler >= 2.5.6 this should be seamless other than perhaps needing to update the platforms in your "Gemfile.lock".

This release drops precompiled native platform gems for x86-linux and x86-mingw32. These platforms are still supported. Users on these platforms must install the "ruby platform" gem which requires a compiler toolchain. See Installing the ruby platform gem in the installation docs. (#3369, #3081)

Improved

  • [CRuby] CSS and XPath queries are faster now that Node#xpath, Node#css, and related functions are using a faster XPathContext initialization process. We benchmarked a 1.9x improvement for a 6kb file. Big thanks to @​nwellnhof for helping with this one. (#3378, superseded by #3389) @​flavorjones

v1.17.2 / 2024-12-12

Fixed

  • [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. #3372 @​flavorjones

v1.17.1 / 2024-12-10

Fixed

v1.17.0 / 2024-12-08

Dependencies

... (truncated)

Commits
  • 3b28b49 version bump to v1.18.1
  • 6344147 fix: SAX::ParserContext keeps a reference to the input (backport of #3395 to ...
  • 1c9b8f1 doc: update CHANGELOG.md
  • 682a293 fix: SAX::ParserContext keeps a reference to the input
  • fdfb6df ci: bump everything to use 3.4 final (#3394)
  • beec772 ci: windows 3.4 is still not available, use head
  • 3ca18ef ci: bump everything to use 3.4 final
  • 729c96c version bump to v1.18.0
  • 800c29e dep: bump rake-compiler-dock to v1.7.0 (#3392)
  • 5ebb458 dep: bump rake-compiler-dock to v1.7.0
  • Additional commits viewable in compare view

Updates dotenv-rails from 3.1.2 to 3.1.7

Release notes

Sourced from dotenv-rails's releases.

v3.1.7

What's Changed

Full Changelog: bkeepers/dotenv@v3.1.6...v3.1.7

3.1.6

What's Changed

Full Changelog: bkeepers/dotenv@v3.1.5...v3.1.6

v3.1.5

What's Changed

New Contributors

Full Changelog: bkeepers/dotenv@v3.1.4...v3.1.5

3.1.4

What's Changed

New Contributors

Full Changelog: bkeepers/dotenv@v3.1.3...v3.1.4

3.1.3

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from dotenv-rails's changelog.

3.1.7

Full Changelog: bkeepers/dotenv@v3.1.6...v3.1.7

3.1.6

Full Changelog: bkeepers/dotenv@v3.1.5...v3.1.6

3.1.5

New Contributors

Full Changelog: bkeepers/dotenv@v3.1.4...v3.1.5

3.1.4

New Contributors

Full Changelog: bkeepers/dotenv@v3.1.3...v3.1.4

3.1.3

New Contributors

Full Changelog: bkeepers/dotenv@v3.1.2...v3.1.3

Commits
  • 5bbef66 Merge pull request #523 from bkeepers/preserve-linebreaks
  • 19a7675 Prepare for 3.1.7 release
  • bf87415 Preserve repeated linebreaks when normalizing line endings
  • 79c0f1c Merge pull request #521 from bkeepers/endoflife-matrix
  • fdd83ed Run tests once/day to test against latest versions
  • 882de31 Try continuing when bundle install fails
  • eb14723 Getting Ruby and Rails versions from endoflife.date
  • ade0fb3 Prepare for v3.1.6 release
  • 4c264c2 Merge pull request #519 from bkeepers/fix-518
  • d5872c8 Restore previous parser behavior of returning existing variables
  • Additional commits viewable in compare view

Updates rubocop-govuk from 5.0.2 to 5.0.7

Changelog

Sourced from rubocop-govuk's changelog.

5.0.7

  • Update dependencies

5.0.6

  • Update dependencies

5.0.5

  • Update dependencies

5.0.4

  • Update dependencies

5.0.3

  • Update dependencies: rubocop from 1.64.1 to 1.68.0, rubocop-ast from 1.31.3 to 1.26.1, rubocop-rails from 2.25.1 to 2.27.0, rubocop-rspec from 3.0.1 to 3.2.0
Commits
  • abb020a Merge pull request #444 from alphagov/release-5.0.7
  • 5502476 Release v5.0.7
  • 6a96e29 Merge pull request #443 from alphagov/dependabot/bundler/rubocop-rails-eq-2.28.0
  • 4d29d89 Update rubocop-rails requirement from = 2.27.0 to = 2.28.0
  • 3f12c4a Merge pull request #441 from alphagov/release-5.0.6
  • b5ef08c Merge pull request #442 from alphagov/dependabot/bundler/rubocop-ast-eq-1.37.0
  • 4cfcaa4 Update rubocop-ast requirement from = 1.36.2 to = 1.37.0
  • 4e76685 Release v5.0.6
  • ba2711f Merge pull request #440 from alphagov/dependabot/bundler/rubocop-rspec-eq-3.3.0
  • 156519c Merge pull request #439 from alphagov/dependabot/bundler/rubocop-eq-1.69.2
  • Additional commits viewable in compare view

Updates rexml from 3.3.3 to 3.3.9

Release notes

Sourced from rexml's releases.

REXML 3.3.9 - 2024-10-24

Improvements

  • Improved performance.

Fixes

  • Fixed a parse bug for text only invalid XML.

  • Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks

  • NAITOH Jun

REXML 3.3.8 - 2024-09-29

Improvements

  • SAX2: Improve parse performance.

Fixes

  • Fixed a bug that unexpected attribute namespace conflict error for the predefined "xml" namespace is reported.
    • GH-208
    • Patch by KITAITI Makoto

Thanks

  • NAITOH Jun

  • KITAITI Makoto

REXML 3.3.7 - 2024-09-04

Improvements

  • Added local entity expansion limit methods

... (truncated)

Changelog

Sourced from rexml's changelog.

3.3.9 - 2024-10-24 {#version-3-3-9}

Improvements

  • Improved performance.

Fixes

  • Fixed a parse bug for text only invalid XML.

  • Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks

  • NAITOH Jun

3.3.8 - 2024-09-29 {#version-3-3-8}

Improvements

  • SAX2: Improve parse performance.

Fixes

  • Fixed a bug that unexpected attribute namespace conflict error for the predefined "xml" namespace is reported.
    • GH-208
    • Patch by KITAITI Makoto

Thanks

  • NAITOH Jun

  • KITAITI Makoto

3.3.7 - 2024-09-04 {#version-3-3-7}

Improvements

  • Added local entity expansion limit methods

... (truncated)

Commits

Updates actionmailer from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from actionmailer's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits
  • 778eab8 Preparing for 7.0.8.7 release
  • bc979c5 Preparing for 7.0.8.6 release
  • 07f5c9b Fix NoMethodError in ActionMailer block_format
  • f61f4ef Preparing for 7.0.8.5 release
  • d666c96 Update CHANGELOGs
  • 30abd6b Merge pull request #52962 from rails/rm-releser
  • 0e5694f Avoid backtracking in ActionMailer block_format
  • 40d8b92 Merge pull request #51510 from fatkodima/remove-ostruct
  • ec7f253 Preparing for 7.0.8.4 release
  • f12d5ae update changelog
  • Additional commits viewable in compare view

Updates actionpack from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from actionpack's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits
  • 778eab8 Preparing for 7.0.8.7 release
  • cb16a3b Add CSP directive validation
  • bc979c5 Preparing for 7.0.8.6 release
  • f61f4ef Preparing for 7.0.8.5 release
  • d666c96 Update CHANGELOGs
  • 30abd6b Merge pull request #52962 from rails/rm-releser
  • b1241f4 Avoid backtracking in filtered_query_string
  • 56b2fc3 Avoid backtracking in Token#raw_params
  • 40d8b92 Merge pull request #51510 from fatkodima/remove-ostruct
  • 6da6af8 Merge pull request #52176 from zzak/7-0-selenium-webdriver
  • Additional commits viewable in compare view

Updates actiontext from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from actiontext's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits
  • 778eab8 Preparing for 7.0.8.7 release
  • 15c6f15 Update vendored trix version to 1.3.4
  • bc979c5 Preparing for 7.0.8.6 release
  • f61f4ef Preparing for 7.0.8.5 release
  • d666c96 Update CHANGELOGs
  • 30abd6b Merge pull request #52962 from rails/rm-releser
  • 727b094 ActionText: Avoid backtracing in plain_text_for_blockquote_node
  • ec7f253 Preparing for 7.0.8.4 release
  • f12d5ae update changelog
  • 08bc3ce Preparing for 7.0.8.3 release
  • Additional commits viewable in compare view

Updates actionview from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from actionview's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits
  • 778eab8 Preparing for 7.0.8.7 release
  • bc979c5 Preparing for 7.0.8.6 release
  • f61f4ef Preparing for 7.0.8.5 release
  • 40d8b92 Merge pull request #51510 from fatkodima/remove-ostruct
  • 8559039 Merge pull request #49416 from Shopify/fix-render-call-extractor-on-ruby-3.3
  • ec7f253 Preparing for 7.0.8.4 release
  • f12d5ae update changelog
  • 08bc3ce Preparing for 7.0.8.3 release
  • 7c8d2a1 Preparing for 7.0.8.2 release
  • 506462a Preparing for 7.0.8.1 release
  • Additional commits viewable in compare view

Updates activerecord from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from activerecord's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits

Updates activestorage from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from activestorage's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits

Updates activesupport from 7.0.2.4 to 7.0.8.7

Release notes

Sourced from activesupport's releases.

7.0.8.7

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits

Updates fugit from 1.11.0 to 1.11.1

Changelog

Sourced from fugit's changelog.

fugit 1.11.1 released 2024-08-15

  • Prevent nat parsing chocking on long input (> 256 chars), gh-104
Commits

Bumps the bundler group with 16 updates:

| Package | From | To |
| --- | --- | --- |
| [rails](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [puma](https://github.com/puma/puma) | `6.4.2` | `6.4.3` |
| [sidekiq](https://github.com/sidekiq/sidekiq) | `6.5.5` | `7.3.7` |
| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.16.5` | `1.18.1` |
| [dotenv-rails](https://github.com/bkeepers/dotenv) | `3.1.2` | `3.1.7` |
| [rubocop-govuk](https://github.com/alphagov/rubocop-govuk) | `5.0.2` | `5.0.7` |
| [rexml](https://github.com/ruby/rexml) | `3.3.3` | `3.3.9` |
| [actionmailer](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [actionpack](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [actiontext](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [actionview](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [activerecord](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [activestorage](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [activesupport](https://github.com/rails/rails) | `7.0.2.4` | `7.0.8.7` |
| [fugit](https://github.com/floraison/fugit) | `1.11.0` | `1.11.1` |
| [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) | `1.6.0` | `1.6.2` |


Updates `rails` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `puma` from 6.4.2 to 6.4.3
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](puma/puma@v6.4.2...v6.4.3)

Updates `sidekiq` from 6.5.5 to 7.3.7
- [Changelog](https://github.com/sidekiq/sidekiq/blob/main/Changes.md)
- [Commits](sidekiq/sidekiq@v6.5.5...v7.3.7)

Updates `nokogiri` from 1.16.5 to 1.18.1
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.16.5...v1.18.1)

Updates `dotenv-rails` from 3.1.2 to 3.1.7
- [Release notes](https://github.com/bkeepers/dotenv/releases)
- [Changelog](https://github.com/bkeepers/dotenv/blob/main/Changelog.md)
- [Commits](bkeepers/dotenv@v3.1.2...v3.1.7)

Updates `rubocop-govuk` from 5.0.2 to 5.0.7
- [Changelog](https://github.com/alphagov/rubocop-govuk/blob/main/CHANGELOG.md)
- [Commits](alphagov/rubocop-govuk@v5.0.2...v5.0.7)

Updates `rexml` from 3.3.3 to 3.3.9
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](ruby/rexml@v3.3.3...v3.3.9)

Updates `actionmailer` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.0.1/actionmailer/CHANGELOG.md)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `actionpack` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.0.1/actionpack/CHANGELOG.md)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `actiontext` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.0.1/actiontext/CHANGELOG.md)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `actionview` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.0.1/actionview/CHANGELOG.md)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `activerecord` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.0.1/activerecord/CHANGELOG.md)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `activestorage` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.0.1/activestorage/CHANGELOG.md)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `activesupport` from 7.0.2.4 to 7.0.8.7
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.0.1/activesupport/CHANGELOG.md)
- [Commits](rails/rails@v7.0.2.4...v7.0.8.7)

Updates `fugit` from 1.11.0 to 1.11.1
- [Changelog](https://github.com/floraison/fugit/blob/master/CHANGELOG.md)
- [Commits](floraison/fugit@v1.11.0...v1.11.1)

Updates `rails-html-sanitizer` from 1.6.0 to 1.6.2
- [Release notes](https://github.com/rails/rails-html-sanitizer/releases)
- [Changelog](https://github.com/rails/rails-html-sanitizer/blob/main/CHANGELOG.md)
- [Commits](rails/rails-html-sanitizer@v1.6.0...v1.6.2)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: puma
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: sidekiq
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: nokogiri
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: dotenv-rails
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: rubocop-govuk
  dependency-type: direct:development
  dependency-group: bundler
- dependency-name: rexml
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: actionmailer
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: actionpack
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: actiontext
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: actionview
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: activerecord
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: activestorage
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: activesupport
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: fugit
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: rails-html-sanitizer
  dependency-type: indirect
  dependency-group: bundler
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jan 6, 2025
Copy link

github-actions bot commented Jan 6, 2025

Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 8, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 8, 2025
@dependabot dependabot bot deleted the dependabot/bundler/bundler-73efe7972e branch January 8, 2025 11:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants