dependabot[bot]
a9a9dc64fe
Build(deps): Bump fastimage from 2.2.5 to 2.2.6 ( #15338 )
...
Bumps [fastimage](https://github.com/sdsykes/fastimage ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/sdsykes/fastimage/releases )
- [Changelog](https://github.com/sdsykes/fastimage/blob/master/CHANGELOG )
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.5...v2.2.6 )
---
updated-dependencies:
- dependency-name: fastimage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-16 23:04:39 +01:00
dependabot[bot]
7039046d9e
Build(deps-dev): Bump minitest from 5.14.4 to 5.15.0 ( #15326 )
...
Bumps [minitest](https://github.com/seattlerb/minitest ) from 5.14.4 to 5.15.0.
- [Release notes](https://github.com/seattlerb/minitest/releases )
- [Changelog](https://github.com/seattlerb/minitest/blob/master/History.rdoc )
- [Commits](https://github.com/seattlerb/minitest/compare/v5.14.4...v5.15.0 )
---
updated-dependencies:
- dependency-name: minitest
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-15 23:37:57 +01:00
dependabot[bot]
414382ffa7
Build(deps-dev): Bump fabrication from 2.23.0 to 2.23.1 ( #15325 )
...
Bumps [fabrication](https://github.com/paulelliott/fabrication ) from 2.23.0 to 2.23.1.
- [Release notes](https://github.com/paulelliott/fabrication/releases )
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown )
- [Commits](https://github.com/paulelliott/fabrication/commits )
---
updated-dependencies:
- dependency-name: fabrication
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-15 23:37:49 +01:00
dependabot[bot]
d66eb984e4
Build(deps): Bump css_parser from 1.10.0 to 1.11.0
...
Bumps [css_parser](https://github.com/premailer/css_parser ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/premailer/css_parser/releases )
- [Changelog](https://github.com/premailer/css_parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/premailer/css_parser/compare/v1.10.0...v1.11.0 )
---
updated-dependencies:
- dependency-name: css_parser
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-14 16:25:09 -05:00
dependabot[bot]
8a37ab9f87
Build(deps): Bump rubocop-ast from 1.14.0 to 1.15.0 ( #15265 )
...
Bumps [rubocop-ast](https://github.com/rubocop/rubocop-ast ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/rubocop/rubocop-ast/releases )
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop-ast/compare/v1.14.0...v1.15.0 )
---
updated-dependencies:
- dependency-name: rubocop-ast
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-13 16:28:02 +11:00
dependabot[bot]
bfe47038bb
Build(deps): Bump loofah from 2.12.0 to 2.13.0 ( #15267 )
...
Bumps [loofah](https://github.com/flavorjones/loofah ) from 2.12.0 to 2.13.0.
- [Release notes](https://github.com/flavorjones/loofah/releases )
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md )
- [Commits](https://github.com/flavorjones/loofah/compare/v2.12.0...v2.13.0 )
---
updated-dependencies:
- dependency-name: loofah
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-12 22:30:53 +01:00
dependabot[bot]
783b38d180
Build(deps): Bump sprockets-rails from 3.4.1 to 3.4.2 ( #15266 )
...
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails ) from 3.4.1 to 3.4.2.
- [Release notes](https://github.com/rails/sprockets-rails/releases )
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.4.1...v3.4.2 )
---
updated-dependencies:
- dependency-name: sprockets-rails
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-12 22:29:58 +01:00
dependabot[bot]
dea56ed953
Build(deps): Bump parser from 3.0.3.1 to 3.0.3.2 ( #15239 )
...
Bumps [parser](https://github.com/whitequark/parser ) from 3.0.3.1 to 3.0.3.2.
- [Release notes](https://github.com/whitequark/parser/releases )
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/whitequark/parser/compare/v3.0.3.1...v3.0.3.2 )
---
updated-dependencies:
- dependency-name: parser
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-09 08:37:42 +08:00
dependabot[bot]
3c5b1faab4
Build(deps): Bump raindrops from 0.19.2 to 0.20.0 ( #15222 )
...
Bumps [raindrops](https://yhbt.net/raindrops/ ) from 0.19.2 to 0.20.0.
---
updated-dependencies:
- dependency-name: raindrops
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-08 01:42:57 +01:00
dependabot[bot]
a22ee35d6c
Build(deps-dev): Bump fabrication from 2.22.0 to 2.23.0 ( #15223 )
...
Bumps [fabrication](https://github.com/paulelliott/fabrication ) from 2.22.0 to 2.23.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases )
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown )
- [Commits](https://github.com/paulelliott/fabrication/commits )
---
updated-dependencies:
- dependency-name: fabrication
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-08 01:42:17 +01:00
dependabot[bot]
21d5918d51
Build(deps): Bump excon from 0.88.0 to 0.89.0 ( #15224 )
...
Bumps [excon](https://github.com/excon/excon ) from 0.88.0 to 0.89.0.
- [Release notes](https://github.com/excon/excon/releases )
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt )
- [Commits](https://github.com/excon/excon/compare/v0.88.0...v0.89.0 )
---
updated-dependencies:
- dependency-name: excon
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-08 01:41:12 +01:00
dependabot[bot]
11d1c520ff
Build(deps): Bump regexp_parser from 2.1.1 to 2.2.0 ( #15194 )
...
Bumps [regexp_parser](https://github.com/ammar/regexp_parser ) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/ammar/regexp_parser/releases )
- [Changelog](https://github.com/ammar/regexp_parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ammar/regexp_parser/compare/v2.1.1...v2.2.0 )
---
updated-dependencies:
- dependency-name: regexp_parser
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-05 22:24:35 +01:00
dependabot[bot]
588dfdc7e2
Build(deps): Bump rubocop-ast from 1.13.0 to 1.14.0 ( #15176 )
...
Bumps [rubocop-ast](https://github.com/rubocop/rubocop-ast ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/rubocop/rubocop-ast/releases )
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop-ast/compare/v1.13.0...v1.14.0 )
---
updated-dependencies:
- dependency-name: rubocop-ast
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-02 22:29:32 +01:00
dependabot[bot]
da9a226bcb
Build(deps): Bump logster from 2.10.0 to 2.10.1 ( #15163 )
...
Bumps [logster](https://github.com/discourse/logster ) from 2.10.0 to 2.10.1.
- [Release notes](https://github.com/discourse/logster/releases )
- [Changelog](https://github.com/discourse/logster/blob/main/CHANGELOG.md )
- [Commits](https://github.com/discourse/logster/compare/v2.10.0...v2.10.1 )
---
updated-dependencies:
- dependency-name: logster
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-01 22:28:04 +01:00
dependabot[bot]
82cd2596c8
Build(deps-dev): Bump rubocop-discourse from 2.4.2 to 2.5.0 ( #15165 )
...
Bumps [rubocop-discourse](https://github.com/discourse/rubocop-discourse ) from 2.4.2 to 2.5.0.
- [Release notes](https://github.com/discourse/rubocop-discourse/releases )
- [Commits](https://github.com/discourse/rubocop-discourse/compare/v2.4.2...v2.5.0 )
---
updated-dependencies:
- dependency-name: rubocop-discourse
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-01 22:17:41 +01:00
Rafael dos Santos Silva
754c2ec6c1
Build(deps): Bump mini_suffix from 0.3.2 to 0.3.3 ( #15151 )
2021-12-01 13:53:20 -03:00
Rafael dos Santos Silva
4ef11e786b
DEV: Add aarch64 platform ( #15143 )
2021-11-30 16:31:11 -03:00
dependabot[bot]
433f9a4dc9
Build(deps): Bump parser from 3.0.3.0 to 3.0.3.1 ( #15130 )
...
Bumps [parser](https://github.com/whitequark/parser ) from 3.0.3.0 to 3.0.3.1.
- [Release notes](https://github.com/whitequark/parser/releases )
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/whitequark/parser/compare/v3.0.3.0...v3.0.3.1 )
---
updated-dependencies:
- dependency-name: parser
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-29 22:52:04 +01:00
dependabot[bot]
7c572d0472
Build(deps): Bump logster from 2.9.8 to 2.10.0 ( #15121 )
...
Bumps [logster](https://github.com/discourse/logster ) from 2.9.8 to 2.10.0.
- [Release notes](https://github.com/discourse/logster/releases )
- [Changelog](https://github.com/discourse/logster/blob/main/CHANGELOG.md )
- [Commits](https://github.com/discourse/logster/compare/v2.9.8...v2.10.0 )
---
updated-dependencies:
- dependency-name: logster
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-28 22:29:40 +01:00
dependabot[bot]
f1b926ed3b
Build(deps): Bump globalid from 0.6.0 to 1.0.0 ( #15122 )
...
Bumps [globalid](https://github.com/rails/globalid ) from 0.6.0 to 1.0.0.
- [Release notes](https://github.com/rails/globalid/releases )
- [Commits](https://github.com/rails/globalid/compare/v0.6.0...v1.0.0 )
---
updated-dependencies:
- dependency-name: globalid
dependency-type: indirect
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-28 22:23:39 +01:00
dependabot[bot]
af241c7326
Build(deps): Bump parser from 3.0.2.0 to 3.0.3.0 ( #15099 )
...
Bumps [parser](https://github.com/whitequark/parser ) from 3.0.2.0 to 3.0.3.0.
- [Release notes](https://github.com/whitequark/parser/releases )
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/whitequark/parser/compare/v3.0.2.0...v3.0.3.0 )
---
updated-dependencies:
- dependency-name: parser
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-25 22:39:52 +01:00
dependabot[bot]
cef0e1f8ff
Build(deps): Bump globalid from 0.5.2 to 0.6.0 ( #15098 )
...
Bumps [globalid](https://github.com/rails/globalid ) from 0.5.2 to 0.6.0.
- [Release notes](https://github.com/rails/globalid/releases )
- [Commits](https://github.com/rails/globalid/compare/v0.5.2...v0.6.0 )
---
updated-dependencies:
- dependency-name: globalid
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-25 22:39:41 +01:00
dependabot[bot]
7ce927eaa8
Build(deps): Bump bootsnap from 1.9.1 to 1.9.3 ( #15084 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.9.1 to 1.9.3.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.9.1...v1.9.3 )
---
updated-dependencies:
- dependency-name: bootsnap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-24 22:30:43 +01:00
dependabot[bot]
377c8d9c8b
Build(deps): Bump sprockets-rails from 3.4.0 to 3.4.1 ( #15052 )
...
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails ) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/rails/sprockets-rails/releases )
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.4.0...v3.4.1 )
---
updated-dependencies:
- dependency-name: sprockets-rails
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-22 22:25:42 +01:00
dependabot[bot]
6aee9f83ec
Build(deps): Bump sprockets-rails from 3.3.0 to 3.4.0 ( #14955 )
...
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/rails/sprockets-rails/releases )
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.3.0...v3.4.0 )
---
updated-dependencies:
- dependency-name: sprockets-rails
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-16 09:20:06 +08:00
dependabot[bot]
45da3cd2ae
Build(deps): Bump rubocop from 1.22.3 to 1.23.0 ( #14954 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.22.3 to 1.23.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.22.3...v1.23.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-16 09:19:51 +08:00
David Taylor
f45853676f
SECURITY: Ensure _forum_session cookies cannot be reused between sites ( #14950 )
...
This only affects multisite Discourse instances (where multiple forums are served from a single application server). The vast majority of self-hosted Discourse forums do not fall into this category.
On affected instances, this vulnerability could allow encrypted session cookies to be re-used between sites served by the same application instance.
2021-11-15 15:50:12 +00:00
dependabot[bot]
d92a213b6d
Build(deps): Bump mini_racer from 0.4.0 to 0.5.0
...
Bumps [mini_racer](https://github.com/discourse/mini_racer ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/discourse/mini_racer/releases )
- [Changelog](https://github.com/rubyjs/mini_racer/blob/master/CHANGELOG )
- [Commits](https://github.com/discourse/mini_racer/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: mini_racer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-11 16:50:57 -05:00
dependabot[bot]
cd80193582
Build(deps): Bump sprockets-rails from 3.2.2 to 3.3.0
...
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails ) from 3.2.2 to 3.3.0.
- [Release notes](https://github.com/rails/sprockets-rails/releases )
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.2...v3.3.0 )
---
updated-dependencies:
- dependency-name: sprockets-rails
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-11 16:32:03 -05:00
dependabot[bot]
33df3f162d
Build(deps): Bump oauth from 0.5.7 to 0.5.8 ( #14877 )
...
Bumps [oauth](https://github.com/oauth-xx/oauth-ruby ) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/oauth-xx/oauth-ruby/releases )
- [Changelog](https://github.com/oauth-xx/oauth-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/oauth-xx/oauth-ruby/compare/v0.5.7...v0.5.8 )
---
updated-dependencies:
- dependency-name: oauth
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-11 09:12:26 +08:00
Robin Ward
4aad18d913
Revert "Build(deps): Bump hashie from 4.1.0 to 5.0.0"
...
This reverts commit f7529ec43b
.
2021-11-08 16:54:43 -05:00
dependabot[bot]
259ba47dbc
Build(deps): Bump rubocop-rspec from 2.5.0 to 2.6.0
...
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases )
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.5.0...v2.6.0 )
---
updated-dependencies:
- dependency-name: rubocop-rspec
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-08 16:26:42 -05:00
dependabot[bot]
d752800403
Build(deps): Bump rubocop-ast from 1.12.0 to 1.13.0
...
Bumps [rubocop-ast](https://github.com/rubocop/rubocop-ast ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/rubocop/rubocop-ast/releases )
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop-ast/compare/v1.12.0...v1.13.0 )
---
updated-dependencies:
- dependency-name: rubocop-ast
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-08 16:26:30 -05:00
dependabot[bot]
f7529ec43b
Build(deps): Bump hashie from 4.1.0 to 5.0.0
...
Bumps [hashie](https://github.com/hashie/hashie ) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/hashie/hashie/releases )
- [Changelog](https://github.com/hashie/hashie/blob/master/CHANGELOG.md )
- [Commits](https://github.com/hashie/hashie/compare/v4.1.0...v5.0.0 )
---
updated-dependencies:
- dependency-name: hashie
dependency-type: indirect
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-08 16:26:18 -05:00
dependabot[bot]
5355990b2c
Build(deps): Bump sidekiq from 6.2.2 to 6.3.1
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.2.2 to 6.3.1.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.2...v6.3.1 )
---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-08 11:34:00 -05:00
dependabot[bot]
8257b8cc0c
Build(deps): Bump rspec-support from 3.10.2 to 3.10.3
...
Bumps [rspec-support](https://github.com/rspec/rspec-support ) from 3.10.2 to 3.10.3.
- [Release notes](https://github.com/rspec/rspec-support/releases )
- [Changelog](https://github.com/rspec/rspec-support/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-support/compare/v3.10.2...v3.10.3 )
---
updated-dependencies:
- dependency-name: rspec-support
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-04 11:46:04 -04:00
dependabot[bot]
23f578e97b
Build(deps): Bump i18n from 1.8.10 to 1.8.11
...
Bumps [i18n](https://github.com/ruby-i18n/i18n ) from 1.8.10 to 1.8.11.
- [Release notes](https://github.com/ruby-i18n/i18n/releases )
- [Changelog](https://github.com/ruby-i18n/i18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ruby-i18n/i18n/compare/v1.8.10...v1.8.11 )
---
updated-dependencies:
- dependency-name: i18n
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-04 11:45:46 -04:00
dependabot[bot]
8008f95d98
Build(deps): Bump omniauth-oauth2 from 1.7.1 to 1.7.2 ( #14798 )
...
Bumps [omniauth-oauth2](https://github.com/omniauth/omniauth-oauth2 ) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/omniauth/omniauth-oauth2/releases )
- [Commits](https://github.com/omniauth/omniauth-oauth2/compare/v1.7.1...v1.7.2 )
---
updated-dependencies:
- dependency-name: omniauth-oauth2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-03 11:05:40 +08:00
dependabot[bot]
694e0eee19
Build(deps): Bump oauth from 0.5.6 to 0.5.7 ( #14799 )
...
Bumps [oauth](https://github.com/oauth-xx/oauth-ruby ) from 0.5.6 to 0.5.7.
- [Release notes](https://github.com/oauth-xx/oauth-ruby/releases )
- [Changelog](https://github.com/oauth-xx/oauth-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/oauth-xx/oauth-ruby/compare/v0.5.6...v0.5.7 )
---
updated-dependencies:
- dependency-name: oauth
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-03 11:03:56 +08:00
dependabot[bot]
5a851dec0e
Build(deps): Bump rubocop from 1.22.2 to 1.22.3 ( #14753 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.22.2 to 1.22.3.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.22.2...v1.22.3 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-27 22:29:16 +02:00
dependabot[bot]
ab64022d25
Build(deps): Bump excon from 0.87.0 to 0.88.0 ( #14751 )
...
Bumps [excon](https://github.com/excon/excon ) from 0.87.0 to 0.88.0.
- [Release notes](https://github.com/excon/excon/releases )
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt )
- [Commits](https://github.com/excon/excon/compare/v0.87.0...v0.88.0 )
---
updated-dependencies:
- dependency-name: excon
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-27 22:29:07 +02:00
Robin Ward
fd187f2de3
PERF: There was a large performance regression in Logster
...
I'm not sure what other environments it shows up in, but I discovered it
on Apple Silicon. It might be useful in other environments, too.
2021-10-27 15:42:09 -04:00
dependabot[bot]
3bae85e203
Build(deps): Bump omniauth-facebook from 8.0.0 to 9.0.0 ( #14712 )
...
Bumps [omniauth-facebook](https://github.com/simi/omniauth-facebook ) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/simi/omniauth-facebook/releases )
- [Changelog](https://github.com/simi/omniauth-facebook/blob/master/CHANGELOG.md )
- [Commits](https://github.com/simi/omniauth-facebook/compare/v8.0.0...v9.0.0 )
---
updated-dependencies:
- dependency-name: omniauth-facebook
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-26 12:09:20 +02:00
dependabot[bot]
93183b18e0
Build(deps): Bump ipaddr from 1.2.2 to 1.2.3 ( #14711 )
...
Bumps [ipaddr](https://github.com/ruby/ipaddr ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ruby/ipaddr/releases )
- [Changelog](https://github.com/ruby/ipaddr/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ruby/ipaddr/compare/v1.2.2...v1.2.3 )
---
updated-dependencies:
- dependency-name: ipaddr
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-26 12:09:03 +02:00
dependabot[bot]
d6c39e54cf
Build(deps): Bump rubocop from 1.22.1 to 1.22.2 ( #14705 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.22.1 to 1.22.2.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.22.1...v1.22.2 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-25 14:41:45 +02:00
dependabot[bot]
b02f003c68
Build(deps): Bump json from 2.6.0 to 2.6.1 ( #14704 )
...
Bumps [json](https://github.com/flori/json ) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/flori/json/releases )
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md )
- [Commits](https://github.com/flori/json/compare/v2.6.0...v2.6.1 )
---
updated-dependencies:
- dependency-name: json
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-25 14:41:12 +02:00
dependabot[bot]
c7703cec2f
Build(deps): Bump zeitwerk from 2.5.0 to 2.5.1 ( #14688 )
...
Bumps [zeitwerk](https://github.com/fxn/zeitwerk ) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/fxn/zeitwerk/releases )
- [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md )
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.5.0...v2.5.1 )
---
updated-dependencies:
- dependency-name: zeitwerk
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-22 10:21:50 +08:00
dependabot[bot]
fbced6cd85
Build(deps): Bump image_optim from 0.31.0 to 0.31.1 ( #14689 )
...
Bumps [image_optim](https://github.com/toy/image_optim ) from 0.31.0 to 0.31.1.
- [Release notes](https://github.com/toy/image_optim/releases )
- [Changelog](https://github.com/toy/image_optim/blob/master/CHANGELOG.markdown )
- [Commits](https://github.com/toy/image_optim/compare/v0.31.0...v0.31.1 )
---
updated-dependencies:
- dependency-name: image_optim
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-22 10:21:33 +08:00
dependabot[bot]
f00053e414
Build(deps): Bump zeitwerk from 2.4.2 to 2.5.0 ( #14670 )
...
Bumps [zeitwerk](https://github.com/fxn/zeitwerk ) from 2.4.2 to 2.5.0.
- [Release notes](https://github.com/fxn/zeitwerk/releases )
- [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md )
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.4.2...v2.5.0 )
---
updated-dependencies:
- dependency-name: zeitwerk
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-21 10:46:32 +08:00
David Taylor
010309d108
SECURITY: Improve validation of SNS subscription confirm ( #14671 )
...
An upstream validation bug in the aws-sdk-sns library could enable RCE under certain circumstances. This commit updates the upstream gem, and adds additional validation to provide defense-in-depth.
2021-10-20 22:20:52 +01:00