Bump paperclip from 5.0.0 to 6.1.0

[dependabot[bot]]

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.

---

Bumps paperclip from 5.0.0 to 6.1.0.

Release notes

Sourced from paperclip's releases.

Version 6.1.0

• BUGFIX: Don't double-encode URLs (Roderick Monje).
• BUGFIX: Only use the content_type when it exists (Jean-Philippe Doyle).
• STABILITY: Better handling of the content-disposition header. Now supports file name that is either enclosed or not in double quotes and is case insensitive as per RC6266 grammar (Hasan Kumar, Yves Riel).
• STABILITY: Change database column type of attachment file size from unsigned 4-byte integer to unsigned 8-byte bigint. The former type limits attachment size to just over 2GB, which can easily be exceeded by a large video file (Laurent Arnoud, Alen Zamanyan).
• STABILITY: Better error message when thumbnail processing errors (Hayden Ball).
• STABILITY: Fix file linking issues around Windows (Akihiko Odaki).
• STABILITY: Files without an extension will now be checked for spoofing attempts (George Walters II).
• STABILITY: Manually close Tempfiles when we are done with them (Erkki Eilonen).

v6.0.0

6.0.0 (2018-03-09):

• Improvement: Depend only on aws-sdk-s3 instead of aws-sdk (thoughtbot/paperclip#2481)

5.3.0 (2018-03-09):

• Bugfix: Allow paperclip to load in IRB (thoughtbot/paperclip#2369)
• Bugfix: MIME type detection (thoughtbot/paperclip#2527)
• Bugfix: Bad tempfile state after symlink failure (thoughtbot/paperclip#2540)
• Bugfix: Rewind file after Fog bucket creation (thoughtbot/paperclip#2572)
• Improvement: Use FactoryBot instead of FactoryGirl (thoughtbot/paperclip#2501)
• Improvement: README updates (thoughtbot/paperclip#2411, thoughtbot/paperclip#2433, thoughtbot/paperclip#2374, thoughtbot/paperclip#2417, thoughtbot/paperclip#2536)
• Improvement: Remove Ruby 2.4 deprecation warning (thoughtbot/paperclip#2401)
• Improvement: Rails 5 migration compatibility (thoughtbot/paperclip#2470)
• Improvement: Documentation around post processing (thoughtbot/paperclip#2381)
• Improvement: S3 hostname example documentation (thoughtbot/paperclip#2379)
• Improvement: Use Terrapin instead of Cocaine (thoughtbot/paperclip#2553)

5.2.1 (2018-01-25):

• Bugfix: Fix copying files on Windows. (#2532)

5.2.0 (2018-01-23):

• Security: Remove the automatic loading of URI adapters. Some of these adapters can be specially crafted to expose your network topology. (#2435)

• Bugfix: The rake task no longer rescues Exception. (#2476)

• Bugfix: Handle malformed Content-Disposition headers (#2283)

• Bugfix: The :only_process option works when passed a lambda again. (#2289)

• Improvement: Added :use_accelerate_endpoint option when using S3 to enable Amazon S3 Transfer Acceleration (#2291)

• Improvement: Make the fingerprint digest configurable per attachment. The default remains MD5. Making this configurable means it can change in a future version because it is not considered secure anymore against intentional file corruption. For more info, see https://en.wikipedia.org/wiki/MD5#Security

  You can change the digest used for an attachment by adding the :adapter_options parameter to the has_attached_file options like this:

... (truncated)

Changelog

Sourced from paperclip's changelog.

6.1.0 (2018-07-27):

• BUGFIX: Don't double-encode URLs (Roderick Monje).
• BUGFIX: Only use the content_type when it exists (Jean-Philippe Doyle).
• STABILITY: Better handling of the content-disposition header. Now supports file name that is either enclosed or not in double quotes and is case insensitive as per RC6266 grammar (Hasan Kumar, Yves Riel).
• STABILITY: Change database column type of attachment file size from unsigned 4-byte integer to unsigned 8-byte bigint. The former type limits attachment size to just over 2GB, which can easily be exceeded by a large video file (Laurent Arnoud, Alen Zamanyan).
• STABILITY: Better error message when thumbnail processing errors (Hayden Ball).
• STABILITY: Fix file linking issues around Windows (Akihiko Odaki).
• STABILITY: Files without an extension will now be checked for spoofing attempts (George Walters II).
• STABILITY: Manually close Tempfiles when we are done with them (Erkki Eilonen).

6.0.0 (2018-03-09):

• Improvement: Depend only on aws-sdk-s3 instead of aws-sdk (thoughtbot/paperclip#2481)

5.3.0 (2018-03-09):

• Improvement: Use FactoryBot instead of FactoryGirl (thoughtbot/paperclip#2501)
• Improvement: README updates (thoughtbot/paperclip#2411, thoughtbot/paperclip#2433, thoughtbot/paperclip#2374, thoughtbot/paperclip#2417, thoughtbot/paperclip#2536)
• Improvement: Remove Ruby 2.4 deprecation warning (thoughtbot/paperclip#2401)
• Improvement: Rails 5 migration compatibility (thoughtbot/paperclip#2470)
• Improvement: Documentation around post processing (thoughtbot/paperclip#2381)
• Improvement: S3 hostname example documentation (thoughtbot/paperclip#2379)
• Bugfix: Allow paperclip to load in IRB (thoughtbot/paperclip#2369)
• Bugfix: MIME type detection (thoughtbot/paperclip#2527)
• Bugfix: Bad tempfile state after symlink failure (thoughtbot/paperclip#2540)
• Bugfix: Rewind file after Fog bucket creation (thoughtbot/paperclip#2572)
• Improvement: Use Terrapin instead of Cocaine (thoughtbot/paperclip#2553)

5.2.1 (2018-01-25):

• Bugfix: Fix copying files on Windows. (#2532)

5.2.0 (2018-01-23):

• Security: Remove the automatic loading of URI adapters. Some of these adapters can be specially crafted to expose your network topology. (#2435)
• Bugfix: The rake task no longer rescues Exception. (#2476)
• Bugfix: Handle malformed Content-Disposition headers (#2283)
• Bugfix: The :only_process option works when passed a lambda again. (#2289)
• Improvement: Added :use_accelerate_endpoint option when using S3 to enable Amazon S3 Transfer Acceleration (#2291)
• Improvement: Make the fingerprint digest configurable per attachment. The

... (truncated)

Commits

• acbb03f Bump 6.1.0 [ci skip]
• ee144c6 Fix cucumber tests after integer -> bigint conversion
• 34ec355 Increase attachment file size from int (4 bytes) to bigint (8 bytes).
• 90f9121 Close + unlink Tempfiles
• f384174 Rely on URI content_type only when provided.
• 7eb664f Check for spoofing of files without an extension
• 0d93e0f add is_windows to option
• 76a33f0 Update processor.rb
• 5d9b2ba Update processor.rb
• 037b975 Update processor.rb
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Considerit/ConsiderIt/network/alerts).

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.