search

MushroomObserver / mushroom-observer

A website for sharing observations of mushrooms.
https://mushroomobserver.org
MIT License
77 stars 26 forks source link

Bump actionpack from 7.1.3.3 to 7.1.3.4 #2161

Closed dependabot[bot] closed 3 weeks ago

dependabot[bot] commented 1 month ago

Bumps actionpack from 7.1.3.3 to 7.1.3.4.

Release notes

Sourced from actionpack's releases.

7.1.3.4

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Include the HTTP Permissions-Policy on non-HTML Content-Types [CVE-2024-28103]

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

... (truncated)

Changelog

Sourced from actionpack's changelog.

Rails 7.1.3.4 (June 04, 2024)

  • Include the HTTP Permissions-Policy on non-HTML Content-Types [CVE-2024-28103]
Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/MushroomObserver/mushroom-observer/network/alerts).
coveralls commented 3 weeks ago

Coverage Status

coverage: 94.454%. remained the same when pulling d54aa7222ecd529234ecb3a7e89faf4f33d976fa on dependabot/bundler/actionpack-7.1.3.4 into 444f99c5e476a2edf5e12b454b9b93a74c4373b9 on main.

coveralls commented 3 weeks ago

Coverage Status

coverage: 94.454%. remained the same when pulling df43119a258570c06e2bd5b902950468c8f57127 on dependabot/bundler/actionpack-7.1.3.4 into 444f99c5e476a2edf5e12b454b9b93a74c4373b9 on main.