Closed dependabot[bot] closed 2 years ago
coveralls
commented
4 years ago Coverage decreased (-0.02%) to 55.249% when pulling f12bbdb36969bd36638495b533aad26cae12f65a on dependabot/bundler/sprockets-3.7.2 into aef442a01fe37d9f5ee71e481d3e45a1fab49dd9 on master.
coveralls
commented
4 years ago Coverage decreased (-0.02%) to 55.249% when pulling f12bbdb36969bd36638495b533aad26cae12f65a on dependabot/bundler/sprockets-3.7.2 into aef442a01fe37d9f5ee71e481d3e45a1fab49dd9 on master.
dependabot[bot]
commented
2 years ago OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
Bumps sprockets from 3.7.1 to 3.7.2.
Changelog
*Sourced from [sprockets's changelog](https://github.com/rails/sprockets/blob/v3.7.2/CHANGELOG.md).* > **3.7.2** (June 19, 2018) > > * Security release for [CVE-2018-3760](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760). > > **3.7.1** (December 19, 2016) > > * Ruby 2.4 support for Sprockets 3. > > **3.7.0** (July 21, 2016) > > * Deprecated interfaces now emit deprecation warnings [#345](https://github-redirect.dependabot.com/rails/sprockets/issues/345) > > **3.6.3** (July 1, 2016) > > * Faster asset lookup in large directories [#336](https://github-redirect.dependabot.com/rails/sprockets/issues/336) > * Faster PathUtils.match_path_extname https://github.com/rails/sprockets/commit/697269cf81e5261fdd7072e32bd489403027fd7e > * Fixed uglifier comment stripping [#326](https://github-redirect.dependabot.com/rails/sprockets/issues/326) > * Error messages now show load path info [#313](https://github-redirect.dependabot.com/rails/sprockets/issues/313) > > **3.6.2** (June 21, 2016) > > * More performance improvements. > > **3.6.1** (June 17, 2016) > > * Some performance improvements. > > **3.6.0** (April 6, 2016) > > * Add `Manifest#find_sources` to return the source of the compiled assets. > * Fix the list of compressable mime types. > * Improve performance of the `FileStore` cache. > > **3.5.2** (December 8, 2015) > > * Fix JRuby bug with concurrent-ruby. > * Fix disabling gzip generation in cached environments. > > **3.5.1** (December 5, 2015) > > * Fix gzip asset generation for assets already on disk. > > **3.5.0** (December 3, 2015) > > * Reintroduce Gzip file generation for non-binary assets. > > **3.4.1** (November 25, 2015) > > * PathUtils::Entries will no longer error on an empty directory. > > ... (truncated)Commits
- [`2f7b7e5`](https://github.com/rails/sprockets/commit/2f7b7e5e67f47c32a2d637b7e90dfa5ecf922eb3) v3.7.2 - [`9c34fa0`](https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441) Do not respond to http requests asking for a `file://` - [`eb0af6d`](https://github.com/rails/sprockets/commit/eb0af6d5eb7c0ac049e6c89bd6ee991586f4d256) Make sure find_sources behaves in the same way when the assets don't - [`cfae3de`](https://github.com/rails/sprockets/commit/cfae3de2c5498f57396bb54b7d288c43a2bf25e2) Merge pull request [#487](https://github-redirect.dependabot.com/rails/sprockets/issues/487) from mcfiredrill/patch-1 - [`dbeda82`](https://github.com/rails/sprockets/commit/dbeda8218c8f458adf11592340f5d911b394e29c) typo in deprecation message - See full diff in [compare view](https://github.com/rails/sprockets/compare/v3.7.1...v3.7.2)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Porthole-Project/Porthole/network/alerts).