Safecast / safecastapi

The app that powers api.safecast.org
44 stars 25 forks source link

Bump sprockets from 3.7.2 to 4.2.0 #1008

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps sprockets from 3.7.2 to 4.2.0.

Release notes

Sourced from sprockets's releases.

v4.1.1

  • Fix Sprockets::Server to return response headers to compatible with with Rack::Lint 2.0.

Full Changelog: https://github.com/rails/sprockets/compare/v4.1.0...v4.1.1

v4.1.0

What's Changed

New Contributors

Full Changelog: https://github.com/rails/sprockets/compare/v4.0.3...v4.1.0

v4.0.3

What's Changed

... (truncated)

Changelog

Sourced from sprockets's changelog.

4.2.0

  • Rack 3 compatibility. #758
  • Fix thread safety of Sprockets::CachedEnvironment and Sprockets::Cache::MemoryStore. #771
  • Add support for Rack 3.0. Headers set by sprockets will now be lower case. #758
  • Make Sprockets::Utils.module_include thread safe on JRuby. #759

4.1.0

  • Allow age to be altered in asset:clean rake task.
  • Fix Sprockets::Server to return lower-cased response headers to comply with Rack::Lint 3.0. #744
  • Adding new directive depend_on_directory #668
  • Fix application/js-sourcemap+json charset #669
  • Fix CachedEnvironment caching nil values #723
  • Process *.jst.ejs.erb files with ERBProcessor #674
  • Fix cache key for coffee script processor to be dependent on the filename #670

4.0.3

  • Fix Manifest#find yielding from a Promise causing issue on Ruby 3.1.0-dev. #720
  • Better detect the ERB version to avoid deprecation warnings. #719
  • Allow assets already fingerprinted to be served through Sprockets::Server
  • Do not fingerprint files that already contain a valid digest in their name
  • Remove remaining support for Ruby < 2.4.#672

4.0.2

  • Fix etag and digest path compilation that were generating string with invalid digest since 4.0.1.

4.0.1

  • Fix for Ruby 2.7 keyword arguments warning in base.rb. #660
  • Fix for when x_sprockets_linecount is missing from a source map.
  • Fix subresource integrity to match the digest of the asset.

4.0.0

  • Fixes for Ruby 2.7 keyword arguments warnings #625
  • Manifest files are sorted alphabetically #626

4.0.0.beta10

4.0.0.beta9

  • Minimum Ruby version for Sprockets 4 is now 2.5+ which matches minimum ruby version of Rails #604
  • Fix threading bug introduced in Sprockets 4 #603
  • Warn when two potential manifest files exist. #560

... (truncated)

Commits
  • eafbd11 Prepare for 4.2.0
  • cce2c0a Merge pull request #771 from eregon/thread-safe-CachedEnvironment
  • 39490de Make the URI tests pass with ruby-head
  • 58eb15d Add TruffleRuby in CI
  • d503c9b Add ChangeLog entry
  • 9d461f1 Make Sprockets::Cache::MemoryStore thread-safe by using a Mutex
  • 4e74e3a Use Concurrent::Map#fetch_or_store
  • 2d454bc Make Sprockets::CachedEnvironment thread-safe by using Concurrent::Map
  • 1276b43 Merge pull request #759 from ntkme/module-include-thread-safety
  • 722d587 Make Sprockets::Utils.module_include thread safe
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
eitoball commented 1 year ago

@dependabot rebase

dependabot[bot] commented 1 year ago

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

dependabot[bot] commented 1 year ago

A newer version of sprockets exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.