Release notes
*Sourced from [mini_magick's releases](https://github.com/minimagick/minimagick/releases).*
> ## v4.10.1
> * Still pick up ImageMagick over GraphicsMagick if both are installed
>
> ## v4.10.0
> * Prioritize discovery of ImageMagick 7 over 6 if both are installed ([@drnic](https://github.com/drnic))
> * Add `MiniMagick::Image#landscape?` and `#portrait?` methods for checking orientiation ([@theomarkkuspaul](https://github.com/theomarkkuspaul))
> * Fix Ruby 2.7 warnings ([@kamipo](https://github.com/kamipo))
>
> ## v4.9.5
> * Fixed `MiniMagick::Image.open` not working with non-ASCII filenames anymore after previous version (thanks to [@meganemura](https://github.com/meganemura))
>
> ## v4.9.4
> * Fixed a remote shell execution vulnerability when using `MiniMagick::Image.open` with URL coming from unsanitized user input (thanks to [@rootxharsh](https://github.com/rootxharsh))
> * Fixed some Ruby warnings (thanks to [@koic](https://github.com/koic))
>
> ## v4.9.3
> * make `MiniMagick::Tool` not respond to everything
Commits
- [`4206a74`](https://github.com/minimagick/minimagick/commit/4206a74d374a84a91e429628045e44559e042dc4) Bump to 4.10.1
- [`4749aab`](https://github.com/minimagick/minimagick/commit/4749aabd381b5a14c19aa5afc37a4c1de505559c) Still prioritize ImageMagick before GraphicsMagick
- [`adb8283`](https://github.com/minimagick/minimagick/commit/adb8283194815a8f65b731d934293ba3d4b85a8c) Bump to 4.10.0
- [`1b3fe59`](https://github.com/minimagick/minimagick/commit/1b3fe5928aeb92a4ddade9f89db4ba610ebbef82) Fix Ruby 2.7 warnings ([#496](https://github-redirect.dependabot.com/minimagick/minimagick/issues/496))
- [`bca935c`](https://github.com/minimagick/minimagick/commit/bca935cddc88b0f32dce6fb4aef50e9e90392382) Add Ruby 2.7 to TravisCI build matrix ([#495](https://github-redirect.dependabot.com/minimagick/minimagick/issues/495))
- [`259105c`](https://github.com/minimagick/minimagick/commit/259105c42790910939a570ffd6a66d56a0ff7b11) Implement #landscape? and #portrait? Image class methods to check orientation...
- [`916b895`](https://github.com/minimagick/minimagick/commit/916b89589a4486ba6d1d417b495a2affe0d08a7a) Prioritizes discovery of ImageMagick7/GraphicsMagick over legacy ImageMagick6...
- [`db6eda3`](https://github.com/minimagick/minimagick/commit/db6eda3762a23727eb56dbeefa5c71bd8f518120) update rubies list; sort by newness ([#479](https://github-redirect.dependabot.com/minimagick/minimagick/issues/479))
- [`d48f914`](https://github.com/minimagick/minimagick/commit/d48f914932b5a296ba6c08d422c3c21ec3778fb3) Bump to 4.9.5
- [`ddbd07a`](https://github.com/minimagick/minimagick/commit/ddbd07a1ca02870f036413c2985d463944f652b1) Avoid using exception flow in Image.open
- Additional commits viewable in [compare view](https://github.com/minimagick/minimagick/compare/v4.9.2...v4.10.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/UW-Libraries/druw/network/alerts).
Bumps mini_magick from 4.9.2 to 4.10.1.
Release notes
*Sourced from [mini_magick's releases](https://github.com/minimagick/minimagick/releases).* > ## v4.10.1 > * Still pick up ImageMagick over GraphicsMagick if both are installed > > ## v4.10.0 > * Prioritize discovery of ImageMagick 7 over 6 if both are installed ([@drnic](https://github.com/drnic)) > * Add `MiniMagick::Image#landscape?` and `#portrait?` methods for checking orientiation ([@theomarkkuspaul](https://github.com/theomarkkuspaul)) > * Fix Ruby 2.7 warnings ([@kamipo](https://github.com/kamipo)) > > ## v4.9.5 > * Fixed `MiniMagick::Image.open` not working with non-ASCII filenames anymore after previous version (thanks to [@meganemura](https://github.com/meganemura)) > > ## v4.9.4 > * Fixed a remote shell execution vulnerability when using `MiniMagick::Image.open` with URL coming from unsanitized user input (thanks to [@rootxharsh](https://github.com/rootxharsh)) > * Fixed some Ruby warnings (thanks to [@koic](https://github.com/koic)) > > ## v4.9.3 > * make `MiniMagick::Tool` not respond to everythingCommits
- [`4206a74`](https://github.com/minimagick/minimagick/commit/4206a74d374a84a91e429628045e44559e042dc4) Bump to 4.10.1 - [`4749aab`](https://github.com/minimagick/minimagick/commit/4749aabd381b5a14c19aa5afc37a4c1de505559c) Still prioritize ImageMagick before GraphicsMagick - [`adb8283`](https://github.com/minimagick/minimagick/commit/adb8283194815a8f65b731d934293ba3d4b85a8c) Bump to 4.10.0 - [`1b3fe59`](https://github.com/minimagick/minimagick/commit/1b3fe5928aeb92a4ddade9f89db4ba610ebbef82) Fix Ruby 2.7 warnings ([#496](https://github-redirect.dependabot.com/minimagick/minimagick/issues/496)) - [`bca935c`](https://github.com/minimagick/minimagick/commit/bca935cddc88b0f32dce6fb4aef50e9e90392382) Add Ruby 2.7 to TravisCI build matrix ([#495](https://github-redirect.dependabot.com/minimagick/minimagick/issues/495)) - [`259105c`](https://github.com/minimagick/minimagick/commit/259105c42790910939a570ffd6a66d56a0ff7b11) Implement #landscape? and #portrait? Image class methods to check orientation... - [`916b895`](https://github.com/minimagick/minimagick/commit/916b89589a4486ba6d1d417b495a2affe0d08a7a) Prioritizes discovery of ImageMagick7/GraphicsMagick over legacy ImageMagick6... - [`db6eda3`](https://github.com/minimagick/minimagick/commit/db6eda3762a23727eb56dbeefa5c71bd8f518120) update rubies list; sort by newness ([#479](https://github-redirect.dependabot.com/minimagick/minimagick/issues/479)) - [`d48f914`](https://github.com/minimagick/minimagick/commit/d48f914932b5a296ba6c08d422c3c21ec3778fb3) Bump to 4.9.5 - [`ddbd07a`](https://github.com/minimagick/minimagick/commit/ddbd07a1ca02870f036413c2985d463944f652b1) Avoid using exception flow in Image.open - Additional commits viewable in [compare view](https://github.com/minimagick/minimagick/compare/v4.9.2...v4.10.1)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/UW-Libraries/druw/network/alerts).