search

arturictus / sidekiq_alive

Liveness probe for Sidekiq in Kubernetes deployments
MIT License
194 stars 57 forks source link

Update rack requirement from < 3 to < 4 #75

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 1 year ago

Updates the requirements on rack to permit the latest version.

Release notes

Sourced from rack's releases.

v3.0.2

Full Changelog: https://github.com/rack/rack/compare/v3.0.1...v3.0.2

Changelog

Sourced from rack's changelog.

[3.0.2] -2022-12-05

Fixed

  • Utils.build_nested_query URL-encodes nested field names including the square brackets.
  • Allow Rack::Response to pass through streaming bodies. (#1993, [@​ioquatix])

[3.0.1] - 2022-11-18

Fixed

  • MethodOverride does not look for an override if a request does not include form/parseable data.
  • Rack::Lint::Wrapper correctly handles respond_to? with to_ary, each, call and to_path, forwarding to the body. (#1981, [@​ioquatix])

[3.0.0] - 2022-09-06

  • No changes

[3.0.0.rc1] - 2022-09-04

SPEC Changes

[3.0.0.beta1] - 2022-08-08

Security

SPEC Changes

  • Response array must now be non-frozen.
  • Response status must now be an integer greater than or equal to 100.
  • Response headers must now be an unfrozen hash.
  • Response header keys can no longer include uppercase characters.
  • Response header values can be an Array to handle multiple values (and no longer supports \n encoded headers).
  • Response body can now respond to #call (streaming body) instead of #each (enumerable body), for the equivalent of response hijacking in previous versions.
  • Middleware must no longer call #each on the body, but they can call #to_ary on the body if it responds to #to_ary.
  • rack.input is no longer required to be rewindable.
  • rack.multithread/rack.multiprocess/rack.run_once/rack.version are no longer required environment keys.
  • SERVER_PROTOCOL is now a required environment key, matching the HTTP protocol used in the request.
  • rack.hijack? (partial hijack) and rack.hijack (full hijack) are now independently optional.
  • rack.hijack_io has been removed completely.
  • rack.response_finished is an optional environment key which contains an array of callable objects that must accept #call(env, status, headers, error) and are invoked after the response is finished (either successfully or unsuccessfully).
  • It is okay to call #close on rack.input to indicate that you no longer need or care about the input.
  • The stream argument supplied to the streaming body and hijack must support #<< for writing output.

... (truncated)

Commits
  • dcbda31 Bump patch version.
  • 3e17592 Allow passing through streaming bodies. (#1993)
  • c0bb5a5 Remove unnecessary executable bit from test files (#1992)
  • ab1f1c1 Fix Utils.build_nested_query to URL-encode all query string fields (#1989)
  • 59c29a4 Trim trailing white space throughout the project (#1990)
  • 3aa10e6 Fix some typos (#1991)
  • 19225ca Remove leading dot to fix compatibility with latest cgi gem. (#1988)
  • aa86b89 Fix outdated Rack::Builder rdocs and remove Lobster references (#1986)
  • 87984bf Bump patch verison.
  • 316eff7 Update CHANGELOG.md.
  • Additional commits viewable in compare view


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
andrcuns commented 1 year ago

This one is tricky to update. rack > 3 extracted some of the things to a separate rackup gem which require rack > 3. Updating rack requirement > 3 will not be compatible with most applications that use rails.

arturictus commented 1 year ago

@dependabot rebase

arturictus commented 1 year ago

@dependabot rebase

dependabot[bot] commented 10 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.