Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/buzzn/core/network/alerts).
Bumps rack, rails and activerecord. These dependencies needed to be updated together. Updates
rack
from 1.6.13 to 2.2.3Commits
1741c58
bump version5ccca47
When parsing cookies, only decode the valuesa5e80f0
Bump version.b0de37d
Remove trailing whitespace.1a784e5
Prepare CHANGELOG for next patch release.a0d57d4
Fix to handle same_site option for session poola9b223b
Ensure full match. Fixes #1590.f4c5645
Double assignment is still needed to prevent an "unused variable" warning5c121dd
Revert "Update Thin handler to better handle more options"961d976
Prepare point release.Updates
rails
from 4.2.11.1 to 5.2.4.3Release notes
Sourced from rails's releases.
Commits
7b5cc5a
Preparing for 5.2.4.3 release559cce2
updating changelog3c806b9
bumping version9cb66f6
update changelogfbc7bec
Check that request is same-origin prior to including CSRF token in XHRsd124f19
HMAC raw CSRF token before masking it, so it cannot be used to reconstruct a ...467e339
activesupport: Deprecate Marshal.load on raw cache read in RedisCacheStoref7e077f
activesupport: Avoid Marshal.load on raw cache value in MemCacheStore7a3ee4f
Return self when calling #each, #each_pair, and #each_value instead of the ra...e8df564
Include Content-Length in signature for ActiveStorage direct uploadUpdates
activerecord
from 4.2.11.1 to 5.2.4.3Release notes
Sourced from activerecord's releases.
Commits
7b5cc5a
Preparing for 5.2.4.3 release3c806b9
bumping version4dcc543
update versionac30e38
Preparing for 5.2.4.1 release8bec77c
Preparing for 5.2.4 release9e2a341
Preparing for 5.2.4.rc1 release1c070a5
Merge pull request #37747 from bradleyprice/check-association-loaded-across-c...4074c06
Merge pull request #36526 from yahonda/test_statement_cache_with_in_clause_pgfde4401
Fix random CI failure due to non-deterministic sorting order94b6887
Merge pull request #37489 from giraffate/fix_random_ci_failure_due_to_non-det...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/buzzn/core/network/alerts).