Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4)
Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4)
Re-add @private, undocumented .identifier method that was only meant for internal framework use but was used by some downstream consumers. This method will be removed in a coming minor release.
Joel Hawksley
v3.15.0
Add basic internal testing for memory allocations.
Joel Hawksley
Add support for request formats.
Joel Hawksley
Add rendered_json test helper.
Joel Hawksley
Add with_format test helper.
Joel Hawksley
Warn if using Ruby < 3.2 or Rails < 7.1, which won't be supported by ViewComponent v4, to be released no earlier than April 1, 2025.
Joel Hawksley
Add Kicksite to list of companies using ViewComponent.
Adil Lari
Allow overridden slot methods to use super.
Andrew Schwartz
Add Rails engine support to generators.
Tomasz Kowalewski
Register stats directories with Rails::CodeStatistics.register_directory to support rails stats in Rails 8.
Petrik de Heus
Fixed type declaration for ViewComponent::TestHelpers.with_controller_class parameter.
Re-add @private, undocumented .identifier method that was only meant for internal framework use but was used by some downstream consumers. This method will be removed in a coming minor release.
Joel Hawksley
3.15.0
Add basic internal testing for memory allocations.
Joel Hawksley
Add support for request formats.
Joel Hawksley
Add rendered_json test helper.
Joel Hawksley
Add with_format test helper.
Joel Hawksley
Warn if using Ruby < 3.2 or Rails < 7.1, which won't be supported by ViewComponent v4, to be released no earlier than April 1, 2025.
Joel Hawksley
Add Kicksite to list of companies using ViewComponent.
Adil Lari
Allow overridden slot methods to use super.
Andrew Schwartz
Add Rails engine support to generators.
Tomasz Kowalewski
Register stats directories with Rails::CodeStatistics.register_directory to support rails stats in Rails 8.
Petrik de Heus
Fixed type declaration for ViewComponent::TestHelpers.with_controller_class parameter.
Most Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions |
| --- | --- |
| view_component | [>= 2.77.a, < 2.78] |
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the regular-updates group in /design-system-docs with 2 updates: puma and view_component.
Updates
puma
from 6.4.2 to 6.4.3Release notes
Sourced from puma's releases.
Changelog
Sourced from puma's changelog.
Commits
e867e53
6.4.363a27b5
5.6.9 release note [ci skip]cac3fd1
Merge commit from forkUpdates
view_component
from 3.14.0 to 3.15.1Release notes
Sourced from view_component's releases.
Changelog
Sourced from view_component's changelog.
Commits
a528f1c
release 3.15.1 (#2110)6fa2a91
Re-add@private
, undocumented.identifier
method that was only me… (#2109)0dc9342
release 3.15.0 (#2105)383f775
update Rails and Ruby EOL support message (#2102)4dfc7a9
bundle update (#2098)def1448
Add basic internal testing for memory allocations (#2097)fe39b4d
Updatewith_controller_class
type documentation (#2094)36adbed
require ostruct (#2096)ec0434c
Refactor compiler for clarity (#2091)451543a
Add support for multiple formats (#2079)Most Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions | | --- | --- | | view_component | [>= 2.77.a, < 2.78] |Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show