chore(deps): bump the regular-updates group in /engine with 5 updates

[dependabot[bot]]

Bumps the regular-updates group in /engine with 5 updates:

Package	From	To
actionpack	7.1.4	7.1.4.1
activemodel	7.1.4	7.1.4.1
railties	7.1.4	7.1.4.1
view_component	3.17.0	3.18.0
erb_lint	0.6.0	0.7.0

Updates actionpack from 7.1.4 to 7.1.4.1

Release notes

Sourced from actionpack's releases.

7.1.4.1

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Avoid regex backtracking in HTTP Token authentication

  [CVE-2024-47887]

• Avoid regex backtracking in query parameter filtering

  [CVE-2024-41128]

Active Job

• No changes.

Action Mailer

• Avoid regex backtracking in block_format helper

  [CVE-2024-47889]

Action Cable

• No changes.

Active Storage

• No changes.

... (truncated)

Commits

• 5b5f0da Preparing for 7.1.4.1 release
• 76ae935 Update CHANGELOGs
• b0fe99f Avoid backtracking in filtered_query_string
• 7c13988 Avoid backtracking in Token#raw_params
• 1f56fd6 Merge pull request #52962 from rails/rm-releser
• See full diff in compare view

Updates activemodel from 7.1.4 to 7.1.4.1

Release notes

Sourced from activemodel's releases.

7.1.4.1

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Avoid regex backtracking in HTTP Token authentication

  [CVE-2024-47887]

• Avoid regex backtracking in query parameter filtering

  [CVE-2024-41128]

Active Job

• No changes.

Action Mailer

• Avoid regex backtracking in block_format helper

  [CVE-2024-47889]

Action Cable

• No changes.

Active Storage

• No changes.

... (truncated)

Commits

• 5b5f0da Preparing for 7.1.4.1 release
• 1f56fd6 Merge pull request #52962 from rails/rm-releser
• See full diff in compare view

Updates railties from 7.1.4 to 7.1.4.1

Release notes

Sourced from railties's releases.

7.1.4.1

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Avoid regex backtracking in HTTP Token authentication

  [CVE-2024-47887]

• Avoid regex backtracking in query parameter filtering

  [CVE-2024-41128]

Active Job

• No changes.

Action Mailer

• Avoid regex backtracking in block_format helper

  [CVE-2024-47889]

Action Cable

• No changes.

Active Storage

• No changes.

... (truncated)

Commits

• 5b5f0da Preparing for 7.1.4.1 release
• 1f56fd6 Merge pull request #52962 from rails/rm-releser
• c0d8c4b Address Rails::Command::HelpIntegrationTest failure against ruby 3.4.0dev
• See full diff in compare view

Updates view_component from 3.17.0 to 3.18.0

Release notes

Sourced from view_component's releases.

v3.18.0

• Enable components to use @request and request methods/ivars.

  Blake Williams

• Fix bug where implicit locales in component filenames threw a NameError.

  Chloe Fons

• Register ViewComponent tests directory for rails stats.

  Javier Aranda

• Wrap entire compile step in a mutex to make it more resilient to race conditions.

  Blake Williams

• Add Niva to companies who use ViewComponent.

  Daniel Vu Dao

• Fix preview_paths in docs.

  Javier Aranda

Changelog

Sourced from view_component's changelog.

3.18.0

• Enable components to use @request and request methods/ivars.

  Blake Williams

• Fix bug where implicit locales in component filenames threw a NameError.

  Chloe Fons

• Register ViewComponent tests directory for rails stats.

  Javier Aranda

• Wrap entire compile step in a mutex to make it more resilient to race conditions.

  Blake Williams

• Add Niva to companies who use ViewComponent.

  Daniel Vu Dao

• Fix preview_paths in docs.

  Javier Aranda

Commits

• 14446d8 release 3.18.0 (#2138)
• 23ef08b bundle update (#2136)
• d0576c1 Enable components to use @request and request methods/ivars (#2135)
• 1176505 chore: Remove .DS_Store file (#2134)
• 21b94a7 Allow implicit locale in component file names (#2118)
• 212d159 Register tests directory for rails stats (#2129)
• 1fd89a4 Wrap entire compile step with mutex (#2132)
• 587a9ed 📝 Add Niva to companies who use ViewComponent (#2131)
• e2af6fd Fix preview_paths in docs (#2127)
• c1a34e5 Update CHANGELOG.md
• See full diff in compare view

Updates erb_lint from 0.6.0 to 0.7.0

Release notes

Sourced from erb_lint's releases.

v0.7.0

What's Changed

• Standardize repo name to erb_lint by @​george-ma in Shopify/erb_lint#360 Consistently use the erb_lint name, instead of erb-lint or erblint. The old names are still supported, but will be removed in a future release.
• Don't use rexml for the JUnit formatter by @​Earlopain in Shopify/erb_lint#374
• Allow laquo and raquo in HardCodedString linter by @​bcroesch in Shopify/erb_lint#355
• README.md: include HardCodedString linter by @​francisfuzz in Shopify/erb_lint#278
• Don't use possibly deprecated RuboCop API by @​Earlopain in Shopify/erb_lint#375
• Rename CACHE_DIRECTORY to .erb_lint_cache. by @​joshuapinter in Shopify/erb_lint#380 Rename the cache directory to match the new name. Your first build will rebuild it from scratch.

New Contributors

• @​Earlopain made their first contribution in Shopify/erb_lint#374
• @​bcroesch made their first contribution in Shopify/erb_lint#355
• @​francisfuzz made their first contribution in Shopify/erb_lint#278

Full Changelog: https://github.com/Shopify/erb_lint/compare/v0.6.0...v0.7.0

Commits

• 67e9f5c Merge pull request #382 from Shopify/mangara-release-0-7-0
• 37ab1c1 Release erb_lint v0.7.0
• 5c63068 Merge pull request #380 from cntral/rename_cache_directory
• af5f18e Rename CACHE_DIRECTORY to .erb_lint_cache.
• 255fdb4 Merge pull request #375 from Earlopain/team-new
• a46e322 Merge pull request #376 from Earlopain/actions-bump
• ab1f55d docs(README.md): Document HardCodedString linter (#278)
• 8a6c502 Merge pull request #355 from bcroesch/allow-hard-coded-laquo-raquo
• 93a6524 Merge pull request #374 from Earlopain/junit-no-rexml
• 12e1659 Don't use rexml for the JUnit formatter
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

| Dependency Name | Ignore Conditions | | --- | --- | | view_component | [>= 2.51.a, < 2.52] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[davidrapson]

@dependabot rebase