debtcollective / membership

💰 Member dues and Donations platform
https://membership.debtcollective.org
BSD 3-Clause "New" or "Revised" License
11 stars 2 forks source link

chore(deps): bump puma from 5.3.1 to 6.0.1 #640

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps puma from 5.3.1 to 6.0.1.

Release notes

Sourced from puma's releases.

6.0.1 / 2022-12-20

  • Bugfixes
    • Handle waking up a closed selector in Reactor#add (#3005)
    • Fixup response processing, enumerable bodies (#3004, #3000)
    • Correctly close app body for all code paths (#3002, #2999)
  • Refactor
    • Add IOBuffer to Client, remove from ThreadPool thread instances (#3013)

Full Changelog: https://github.com/puma/puma/compare/v6.0.0...v6.0.1

6.0.0 Sunflower

Image by Todd Trapani, Unsplash

  • Breaking Changes

    • Dropping Ruby 2.2 and 2.3 support (now 2.4+) (#2919)
    • Remote_addr functionality has changed (#2652, #2653)
    • No longer supporting Java 1.7 or below (JRuby 9.1 was the last release to support this) (#2849)
    • Remove nakayoshi GC (#2933, #2925)
    • wait_for_less_busy_worker is now default on (#2940)
    • Prefix all environment variables with PUMA_ (#2924, #2853)
    • Removed some constants (#2957, #2958, #2959, #2960)
    • The following classes are now part of Puma's private API: Client, Cluster::Worker, Cluster::Worker, HandleRequest. (#2988)
    • Configuration constants like DefaultRackup removed (#2928)
    • Extracted LogWriter from Events (#2798)
  • Features

    • Increase throughput on large (100kb+) response bodies by 3-10x (#2896, #2892)
    • Increase throughput on file responses (#2923)
    • Add support for streaming bodies in Rack. (#2740)
    • Allow OpenSSL session reuse via a 'reuse' ssl_bind method or bind string query parameter (#2845)
    • Allow run_hooks to pass a hash to blocks for use later (#2917, #2915)
    • Allow using preload_app! with fork_worker (#2907)
    • Support request_body_wait metric with higher precision (#2953)
    • Allow header values to be arrays (Rack 3) (#2936, #2931)
    • Export Puma/Ruby versions in /stats (#2875)
    • Allow configuring request uri max length & request path max length (#2840)
    • Add a couple of public accessors (#2774)
    • Log entire backtrace when worker start fails (#2891)
    • [jruby] Enable TLSv1.3 support (#2886)
    • [jruby] support setting TLS protocols + rename ssl_cipher_list (#2899)
    • [jruby] Support a truststore option (#2849, #2904, #2884)
  • Bugfixes

    • Load the configuration before passing it to the binder (#2897)
    • Do not raise error raised on HTTP methods we don't recognize or support, like CONNECT (#2932, #1441)
    • Fixed a memory leak when creating a new SSL listener (#2956)

... (truncated)

Changelog

Sourced from puma's changelog.

6.0.1 / 2022-12-20

  • Bugfixes
    • Handle waking up a closed selector in Reactor#add (#3005)
    • Fixup response processing, enumerable bodies (#3004, #3000)
    • Correctly close app body for all code paths (#3002, #2999)
  • Refactor
    • Add IOBuffer to Client, remove from ThreadPool thread instances (#3013)

6.0.0 / 2022-10-14

  • Breaking Changes

    • Dropping Ruby 2.2 and 2.3 support (now 2.4+) (#2919)
    • Remote_addr functionality has changed (#2652, #2653)
    • No longer supporting Java 1.7 or below (JRuby 9.1 was the last release to support this) (#2849)
    • Remove nakayoshi GC (#2933, #2925)
    • wait_for_less_busy_worker is now default on (#2940)
    • Prefix all environment variables with PUMA_ (#2924, #2853)
    • Removed some constants (#2957, #2958, #2959, #2960)
    • The following classes are now part of Puma's private API: Client, Cluster::Worker, Cluster::Worker, HandleRequest. (#2988)
    • Configuration constants like DefaultRackup removed (#2928)
    • Extracted LogWriter from Events (#2798)
    • Only accept the standard 8 HTTP methods, others rejected with 501. (#2932)
  • Features

    • Increase throughput on large (100kb+) response bodies by 3-10x (#2896, #2892)
    • Increase throughput on file responses (#2923)
    • Add support for streaming bodies in Rack. (#2740)
    • Allow OpenSSL session reuse via a 'reuse' ssl_bind method or bind string query parameter (#2845)
    • Allow run_hooks to pass a hash to blocks for use later (#2917, #2915)
    • Allow using preload_app! with fork_worker (#2907)
    • Support request_body_wait metric with higher precision (#2953)
    • Allow header values to be arrays (Rack 3) (#2936, #2931)
    • Export Puma/Ruby versions in /stats (#2875)
    • Allow configuring request uri max length & request path max length (#2840)
    • Add a couple of public accessors (#2774)
    • Log entire backtrace when worker start fails (#2891)
    • [jruby] Enable TLSv1.3 support (#2886)
    • [jruby] support setting TLS protocols + rename ssl_cipher_list (#2899)
    • [jruby] Support a truststore option (#2849, #2904, #2884)
  • Bugfixes

    • Load the configuration before passing it to the binder (#2897)
    • Do not raise error raised on HTTP methods we don't recognize or support, like CONNECT (#2932, #1441)
    • Fixed a memory leak when creating a new SSL listener (#2956)
  • Refactor

    • log_writer.rb - add internal_write method (#2888)
    • Extract prune_bundler code into it's own class. (#2797)
    • Refactor Launcher#run to increase readability (no logic change) (#2795)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #651.