Changelog
*Sourced from [rack's changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md).*
> ## [2.2.2] - 2020-02-11
>
> ### Fixed
>
> - Fix incorrect `Rack::Request#host` value. ([#1591](https://github-redirect.dependabot.com/rack/rack/pull/1591), [@ioquatix](https://github.com/ioquatix))
> - Revert `Rack::Handler::Thin` implementation. ([#1583](https://github-redirect.dependabot.com/rack/rack/pull/1583), [@jeremyevans](https://github.com/jeremyevans))
> - Double assignment is still needed to prevent an "unused variable" warning. ([#1589](https://github-redirect.dependabot.com/rack/rack/pull/1589), [@kamipo](https://github.com/kamipo))
> - Fix to handle same_site option for session pool. ([#1587](https://github-redirect.dependabot.com/rack/rack/pull/1587), [@kamipo](https://github.com/kamipo))
>
> ## [2.2.1] - 2020-02-09
>
> ### Fixed
>
> - Rework `Rack::Request#ip` to handle empty `forwarded_for`. ([#1577](https://github-redirect.dependabot.com/rack/rack/pull/1577), [@ioquatix](https://github.com/ioquatix))
>
> ## [2.2.0] - 2020-02-08
>
> ### SPEC Changes
>
> - `rack.session` request environment entry must respond to `to_hash` and return unfrozen Hash. ([@jeremyevans](https://github.com/jeremyevans))
> - Request environment cannot be frozen. ([@jeremyevans](https://github.com/jeremyevans))
> - CGI values in the request environment with non-ASCII characters must use ASCII-8BIT encoding. ([@jeremyevans](https://github.com/jeremyevans))
> - Improve SPEC/lint relating to SERVER_NAME, SERVER_PORT and HTTP_HOST. ([#1561](https://github-redirect.dependabot.com/rack/rack/pull/1561), [@ioquatix](https://github.com/ioquatix))
>
> ### Added
>
> - `rackup` supports multiple `-r` options and will require all arguments. ([@jeremyevans](https://github.com/jeremyevans))
> - `Server` supports an array of paths to require for the `:require` option. ([@khotta](https://github.com/khotta))
> - `Files` supports multipart range requests. ([@fatkodima](https://github.com/fatkodima))
> - `Multipart::UploadedFile` supports an IO-like object instead of using the filesystem, using `:filename` and `:io` options. ([@jeremyevans](https://github.com/jeremyevans))
> - `Multipart::UploadedFile` supports keyword arguments `:path`, `:content_type`, and `:binary` in addition to positional arguments. ([@jeremyevans](https://github.com/jeremyevans))
> - `Static` supports a `:cascade` option for calling the app if there is no matching file. ([@jeremyevans](https://github.com/jeremyevans))
> - `Session::Abstract::SessionHash#dig`. ([@jeremyevans](https://github.com/jeremyevans))
> - `Response.[]` and `MockResponse.[]` for creating instances using status, headers, and body. ([@ioquatix](https://github.com/ioquatix))
> - Convenient cache and content type methods for `Rack::Response`. ([#1555](https://github-redirect.dependabot.com/rack/rack/pull/1555), [@ioquatix](https://github.com/ioquatix))
>
> ### Changed
>
> - `Request#params` no longer rescues EOFError. ([@jeremyevans](https://github.com/jeremyevans))
> - `Directory` uses a streaming approach, significantly improving time to first byte for large directories. ([@jeremyevans](https://github.com/jeremyevans))
> - `Directory` no longer includes a Parent directory link in the root directory index. ([@jeremyevans](https://github.com/jeremyevans))
> - `QueryParser#parse_nested_query` uses original backtrace when reraising exception with new class. ([@jeremyevans](https://github.com/jeremyevans))
> - `ConditionalGet` follows RFC 7232 precedence if both If-None-Match and If-Modified-Since headers are provided. ([@jeremyevans](https://github.com/jeremyevans))
> - `.ru` files supports the `frozen-string-literal` magic comment. ([@eregon](https://github.com/eregon))
> - Rely on autoload to load constants instead of requiring internal files, make sure to require 'rack' and not just 'rack/...'. ([@jeremyevans](https://github.com/jeremyevans))
> - `Etag` will continue sending ETag even if the response should not be cached. ([@henm](https://github.com/henm))
> - `Request#host_with_port` no longer includes a colon for a missing or empty port. ([@AlexWayfer](https://github.com/AlexWayfer))
> - All handlers uses keywords arguments instead of an options hash argument. ([@ioquatix](https://github.com/ioquatix))
> - `Files` handling of range requests no longer return a body that supports `to_path`, to ensure range requests are handled correctly. ([@jeremyevans](https://github.com/jeremyevans))
> - `Multipart::Generator` only includes `Content-Length` for files with paths, and `Content-Disposition` `filename` if the `UploadedFile` instance has one. ([@jeremyevans](https://github.com/jeremyevans))
> ... (truncated)
Commits
- [`a5e80f0`](https://github.com/rack/rack/commit/a5e80f01947954af76b14c1d1fdd8e79dd8337f3) Bump version.
- [`b0de37d`](https://github.com/rack/rack/commit/b0de37dc3b67d2fdcaa8b0236ff076a0a4db0b4f) Remove trailing whitespace.
- [`1a784e5`](https://github.com/rack/rack/commit/1a784e54c867d42214d9e1f315651b1f2cea8591) Prepare CHANGELOG for next patch release.
- [`a0d57d4`](https://github.com/rack/rack/commit/a0d57d4a1d917596e03e0aa969aff7e890d2123c) Fix to handle same_site option for session pool
- [`a9b223b`](https://github.com/rack/rack/commit/a9b223b6781201ae8faa5d0a373cd1a24f6d97a3) Ensure full match. Fixes [#1590](https://github-redirect.dependabot.com/rack/rack/issues/1590).
- [`f4c5645`](https://github.com/rack/rack/commit/f4c5645642ec99fa82a5a343a6c79d4aff8d6165) Double assignment is still needed to prevent an "unused variable" warning
- [`5c121dd`](https://github.com/rack/rack/commit/5c121dd6853fa231d1b1253b6e8e7cfc927791ca) Revert "Update Thin handler to better handle more options"
- [`961d976`](https://github.com/rack/rack/commit/961d9761bcb2bee17c80bba8b7bc9e285086d6c4) Prepare point release.
- [`2d00d05`](https://github.com/rack/rack/commit/2d00d0512175c89a4b39f62cf30b8c5a9dce97d5) Add CHANGELOG entry for [#1577](https://github-redirect.dependabot.com/rack/rack/issues/1577).
- [`f8fd024`](https://github.com/rack/rack/commit/f8fd0241a3d37b6988f9e4951c9782da1c8edb9b) Update CHANGELOG to include 2.2.0.
- Additional commits viewable in [compare view](https://github.com/rack/rack/compare/2.0.6...v2.2.2)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fengb/nvst/network/alerts).
Bumps rack from 2.0.6 to 2.2.2.
Changelog
*Sourced from [rack's changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md).* > ## [2.2.2] - 2020-02-11 > > ### Fixed > > - Fix incorrect `Rack::Request#host` value. ([#1591](https://github-redirect.dependabot.com/rack/rack/pull/1591), [@ioquatix](https://github.com/ioquatix)) > - Revert `Rack::Handler::Thin` implementation. ([#1583](https://github-redirect.dependabot.com/rack/rack/pull/1583), [@jeremyevans](https://github.com/jeremyevans)) > - Double assignment is still needed to prevent an "unused variable" warning. ([#1589](https://github-redirect.dependabot.com/rack/rack/pull/1589), [@kamipo](https://github.com/kamipo)) > - Fix to handle same_site option for session pool. ([#1587](https://github-redirect.dependabot.com/rack/rack/pull/1587), [@kamipo](https://github.com/kamipo)) > > ## [2.2.1] - 2020-02-09 > > ### Fixed > > - Rework `Rack::Request#ip` to handle empty `forwarded_for`. ([#1577](https://github-redirect.dependabot.com/rack/rack/pull/1577), [@ioquatix](https://github.com/ioquatix)) > > ## [2.2.0] - 2020-02-08 > > ### SPEC Changes > > - `rack.session` request environment entry must respond to `to_hash` and return unfrozen Hash. ([@jeremyevans](https://github.com/jeremyevans)) > - Request environment cannot be frozen. ([@jeremyevans](https://github.com/jeremyevans)) > - CGI values in the request environment with non-ASCII characters must use ASCII-8BIT encoding. ([@jeremyevans](https://github.com/jeremyevans)) > - Improve SPEC/lint relating to SERVER_NAME, SERVER_PORT and HTTP_HOST. ([#1561](https://github-redirect.dependabot.com/rack/rack/pull/1561), [@ioquatix](https://github.com/ioquatix)) > > ### Added > > - `rackup` supports multiple `-r` options and will require all arguments. ([@jeremyevans](https://github.com/jeremyevans)) > - `Server` supports an array of paths to require for the `:require` option. ([@khotta](https://github.com/khotta)) > - `Files` supports multipart range requests. ([@fatkodima](https://github.com/fatkodima)) > - `Multipart::UploadedFile` supports an IO-like object instead of using the filesystem, using `:filename` and `:io` options. ([@jeremyevans](https://github.com/jeremyevans)) > - `Multipart::UploadedFile` supports keyword arguments `:path`, `:content_type`, and `:binary` in addition to positional arguments. ([@jeremyevans](https://github.com/jeremyevans)) > - `Static` supports a `:cascade` option for calling the app if there is no matching file. ([@jeremyevans](https://github.com/jeremyevans)) > - `Session::Abstract::SessionHash#dig`. ([@jeremyevans](https://github.com/jeremyevans)) > - `Response.[]` and `MockResponse.[]` for creating instances using status, headers, and body. ([@ioquatix](https://github.com/ioquatix)) > - Convenient cache and content type methods for `Rack::Response`. ([#1555](https://github-redirect.dependabot.com/rack/rack/pull/1555), [@ioquatix](https://github.com/ioquatix)) > > ### Changed > > - `Request#params` no longer rescues EOFError. ([@jeremyevans](https://github.com/jeremyevans)) > - `Directory` uses a streaming approach, significantly improving time to first byte for large directories. ([@jeremyevans](https://github.com/jeremyevans)) > - `Directory` no longer includes a Parent directory link in the root directory index. ([@jeremyevans](https://github.com/jeremyevans)) > - `QueryParser#parse_nested_query` uses original backtrace when reraising exception with new class. ([@jeremyevans](https://github.com/jeremyevans)) > - `ConditionalGet` follows RFC 7232 precedence if both If-None-Match and If-Modified-Since headers are provided. ([@jeremyevans](https://github.com/jeremyevans)) > - `.ru` files supports the `frozen-string-literal` magic comment. ([@eregon](https://github.com/eregon)) > - Rely on autoload to load constants instead of requiring internal files, make sure to require 'rack' and not just 'rack/...'. ([@jeremyevans](https://github.com/jeremyevans)) > - `Etag` will continue sending ETag even if the response should not be cached. ([@henm](https://github.com/henm)) > - `Request#host_with_port` no longer includes a colon for a missing or empty port. ([@AlexWayfer](https://github.com/AlexWayfer)) > - All handlers uses keywords arguments instead of an options hash argument. ([@ioquatix](https://github.com/ioquatix)) > - `Files` handling of range requests no longer return a body that supports `to_path`, to ensure range requests are handled correctly. ([@jeremyevans](https://github.com/jeremyevans)) > - `Multipart::Generator` only includes `Content-Length` for files with paths, and `Content-Disposition` `filename` if the `UploadedFile` instance has one. ([@jeremyevans](https://github.com/jeremyevans)) > ... (truncated)Commits
- [`a5e80f0`](https://github.com/rack/rack/commit/a5e80f01947954af76b14c1d1fdd8e79dd8337f3) Bump version. - [`b0de37d`](https://github.com/rack/rack/commit/b0de37dc3b67d2fdcaa8b0236ff076a0a4db0b4f) Remove trailing whitespace. - [`1a784e5`](https://github.com/rack/rack/commit/1a784e54c867d42214d9e1f315651b1f2cea8591) Prepare CHANGELOG for next patch release. - [`a0d57d4`](https://github.com/rack/rack/commit/a0d57d4a1d917596e03e0aa969aff7e890d2123c) Fix to handle same_site option for session pool - [`a9b223b`](https://github.com/rack/rack/commit/a9b223b6781201ae8faa5d0a373cd1a24f6d97a3) Ensure full match. Fixes [#1590](https://github-redirect.dependabot.com/rack/rack/issues/1590). - [`f4c5645`](https://github.com/rack/rack/commit/f4c5645642ec99fa82a5a343a6c79d4aff8d6165) Double assignment is still needed to prevent an "unused variable" warning - [`5c121dd`](https://github.com/rack/rack/commit/5c121dd6853fa231d1b1253b6e8e7cfc927791ca) Revert "Update Thin handler to better handle more options" - [`961d976`](https://github.com/rack/rack/commit/961d9761bcb2bee17c80bba8b7bc9e285086d6c4) Prepare point release. - [`2d00d05`](https://github.com/rack/rack/commit/2d00d0512175c89a4b39f62cf30b8c5a9dce97d5) Add CHANGELOG entry for [#1577](https://github-redirect.dependabot.com/rack/rack/issues/1577). - [`f8fd024`](https://github.com/rack/rack/commit/f8fd0241a3d37b6988f9e4951c9782da1c8edb9b) Update CHANGELOG to include 2.2.0. - Additional commits viewable in [compare view](https://github.com/rack/rack/compare/2.0.6...v2.2.2)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fengb/nvst/network/alerts).