garethrees / garethrees.github.com

https://www.garethrees.co.uk
2 stars 2 forks source link

Bump rubyzip from 1.2.3 to 2.2.0 #9

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps rubyzip from 1.2.3 to 2.2.0.

Release notes *Sourced from [rubyzip's releases](https://github.com/rubyzip/rubyzip/releases).* > ## v2.2.0 > - Add support for decompression plugin gems [#427](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/427) > > ## v2.1.0 > - Fix (at least partially) the `restore_times` and `restore_permissions` options to `Zip::File.new` [#413](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/413) > - Previously, neither option did anything, regardless of what it was set to. We have therefore defaulted them to `false` to preserve the current behavior, for the time being. If you have explicitly set either to `true`, it will now have an effect. > - Fix handling of UniversalTime (`mtime`, `atime`, `ctime`) fields. [#421](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/421) > - Previously, `Zip::File` did not pass the options to `Zip::Entry` in some cases. [#423](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/423) > - Note that `restore_times` in this release does nothing on Windows and only restores `mtime`, not `atime` or `ctime`. > - Allow `Zip::File.open` to take an options hash like `Zip::File.new` [#418](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/418) > - Always print warnings with `warn`, instead of a mix of `puts` and `warn` [#416](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/416) > - Create temporary files in the system temporary directory instead of the directory of the zip file [#411](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411) > - Drop unused `tmpdir` requirement [#411](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411) > > Tooling > > - Move CI to xenial and include jruby on JDK11 [#419](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/419/files) > > ## v2.0.0 > Security > > - Default the `validate_entry_sizes` option to `true`, so that callers can trust an entry's reported size when using `extract` [#403](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403) > - This option defaulted to `false` in 1.3.0 for backward compatibility, but it now defaults to `true`. If you are using an older version of ruby and can't yet upgrade to 2.x, you can still use 1.3.0 and set the option to `true`. > > Tooling / Documentation > > - Remove test files from the gem to avoid problems with antivirus detections on the test files [#405](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/405) / [#384](https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/384) > - Drop support for unsupported ruby versions [#406](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/406) > > ## v1.3.0 > Security > > - Add `validate_entry_sizes` option so that callers can trust an entry's reported size when using `extract` [#403](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403) > - This option defaults to `false` for backward compatibility in this release, but you are strongly encouraged to set it to `true`. It will default to `true` in rubyzip 2.0. > > New Feature > > - Add `add_stored` method to simplify adding entries without compression [#366](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/366) > > Tooling / Documentation > > - Add more gem metadata links [#402](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/402) > > ## v1.2.4 > - Do not rewrite zip files opened with `open_buffer` that have not changed [#360](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/360) > > Tooling / Documentation > > - Update `example_recursive.rb` in README [#397](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/397) > - Hold CI at `trusty` for now, automatically pick the latest ruby patch version, use rbx-4 and hold jruby at 9.1 [#399](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/399) > ... (truncated)
Changelog *Sourced from [rubyzip's changelog](https://github.com/rubyzip/rubyzip/blob/master/Changelog.md).* > # 2.2.0 (2020-02-01) > > - Add support for decompression plugin gems [#427](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/427) > > # 2.1.0 (2020-01-25) > > - Fix (at least partially) the `restore_times` and `restore_permissions` options to `Zip::File.new` [#413](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/413) > - Previously, neither option did anything, regardless of what it was set to. We have therefore defaulted them to `false` to preserve the current behavior, for the time being. If you have explicitly set either to `true`, it will now have an effect. > - Fix handling of UniversalTime (`mtime`, `atime`, `ctime`) fields. [#421](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/421) > - Previously, `Zip::File` did not pass the options to `Zip::Entry` in some cases. [#423](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/423) > - Note that `restore_times` in this release does nothing on Windows and only restores `mtime`, not `atime` or `ctime`. > - Allow `Zip::File.open` to take an options hash like `Zip::File.new` [#418](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/418) > - Always print warnings with `warn`, instead of a mix of `puts` and `warn` [#416](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/416) > - Create temporary files in the system temporary directory instead of the directory of the zip file [#411](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411) > - Drop unused `tmpdir` requirement [#411](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/411) > > Tooling > > - Move CI to xenial and include jruby on JDK11 [#419](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/419/files) > > # 2.0.0 (2019-09-25) > > Security > > - Default the `validate_entry_sizes` option to `true`, so that callers can trust an entry's reported size when using `extract` [#403](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403) > - This option defaulted to `false` in 1.3.0 for backward compatibility, but it now defaults to `true`. If you are using an older version of ruby and can't yet upgrade to 2.x, you can still use 1.3.0 and set the option to `true`. > > Tooling / Documentation > > - Remove test files from the gem to avoid problems with antivirus detections on the test files [#405](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/405) / [#384](https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/384) > - Drop support for unsupported ruby versions [#406](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/406) > > # 1.3.0 (2019-09-25) > > Security > > - Add `validate_entry_sizes` option so that callers can trust an entry's reported size when using `extract` [#403](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/403) > - This option defaults to `false` for backward compatibility in this release, but you are strongly encouraged to set it to `true`. It will default to `true` in rubyzip 2.0. > > New Feature > > - Add `add_stored` method to simplify adding entries without compression [#366](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/366) > > Tooling / Documentation > > - Add more gem metadata links [#402](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/402) > > # 1.2.4 (2019-09-06) > > - Do not rewrite zip files opened with `open_buffer` that have not changed [#360](https://github-redirect.dependabot.com/rubyzip/rubyzip/pull/360) > ... (truncated)
Commits - [`ecd641e`](https://github.com/rubyzip/rubyzip/commit/ecd641e459c7d132db62adf5e9bb4ab28696fca0) Merge pull request [#429](https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/429) from rubyzip/v2-2-0 - [`f42827e`](https://github.com/rubyzip/rubyzip/commit/f42827e99c7018aba05a99965a64531f830e4e8b) Bump version to 2.2.0 - [`040962a`](https://github.com/rubyzip/rubyzip/commit/040962a59fd0170ef1e993a1fd2634cf039e7897) Remove unused error argument - [`666fb8c`](https://github.com/rubyzip/rubyzip/commit/666fb8c03f67762f02edd1360973350ff839dd85) Merge pull request [#427](https://github-redirect.dependabot.com/rubyzip/rubyzip/issues/427) from jspanjers/refactor-decompressor - [`0b9433c`](https://github.com/rubyzip/rubyzip/commit/0b9433c3b26c8695376eb3751c26731b8f0839f0) Add test for unsupported decompression, e.g bzip2 - [`a5d068d`](https://github.com/rubyzip/rubyzip/commit/a5d068d3e8c8eb4dc9ce38ee2f6e9cb3e5dee796) Support Decompressor plugins - [`2b72683`](https://github.com/rubyzip/rubyzip/commit/2b7268373a5d9110993212c13fba03e1f8c0b532) Define compression methods - [`456bd4d`](https://github.com/rubyzip/rubyzip/commit/456bd4d92c995dd92cd74286bd6bdde7cc3057ef) Mimic IO#read return values in Decompressor#read - [`c66277d`](https://github.com/rubyzip/rubyzip/commit/c66277db5885749ee9ef1594df1a9b31fdeb94e0) Rename Decompressor#sysread to #read - [`00b525d`](https://github.com/rubyzip/rubyzip/commit/00b525d76e295bab19b69c6f3481d60cfda9ca0f) Fix returned outbuf for Inflater#sysread - Additional commits viewable in [compare view](https://github.com/rubyzip/rubyzip/compare/v1.2.3...v2.2.0)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/garethrees/garethrees.github.com/network/alerts).
dependabot[bot] commented 4 years ago

Looks like rubyzip is up-to-date now, so this is no longer needed.