heroku / platform-api

Ruby HTTP client for the Heroku API
MIT License
213 stars 86 forks source link

Bump yard from 0.9.16 to 0.9.20 #94

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 5 years ago

Bumps yard from 0.9.16 to 0.9.20.

Release notes *Sourced from [yard's releases](https://github.com/lsegal/yard/releases).* > ## Release v0.9.20 > > [0.9.20]: https://github.com/lsegal/yard/compare/v0.9.19...v0.9.20 > > - Fix parsing of stringified Symbols in Ruby source ([#1256](https://github-redirect.dependabot.com/lsegal/yard/issues/1256)). > - Fix path traversal vulnerability in `yard server`. This bug would allow > unsanitized HTTP requests to access arbitrary files on the machine of a > `yard server` host under certain conditions. Thanks to CuongMX from > Viettel Cyber Security for discovering this vulnerability. > > ## Release v0.9.19 > > [0.9.19]: https://github.com/lsegal/yard/compare/v0.9.16...v0.9.19 > > - Fixed bug in browser back button ([#1071](https://github-redirect.dependabot.com/lsegal/yard/issues/1071), [#1228](https://github-redirect.dependabot.com/lsegal/yard/issues/1228)) > - Fixed handling of ArgumentError in ExtraFileObject ([#1198](https://github-redirect.dependabot.com/lsegal/yard/issues/1198)) > - Fixed double return tag displaying on boolean methods ([#1226](https://github-redirect.dependabot.com/lsegal/yard/issues/1226)) > - Removed unused `Module#namespace_name` function ([#1229](https://github-redirect.dependabot.com/lsegal/yard/issues/1229)) > - Fixed parsing order of README files. YARD will now prefer README over > README.md over README.x.md or README-x.md (and the like). READMEs will now > also be ordered by filename; the first README is still chosen unless > `--readme` is provided. > - Updated AsciiDoc markup support to use non-deprecated calls. > > ## v0.9.18 > No release notes provided. > > ## Release v0.9.17 > No release notes provided.
Changelog *Sourced from [yard's changelog](https://github.com/lsegal/yard/blob/master/CHANGELOG.md).* > # 0.9.20 - June 27th, 2019 > > [0.9.20]: https://github.com/lsegal/yard/compare/v0.9.19...v0.9.20 > > - Fix parsing of stringified Symbols in Ruby source ([#1256](https://github-redirect.dependabot.com/lsegal/yard/issues/1256)). > - Fix path traversal vulnerability in `yard server`. This bug would allow > unsanitized HTTP requests to access arbitrary files on the machine of a > `yard server` host under certain conditions. Thanks to CuongMX from > Viettel Cyber Security for discovering this vulnerability. > > # 0.9.19 - April 2nd, 2019 > > [0.9.19]: https://github.com/lsegal/yard/compare/v0.9.16...v0.9.19 > > - Fixed bug in browser back button ([#1071](https://github-redirect.dependabot.com/lsegal/yard/issues/1071), [#1228](https://github-redirect.dependabot.com/lsegal/yard/issues/1228)) > - Fixed handling of ArgumentError in ExtraFileObject ([#1198](https://github-redirect.dependabot.com/lsegal/yard/issues/1198)) > - Fixed double return tag displaying on boolean methods ([#1226](https://github-redirect.dependabot.com/lsegal/yard/issues/1226)) > - Removed unused `Module#namespace_name` function ([#1229](https://github-redirect.dependabot.com/lsegal/yard/issues/1229)) > - Fixed parsing order of README files. YARD will now prefer README over > README.md over README.x.md or README-x.md (and the like). READMEs will now > also be ordered by filename; the first README is still chosen unless > `--readme` is provided. > - Updated AsciiDoc markup support to use non-deprecated calls.
Commits - [`0320b89`](https://github.com/lsegal/yard/commit/0320b8918cd369385722694546286e6c4d341b07) Tag release v0.9.20 - [`da43056`](https://github.com/lsegal/yard/commit/da43056c43f5ea3567529b14ce55f93dc2e95418) Update changelog - [`01dc2e3`](https://github.com/lsegal/yard/commit/01dc2e31b33604c611cdb9b237ccdb61e873dc27) Add .rubocop.yml back for tooling support - [`9716717`](https://github.com/lsegal/yard/commit/9716717f75e49b6c109a8608701c5b47b4050db3) Fix tests for Ruby <2.6 - [`593973c`](https://github.com/lsegal/yard/commit/593973c2f27ede6cfa39d2f127d230b40fc9762a) Disable rubocop - [`225ded9`](https://github.com/lsegal/yard/commit/225ded9ef38c6d2be5a3b0fc7effbc7d6644768d) Fix parsing of dyna_symbol nodes - [`6d8b9b9`](https://github.com/lsegal/yard/commit/6d8b9b9c71e45fd1c887545b579399931dc2466e) Remove unnecessary debug line - [`12f56cf`](https://github.com/lsegal/yard/commit/12f56cf7d58e7025085f00b9f9f2f62c24b13d93) Tag release v0.9.19 - [`6205335`](https://github.com/lsegal/yard/commit/6205335fd58d063f8d1d4e6b5833b2ca8de6c687) Update dockerfile.samus - [`1303dbc`](https://github.com/lsegal/yard/commit/1303dbccec6a4b00b84ff2ee1ca3bf291f0ce58f) Use credentials in git push - Additional commits viewable in [compare view](https://github.com/lsegal/yard/compare/v0.9.16...v0.9.20)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/heroku/platform-api/network/alerts).
dependabot[bot] commented 4 years ago

Looks like yard is up-to-date now, so this is no longer needed.