search

jkrall / analytical

Gem for managing multiple analytics services in your rails app.
MIT License
380 stars 92 forks source link

Bump rack from 1.1.2 to 1.1.6 in /example/rails2.3 #91

Open dependabot[bot] opened 4 years ago

dependabot[bot] commented 4 years ago

Bumps rack from 1.1.2 to 1.1.6.

Changelog *Sourced from [rack's changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md).* > ## [1.1.6, 1.2.8, 1.3.10] 2013-02-07 > - Fix CVE-2013-0263, timing attack against Rack::Session::Cookie > > ## [1.5.1] 2013-01-28 > - Rack::Lint check_hijack now conforms to other parts of SPEC > - Added hash-like methods to Abstract::ID::SessionHash for compatibility > - Various documentation corrections > > ## [1.5.0] 2013-01-21 > - Introduced hijack SPEC, for before-response and after-response hijacking > - SessionHash is no longer a Hash subclass > - Rack::File cache_control parameter is removed, in place of headers options > - Rack::Auth::AbstractRequest#scheme now yields strings, not symbols > - Rack::Utils cookie functions now format expires in RFC 2822 format > - Rack::File now has a default mime type > - rackup -b 'run Rack::Files.new(".")', option provides command line configs > - Rack::Deflater will no longer double encode bodies > - Rack::Mime#match? provides convenience for Accept header matching > - Rack::Utils#q_values provides splitting for Accept headers > - Rack::Utils#best_q_match provides a helper for Accept headers > - Rack::Handler.pick provides convenience for finding available servers > - Puma added to the list of default servers (preferred over Webrick) > - Various middleware now correctly close body when replacing it > - Rack::Request#params is no longer persistent with only GET params > - Rack::Request#update_param and #delete_param provide persistent operations > - Rack::Request#trusted_proxy? now returns true for local unix sockets > - Rack::Response no longer forces Content-Types > - Rack::Sendfile provides local mapping configuration options > - Rack::Utils#rfc2109 provides old netscape style time output > - Updated HTTP status codes > - Ruby 1.8.6 likely no longer passes tests, and is no longer fully supported > > ## [1.4.4, 1.3.9, 1.2.7, 1.1.5] 2013-01-13 > - [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings > - Fixed erroneous test case in the 1.3.x series > > ## [1.4.3] 2013-01-07 > - Security: Prevent unbounded reads in large multipart boundaries > > ## [1.3.8] 2013-01-07 > - Security: Prevent unbounded reads in large multipart boundaries > > ## [1.4.2] 2013-01-06 > - Add warnings when users do not provide a session secret > - Fix parsing performance for unquoted filenames > - Updated URI backports > - Fix URI backport version matching, and silence constant warnings > - Correct parameter parsing with empty values > - Correct rackup '-I' flag, to allow multiple uses > - Correct rackup pidfile handling > ... (truncated)
Commits - [`0232e22`](https://github.com/rack/rack/commit/0232e227b1cf3e67fbb82b2198311fa8ca618fbd) Bump version number - [`64baf02`](https://github.com/rack/rack/commit/64baf02a9154ff9d86ab41f078f5aa371e892db7) Update README for todays releases - [`a227999`](https://github.com/rack/rack/commit/a227999ab37cde072fa75495cd1d3bbcbcaf0474) Use secure_compare for hmac comparison - [`93abac9`](https://github.com/rack/rack/commit/93abac98b13a0afa90293e4ec597cf505d46a343) Add secure_compare to Rack::Utils - [`966df94`](https://github.com/rack/rack/commit/966df947b0e826610409c63cdbff7ee325875393) Bump version - [`e25f400`](https://github.com/rack/rack/commit/e25f4009c8b45d7412d86658a19e95f43d255d07) Update README for release. Add security section. - [`2ba4761`](https://github.com/rack/rack/commit/2ba4761ad22b33d33199064fb0fac14c05ae5105) Squash warnings in spec_auth - [`582c927`](https://github.com/rack/rack/commit/582c927b6e80b42b205d012a06334ee18943edc5) Update spec_auth to work with test-spec - [`c6dd4a6`](https://github.com/rack/rack/commit/c6dd4a6663806a69242b0d0ba1c16533a7145bae) Reimplement auth scheme fix - [`87e39ba`](https://github.com/rack/rack/commit/87e39bae4fdd43bf3b98ea820c13fe8c451b1cc4) Bump to 1.1.4 - Additional commits viewable in [compare view](https://github.com/rack/rack/compare/1.1.2...1.1.6)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jkrall/analytical/network/alerts).