Changelog
*Sourced from [sprockets's changelog](https://github.com/rails/sprockets/blob/v3.7.2/CHANGELOG.md).*
> **3.7.2** (June 19, 2018)
>
> * Security release for [CVE-2018-3760](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760).
>
> **3.7.1** (December 19, 2016)
>
> * Ruby 2.4 support for Sprockets 3.
>
> **3.7.0** (July 21, 2016)
>
> * Deprecated interfaces now emit deprecation warnings [#345](https://github-redirect.dependabot.com/rails/sprockets/issues/345)
>
> **3.6.3** (July 1, 2016)
>
> * Faster asset lookup in large directories [#336](https://github-redirect.dependabot.com/rails/sprockets/issues/336)
> * Faster PathUtils.match_path_extname https://github.com/rails/sprockets/commit/697269cf81e5261fdd7072e32bd489403027fd7e
> * Fixed uglifier comment stripping [#326](https://github-redirect.dependabot.com/rails/sprockets/issues/326)
> * Error messages now show load path info [#313](https://github-redirect.dependabot.com/rails/sprockets/issues/313)
>
> **3.6.2** (June 21, 2016)
>
> * More performance improvements.
>
> **3.6.1** (June 17, 2016)
>
> * Some performance improvements.
>
> **3.6.0** (April 6, 2016)
>
> * Add `Manifest#find_sources` to return the source of the compiled assets.
> * Fix the list of compressable mime types.
> * Improve performance of the `FileStore` cache.
>
> **3.5.2** (December 8, 2015)
>
> * Fix JRuby bug with concurrent-ruby.
> * Fix disabling gzip generation in cached environments.
>
> **3.5.1** (December 5, 2015)
>
> * Fix gzip asset generation for assets already on disk.
>
> **3.5.0** (December 3, 2015)
>
> * Reintroduce Gzip file generation for non-binary assets.
>
> **3.4.1** (November 25, 2015)
>
> * PathUtils::Entries will no longer error on an empty directory.
>
> ... (truncated)
Commits
- [`2f7b7e5`](https://github.com/rails/sprockets/commit/2f7b7e5e67f47c32a2d637b7e90dfa5ecf922eb3) v3.7.2
- [`9c34fa0`](https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441) Do not respond to http requests asking for a `file://`
- [`eb0af6d`](https://github.com/rails/sprockets/commit/eb0af6d5eb7c0ac049e6c89bd6ee991586f4d256) Make sure find_sources behaves in the same way when the assets don't
- [`cfae3de`](https://github.com/rails/sprockets/commit/cfae3de2c5498f57396bb54b7d288c43a2bf25e2) Merge pull request [#487](https://github-redirect.dependabot.com/rails/sprockets/issues/487) from mcfiredrill/patch-1
- [`dbeda82`](https://github.com/rails/sprockets/commit/dbeda8218c8f458adf11592340f5d911b394e29c) typo in deprecation message
- See full diff in [compare view](https://github.com/rails/sprockets/compare/v3.7.1...v3.7.2)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jrochkind/rubyland/network/alerts).
Bumps sprockets from 3.7.1 to 3.7.2.
Changelog
*Sourced from [sprockets's changelog](https://github.com/rails/sprockets/blob/v3.7.2/CHANGELOG.md).* > **3.7.2** (June 19, 2018) > > * Security release for [CVE-2018-3760](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760). > > **3.7.1** (December 19, 2016) > > * Ruby 2.4 support for Sprockets 3. > > **3.7.0** (July 21, 2016) > > * Deprecated interfaces now emit deprecation warnings [#345](https://github-redirect.dependabot.com/rails/sprockets/issues/345) > > **3.6.3** (July 1, 2016) > > * Faster asset lookup in large directories [#336](https://github-redirect.dependabot.com/rails/sprockets/issues/336) > * Faster PathUtils.match_path_extname https://github.com/rails/sprockets/commit/697269cf81e5261fdd7072e32bd489403027fd7e > * Fixed uglifier comment stripping [#326](https://github-redirect.dependabot.com/rails/sprockets/issues/326) > * Error messages now show load path info [#313](https://github-redirect.dependabot.com/rails/sprockets/issues/313) > > **3.6.2** (June 21, 2016) > > * More performance improvements. > > **3.6.1** (June 17, 2016) > > * Some performance improvements. > > **3.6.0** (April 6, 2016) > > * Add `Manifest#find_sources` to return the source of the compiled assets. > * Fix the list of compressable mime types. > * Improve performance of the `FileStore` cache. > > **3.5.2** (December 8, 2015) > > * Fix JRuby bug with concurrent-ruby. > * Fix disabling gzip generation in cached environments. > > **3.5.1** (December 5, 2015) > > * Fix gzip asset generation for assets already on disk. > > **3.5.0** (December 3, 2015) > > * Reintroduce Gzip file generation for non-binary assets. > > **3.4.1** (November 25, 2015) > > * PathUtils::Entries will no longer error on an empty directory. > > ... (truncated)Commits
- [`2f7b7e5`](https://github.com/rails/sprockets/commit/2f7b7e5e67f47c32a2d637b7e90dfa5ecf922eb3) v3.7.2 - [`9c34fa0`](https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441) Do not respond to http requests asking for a `file://` - [`eb0af6d`](https://github.com/rails/sprockets/commit/eb0af6d5eb7c0ac049e6c89bd6ee991586f4d256) Make sure find_sources behaves in the same way when the assets don't - [`cfae3de`](https://github.com/rails/sprockets/commit/cfae3de2c5498f57396bb54b7d288c43a2bf25e2) Merge pull request [#487](https://github-redirect.dependabot.com/rails/sprockets/issues/487) from mcfiredrill/patch-1 - [`dbeda82`](https://github.com/rails/sprockets/commit/dbeda8218c8f458adf11592340f5d911b394e29c) typo in deprecation message - See full diff in [compare view](https://github.com/rails/sprockets/compare/v3.7.1...v3.7.2)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jrochkind/rubyland/network/alerts).