jrochkind / rubyland

The code behind rubyland.news
http://www.rubyland.news
32 stars 3 forks source link

Bump sprockets from 3.7.1 to 3.7.2 #24

Closed dependabot[bot] closed 5 years ago

dependabot[bot] commented 5 years ago

Bumps sprockets from 3.7.1 to 3.7.2.

Changelog *Sourced from [sprockets's changelog](https://github.com/rails/sprockets/blob/v3.7.2/CHANGELOG.md).* > **3.7.2** (June 19, 2018) > > * Security release for [CVE-2018-3760](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760). > > **3.7.1** (December 19, 2016) > > * Ruby 2.4 support for Sprockets 3. > > **3.7.0** (July 21, 2016) > > * Deprecated interfaces now emit deprecation warnings [#345](https://github-redirect.dependabot.com/rails/sprockets/issues/345) > > **3.6.3** (July 1, 2016) > > * Faster asset lookup in large directories [#336](https://github-redirect.dependabot.com/rails/sprockets/issues/336) > * Faster PathUtils.match_path_extname https://github.com/rails/sprockets/commit/697269cf81e5261fdd7072e32bd489403027fd7e > * Fixed uglifier comment stripping [#326](https://github-redirect.dependabot.com/rails/sprockets/issues/326) > * Error messages now show load path info [#313](https://github-redirect.dependabot.com/rails/sprockets/issues/313) > > **3.6.2** (June 21, 2016) > > * More performance improvements. > > **3.6.1** (June 17, 2016) > > * Some performance improvements. > > **3.6.0** (April 6, 2016) > > * Add `Manifest#find_sources` to return the source of the compiled assets. > * Fix the list of compressable mime types. > * Improve performance of the `FileStore` cache. > > **3.5.2** (December 8, 2015) > > * Fix JRuby bug with concurrent-ruby. > * Fix disabling gzip generation in cached environments. > > **3.5.1** (December 5, 2015) > > * Fix gzip asset generation for assets already on disk. > > **3.5.0** (December 3, 2015) > > * Reintroduce Gzip file generation for non-binary assets. > > **3.4.1** (November 25, 2015) > > * PathUtils::Entries will no longer error on an empty directory. > > ... (truncated)
Commits - [`2f7b7e5`](https://github.com/rails/sprockets/commit/2f7b7e5e67f47c32a2d637b7e90dfa5ecf922eb3) v3.7.2 - [`9c34fa0`](https://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441) Do not respond to http requests asking for a `file://` - [`eb0af6d`](https://github.com/rails/sprockets/commit/eb0af6d5eb7c0ac049e6c89bd6ee991586f4d256) Make sure find_sources behaves in the same way when the assets don't - [`cfae3de`](https://github.com/rails/sprockets/commit/cfae3de2c5498f57396bb54b7d288c43a2bf25e2) Merge pull request [#487](https://github-redirect.dependabot.com/rails/sprockets/issues/487) from mcfiredrill/patch-1 - [`dbeda82`](https://github.com/rails/sprockets/commit/dbeda8218c8f458adf11592340f5d911b394e29c) typo in deprecation message - See full diff in [compare view](https://github.com/rails/sprockets/compare/v3.7.1...v3.7.2)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jrochkind/rubyland/network/alerts).