Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.
All Depfu comment commands
@depfu rebase
Rebases against your default branch and redoes this update
@depfu recreate
Recreates this PR, overwriting any edits that you've made to it
@depfu merge
Merges this PR once your tests are passing and conflicts are resolved
@depfu close
Closes this PR and deletes the branch
@depfu reopen
Restores the branch and reopens this PR (if it's closed)
@depfu pause
Ignores all future updates for this dependency and closes this PR
@depfu pause [minor|major]
Ignores all future minor/major updates for this dependency and closes this PR
@depfu resume
Future versions of this dependency will create PRs again (leaves this PR as is)
depfu[bot]
commented
2 years ago
🚨 Your version of puma has known security vulnerabilities 🚨
Advisory: CVE-2020-11076 Disclosed: May 22, 2020 URL: https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h
HTTP Smuggling via Transfer-Encoding Header in Puma
🚨 We recommend to merge and deploy this update as soon as possible! 🚨
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ puma (4.3.1 → 4.3.5) · Repo · Changelog
Release Notes
4.3.3 (from changelog)
4.3.2 (from changelog)
Does any of this look wrong? Please let us know.
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase.All Depfu comment commands