mysociety / foi-for-councils

https://www.mysociety.org/transparency/foi-works/
Other
1 stars 0 forks source link

Bump puma from 5.6.4 to 6.0.0 #590

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps puma from 5.6.4 to 6.0.0.

Release notes

Sourced from puma's releases.

6.0.0 Sunflower

Image by Todd Trapani, Unsplash

  • Breaking Changes

    • Dropping Ruby 2.2 and 2.3 support (now 2.4+) (#2919)
    • Remote_addr functionality has changed (#2652, #2653)
    • No longer supporting Java 1.7 or below (JRuby 9.1 was the last release to support this) (#2849)
    • Remove nakayoshi GC (#2933, #2925)
    • wait_for_less_busy_worker is now default on (#2940)
    • Prefix all environment variables with PUMA_ (#2924, #2853)
    • Removed some constants (#2957, #2958, #2959, #2960)
    • The following classes are now part of Puma's private API: Client, Cluster::Worker, Cluster::Worker, HandleRequest. (#2988)
    • Configuration constants like DefaultRackup removed (#2928)
    • Extracted LogWriter from Events (#2798)
  • Features

    • Increase throughput on large (100kb+) response bodies by 3-10x (#2896, #2892)
    • Increase throughput on file responses (#2923)
    • Add support for streaming bodies in Rack. (#2740)
    • Allow OpenSSL session reuse via a 'reuse' ssl_bind method or bind string query parameter (#2845)
    • Allow run_hooks to pass a hash to blocks for use later (#2917, #2915)
    • Allow using preload_app! with fork_worker (#2907)
    • Support request_body_wait metric with higher precision (#2953)
    • Allow header values to be arrays (Rack 3) (#2936, #2931)
    • Export Puma/Ruby versions in /stats (#2875)
    • Allow configuring request uri max length & request path max length (#2840)
    • Add a couple of public accessors (#2774)
    • Log entire backtrace when worker start fails (#2891)
    • [jruby] Enable TLSv1.3 support (#2886)
    • [jruby] support setting TLS protocols + rename ssl_cipher_list (#2899)
    • [jruby] Support a truststore option (#2849, #2904, #2884)
  • Bugfixes

    • Load the configuration before passing it to the binder (#2897)
    • Do not raise error raised on HTTP methods we don't recognize or support, like CONNECT (#2932, #1441)
    • Fixed a memory leak when creating a new SSL listener (#2956)
  • Refactor

    • log_writer.rb - add internal_write method (#2888)
    • Extract prune_bundler code into it's own class. (#2797)
    • Refactor Launcher#run to increase readability (no logic change) (#2795)
    • Ruby 3.2 will have native IO#wait_* methods, don't require io/wait (#2903)
    • Various internal API refactorings (#2942, #2921, #2922, #2955)

5.6.5 / 2022-08-23

  • Bugfixes
    • NullIO#closed should return false (#2883)

... (truncated)

Changelog

Sourced from puma's changelog.

6.0.0 / 2022-10-14

  • Breaking Changes

    • Dropping Ruby 2.2 and 2.3 support (now 2.4+) (#2919)
    • Remote_addr functionality has changed (#2652, #2653)
    • No longer supporting Java 1.7 or below (JRuby 9.1 was the last release to support this) (#2849)
    • Remove nakayoshi GC (#2933, #2925)
    • wait_for_less_busy_worker is now default on (#2940)
    • Prefix all environment variables with PUMA_ (#2924, #2853)
    • Removed some constants (#2957, #2958, #2959, #2960)
    • The following classes are now part of Puma's private API: Client, Cluster::Worker, Cluster::Worker, HandleRequest. (#2988)
    • Configuration constants like DefaultRackup removed (#2928)
    • Extracted LogWriter from Events (#2798)
  • Features

    • Increase throughput on large (100kb+) response bodies by 3-10x (#2896, #2892)
    • Increase throughput on file responses (#2923)
    • Add support for streaming bodies in Rack. (#2740)
    • Allow OpenSSL session reuse via a 'reuse' ssl_bind method or bind string query parameter (#2845)
    • Allow run_hooks to pass a hash to blocks for use later (#2917, #2915)
    • Allow using preload_app! with fork_worker (#2907)
    • Support request_body_wait metric with higher precision (#2953)
    • Allow header values to be arrays (Rack 3) (#2936, #2931)
    • Export Puma/Ruby versions in /stats (#2875)
    • Allow configuring request uri max length & request path max length (#2840)
    • Add a couple of public accessors (#2774)
    • Log entire backtrace when worker start fails (#2891)
    • [jruby] Enable TLSv1.3 support (#2886)
    • [jruby] support setting TLS protocols + rename ssl_cipher_list (#2899)
    • [jruby] Support a truststore option (#2849, #2904, #2884)
  • Bugfixes

    • Load the configuration before passing it to the binder (#2897)
    • Do not raise error raised on HTTP methods we don't recognize or support, like CONNECT (#2932, #1441)
    • Fixed a memory leak when creating a new SSL listener (#2956)
  • Refactor

    • log_writer.rb - add internal_write method (#2888)
    • Extract prune_bundler code into it's own class. (#2797)
    • Refactor Launcher#run to increase readability (no logic change) (#2795)
    • Ruby 3.2 will have native IO#wait_* methods, don't require io/wait (#2903)
    • Various internal API refactorings (#2942, #2921, #2922, #2955)

5.6.5 / 2022-08-23

  • Feature

    • Puma::ControlCLI - allow refork command to be sent as a request (#2868, #2866)
  • Bugfixes

... (truncated)

Commits


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #603.