Release notes
*Sourced from [activesupport's releases](https://github.com/rails/rails/releases).*
> ## 6.0.2.1
> ## Active Support
>
> * No changes.
>
>
>
> ## Active Model
>
> * No changes.
>
>
>
> ## Active Record
>
> * No changes.
>
>
>
> ## Action View
>
> * No changes.
>
>
>
> ## Action Pack
>
> * Fix possible information leak / session hijacking vulnerability.
>
> The `ActionDispatch::Session::MemcacheStore` is still vulnerable given it requires the
> gem dalli to be updated as well.
>
> CVE-2019-16782.
>
>
>
> ## Active Job
>
> * No changes.
>
>
>
> ## Action Mailer
>
> * No changes.
>
>
>
> ## Action Cable
>
> ... (truncated)
Changelog
*Sourced from [activesupport's changelog](https://github.com/rails/rails/blob/v6.0.2.1/activesupport/CHANGELOG.md).*
> ## Rails 6.0.2.1 (December 18, 2019) ##
>
> * No changes.
>
>
> ## Rails 6.0.2 (December 13, 2019) ##
>
> * Eager load translations during initialization.
>
> *Diego Plentz*
>
> * Use per-thread CPU time clock on `ActiveSupport::Notifications`.
>
> *George Claghorn*
>
>
> ## Rails 6.0.1 (November 5, 2019) ##
>
> * `ActiveSupport::SafeBuffer` supports `Enumerator` methods.
>
> *Shugo Maeda*
>
> * The Redis cache store fails gracefully when the server returns a "max number
> of clients reached" error.
>
> *Brandon Medenwald*
>
> * Fixed that mutating a value returned by a memory cache store would
> unexpectedly change the cached value.
>
> *Jonathan Hyman*
>
> * The default inflectors in `zeitwerk` mode support overrides:
>
> ```ruby
> # config/initializers/zeitwerk.rb
> Rails.autoloaders.each do |autoloader|
> autoloader.inflector.inflect(
> "html_parser" => "HTMLParser",
> "ssl_error" => "SSLError"
> )
> end
> ```
>
> That way, you can tweak how individual basenames are inflected without touching Active Support inflection rules, which are global. These inflectors fallback to `String#camelize`, so existing inflection rules are still taken into account for non-overridden basenames.
>
> Please, check the [autoloading guide for `zeitwerk` mode](https://guides.rubyonrails.org/v6.0/autoloading_and_reloading_constants.html#customizing-inflections) if you prefer not to depend on `String#camelize` at all.
>
> *Xavier Noria*
>
> ... (truncated)
Commits
- [`f33d52c`](https://github.com/rails/rails/commit/f33d52c95217212cbacc8d5e44b5a8e3cdc6f5b3) Preparing for 6.0.2.1 release
- [`f675cb3`](https://github.com/rails/rails/commit/f675cb30ce813a99b52b139a93e048330922fd9a) Preparing for 6.0.2 release
- [`63107e9`](https://github.com/rails/rails/commit/63107e9914c893336f7612c2cd17a24474b6a6d6) Preparing for 6.0.2.rc2 release
- [`c3135a4`](https://github.com/rails/rails/commit/c3135a4d4050496355d489b0deb84db54b8f0553) Revert "Merge pull request [#37849](https://github-redirect.dependabot.com/rails/rails/issues/37849) from kamipo/fix_since_and_ago"
- [`fcfe693`](https://github.com/rails/rails/commit/fcfe6931d3f14dfd8a635cb1c5448ba1348853bb) Revert "Merge pull request [#37839](https://github-redirect.dependabot.com/rails/rails/issues/37839) from ttanimichi/modify-inspect-of-activesup...
- [`66c153c`](https://github.com/rails/rails/commit/66c153c0bd4a06eae369bfb73b89f79fff52407c) Merge pull request [#37849](https://github-redirect.dependabot.com/rails/rails/issues/37849) from kamipo/fix_since_and_ago
- [`01d7f82`](https://github.com/rails/rails/commit/01d7f82c19146c5bbf0c66ae27077fbca5d31019) Merge pull request [#37839](https://github-redirect.dependabot.com/rails/rails/issues/37839) from ttanimichi/modify-inspect-of-activesupport-dur...
- [`a015f55`](https://github.com/rails/rails/commit/a015f55240258723df311360123af22b3204fa08) Preparing for 6.0.2.rc1 release
- [`c4175eb`](https://github.com/rails/rails/commit/c4175eb2cedc3a7ac89b39da408165ca32aec76f) Update CHANGELOG [ci skip]
- [`ddf65f2`](https://github.com/rails/rails/commit/ddf65f222973dacdcf2987307ddbab94c60682b4) Follow up 997770f5955a36f0c800388c4592c961e184aec4
- Additional commits viewable in [compare view](https://github.com/rails/rails/compare/v4.0.13...v6.0.2.1)
Updates minitest from 4.7.5 to 5.14.0
Changelog
*Sourced from [minitest's changelog](https://github.com/seattlerb/minitest/blob/master/History.rdoc).*
> === 5.14.0 / 2020-01-11
>
> * 2 minor enhancements:
>
> * Block-assertions (eg assert_output) now error if raised inside the block. (casperisfine)
> * Changed assert_raises to only catch Assertion since that covers Skip and friends.
>
> * 3 bug fixes:
>
> * Added example for value wrapper with block to Expectations module. (stomar)
> * Fixed use of must/wont_be_within_delta on Expectation instance. (stomar)
> * Renamed UnexpectedError#exception to #error to avoid problems with reraising. (casperisfine)
>
> === 5.13.0 / 2019-10-29
>
> * 9 minor enhancements:
>
> * Added Minitest::Guard#osx?
> * Added examples to documentation for assert_raises. (lxxxvi)
> * Added expectations #path_must_exist and #path_wont_exist. Not thrilled with the names.
> * Added fail_after(year, month, day, msg) to allow time-bombing after a deadline.
> * Added skip_until(year, month, day, msg) to allow deferring until a deadline.
> * Deprecated Minitest::Guard#maglev?
> * Deprecated Minitest::Guard#rubinius?
> * Finally added assert_path_exists and refute_path_exists. (deivid-rodriguez)
> * Refactored and pulled Assertions#things_to_diff out of #diff. (BurdetteLamar)
>
> * 3 bug fixes:
>
> * Fix autorun bug that affects fork exit status in tests. (dylanahsmith/jhawthorn)
> * Improved documentation for _/value/expect, especially for blocks. (svoop)
> * Support new Proc#to_s format. (ko1)
>
> === 5.12.2 / 2019-09-28
>
> * 1 bug fix:
>
> * After chatting w/ [@y-yagi](https://github.com/y-yagi) and others, decided to lower support to include ruby 2.2.
>
> === 5.12.1 / 2019-09-28
>
> * 1 minor enhancement:
>
> * Added documentation for Reporter classes. (sshaw)
>
> * 3 bug fixes:
>
> * Avoid using 'match?' to support older ruby versions. (y-yagi)
> * Fixed broken link to reference on goodness-of-fit testing. (havenwood)
> * Update requirements in readme and Rakefile/hoe spec.
> ... (truncated)
Commits
- See full diff in [compare view](https://github.com/seattlerb/minitest/commits/v5.14.0)
Updates minitest from 4.7.5 to 5.14.0
Changelog
*Sourced from [minitest's changelog](https://github.com/seattlerb/minitest/blob/master/History.rdoc).*
> === 5.14.0 / 2020-01-11
>
> * 2 minor enhancements:
>
> * Block-assertions (eg assert_output) now error if raised inside the block. (casperisfine)
> * Changed assert_raises to only catch Assertion since that covers Skip and friends.
>
> * 3 bug fixes:
>
> * Added example for value wrapper with block to Expectations module. (stomar)
> * Fixed use of must/wont_be_within_delta on Expectation instance. (stomar)
> * Renamed UnexpectedError#exception to #error to avoid problems with reraising. (casperisfine)
>
> === 5.13.0 / 2019-10-29
>
> * 9 minor enhancements:
>
> * Added Minitest::Guard#osx?
> * Added examples to documentation for assert_raises. (lxxxvi)
> * Added expectations #path_must_exist and #path_wont_exist. Not thrilled with the names.
> * Added fail_after(year, month, day, msg) to allow time-bombing after a deadline.
> * Added skip_until(year, month, day, msg) to allow deferring until a deadline.
> * Deprecated Minitest::Guard#maglev?
> * Deprecated Minitest::Guard#rubinius?
> * Finally added assert_path_exists and refute_path_exists. (deivid-rodriguez)
> * Refactored and pulled Assertions#things_to_diff out of #diff. (BurdetteLamar)
>
> * 3 bug fixes:
>
> * Fix autorun bug that affects fork exit status in tests. (dylanahsmith/jhawthorn)
> * Improved documentation for _/value/expect, especially for blocks. (svoop)
> * Support new Proc#to_s format. (ko1)
>
> === 5.12.2 / 2019-09-28
>
> * 1 bug fix:
>
> * After chatting w/ [@y-yagi](https://github.com/y-yagi) and others, decided to lower support to include ruby 2.2.
>
> === 5.12.1 / 2019-09-28
>
> * 1 minor enhancement:
>
> * Added documentation for Reporter classes. (sshaw)
>
> * 3 bug fixes:
>
> * Avoid using 'match?' to support older ruby versions. (y-yagi)
> * Fixed broken link to reference on goodness-of-fit testing. (havenwood)
> * Update requirements in readme and Rakefile/hoe spec.
> ... (truncated)
Commits
- See full diff in [compare view](https://github.com/seattlerb/minitest/commits/v5.14.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ncbo/goo/network/alerts).
Bumps activesupport, minitest and minitest. These dependencies needed to be updated together.
Updates
activesupport
from 4.0.13 to 6.0.2.1Release notes
*Sourced from [activesupport's releases](https://github.com/rails/rails/releases).* > ## 6.0.2.1 > ## Active Support > > * No changes. > > > > ## Active Model > > * No changes. > > > > ## Active Record > > * No changes. > > > > ## Action View > > * No changes. > > > > ## Action Pack > > * Fix possible information leak / session hijacking vulnerability. > > The `ActionDispatch::Session::MemcacheStore` is still vulnerable given it requires the > gem dalli to be updated as well. > > CVE-2019-16782. > > > > ## Active Job > > * No changes. > > > > ## Action Mailer > > * No changes. > > > > ## Action Cable > > ... (truncated)Changelog
*Sourced from [activesupport's changelog](https://github.com/rails/rails/blob/v6.0.2.1/activesupport/CHANGELOG.md).* > ## Rails 6.0.2.1 (December 18, 2019) ## > > * No changes. > > > ## Rails 6.0.2 (December 13, 2019) ## > > * Eager load translations during initialization. > > *Diego Plentz* > > * Use per-thread CPU time clock on `ActiveSupport::Notifications`. > > *George Claghorn* > > > ## Rails 6.0.1 (November 5, 2019) ## > > * `ActiveSupport::SafeBuffer` supports `Enumerator` methods. > > *Shugo Maeda* > > * The Redis cache store fails gracefully when the server returns a "max number > of clients reached" error. > > *Brandon Medenwald* > > * Fixed that mutating a value returned by a memory cache store would > unexpectedly change the cached value. > > *Jonathan Hyman* > > * The default inflectors in `zeitwerk` mode support overrides: > > ```ruby > # config/initializers/zeitwerk.rb > Rails.autoloaders.each do |autoloader| > autoloader.inflector.inflect( > "html_parser" => "HTMLParser", > "ssl_error" => "SSLError" > ) > end > ``` > > That way, you can tweak how individual basenames are inflected without touching Active Support inflection rules, which are global. These inflectors fallback to `String#camelize`, so existing inflection rules are still taken into account for non-overridden basenames. > > Please, check the [autoloading guide for `zeitwerk` mode](https://guides.rubyonrails.org/v6.0/autoloading_and_reloading_constants.html#customizing-inflections) if you prefer not to depend on `String#camelize` at all. > > *Xavier Noria* > > ... (truncated)Commits
- [`f33d52c`](https://github.com/rails/rails/commit/f33d52c95217212cbacc8d5e44b5a8e3cdc6f5b3) Preparing for 6.0.2.1 release - [`f675cb3`](https://github.com/rails/rails/commit/f675cb30ce813a99b52b139a93e048330922fd9a) Preparing for 6.0.2 release - [`63107e9`](https://github.com/rails/rails/commit/63107e9914c893336f7612c2cd17a24474b6a6d6) Preparing for 6.0.2.rc2 release - [`c3135a4`](https://github.com/rails/rails/commit/c3135a4d4050496355d489b0deb84db54b8f0553) Revert "Merge pull request [#37849](https://github-redirect.dependabot.com/rails/rails/issues/37849) from kamipo/fix_since_and_ago" - [`fcfe693`](https://github.com/rails/rails/commit/fcfe6931d3f14dfd8a635cb1c5448ba1348853bb) Revert "Merge pull request [#37839](https://github-redirect.dependabot.com/rails/rails/issues/37839) from ttanimichi/modify-inspect-of-activesup... - [`66c153c`](https://github.com/rails/rails/commit/66c153c0bd4a06eae369bfb73b89f79fff52407c) Merge pull request [#37849](https://github-redirect.dependabot.com/rails/rails/issues/37849) from kamipo/fix_since_and_ago - [`01d7f82`](https://github.com/rails/rails/commit/01d7f82c19146c5bbf0c66ae27077fbca5d31019) Merge pull request [#37839](https://github-redirect.dependabot.com/rails/rails/issues/37839) from ttanimichi/modify-inspect-of-activesupport-dur... - [`a015f55`](https://github.com/rails/rails/commit/a015f55240258723df311360123af22b3204fa08) Preparing for 6.0.2.rc1 release - [`c4175eb`](https://github.com/rails/rails/commit/c4175eb2cedc3a7ac89b39da408165ca32aec76f) Update CHANGELOG [ci skip] - [`ddf65f2`](https://github.com/rails/rails/commit/ddf65f222973dacdcf2987307ddbab94c60682b4) Follow up 997770f5955a36f0c800388c4592c961e184aec4 - Additional commits viewable in [compare view](https://github.com/rails/rails/compare/v4.0.13...v6.0.2.1)Updates
minitest
from 4.7.5 to 5.14.0Changelog
*Sourced from [minitest's changelog](https://github.com/seattlerb/minitest/blob/master/History.rdoc).* > === 5.14.0 / 2020-01-11 > > * 2 minor enhancements: > > * Block-assertions (eg assert_output) now error if raised inside the block. (casperisfine) > * Changed assert_raises to only catch Assertion since that covers Skip and friends. > > * 3 bug fixes: > > * Added example for value wrapper with block to Expectations module. (stomar) > * Fixed use of must/wont_be_within_delta on Expectation instance. (stomar) > * Renamed UnexpectedError#exception to #error to avoid problems with reraising. (casperisfine) > > === 5.13.0 / 2019-10-29 > > * 9 minor enhancements: > > * Added Minitest::Guard#osx? > * Added examples to documentation for assert_raises. (lxxxvi) > * Added expectations #path_must_exist and #path_wont_exist. Not thrilled with the names. > * Added fail_after(year, month, day, msg) to allow time-bombing after a deadline. > * Added skip_until(year, month, day, msg) to allow deferring until a deadline. > * Deprecated Minitest::Guard#maglev? > * Deprecated Minitest::Guard#rubinius? > * Finally added assert_path_exists and refute_path_exists. (deivid-rodriguez) > * Refactored and pulled Assertions#things_to_diff out of #diff. (BurdetteLamar) > > * 3 bug fixes: > > * Fix autorun bug that affects fork exit status in tests. (dylanahsmith/jhawthorn) > * Improved documentation for _/value/expect, especially for blocks. (svoop) > * Support new Proc#to_s format. (ko1) > > === 5.12.2 / 2019-09-28 > > * 1 bug fix: > > * After chatting w/ [@y-yagi](https://github.com/y-yagi) and others, decided to lower support to include ruby 2.2. > > === 5.12.1 / 2019-09-28 > > * 1 minor enhancement: > > * Added documentation for Reporter classes. (sshaw) > > * 3 bug fixes: > > * Avoid using 'match?' to support older ruby versions. (y-yagi) > * Fixed broken link to reference on goodness-of-fit testing. (havenwood) > * Update requirements in readme and Rakefile/hoe spec. > ... (truncated)Commits
- See full diff in [compare view](https://github.com/seattlerb/minitest/commits/v5.14.0)Updates
minitest
from 4.7.5 to 5.14.0Changelog
*Sourced from [minitest's changelog](https://github.com/seattlerb/minitest/blob/master/History.rdoc).* > === 5.14.0 / 2020-01-11 > > * 2 minor enhancements: > > * Block-assertions (eg assert_output) now error if raised inside the block. (casperisfine) > * Changed assert_raises to only catch Assertion since that covers Skip and friends. > > * 3 bug fixes: > > * Added example for value wrapper with block to Expectations module. (stomar) > * Fixed use of must/wont_be_within_delta on Expectation instance. (stomar) > * Renamed UnexpectedError#exception to #error to avoid problems with reraising. (casperisfine) > > === 5.13.0 / 2019-10-29 > > * 9 minor enhancements: > > * Added Minitest::Guard#osx? > * Added examples to documentation for assert_raises. (lxxxvi) > * Added expectations #path_must_exist and #path_wont_exist. Not thrilled with the names. > * Added fail_after(year, month, day, msg) to allow time-bombing after a deadline. > * Added skip_until(year, month, day, msg) to allow deferring until a deadline. > * Deprecated Minitest::Guard#maglev? > * Deprecated Minitest::Guard#rubinius? > * Finally added assert_path_exists and refute_path_exists. (deivid-rodriguez) > * Refactored and pulled Assertions#things_to_diff out of #diff. (BurdetteLamar) > > * 3 bug fixes: > > * Fix autorun bug that affects fork exit status in tests. (dylanahsmith/jhawthorn) > * Improved documentation for _/value/expect, especially for blocks. (svoop) > * Support new Proc#to_s format. (ko1) > > === 5.12.2 / 2019-09-28 > > * 1 bug fix: > > * After chatting w/ [@y-yagi](https://github.com/y-yagi) and others, decided to lower support to include ruby 2.2. > > === 5.12.1 / 2019-09-28 > > * 1 minor enhancement: > > * Added documentation for Reporter classes. (sshaw) > > * 3 bug fixes: > > * Avoid using 'match?' to support older ruby versions. (y-yagi) > * Fixed broken link to reference on goodness-of-fit testing. (havenwood) > * Update requirements in readme and Rakefile/hoe spec. > ... (truncated)Commits
- See full diff in [compare view](https://github.com/seattlerb/minitest/commits/v5.14.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ncbo/goo/network/alerts).