🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this upgrade. Please take a good look at what changed and the test results before merging this pull request.
Implements Zeitwerk::Loader#all_expected_cpaths, which returns a hash that
maps the absolute paths of the files and directories managed by the receiver
to their expected constant paths.
Please, check its documentation for further details.
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.
All Depfu comment commands
@depfu rebase
Rebases against your default branch and redoes this update
@depfu recreate
Recreates this PR, overwriting any edits that you've made to it
@depfu merge
Merges this PR once your tests are passing and conflicts are resolved
@depfu cancel merge
Cancels automatic merging of this PR
@depfu close
Closes this PR and deletes the branch
@depfu reopen
Restores the branch and reopens this PR (if it's closed)
@depfu pause
Ignores all future updates for this dependency and closes this PR
@depfu pause [minor|major]
Ignores all future minor/major updates for this dependency and closes this PR
@depfu resume
Future versions of this dependency will create PRs again (leaves this PR as is)
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this upgrade. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ rails (7.1.3.2 → 7.1.3.3) · Repo
Release Notes
7.1.3.3
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ actioncable (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ actionmailbox (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
↗️ actionmailer (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ actionpack (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ actiontext (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ actionview (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ activejob (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ activemodel (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ activerecord (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ activestorage (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ activesupport (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ marcel (indirect, 1.0.2 → 1.0.4) · Repo
Release Notes
1.0.4
1.0.3
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 27 commits:
Release v1.0.4
Regression fix: binary declared type should fall back to filename extension type (#99)
Release v1.0.3
Fix Illustrator detection as application/pdf instead of application/illustrator
CI: fix JRuby build
Merge pull request #93 from vipulnsward/add-note
Add note in README how to extend detection of custom file types
Move CI to GitHub
Update gem name in Gemfile
Merge pull request #74 from ursm/fix-html-with-svg
Fix magic detection for HTML with `<svg`
Also deduplicate binary strings
Merge pull request #72 from casperisfine/strip-empty-arrays
Store MIME parents in a distinct Hash
Require Ruby >= 2.3
Merge pull request #71 from casperisfine/remove-type-comments
Remove comment strings from Tables::TYPE
Merge pull request #70 from casperisfine/utf8-table
tables.rb: Generate UTF-8 strings when possible.
Add frozen_string_literal: true
Merge pull request #68 from Cofense/readme-explain-for-pathname-argument
Document `Marcel::MimeType.for`
Merge pull request #69 from wonda-tea-coffee/suppress-warning-unused-variable
Suppress warning
Merge pull request #65 from gmcgibbon/audio/ogg
Fix decoded matcher comment on ms-access magic extension
Prefer audio/ogg instead of audio/vorbis
↗️ minitest (indirect, 5.22.3 → 5.23.0) · Repo · Changelog
Release Notes
5.23.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 13 commits:
Branching minitest to version 5.23.0
+ Added -Werror to raise on any warning output. (byroot)
Added testW0 rake task.
Fixed specs task for pattern_match expectation mapping.
OMG... Rake.verbose returns Object.new if unset. Fixed by ruby/rake#567, but until then, compare against true.
Updated versions/EOL for ruby/rails in readme
+ Added minitest/manual_plugins.rb w/ new Minitest.load method. (tenderlove)
- Make test task verbose using either rake's -v or -t (was just -t).
- Allow empty_run! and reporter to display summary for empty runs. (zzak)
Ignore unused block. (ko1)
Make the test suite compatible with --enable-frozen-string-literal. (casperisfine)
oops
Bump ci.yml to include ruby 3.3, singularize macos, and clean up deprecations on the checkout action (should I remove the version?!? so annoying)
↗️ net-imap (indirect, 0.4.10 → 0.4.11) · Repo
Release Notes
0.4.11
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 11 commits:
🔖 Bump version to 0.4.11
🔧🔒 Configure RubyGem Trusted Publishing
🔀 Merge pull request #271 from gaynetdinov/consider-extra-empty-space-in-bodystructure
Add a comment section to the extra space test
Update lib/net/imap/response_parser.rb
Consider extra empty space in BODYSTRUCTURE
⬆️ Bump actions/configure-pages from 4 to 5 (#270)
✅ Update Github test workflow name
🔀 Merge pull request #264 from nevans/change-my-email-address
✅ Add basic test for SEARCH / UID SEARCH command
🐛 Fix parser benchmarks generation
↗️ net-smtp (indirect, 0.4.0.1 → 0.5.0) · Repo · Changelog
Release Notes
0.5.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗️ nio4r (indirect, 2.7.0 → 2.7.3) · Repo · Changelog
Release Notes
2.7.2 (from changelog)
2.7.1
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 16 commits:
Bump patch version.
Don't build extensions twice :(
Add tea.xyz constitution file.
Fix JRuby release process.
Bump patch version.
Update changes.
Remove 2.4 support from readme.
Drop testing Ruby 2.4.
Modernize gem.
Relax dependency on `rake-compiler`.
Update to `--release=9` for compiling java code.
Bump patch version.
Update release instructions.
Convert license to array of identifiers (#312)
fix jruby warnings (#313)
Update changes.md
↗️ nokogiri (indirect, 1.16.4 → 1.16.5) · Repo · Changelog
Security Advisories 🚨
🚨 Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459
Release Notes
1.16.5
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 4 commits:
version bump to v1.16.5
dep: update vendored libxml2 to v2.12.7 (#3191)
ci: add arm64-darwin coverage using macos-14
dep: update libxml2 to v2.12.7
↗️ rack (indirect, 3.0.10 → 3.0.11) · Repo · Changelog
Release Notes
3.0.11 (from changelog)
Does any of this look wrong? Please let us know.
↗️ railties (indirect, 7.1.3.2 → 7.1.3.3) · Repo · Changelog
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
↗️ reline (indirect, 0.5.5 → 0.5.7) · Repo
Release Notes
0.5.7
0.5.6
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 7 commits:
Bump version to 0.5.7 (#704)
Implement the undo command (#701)
Avoid STDIN.winsize called in `require "reline"` (#703)
Bump version to 0.5.6 (#700)
Implement bracketed paste insert (#655)
Remove not implemented variables (#699)
Add name defined in readline to completion key bindings C-i C-p C-n (#698)
↗️ zeitwerk (indirect, 2.6.13 → 2.6.14) · Repo · Changelog
Release Notes
2.6.14 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 13 commits:
Ready for 2.6.14
Restore the original Zeitwerk::NameError message
Documentation tweaks
Document Zeitwerk::Loader#all_expected_cpaths
Exclude macOS/2.5 from CI matrix
Standardize breadth-first loops
Let the ls helper yield the file type too
Implements Zeitwerk::Loader#all_expected_paths
Fix indentation
Add a test for Zeitwerk::NameError
Further revise the Zeitwerk::NameError message
Reword Zeitwerk::NameError message again
Polish Zeitwerk::NameError message
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase
.All Depfu comment commands