dependabot[bot]
commented
4 years ago Looks like activesupport is up-to-date now, so this is no longer needed.
Closed dependabot[bot] closed 4 years ago
dependabot[bot]
commented
4 years ago Looks like activesupport is up-to-date now, so this is no longer needed.
Bumps activesupport from 4.1.5 to 5.2.4.1.
Release notes
*Sourced from [activesupport's releases](https://github.com/rails/rails/releases).* > ## 5.2.4.1 > ## Active Support > > * No changes. > > > > ## Active Model > > * No changes. > > > > ## Active Record > > * No changes. > > > > ## Action View > > * No changes. > > > > ## Action Pack > > * Fix possible information leak / session hijacking vulnerability. > > The `ActionDispatch::Session::MemcacheStore` is still vulnerable given it requires the > gem dalli to be updated as well. > > CVE-2019-16782. > > > > ## Active Job > > * No changes. > > > > ## Action Mailer > > * No changes. > > > > ## Action Cable > > ... (truncated)Commits
- [`ac30e38`](https://github.com/rails/rails/commit/ac30e389ecfa0e26e3d44c1eda8488ddf63b3ecc) Preparing for 5.2.4.1 release - [`8bec77c`](https://github.com/rails/rails/commit/8bec77cc0f1fd47677a331a64f68c5918efd2ca9) Preparing for 5.2.4 release - [`9e2a341`](https://github.com/rails/rails/commit/9e2a34122bd436e92a21ded4a50fa23461c29a4e) Preparing for 5.2.4.rc1 release - [`fbcb47b`](https://github.com/rails/rails/commit/fbcb47b93fcf5a8aa754ce728f02a9131c4a2778) dup instead of `@+` since we still support Ruby 2.2 - [`ed81031`](https://github.com/rails/rails/commit/ed81031f8639491572d6a5a90be084af3d4f2a15) Merge pull request [#37303](https://github-redirect.dependabot.com/rails/rails/issues/37303) from eregon/follow-frozen-symbol-to_s - [`17c4240`](https://github.com/rails/rails/commit/17c4240eafcf8e16f51abab6605dda1a9416ee1c) Merge pull request [#35121](https://github-redirect.dependabot.com/rails/rails/issues/35121) from utilum/warning_tried_to_create_proc_without_block - [`2e5a6b3`](https://github.com/rails/rails/commit/2e5a6b3b6b7e52be5cf10573af087dd23d1c57cf) Merge pull request [#36753](https://github-redirect.dependabot.com/rails/rails/issues/36753) from cmrd-senya/36752-make-rails-logger-fiber-safe - [`371e854`](https://github.com/rails/rails/commit/371e8544bb5f67e180756e42dec88754a7d9ecc4) Merge pull request [#36470](https://github-redirect.dependabot.com/rails/rails/issues/36470) from lucasprag/activesupport/missing-require-digest - [`13de946`](https://github.com/rails/rails/commit/13de946b2a0a008b393e066f7c830837bf756e2d) Backport changes for Buildkite builds - [`b9ca94c`](https://github.com/rails/rails/commit/b9ca94caea2ca6a6cc09abaffaad67b447134079) Preparing for 5.2.3 release - Additional commits viewable in [compare view](https://github.com/rails/rails/compare/v4.1.5...v5.2.4.1)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/piesync/billbo/network/alerts).