Raise HTTP/2 send window timeouts as stream errors so that they're logged as
protocol errors (thanks @hunterboerner!)
1.5.3 (7 Jun 2024)
Changes
Add :short and :verbose options to log_protocol_errors configuration
option. Change default value to :short, which will log protocol
errors as a single summary line instead of a full stack trace
Raise Bandit.HTTPError errors when attempting to write to a closed client
connection (except for chunk/2 calls, which now return {:error, reason}).
Unless otherwise caught by the user, these errors will bubble out past the
configured plug and terminate the plug process. This closely mimics the
behaviour of Cowboy in this regard (#359)
Respect the plug-provided content-length on HEAD responses (#353, thanks
@meeq!)
Minor changes to how 'non-system process dictionary entries' are identified
Fixes
No longer closes on HTTP/1 requests smaller than the size of the HTTP/2
preamble
Close deflate contexts more eagerly for reduced memory use
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the production-dependencies group with 4 updates in the / directory: bandit, ecto_sql, swoosh and tailwind.
Updates
banditfrom 1.5.2 to 1.5.4Changelog
Sourced from bandit's changelog.
Commits
7bafe47Version bump to 1.5.43d67aa4Raise send window timeouts as stream errors4d63553Bump hpax from 0.1.2 to 0.2.0 (#369)ef4deacVersion bump to 1.5.3a2cbe62Change log_protocol_errors config option to accept short and verbose options2d5a78cUseException.message/1instead of reaching into the exception ourselvese496ea8Remove nimble_ownership from lockfilecb2903aBump machete from 0.3.1 to 0.3.3 (#365)577e7c0Bump req from 0.4.14 to 0.5.0 (#364)d5bd751Bump ex_doc from 0.33.0 to 0.34.0 (#363)Updates
ecto_sqlfrom 3.11.2 to 3.11.3Changelog
Sourced from ecto_sql's changelog.
Commits
258cb16Release v3.11.3c5edeb8Relax myxql dependency (#613)Updates
swooshfrom 1.16.8 to 1.16.9Release notes
Sourced from swoosh's releases.
Changelog
Sourced from swoosh's changelog.
Commits
6579f1av1.16.9d81e661Fix ex_aws region override (#914)44662bebump req and remove nimble_ownership version lockUpdates
tailwindfrom 0.2.2 to 0.2.3Changelog
Sourced from tailwind's changelog.
Commits
9ac258dRelease v0.2.375da5f2Merge pull request #96 from inoas-nbw/patch-13295cf8fix elixir 1.15 deprecation warning on Logger.warn() callsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show