salesforce-marketingcloud / FuelSDK-Ruby

Fuel SDK for Ruby
BSD 3-Clause "New" or "Revised" License
52 stars 155 forks source link

Bump rack from 2.2.3 to 3.0.7 #133

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps rack from 2.2.3 to 3.0.7.

Release notes

Sourced from rack's releases.

v3.0.7

What's Changed

Full Changelog: https://github.com/rack/rack/compare/v3.0.6.1...v3.0.7

v3.0.6.1

No release notes provided.

v3.0.4.1

Full Changelog: https://github.com/rack/rack/compare/v3.0.4...v3.0.4.1

v3.0.4

Full Changelog: https://github.com/rack/rack/compare/v3.0.3...v3.0.4

v3.0.3

What's Changed

Full Changelog: https://github.com/rack/rack/compare/v3.0.2...v3.0.3

v3.0.2

Full Changelog: https://github.com/rack/rack/compare/v3.0.1...v3.0.2

v2.2.6.4

No release notes provided.

Changelog

Sourced from rack's changelog.

[3.0.7] - 2023-03-16

[3.0.6.1] - 2023-03-13

  • [CVE-2023-27539] Avoid ReDoS in header parsing

[3.0.6] - 2023-03-13

  • Add QueryParser#missing_value for handling missing values + tests. (#2052, [@​ioquatix])

[3.0.5] - 2023-03-13

[3.0.4.1] - 2023-03-02

SPEC Changes

Changed

  • rack.input is now optional, and if missing, will raise an error. Use this to fail on multipart parsing a request without an input body. (#2018, [@​ioquatix])
  • Introduce module Rack::BadRequest which is included in multipart and query parser errors. (#2019, [@​ioquatix])
  • MIME type for JavaScript files (.js) changed from application/javascript to text/javascript (1bd0f15)
  • Add .mjs MIME type (#2057, [@​axilleas])

[3.0.4.1] - 2023-01-17

  • [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser
  • [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges
  • [CVE-2022-44572] Forbid control characters in attributes (also ReDoS)

[3.0.4] - 2023-01-17

  • Rack::Request#POST should consistently raise errors. Cache errors that occur when invoking Rack::Request#POST so they can be raised again later. (#2010, [@​ioquatix])
  • Fix Rack::Lint error message for HTTP_CONTENT_TYPE and HTTP_CONTENT_LENGTH. (#2007, @​byroot)
  • Extend Rack::MethodOverride to handle QueryParser::ParamsTooDeepError error. (#2006, @​byroot)

[3.0.3] - 2022-12-27

Fixed

[3.0.2] -2022-12-05

Fixed

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/salesforce-marketingcloud/FuelSDK-Ruby/network/alerts).