voc / voctoweb

voctoweb – the frontend and backend software behind media.ccc.de
GNU General Public License v3.0
189 stars 58 forks source link

Bump bullet from 7.0.1 to 7.0.7 #688

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps bullet from 7.0.1 to 7.0.7.

Changelog

Sourced from bullet's changelog.

7.0.7 (03/01/2023)

  • Check Rails.application.config.content_security_policy before insert Bullet::Rack

7.0.6 (03/01/2023)

  • Better way to check if ActionDispatch::ContentSecurityPolicy::Middleware exists

7.0.5 (01/01/2023)

  • Fix n+1 false positives in AR 7.0
  • Fix eager_load nested has_many :through false positives
  • Respect Content-Security-Policy nonces
  • Added CallStacks support for avoid eager loading
  • Iterate fewer times over objects

7.0.4 (11/28/2022)

  • Fix eager_load has_many :through false positives
  • mongoid7x: add dynamic methods

7.0.3 (08/13/2022)

  • Replace Array() with Array.wrap()

7.0.2 (05/31/2022)

  • Drop growl support
  • Do not check html tag in Bullet::Rack anymore
Commits
  • 8f24e35 Bumping version to 7.0.7
  • 88a7ffb check Rails.application.config.content_security_policy before insert Bullet::...
  • 4afa5d7 Bumping version to 7.0.6
  • a9a9e77 Merge pull request #638 from MichaelLah/fix-csp-middleware-api-only
  • ddd1523 chore: better way to check if middleware exists
  • c7d5aa8 fix: don't insert bullet middleware before csp middleware in API only applica...
  • 189943a Bumping version to 7.0.5
  • 40e4abb Merge pull request #636 from camilova/master
  • e88149a use main branch on github actions
  • 74f2b7e test caller_in_project in stack_trace_filter_spec
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Looks like bullet is up-to-date now, so this is no longer needed.