zooniverse / tove

Transcription Object Viewer/Editor: Backend API for ALICE Text Editor tool
https://alice.zooniverse.org/
2 stars 2 forks source link

Bump puma from 5.6.4 to 6.0.0 #352

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Bumps puma from 5.6.4 to 6.0.0.

Release notes

Sourced from puma's releases.

5.6.5 / 2022-08-23

  • Bugfixes
    • NullIO#closed should return false (#2883)
    • Puma::ControlCLI - allow refork command to be sent as a request (#2868, #2866)
    • [jruby] Fix TLS verification hang (#2890, #2729)
    • extconf.rb - don't use pkg_config('openssl') if '--with-openssl-dir' is used (#2885, #2839)
    • MiniSSL - detect SSL_CTX_set_dh_auto (#2864, #2863)
    • Fix rack.after_reply exceptions breaking connections (#2861, #2856)
    • Escape SSL cert and filenames (#2855)
    • Fail hard if SSL certs or keys are invalid (#2848)
    • Fail hard if SSL certs or keys cannot be read by user (#2847)
    • Fix build with Opaque DH in LibreSSL 3.5. (#2838)
    • Pre-existing socket file removed when TERM is issued after USR2 (if puma is running in cluster mode) (#2817)
    • Fix Puma::StateFile#load incompatibility (#2810)
Changelog

Sourced from puma's changelog.

6.0.0 / 2022-10-XX

  • Breaking Changes

    • Dropping Ruby 2.2 and 2.3 support (now 2.4+) (#2919)
    • Remote_addr functionality has changed (#2652, #2653)
    • No longer supporting Java 1.7 or below (JRuby 9.1 was the last release to support this) (#2849)
    • Remove nakayoshi GC (#2933, #2925)
    • wait_for_less_busy_worker is now default on (#2940)
    • Prefix all environment variables with PUMA_ (#2924, #2853)
    • Removed some constants (#2957, #2958, #2959, #2960)
    • The following classes are now part of Puma's private API: Client, Cluster::Worker, Cluster::Worker, HandleRequest. (#2988)
  • Features

    • Increase throughput on large (100kb+) response bodies by 3-10x (#2896, #2892)
    • Increase throughput on file responses (#2923)
    • Add support for streaming bodies in Rack. (#2740)
    • Allow OpenSSL session reuse via a 'reuse' ssl_bind method or bind string query parameter (#2845)
    • Allow run_hooks to pass a hash to blocks for use later (#2917, #2915)
    • Allow using preload_app! with fork_worker (#2907)
    • Support request_body_wait metric with higher precision (#2953)
    • Allow header values to be arrays (Rack 3) (#2936, #2931)
    • Export Puma/Ruby versions in /stats (#2875)
    • Allow configuring request uri max length & request path max length (#2840)
    • Add a couple of public accessors (#2774)
    • Log entire backtrace when worker start fails (#2891)
    • [jruby] Enable TLSv1.3 support (#2886)
    • [jruby] support setting TLS protocols + rename ssl_cipher_list (#2899)
    • [jruby] Support a truststore option (#2849, #2904, #2884)
  • Bugfixes

    • Load the configuration before passing it to the binder (#2897)
    • Do not raise error raised on HTTP methods we don't recognize or support, like CONNECT (#2932, #1441)
    • Fixed a memory leak when creating a new SSL listener (#2956)
  • Refactor

    • log_writer.rb - add internal_write method (#2888)
    • [WIP] Refactor: Split out LogWriter from Events (no logic change) (#2798)
    • Extract prune_bundler code into it's own class. (#2797)
    • Refactor Launcher#run to increase readability (no logic change) (#2795)
    • Ruby 3.2 will have native IO#wait_* methods, don't require io/wait (#2903)
    • Various internal API refactorings (#2942, #2921, #2922, #2955)

5.6.5 / 2022-08-23

  • Feature

    • Puma::ControlCLI - allow refork command to be sent as a request (#2868, #2866)
  • Bugfixes

    • NullIO#closed should return false (#2883)
    • [jruby] Fix TLS verification hang (#2890, #2729)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #364.