build(deps): bump webrick from 1.8.1 to 1.8.2 in the bundler group across 1 directory #30

dependabot · 2024-09-26T16:34:40Z

Bumps the bundler group with 1 update in the / directory: webrick.

Updates webrick from 1.8.1 to 1.8.2

Release notes

v1.8.2

What's Changed

Drop commented-out line by @olleolleolle in ruby/webrick#108

Add Ruby 3.1 & 3.2 to CI matrix by @tricknotes in ruby/webrick#109

Fix/redos by @ooooooo-q in ruby/webrick#114

Raise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by @jeremyevans in ruby/webrick#120

Bump actions/checkout from 3 to 4 by @dependabot in ruby/webrick#121

Improve CI by @hsbt in ruby/webrick#123

Fix WEBrick::TestFileHandler#test_short_filename test not working on mswin by @KJTsanaktsidis in ruby/webrick#128

Fix bug chunk extension detection by @jeremyevans in ruby/webrick#125

Fix CI. by @ioquatix in ruby/webrick#131

Merge multiple cookie headers, preserving semantic correctness. by @ioquatix in ruby/webrick#130

Test on macos-latest by @byroot in ruby/webrick#132

Require CRLF line endings in request line and headers by @jeremyevans in ruby/webrick#138

Prefer squigly heredocs. by @ioquatix in ruby/webrick#143

Only strip space and horizontal tab in headers by @jeremyevans in ruby/webrick#141

Treat missing CRLF separator after headers as an EOFError by @jeremyevans in ruby/webrick#142

Return 400 response for chunked requests with unexpected data after chunk by @jeremyevans in ruby/webrick#136

Fix reference to URI::REGEXP::PATTERN::HOST by @casperisfine in ruby/webrick#144

Prevent request smuggling by @jeremyevans in ruby/webrick#146

New Contributors

@tricknotes made their first contribution in ruby/webrick#109

@ooooooo-q made their first contribution in ruby/webrick#114

@KJTsanaktsidis made their first contribution in ruby/webrick#128

@byroot made their first contribution in ruby/webrick#132

@casperisfine made their first contribution in ruby/webrick#144

Full Changelog: ruby/webrick@v1.8.1...v1.8.2

Commits

0fb9de6 Bump up v1.8.2
b9a4c81 Removed trailing spaces
f5faca9 Prevent request smuggling
0c600e1 Fix reference to URI::REGEXP::PATTERN::HOST
15a9391 Return 400 response for chunked requests with unexpected data after chunk
2b38d56 Treat missing CRLF separator after headers as an EOFError
e4efb4a Remove unnecessary gsub calls in test_httprequest.rb
426e214 Only strip space and horizontal tab in headers
e72cb69 Prefer squigly heredocs. (#143)
ee60354 Require CRLF line endings in request line and headers
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the bundler group with 1 update in the / directory: [webrick](https:/ruby/webrick). Updates `webrick` from 1.8.1 to 1.8.2 - [Release notes](https:/ruby/webrick/releases) - [Commits](ruby/webrick@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: webrick dependency-type: direct:production dependency-group: bundler ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 26, 2024

dependabot bot force-pushed the dependabot/bundler/bundler-00f0729802 branch from 2e3e9eb to 4f8549f Compare October 12, 2024 00:23

JesperDramsch merged commit 39b0b38 into main Oct 12, 2024
1 check passed

JesperDramsch deleted the dependabot/bundler/bundler-00f0729802 branch October 12, 2024 07:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump webrick from 1.8.1 to 1.8.2 in the bundler group across 1 directory #30

build(deps): bump webrick from 1.8.1 to 1.8.2 in the bundler group across 1 directory #30

dependabot bot commented on behalf of github Sep 26, 2024 •

edited

Loading

build(deps): bump webrick from 1.8.1 to 1.8.2 in the bundler group across 1 directory #30

build(deps): bump webrick from 1.8.1 to 1.8.2 in the bundler group across 1 directory #30

Conversation

dependabot bot commented on behalf of github Sep 26, 2024 • edited Loading

v1.8.2

What's Changed

New Contributors

dependabot bot commented on behalf of github Sep 26, 2024 •

edited

Loading