Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the ruby-bundler group with 3 updates #138

Merged
merged 1 commit into from
May 1, 2024
Merged

Bump the ruby-bundler group with 3 updates #138

merged 1 commit into from
May 1, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 1, 2024

Bumps the ruby-bundler group with 3 updates: nokogiri, rake and mini_portile2.

Updates nokogiri from 1.16.3 to 1.16.4

Release notes

Sourced from nokogiri's releases.

v1.16.4 / 2024-04-10

Dependencies

  • [CRuby] Vendored zlib in the precompiled native gems is updated to v1.3.1 from v1.3. Nokogiri is not affected by the minizip CVE patched in this version, but this update may satisfy some security scanners. Related, see this discussion about removing the compression libraries altogether in a future version of Nokogiri.

sha256 checksums:

bdb1dc4378ebcf3ade8f440c7df68f6d76946a1a96c4823a2b4c53c01a320cd5  nokogiri-1.16.4-aarch64-linux.gem
0c994b9996d5576eddcc3201a94ef2bff6fc3627c4ae4d2708b0ec9b9743ec6a  nokogiri-1.16.4-arm-linux.gem
8e86abb64c93c06d3c588042a0e757279e8f1dc88b5210a00be892a9a7a27196  nokogiri-1.16.4-arm64-darwin.gem
bf84fa28be4943692bd64772186e0832fb1061f80714ccb93e111e9d72b1cadc  nokogiri-1.16.4-java.gem
a46808467c1f63a2031e1ca0715cd5336bb4ec759e9c0e2f4c951c1cc30994ae  nokogiri-1.16.4-x64-mingw-ucrt.gem
4cdf64bc5e9443ec3e0b595347ecc8affe21968d9ae934c0825d26630ef96468  nokogiri-1.16.4-x64-mingw32.gem
d86d21bae47dd9f6f5223055e45d33fae08b0b89aad94cbc0ece4f4274fa7af5  nokogiri-1.16.4-x86-linux.gem
d488b872884844686780fda7cf5da44ee884d32faa713a55aeb4736d76718168  nokogiri-1.16.4-x86-mingw32.gem
a896e52a56951ffb0e6a9279afbf485d683e357a053d27f4cfcb2a73b0824628  nokogiri-1.16.4-x86_64-darwin.gem
92ff4f09910255fec84b3bc4c4b182e94cada3ed12b9f7a6ea058e0af186fb31  nokogiri-1.16.4-x86_64-linux.gem
62c116c3a14b4ed4e1faec786da266c4bd4c717a0bd04a9916164a7046040f45  nokogiri-1.16.4.gem
Changelog

Sourced from nokogiri's changelog.

v1.16.4 / 2024-04-10

Dependencies

  • [CRuby] Vendored zlib in the precompiled native gems is updated to v1.3.1 from v1.3. Nokogiri is not affected by the minizip CVE patched in this version, but this update may satisfy some security scanners. Related, see this discussion about removing the compression libraries altogether in a future version of Nokogiri.
Commits

Updates rake from 13.1.0 to 13.2.1

Changelog

Sourced from rake's changelog.

=== 13.2.1

  • Suppressed "internal:array:52:in 'Array#each'" from backtrace by @​hsbt in #554
  • Bump actions/configure-pages from 4 to 5 by @​dependabot in #553

=== 13.2.0

Commits
  • d84f6ef Bump up 13.2.1
  • 8b33b36 Merge pull request #553 from ruby/dependabot/github_actions/actions/configure...
  • 99f6823 Merge pull request #554 from ruby/suppress-array-internal
  • 54950e0 Suppressed "<internal:array>:52:in 'Array#each'" from backtrace
  • 675498c Bump up 13.2.0
  • 3dc4277 Bump actions/configure-pages from 4 to 5
  • c68e010 Merge pull request #549 from ruby/dependabot/github_actions/dependabot/fetch-...
  • 2cb46b6 Merge pull request #551 from andrykonchin/ak/restore-truffleruby-on-ci
  • c342e96 Add TruffleRuby on CI
  • d569f0f Merge pull request #550 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
  • Additional commits viewable in compare view

Updates mini_portile2 from 2.8.5 to 2.8.6

Release notes

Sourced from mini_portile2's releases.

2.8.6 / 2024-04-14

Added

  • When using CMake on FreeBSD, default to clang's "cc" and "c++" compilers. (#139 by @​mudge)
Changelog

Sourced from mini_portile2's changelog.

2.8.6 / 2024-04-14

Added

  • When using CMake on FreeBSD, default to clang's "cc" and "c++" compilers. (#139 by @​mudge)
Commits
  • 6463c42 version bump to v2.8.6
  • 5fe79a4 Merge pull request #139 from mudge/freebsd-cmake
  • e0de764 Explicitly use GNU make for FreeBSD build
  • 22c70de Prefer cc and c++ when using CMake on FreeBSD
  • cd53bbf ci: add freebsd coverage
  • dc73b84 ci: update github actions
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the ruby-bundler group with 3 updates
9106dd1 
Bumps the ruby-bundler group with 3 updates: [nokogiri](https:/sparklemotion/nokogiri), [rake](https:/ruby/rake) and [mini_portile2](https:/flavorjones/mini_portile).


Updates `nokogiri` from 1.16.3 to 1.16.4
- [Release notes](https:/sparklemotion/nokogiri/releases)
- [Changelog](https:/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.16.3...v1.16.4)

Updates `rake` from 13.1.0 to 13.2.1
- [Release notes](https:/ruby/rake/releases)
- [Changelog](https:/ruby/rake/blob/master/History.rdoc)
- [Commits](ruby/rake@v13.1.0...v13.2.1)

Updates `mini_portile2` from 2.8.5 to 2.8.6
- [Release notes](https:/flavorjones/mini_portile/releases)
- [Changelog](https:/flavorjones/mini_portile/blob/main/CHANGELOG.md)
- [Commits](flavorjones/mini_portile@v2.8.5...v2.8.6)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-bundler
- dependency-name: rake
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-bundler
- dependency-name: mini_portile2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ruby-bundler
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 1, 2024
@javierjulio javierjulio self-assigned this May 1, 2024
@javierjulio javierjulio self-requested a review May 1, 2024 18:05
@javierjulio javierjulio merged commit c66fd94 into master May 1, 2024
3 checks passed
@javierjulio javierjulio deleted the dependabot/bundler/ruby-bundler-d68a55e498 branch May 1, 2024 18:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@javierjulio javierjulio javierjulio approved these changes

Assignees

@javierjulio javierjulio

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@javierjulio