Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump rails from 7.0.4.2 to 7.0.4.3 #904

Merged
merged 1 commit into from
Apr 2, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2023

Bumps rails from 7.0.4.2 to 7.0.4.3.

Release notes

Sourced from rails's releases.

v7.0.4.3

Active Support

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • Ignore certain data-* attributes in rails-ujs when element is contenteditable

    [CVE-2023-23913]

Action Pack

  • No changes.

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

... (truncated)

Commits
  • c15ee6e Preparing for 7.0.4.3 release
  • 73009ea Ignore certain data-* attributes in rails-ujs when element is contenteditable
  • 3468503 Implement SafeBuffer#bytesplice
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [rails](https://github.com/rails/rails) from 7.0.4.2 to 7.0.4.3.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v7.0.4.2...v7.0.4.3)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Apr 1, 2023
@bensheldon bensheldon merged commit e5f9e43 into main Apr 2, 2023
@bensheldon bensheldon deleted the dependabot/bundler/rails-7.0.4.3 branch April 2, 2023 03:10
bensheldon added a commit that referenced this pull request Apr 11, 2023
* Bump rails from 7.0.4.2 to 7.0.4.3 (#904)

Bumps [rails](https://github.com/rails/rails) from 7.0.4.2 to 7.0.4.3.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v7.0.4.2...v7.0.4.3)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump selenium-webdriver from 4.8.1 to 4.8.6 (#905)

Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.8.1 to 4.8.6.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump benchmark-ips from 2.11.0 to 2.12.0 (#907)

Bumps [benchmark-ips](https://github.com/evanphx/benchmark-ips) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/evanphx/benchmark-ips/releases)
- [Changelog](https://github.com/evanphx/benchmark-ips/blob/master/History.md)
- [Commits](evanphx/benchmark-ips@v2.11.0...v2.12.0)

---
updated-dependencies:
- dependency-name: benchmark-ips
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: locales for de (#903)

Co-authored-by: Eric <[email protected]>

* Add translate_hash to handle missing translation keys that return hashes; only show translatable/available locales in dropdown (#891)

* Update README.md (#902)

* Add `translate_hash` to handle missing translation keys that return hashes; only show translatable/available locales in dropdown

---------

Co-authored-by: Anton Nefedenkov <[email protected]>

* Extract more Dashboard strings into localization strings (#899)

* improve translations

* more translations

* fix translation (fixes test)

* added missing i18n strings

* Translate all languages

* Update DE translation

* Fix missing key

* empty commit

* Fix missing UA string

---------

Co-authored-by: Ben Sheldon [he/him] <[email protected]>

* Extract shared methods/scopes into a BaseExecution to share between Execution and Job models; remove deprecated ActiveJobJob model (#894)

* Release good_job v3.15.0

* Switches from Chrome to Chromium to support Apple M1/Arm CPUs (#910)

* Remove mention of `Batch.add` method that doesn't exist

* Fix lint: missing fr and nl translations; readme whitespace (#914)

* Fix missing fr and nl translations

* Fix whitespace in Readme

* Use `GoodJob.capsule` in CLI instead of creating a new Capsule (#916)

* Set `successfully_enqueued?` when using `perform_all_later` (#917)

* In tests, directly use `connection.truncate_tables` instead of  `ActiveRecord::Tasks::DatabaseTasks.truncate_all` (#918)

* Bump erb_lint from 0.3.1 to 0.4.0

Bumps [erb_lint](https://github.com/Shopify/erb-lint) from 0.3.1 to 0.4.0.
- [Release notes](https://github.com/Shopify/erb-lint/releases)
- [Commits](Shopify/erb_lint@v0.3.1...v0.4.0)

---
updated-dependencies:
- dependency-name: erb_lint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: eric-christian <[email protected]>
Co-authored-by: Eric <[email protected]>
Co-authored-by: Ben Sheldon [he/him] <[email protected]>
Co-authored-by: Anton Nefedenkov <[email protected]>
Co-authored-by: Patricio Mac Adden <[email protected]>
Co-authored-by: Chris Kelly <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant