Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update rack-protection requirement from >= 1.5.5, < 3.0 to >= 1.5.5, < 4.0 #186

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update rack-protection requirement from >= 1.5.5, < 3.0 to >= 1.5.5, < 4.0 #186

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 3, 2022

Updates the requirements on rack-protection to permit the latest version.

Changelog

Sourced from rack-protection's changelog.

2.2.2 / 2022-07-23

  • Update mustermann dependency to version 2.

2.2.1 / 2022-07-15

  • Fix JRuby regression by using ruby2_keywords for delegation. #1750 by Patrik Ragnarsson

  • Add JRuby to CI. #1755 by Karol Bucek

2.2.0 / 2022-02-15

  • Handle EOFError raised by Rack and return Bad Request 400 status. #1743 by tamazon

  • Minor refactors in base.rb. #1640 by ceclinux

  • Add escaping to the static 404 page. #1645 by Chris Gavin

  • Remove detect_rack_handler method. #1652 by ceclinux

  • Respect content type set in superclass before filter. Fixes #1647 #1649 by Jordan Owens

  • Revert "Use prepend instead of include for helpers. #1662 by namusyaka

  • Fix usage of inherited Sinatra::Base classes keyword arguments. Fixes #1669 #1670 by Cadu Ribeiro

  • Reduce RDoc generation time by not including every README. Fixes #1578 #1671 by Eloy Pérez

  • Add support for per form csrf tokens. Fixes #1616 #1653 by Jordan Owens

  • Update MAINTENANCE.md with the stable branch status. #1681 by Fredrik Rubensson

  • Validate expanded path matches public_dir when serving static files. #1683 by cji-stripe

  • Fix Delegator to pass keyword arguments for Ruby 3.0. #1684 by andrewtblake

  • Fix use with keyword arguments for Ruby 3.0. #1701 by Robin Wallin

  • Fix memory leaks for proc template. Fixes #1704 #1719 by Slevin

  • Remove unnecessary test_files from the gemspec. #1712 by Masataka Pocke Kuwabara

  • Add #select, #reject and #compact methods to Sinatra::IndifferentHash. #1711 by Olivier Bellone

  • Docs: Spanish documentation: Update README.es.md with removal of Thin. #1630 by Espartaco Palma

  • Docs: German documentation: Fixed typos in German README.md. #1648 by Juri

  • Docs: Japanese documentation: Update README.ja.md with removal of Thin. #1629 by Ryuichi KAWAMATA

... (truncated)

Commits
  • a2b8243 2.2.2 release
  • 04134fa Bump version to 2.2.1
  • c4608c8 Bump version to 2.2.0
  • 6a6c5f5 Block invalid requests instead of raising error
  • 88235a9 Remove breaking change
  • f8f04e5 Add support for per form csrf tokens
  • e511500 Add option to configure token session key
  • d783aa7 Fix broken origin_whitelist option #1641
  • 2d839f8 Enable EscapedParams if passed via settings
  • 87e48d0 Update example app to provide BREACH mitigation
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Update rack-protection requirement from >= 1.5.5, < 3.0 to >= 1.5.5, …
7dc4aeb 
…< 4.0

Updates the requirements on [rack-protection](https://github.com/sinatra/sinatra) to permit the latest version.
- [Release notes](https://github.com/sinatra/sinatra/releases)
- [Changelog](https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md)
- [Commits](sinatra/sinatra@v2.0.0.beta2...v2.2.2)

---
updated-dependencies:
- dependency-name: rack-protection
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Oct 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants