Update bundler-audit 0.9.1 → 0.9.2 (minor)

[depfu]

Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

What changed?

✳️ bundler-audit (0.9.1 → 0.9.2) · Repo · Changelog

Release Notes

0.9.2

• Officially support Ruby 3.2 and 3.3.
• Corrected the gemspec license to indicate GPL-3.0 or later.

CLI

• Correctly handle Bundler::Audit::Database::UpdateFailed exceptions in bundle-audit update.
• Changed wording from "upgrade to" to "update to" in bundle-audit check output.

Rake Task

• Fixed empty bundle:audit:update rake task.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 40 commits:

• Updated the ChangeLog for 0.9.2.
• Update the copyright years to 2024.
• Version bump to 0.9.2.
• Changed "upgrade to" to "update to" to match `bundle update` (closes #394).
• Replace deprecated license identifier for `GPL-3.0-or-later`
• I prefer explicit parenthesis.
• Use truffleruby stable in the CI matrix.
• Added ruby-3.3 to the CI matrix.
• Quote ruby version numbers to prevent them from being parsed as floats.
• Drop ruby-2.x from the CI matrix.
• Correctly handle when `Database#update!` raises `Database::UpdateFailed`.
• Update YARDocs to reflect that `Database#update!` can return `nil`.
• Corrected the YARD `@return` tags for `Database.update` and `#update!`.
• Add `git --version` to the list of suggested version information.
• Remove extra space.
• Test that the CVE ID was ignored.
• Bump tzinfo in /spec/bundle/unpatched_gems_with_dot_configuration (#360)
• Bump rack from 2.2.6.2 to 2.2.6.3 in /spec/bundle/insecure_sources (#378)
• Bump rack from 2.2.6.2 to 2.2.6.3 in /spec/bundle/secure
• Bump rack from 2.2.4 to 2.2.6.2 in /spec/bundle/secure
• Bump globalid from 1.0.0 to 1.0.1 in /spec/bundle/secure
• Bump rack from 2.2.3 to 2.2.6.2 in /spec/bundle/insecure_sources
• Make rubocop happy
• Add ruby 3.2 to the test matrix
• Bump rails-html-sanitizer in /spec/bundle/insecure_sources
• Bump loofah from 2.9.1 to 2.19.1 in /spec/bundle/insecure_sources
• Bump rails-html-sanitizer from 1.4.3 to 1.4.4 in /spec/bundle/secure
• Bump loofah from 2.18.0 to 2.19.1 in /spec/bundle/secure (#366)
• Bump nokogiri from 1.13.9 to 1.13.10 in /spec/bundle/insecure_sources
• Bump nokogiri from 1.13.9 to 1.13.10 in /spec/bundle/secure
• Bump nokogiri from 1.13.6 to 1.13.9 in /spec/bundle/insecure_sources
• Bump nokogiri from 1.13.6 to 1.13.9 in /spec/bundle/secure
• Added instructions on how to enable the bundler-audit rake tasks.
• Bump rack from 2.2.3 to 2.2.4 in /spec/bundle/secure
• Bump rails-html-sanitizer from 1.0.4 to 1.4.3 in /spec/bundle/secure
• Fix accidental empty task.
• Also mark `Task#bundler_audit` as part of the private API.
• Added stub tests for `Bundler::Audit::Task` methods.
• Expose `Task#bundler_audit`, `#check`, and `#update` for testability.
• Mention that bundler-audit is now opted into rubygems.org MFA requirement.

↗️ thor (indirect, 1.2.2 → 1.3.2) · Repo · Changelog

Release Notes

1.3.1

What's Changed

• Preserve Correct Indentation When Uncommenting Lines by @viktorianer in #873
• Document the '--skip-' option for boolean options. by @andrewn617 in #876

New Contributors

• @takmar made their first contribution in #865
• @m-nakamura145 made their first contribution in #866
• @cprodhomme made their first contribution in #863
• @ancao90 made their first contribution in #872
• @viktorianer made their first contribution in #873
• @andrewn617 made their first contribution in #876

Full Changelog: v1.3.0...v1.3.1

1.3.0

What's Changed

• use the correct class for shared namespaces by @Gerst20051 in #754
• Allow to Override Order of Commands in Help by @alessio-signorini in #642
• Add support for providing http headers to get by @dnlgrv in #801
• Don't document negative boolean option named no_* by @BrentWheeldon in #797
• CreateFile#identical? fixed for files containing multi-byte UTF-8 codepoints by @tomclose in #786
• Drop support to Ruby 2.6 by @rafaelfranca in #821
• Fix dashless option usage info by @sambostock in #800
• Support Range in enum option by @phene in #775
• Check if type: array values are in enum by @movermeyer in #784
• Fix inject into file warning by @nicolas-brousse in #709
• Support Thor::CoreExt::HashWithIndifferentAccess#slice method by @shuuuuun in #812
• 🌧️ long_desc: new option to disable wrapping by @igneus in #739
• Print default in help when option type is :boolean and default is false by @nevesenin in #849
• Silence encoding warnings in specs by @p8 in #857
• Validate arguments for method_option and class_option by @p8 in #856
• Fix help for file_collision method without block by @shuuuuun in #858
• Extract print methods to seperate classes by @p8 in #854
• Add support for printing tables with borders by @p8 in #855
• Fix printing tables with borders and indentation by @p8 in #861

New Contributors

• @Gerst20051 made their first contribution in #754
• @alessio-signorini made their first contribution in #642
• @dnlgrv made their first contribution in #801
• @BrentWheeldon made their first contribution in #797
• @tomclose made their first contribution in #786
• @sambostock made their first contribution in #800
• @phene made their first contribution in #775
• @movermeyer made their first contribution in #784
• @nicolas-brousse made their first contribution in #709
• @shuuuuun made their first contribution in #812
• @igneus made their first contribution in #739
• @nevesenin made their first contribution in #849

Full Changelog: v1.2.2...v1.3.0

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by more commits than we can show here.

---

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

All Depfu comment commands

@​depfu rebase

Rebases against your default branch and redoes this update

@​depfu recreate

Recreates this PR, overwriting any edits that you've made to it

@​depfu merge

Merges this PR once your tests are passing and conflicts are resolved

@​depfu cancel merge

Cancels automatic merging of this PR

@​depfu close

Closes this PR and deletes the branch

@​depfu reopen

Restores the branch and reopens this PR (if it's closed)

@​depfu pause

Ignores all future updates for this dependency and closes this PR

@​depfu pause [minor|major]

Ignores all future minor/major updates for this dependency and closes this PR

@​depfu resume

Future versions of this dependency will create PRs again (leaves this PR as is)