Bump sinatra from 2.0.0 to 3.0.4 #53

Open

dependabot[bot] wants to merge 1 commits from dependabot/bundler/sinatra-3.0.4 into master

pull from: dependabot/bundler/sinatra-3.0.4

merge into: atomaka:master

atomaka:master

atomaka:snyk-fix-93bbbca6fb961a4beaf62abc97b8c696

atomaka:snyk-fix-a4839c2a6aae1ff319e44bdf74db36ea

atomaka:dependabot/bundler/activerecord-6.1.7.1

atomaka:snyk-fix-b746414b5cff8b0da5ad1d3bc8942719

atomaka:snyk-fix-ce6b1bed511762c7663072e425eabb5c

atomaka:dependabot/bundler/nokogiri-1.13.9

atomaka:dependabot/bundler/addressable-2.8.1

atomaka:snyk-fix-9cf156b6f6fbd07c3092c14e5dd8d6de

atomaka:snyk-fix-13036e608c3ff04a91e56945351c2ad5

atomaka:dependabot/bundler/tzinfo-1.2.10

atomaka:dependabot/bundler/jmespath-1.6.1

atomaka:snyk-fix-466639bbdb017c3afadbc6565c55eb97

atomaka:snyk-fix-f861dd85e2c6aa6c13a4ad583a97d77f

atomaka:snyk-fix-7c28e189245c91ab25dde24dbcdda54c

atomaka:snyk-fix-dec3ab50d67b2df824a2b06f69f36594

atomaka:snyk-fix-5809b442593801e225b5b5ab04e91be7

atomaka:snyk-fix-5bdef8c547fc1e381448daffdadfddcc

atomaka:snyk-fix-1ef81a45e777b69b6c8bedd4ca39be04

atomaka:snyk-fix-33c7007ed54835d9273f6416463d268a

atomaka:snyk-fix-860764c6e2cda3d4dd36808d5008003e

atomaka:snyk-fix-1f5072891d8234260f56531be3224cdf

atomaka:snyk-fix-f1285d29fc134e64e0286a2897f756d9

atomaka:snyk-fix-de64ee4bc5b62e888d479a5649464440

atomaka:dependabot/bundler/rack-2.2.3

atomaka:snyk-fix-1125126ac6e8d74da6f24a5445cf1826

atomaka:dependabot/bundler/websocket-extensions-0.1.5

atomaka:snyk-fix-dd1ce670a0e9da6d4bcffddb8bfdf8cb

atomaka:snyk-fix-5475120628d4b60a1054f0375b7421f6

atomaka:snyk-fix-9e06ba1c5abd4ac66d437d7ec5359573

atomaka:snyk-fix-125a57af16b1f02630d0e5624a8bcfdf

atomaka:dependabot/bundler/rake-12.3.3

atomaka:snyk-fix-bf8d52731d33734943fabb90f59a1190

atomaka:snyk-fix-7fd6798f313bf8f59be961043921e3ca

atomaka:snyk-fix-4f67487b4ddf01e3351237a422e552f0

atomaka:snyk-fix-35605dde0341734bb44abc29afab0bba

atomaka:feature/actions-1

atomaka:feature/actions

atomaka:snyk-fix-b2e5bcce51d7e2e2a1164c5342eff5c9

atomaka:snyk-fix-ntnzaz

atomaka:snyk-fix-ezkfjn

atomaka:snyk-fix-305z6l

atomaka:snyk-fix-zkg3j5

atomaka:feature/poltergeist

atomaka:feature/gem-updates

Conversation 0 Commits 1 Files Changed 1 +16 -16

dependabot[bot] commented 2022-11-30 19:57:20 -05:00 (Migrated from github.com)

Copy Link

Bumps sinatra from 2.0.0 to 3.0.4.

Changelog

Sourced from sinatra's changelog.

3.0.4 / 2022-11-25

• Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai

3.0.3 / 2022-11-11

• Fix: fixed ReDoS for Rack::Protection::IPSpoofing. #1823 by @​ooooooo-q

3.0.2 / 2022-10-01

• New: Add Haml 6 support. #1820 by Jordan Owens

3.0.1 / 2022-09-26

• Fix: Revert removal of rack-protection.rb. #1814 by Olle Jonsson

• Fix: Revert change to server start and stop messaging by using Kernel#warn. Renamed internal warn method warn_for_deprecation. #1818 by Jordan Owens

3.0.0 / 2022-09-26

• New: Add Falcon support. #1794 by Samuel Williams and @​horaciob

• New: Add AES GCM encryption support for session cookies. #1324 (sinatra/sinatra#1324) by Michael Coyne

• Deprecated: Sinatra Reloader will be removed in the next major release.

• Fix: Internal Sinatra errors now extend Sinatra::Error. This fixes #1204 and #1518. bda8c29d by Jordan Owens

• Fix: Preserve query param value if named route param nil. #1676 by Jordan Owens

• Require Ruby 2.6 as minimum Ruby version. #1699 by Eloy Pérez

• Breaking change: Remove support for the Stylus template engine. #1697 by Eloy Pérez

• Breaking change: Remove support for the erubis template engine. #1761 by Eloy Pérez

• Breaking change: Remove support for the textile template engine. #1766 by Eloy Pérez

• Breaking change: Remove support for SASS as a template engine. #1768 by Eloy Pérez

• Breaking change: Remove support for Wlang as a template engine. #1780 by Eloy Pérez

• Breaking change: Remove support for CoffeeScript as a template engine. #1790 by Eloy Pérez

• Breaking change: Remove support for Mediawiki as a template engine. #1791 by Eloy Pérez

• Breaking change: Remove support for Creole as a template engine. #1792 by Eloy Pérez

• Breaking change: Remove support for Radius as a template engine. #1793 by Eloy Pérez

... (truncated)

Commits

• eca7b54 3.0.4 release
• bbc1d47 Merge pull request #1841 from sinatra/filename-escaping
• ea8fc94 escape filename in the Content-Disposition header
• c90f203 Merge pull request #1839 from andrykonchin/ak/skip-falcon-in-specs
• 42e3eed Don't run integration specs on falcon against TruffleRuby
• cafaab9 3.0.3 release
• 44ff149 Merge pull request #1835 from dentarg/puma-edge-job
• e328d08 CI: fix typo in job name variable
• 88844e4 CI: shorter job name
• 9b5fcd0 CI: include Puma in job name
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [sinatra](https://github.com/sinatra/sinatra) from 2.0.0 to 3.0.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md">sinatra's changelog</a>.</em></p> <blockquote> <h2>3.0.4 / 2022-11-25</h2> <ul> <li>Fix: Escape filename in the Content-Disposition header. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1841">#1841</a> by Kunpei Sakai</li> </ul> <h2>3.0.3 / 2022-11-11</h2> <ul> <li>Fix: fixed ReDoS for Rack::Protection::IPSpoofing. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1823">#1823</a> by <a href="https://github.com/ooooooo-q"><code>@​ooooooo-q</code></a></li> </ul> <h2>3.0.2 / 2022-10-01</h2> <ul> <li>New: Add Haml 6 support. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1820">#1820</a> by Jordan Owens</li> </ul> <h2>3.0.1 / 2022-09-26</h2> <ul> <li> <p>Fix: Revert removal of rack-protection.rb. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1814">#1814</a> by Olle Jonsson</p> </li> <li> <p>Fix: Revert change to server start and stop messaging by using Kernel#warn. Renamed internal warn method warn_for_deprecation. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1818">#1818</a> by Jordan Owens</p> </li> </ul> <h2>3.0.0 / 2022-09-26</h2> <ul> <li> <p>New: Add Falcon support. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1794">#1794</a> by Samuel Williams and <a href="https://github.com/horaciob"><code>@​horaciob</code></a></p> </li> <li> <p>New: Add AES GCM encryption support for session cookies. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1324">#1324</a> (<a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1324">sinatra/sinatra#1324</a>) by Michael Coyne</p> </li> <li> <p>Deprecated: Sinatra Reloader will be removed in the next major release.</p> </li> <li> <p>Fix: Internal Sinatra errors now extend <code>Sinatra::Error</code>. This fixes <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1204">#1204</a> and <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1518">#1518</a>. <a href="https://github.com/sinatra/sinatra/commit/bda8c29d70619d53f5b1c181140638d340695514">bda8c29d</a> by Jordan Owens</p> </li> <li> <p>Fix: Preserve query param value if named route param nil. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1676">#1676</a> by Jordan Owens</p> </li> <li> <p>Require Ruby 2.6 as minimum Ruby version. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1699">#1699</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for the Stylus template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1697">#1697</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for the erubis template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1761">#1761</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for the textile template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1766">#1766</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for SASS as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1768">#1768</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Wlang as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1780">#1780</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for CoffeeScript as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1790">#1790</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Mediawiki as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1791">#1791</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Creole as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1792">#1792</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Radius as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1793">#1793</a> by Eloy Pérez</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sinatra/sinatra/commit/eca7b54a64d1b64c4245c0f025e8dabb1cafde7c"><code>eca7b54</code></a> 3.0.4 release</li> <li><a href="https://github.com/sinatra/sinatra/commit/bbc1d470f196acf995a847a8e86925298a93fb50"><code>bbc1d47</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1841">#1841</a> from sinatra/filename-escaping</li> <li><a href="https://github.com/sinatra/sinatra/commit/ea8fc9495a350f7551b39e3025bfcd06f49f363b"><code>ea8fc94</code></a> escape filename in the Content-Disposition header</li> <li><a href="https://github.com/sinatra/sinatra/commit/c90f203f7a5cc4e5ef5c685e31d9d0bb002f8eab"><code>c90f203</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1839">#1839</a> from andrykonchin/ak/skip-falcon-in-specs</li> <li><a href="https://github.com/sinatra/sinatra/commit/42e3eed9cc9e574513aae3e925e30e80741190d2"><code>42e3eed</code></a> Don't run integration specs on falcon against TruffleRuby</li> <li><a href="https://github.com/sinatra/sinatra/commit/cafaab99db5b644e5fbe2a19bdba168e671ff1f2"><code>cafaab9</code></a> 3.0.3 release</li> <li><a href="https://github.com/sinatra/sinatra/commit/44ff1491282fb83b178f7e498ad2611a93117376"><code>44ff149</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1835">#1835</a> from dentarg/puma-edge-job</li> <li><a href="https://github.com/sinatra/sinatra/commit/e328d08e676aa9914ec9115281d8e51960f4e7aa"><code>e328d08</code></a> CI: fix typo in job name variable</li> <li><a href="https://github.com/sinatra/sinatra/commit/88844e498c9b9122a956aff9615bb5dda8582b15"><code>88844e4</code></a> CI: shorter job name</li> <li><a href="https://github.com/sinatra/sinatra/commit/9b5fcd0596324077d51881533732acf12672d424"><code>9b5fcd0</code></a> CI: include Puma in job name</li> <li>Additional commits viewable in <a href="https://github.com/sinatra/sinatra/compare/v2.0.0...v3.0.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/atomaka/link-share/network/alerts). </details>

This pull request can be merged automatically.

You are not authorized to merge this pull request.

You can also view command line instructions.

Step 1:

From your project repository, check out a new branch and test the changes.

git checkout -b dependabot/bundler/sinatra-3.0.4 master

git pull origin dependabot/bundler/sinatra-3.0.4

Step 2:

Merge the changes and update on Gitea.

git checkout master

git merge --no-ff dependabot/bundler/sinatra-3.0.4

git push origin master

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Reference: atomaka/link-share#53

No description provided.