Bump sinatra from 2.0.0 to 3.0.4 #53

Open
dependabot[bot] wants to merge 1 commit from dependabot/bundler/sinatra-3.0.4 into master
dependabot[bot] commented 2022-11-30 19:57:20 -05:00 (Migrated from github.com)

Bumps sinatra from 2.0.0 to 3.0.4.

Changelog

Sourced from sinatra's changelog.

3.0.4 / 2022-11-25

  • Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai

3.0.3 / 2022-11-11

3.0.2 / 2022-10-01

  • New: Add Haml 6 support. #1820 by Jordan Owens

3.0.1 / 2022-09-26

  • Fix: Revert removal of rack-protection.rb. #1814 by Olle Jonsson

  • Fix: Revert change to server start and stop messaging by using Kernel#warn. Renamed internal warn method warn_for_deprecation. #1818 by Jordan Owens

3.0.0 / 2022-09-26

  • New: Add Falcon support. #1794 by Samuel Williams and @​horaciob

  • New: Add AES GCM encryption support for session cookies. #1324 (sinatra/sinatra#1324) by Michael Coyne

  • Deprecated: Sinatra Reloader will be removed in the next major release.

  • Fix: Internal Sinatra errors now extend Sinatra::Error. This fixes #1204 and #1518. bda8c29d by Jordan Owens

  • Fix: Preserve query param value if named route param nil. #1676 by Jordan Owens

  • Require Ruby 2.6 as minimum Ruby version. #1699 by Eloy Pérez

  • Breaking change: Remove support for the Stylus template engine. #1697 by Eloy Pérez

  • Breaking change: Remove support for the erubis template engine. #1761 by Eloy Pérez

  • Breaking change: Remove support for the textile template engine. #1766 by Eloy Pérez

  • Breaking change: Remove support for SASS as a template engine. #1768 by Eloy Pérez

  • Breaking change: Remove support for Wlang as a template engine. #1780 by Eloy Pérez

  • Breaking change: Remove support for CoffeeScript as a template engine. #1790 by Eloy Pérez

  • Breaking change: Remove support for Mediawiki as a template engine. #1791 by Eloy Pérez

  • Breaking change: Remove support for Creole as a template engine. #1792 by Eloy Pérez

  • Breaking change: Remove support for Radius as a template engine. #1793 by Eloy Pérez

... (truncated)

Commits
  • eca7b54 3.0.4 release
  • bbc1d47 Merge pull request #1841 from sinatra/filename-escaping
  • ea8fc94 escape filename in the Content-Disposition header
  • c90f203 Merge pull request #1839 from andrykonchin/ak/skip-falcon-in-specs
  • 42e3eed Don't run integration specs on falcon against TruffleRuby
  • cafaab9 3.0.3 release
  • 44ff149 Merge pull request #1835 from dentarg/puma-edge-job
  • e328d08 CI: fix typo in job name variable
  • 88844e4 CI: shorter job name
  • 9b5fcd0 CI: include Puma in job name
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [sinatra](https://github.com/sinatra/sinatra) from 2.0.0 to 3.0.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sinatra/sinatra/blob/master/CHANGELOG.md">sinatra's changelog</a>.</em></p> <blockquote> <h2>3.0.4 / 2022-11-25</h2> <ul> <li>Fix: Escape filename in the Content-Disposition header. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1841">#1841</a> by Kunpei Sakai</li> </ul> <h2>3.0.3 / 2022-11-11</h2> <ul> <li>Fix: fixed ReDoS for Rack::Protection::IPSpoofing. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1823">#1823</a> by <a href="https://github.com/ooooooo-q"><code>@​ooooooo-q</code></a></li> </ul> <h2>3.0.2 / 2022-10-01</h2> <ul> <li>New: Add Haml 6 support. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1820">#1820</a> by Jordan Owens</li> </ul> <h2>3.0.1 / 2022-09-26</h2> <ul> <li> <p>Fix: Revert removal of rack-protection.rb. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1814">#1814</a> by Olle Jonsson</p> </li> <li> <p>Fix: Revert change to server start and stop messaging by using Kernel#warn. Renamed internal warn method warn_for_deprecation. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1818">#1818</a> by Jordan Owens</p> </li> </ul> <h2>3.0.0 / 2022-09-26</h2> <ul> <li> <p>New: Add Falcon support. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1794">#1794</a> by Samuel Williams and <a href="https://github.com/horaciob"><code>@​horaciob</code></a></p> </li> <li> <p>New: Add AES GCM encryption support for session cookies. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1324">#1324</a> (<a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1324">sinatra/sinatra#1324</a>) by Michael Coyne</p> </li> <li> <p>Deprecated: Sinatra Reloader will be removed in the next major release.</p> </li> <li> <p>Fix: Internal Sinatra errors now extend <code>Sinatra::Error</code>. This fixes <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1204">#1204</a> and <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1518">#1518</a>. <a href="https://github.com/sinatra/sinatra/commit/bda8c29d70619d53f5b1c181140638d340695514">bda8c29d</a> by Jordan Owens</p> </li> <li> <p>Fix: Preserve query param value if named route param nil. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1676">#1676</a> by Jordan Owens</p> </li> <li> <p>Require Ruby 2.6 as minimum Ruby version. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1699">#1699</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for the Stylus template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1697">#1697</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for the erubis template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1761">#1761</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for the textile template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1766">#1766</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for SASS as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1768">#1768</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Wlang as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1780">#1780</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for CoffeeScript as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1790">#1790</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Mediawiki as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1791">#1791</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Creole as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1792">#1792</a> by Eloy Pérez</p> </li> <li> <p>Breaking change: Remove support for Radius as a template engine. <a href="https://github-redirect.dependabot.com/sinatra/sinatra/pull/1793">#1793</a> by Eloy Pérez</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sinatra/sinatra/commit/eca7b54a64d1b64c4245c0f025e8dabb1cafde7c"><code>eca7b54</code></a> 3.0.4 release</li> <li><a href="https://github.com/sinatra/sinatra/commit/bbc1d470f196acf995a847a8e86925298a93fb50"><code>bbc1d47</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1841">#1841</a> from sinatra/filename-escaping</li> <li><a href="https://github.com/sinatra/sinatra/commit/ea8fc9495a350f7551b39e3025bfcd06f49f363b"><code>ea8fc94</code></a> escape filename in the Content-Disposition header</li> <li><a href="https://github.com/sinatra/sinatra/commit/c90f203f7a5cc4e5ef5c685e31d9d0bb002f8eab"><code>c90f203</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1839">#1839</a> from andrykonchin/ak/skip-falcon-in-specs</li> <li><a href="https://github.com/sinatra/sinatra/commit/42e3eed9cc9e574513aae3e925e30e80741190d2"><code>42e3eed</code></a> Don't run integration specs on falcon against TruffleRuby</li> <li><a href="https://github.com/sinatra/sinatra/commit/cafaab99db5b644e5fbe2a19bdba168e671ff1f2"><code>cafaab9</code></a> 3.0.3 release</li> <li><a href="https://github.com/sinatra/sinatra/commit/44ff1491282fb83b178f7e498ad2611a93117376"><code>44ff149</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sinatra/sinatra/issues/1835">#1835</a> from dentarg/puma-edge-job</li> <li><a href="https://github.com/sinatra/sinatra/commit/e328d08e676aa9914ec9115281d8e51960f4e7aa"><code>e328d08</code></a> CI: fix typo in job name variable</li> <li><a href="https://github.com/sinatra/sinatra/commit/88844e498c9b9122a956aff9615bb5dda8582b15"><code>88844e4</code></a> CI: shorter job name</li> <li><a href="https://github.com/sinatra/sinatra/commit/9b5fcd0596324077d51881533732acf12672d424"><code>9b5fcd0</code></a> CI: include Puma in job name</li> <li>Additional commits viewable in <a href="https://github.com/sinatra/sinatra/compare/v2.0.0...v3.0.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra&package-manager=bundler&previous-version=2.0.0&new-version=3.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/atomaka/link-share/network/alerts). </details>
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin dependabot/bundler/sinatra-3.0.4:dependabot/bundler/sinatra-3.0.4
git checkout dependabot/bundler/sinatra-3.0.4

Merge

Merge the changes and update on Forgejo.
git checkout master
git merge --no-ff dependabot/bundler/sinatra-3.0.4
git checkout dependabot/bundler/sinatra-3.0.4
git rebase master
git checkout master
git merge --ff-only dependabot/bundler/sinatra-3.0.4
git checkout dependabot/bundler/sinatra-3.0.4
git rebase master
git checkout master
git merge --no-ff dependabot/bundler/sinatra-3.0.4
git checkout master
git merge --squash dependabot/bundler/sinatra-3.0.4
git checkout master
git merge --ff-only dependabot/bundler/sinatra-3.0.4
git checkout master
git merge dependabot/bundler/sinatra-3.0.4
git push origin master
Sign in to join this conversation.
No reviewers
No labels
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Reference: atomaka/link-share#53
No description provided.