From dbf2516863c9b2d78507b9e9087e794512d53c22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 20:14:40 +0100 Subject: [PATCH] Upgrade: Bump puma from 6.3.1 to 6.4.0 (#4209) Bumps [puma](https://github.com/puma/puma) from 6.3.1 to 6.4.0.
Release notes

Sourced from puma's releases.

6.4.0 - The Eagle of Durango

image

America is #1 in professional cycling, baby!

Changelog

Sourced from puma's changelog.

6.4.0 / 2023-09-21

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&previous-version=6.3.1&new-version=6.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 111f757d32..0c5cbd3804 100644 --- a/Gemfile +++ b/Gemfile @@ -31,7 +31,7 @@ gem 'omniauth-google-oauth2', '~> 1.1.1' gem 'omniauth-rails_csrf_protection', '~> 1.0' gem 'pagy', '~> 6.0' gem 'pg', '~> 1.5' -gem 'puma', '~> 6.3' +gem 'puma', '~> 6.4' gem 'rack-attack', '~> 6.7' gem 'redis', '~> 5.0' gem 'ruby-progressbar', '~> 1.13' diff --git a/Gemfile.lock b/Gemfile.lock index 1f818c075f..1783c821c4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -351,7 +351,7 @@ GEM racc pg (1.5.4) public_suffix (5.0.3) - puma (6.3.1) + puma (6.4.0) nio4r (~> 2.0) racc (1.7.1) rack (2.2.8) @@ -617,7 +617,7 @@ DEPENDENCIES omniauth-rails_csrf_protection (~> 1.0) pagy (~> 6.0) pg (~> 1.5) - puma (~> 6.3) + puma (~> 6.4) rack-attack (~> 6.7) rack-mini-profiler rails (= 7.0.8)