Bump the bundler group across 1 directory with 37 updates

[dependabot]

Bumps the bundler group with 26 updates in the / directory:

Package	From	To
rexml	3.2.5	3.3.9
puma	5.6.5	5.6.9
rack	2.2.4	2.2.8.1
pghero	2.8.3	3.1.0
devise-two-factor	4.0.2	6.1.0
rails-i18n	6.0.0	7.0.10
rails	6.1.7	7.1.5.1
thor	1.2.1	1.3.2
kt-paperclip	7.1.1	7.2.2
active_model_serializers	0.10.13	0.10.15
addressable	2.8.1	2.8.7
chewy	7.2.4	7.6.0
omniauth-saml	1.10.3	1.10.5
http	5.1.0	5.2.0
nokogiri	1.13.8	1.17.1
nsa	0.2.8	0.3.0
json-ld	3.2.3	3.3.2
letter_opener	1.8.1	1.10.0
omniauth	1.9.2	2.1.2
omniauth-cas	2.0.0	3.0.0
omniauth-saml	1.10.5	2.1.2
doorkeeper	5.6.0	5.6.6
sanitize	6.0.0	6.0.2
sidekiq	6.5.7	6.5.10
sidekiq-unique-jobs	7.1.27	7.1.33
fugit	1.7.1	1.11.1
json-jwt	1.13.0	1.15.3.1

Updates rexml from 3.2.5 to 3.3.9

Release notes

Sourced from rexml's releases.

REXML 3.3.9 - 2024-10-24

Improvements

• Improved performance.
  • GH-210
  • Patch by NAITOH Jun.

Fixes

• Fixed a parse bug for text only invalid XML.

  • GH-215
  • Patch by NAITOH Jun.

• Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks

• NAITOH Jun

REXML 3.3.8 - 2024-09-29

Improvements

• SAX2: Improve parse performance.
  • GH-207
  • Patch by NAITOH Jun.

Fixes

• Fixed a bug that unexpected attribute namespace conflict error for the predefined "xml" namespace is reported.
  • GH-208
  • Patch by KITAITI Makoto

Thanks

• NAITOH Jun

• KITAITI Makoto

REXML 3.3.7 - 2024-09-04

Improvements

• Added local entity expansion limit methods
  • GH-192
  • GH-202
  • Reported by takuya kodama.

... (truncated)

Changelog

Sourced from rexml's changelog.

3.3.9 - 2024-10-24 {#version-3-3-9}

Improvements

• Improved performance.
  • GH-210
  • Patch by NAITOH Jun.

Fixes

• Fixed a parse bug for text only invalid XML.

  • GH-215
  • Patch by NAITOH Jun.

• Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks

• NAITOH Jun

3.3.8 - 2024-09-29 {#version-3-3-8}

Improvements

• SAX2: Improve parse performance.
  • GH-207
  • Patch by NAITOH Jun.

Fixes

• Fixed a bug that unexpected attribute namespace conflict error for the predefined "xml" namespace is reported.
  • GH-208
  • Patch by KITAITI Makoto

Thanks

• NAITOH Jun

• KITAITI Makoto

3.3.7 - 2024-09-04 {#version-3-3-7}

Improvements

• Added local entity expansion limit methods
  • GH-192
  • GH-202
  • Reported by takuya kodama.

... (truncated)

Commits

• 38eaa86 Add 3.3.9 entry
• ce59f2e parser: fix a bug that &#0x...; is accepted as a character reference
• a09646d test: fix indent
• cf0fb9c Fix IOSource#readline for @pending_buffer (#215)
• 1d0c362 Optimize IOSource#read_until method (#210)
• 622011f Bump version
• 036d508 test: avoid using needless non ASCII characters
• 4197054 Add 3.3.8 entry
• 78f8712 Fix handling with "xml:" prefixed namespace (#208)
• 2e1cd64 Optimize SAX2Parser#get_namespace (#207)
• Additional commits viewable in compare view

Updates puma from 5.6.5 to 5.6.9

Release notes

Sourced from puma's releases.

5.6.7

Security Address HTTP request smuggling vulnerabilities with zero-length Content Length header and trailer fields (GHSA-68xg-gqqm-vgj8)

Changelog

Sourced from puma's changelog.

5.6.9 / 2024-09-19

• Security
  • Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4)
• JRuby
  • Must use at least Java >= 9 to compile. You can no longer build from source on Java 8.

5.6.8 / 2024-01-08

• Security
  • Limit the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. (GHSA-c2f4-cvqm-65w2)

5.6.7 / 2023-08-18

• Security
  • Address HTTP request smuggling vulnerabilities with zero-length Content Length header and trailer fields (GHSA-68xg-gqqm-vgj8)

5.6.6 / 2023-06-21

• Bugfix
  • Prevent loading with rack 3 (#3166)

Commits

• f196b23 Merge commit from fork
• 24eec19 5.6.9
• 3c8e8b0 5.6.9 release note [ci skip]
• 1293573 5.6.8
• bbb880f Merge pull request from GHSA-c2f4-cvqm-65w2
• 78393bf 5.6.7
• 7405a21 Merge pull request from GHSA-68xg-gqqm-vgj8
• d33424b 5.6.7 release note [ci skip]
• f8c7b23 5.6.6
• 08af1b5 5.6.6 release note
• Additional commits viewable in compare view

Updates rack from 2.2.4 to 2.2.8.1

Release notes

Sourced from rack's releases.

v2.2.8.1

What's Changed

• Fixed ReDoS in Accept header parsing [CVE-2024-26146]
• Fixed ReDoS in Content Type header parsing [CVE-2024-25126]
• Reject Range headers which are too large [CVE-2024-26141]

Full Changelog: rack/rack@v2.2.8...v2.2.8.1

v2.2.8

What's Changed

• Limit file extension length of multipart tempfiles (2.2 backport) by @​dentarg in rack/rack#2075
• CHANGELOG: Add missing 2.2.7 by @​tisba in rack/rack#2081
• Update cookie.rb by @​dchandekstark in rack/rack#2092
• Prefer ubuntu-latest for testing. by @​ioquatix in rack/rack#2095
• Fix inefficient assert pattern in Rack::Lint [2-2-stable] by @​skipkayhil in rack/rack#2101
• Regenerate SPEC [2-2-stable] by @​skipkayhil in rack/rack#2102

New Contributors

• @​tisba made their first contribution in rack/rack#2081
• @​dchandekstark made their first contribution in rack/rack#2092

Full Changelog: rack/rack@v2.2.7...v2.2.8

v2.2.7

What's Changed

• Correct the year number in the changelog by @​kimulab in rack/rack#2015
• Support underscore in host names for Rack 2.2 (Fixes #2070) by @​jeremyevans in rack/rack#2071

New Contributors

• @​kimulab made their first contribution in rack/rack#2015

Full Changelog: rack/rack@v2.2.6.4...v2.2.7

v2.2.6.4

No release notes provided.

Changelog

Sourced from rack's changelog.

Changelog

All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference Keep A Changelog.

Unreleased

Added

• Introduce Rack::VERSION constant. (#2199, [@​ioquatix])
• ISO-2022-JP encoded parts within MIME Multipart sections of an HTTP request body will now be converted to UTF-8. (#2245, [@​nappa])

Changed

• Invalid cookie keys will now raise an error. (#2193, [@​ioquatix])
• Rack::MediaType#params now handles empty strings. (#2229, [@​jeremyevans])
• Rack::MediaType#params now handles parameters without values. (#2263, @​AllyMarthaJ)

Deprecated

• Rack::Auth::AbstractRequest#request is deprecated without replacement. (#2229, [@​jeremyevans])
• Rack::Request#parse_multipart (private method designed to be overridden in subclasses) is deprecated without replacement. (#2229, [@​jeremyevans])

Removed

• Rack::Request#values_at is removed. (#2200, [@​ioquatix])
• Rack::Logger is removed with no replacement. (#2196, [@​ioquatix])
• Automatic cache invalidation in Rack::Request#{GET,POST} has been removed. (#2230, [@​jeremyevans])

Fixed

• Rack::RewindableInput::Middleware no longer wraps a nil input. (#2259, @​tt)

[3.1.8] - 2024-10-14

Fixed

• Resolve deprecation warnings about uri DEFAULT_PARSER. (#2249, [@​earlopain])

[3.1.7] - 2024-07-11

Fixed

• Do not remove escaped opening/closing quotes for content-disposition filenames. (#2229, [@​jeremyevans])
• Fix encoding setting for non-binary IO-like objects in MockRequest#env_for. (#2227, [@​jeremyevans])
• Rack::Response should not generate invalid content-length header. (#2219, [@​ioquatix])
• Allow empty PATH_INFO. (#2214, [@​ioquatix])

[3.1.6] - 2024-07-03

Fixed

... (truncated)

Commits

• e830011 bump version
• d9c163a Avoid 2nd degree polynomial regexp in MediaType
• 6245768 Return an empty array when ranges are too large
• e4c1177 Fixing ReDoS in header parsing
• f169ff7 Bump patch version.
• 0a46487 Regenerate SPEC (#2102)
• cee73b3 Fix inefficient assert pattern in Rack::Lint (#2101)
• 1fdcf1f Prefer ubuntu-latest for testing. (#2095)
• 287fe43 Update cookie.rb (#2092)
• e7f4869 adds missing 2.2.7 to CHANGELOG.md (#2081)
• Additional commits viewable in compare view

Updates pghero from 2.8.3 to 3.1.0

Changelog

Sourced from pghero's changelog.

3.1.0 (2023-01-04)

• Fixed explain error message leaking data - more info
• Explain analyze is now opt-in - more info
• Added support for disabling explain and explain analyze
• Added support for visualize without explain analyze
• Added explain_v2 method

3.0.1 (2022-10-09)

• Fixed message when database user does not have permission to reset query stats

3.0.0 (2022-09-13)

• Changed capture_query_stats to only reset stats for current database in Postgres 12+
• Changed reset_query_stats to only reset stats for current database (use reset_instance_query_stats to reset stats for entire instance)
• Added visualize_url option to config
• Removed access_key_id, secret_access_key, region, and db_instance_identifier methods (use aws_ prefixed methods instead)
• Dropped support for Linux packages for EOL versions
• Dropped support for Ruby < 2.7 and Rails < 6
• Dropped support for pg_query < 2
• Dropped support for aws-sdk < 2

Commits

• 80b638e Version bump to 3.1.0 [skip ci]
• a81bb01 Fixed explain error message leaking data
• 5cf3a2a Fixed CI
• 65aa2bc Added support for disabling explain and explain analyze
• e981247 Check current query stats for explainable query [skip ci]
• 026508c Fixed CI
• a8c8bc8 Test with Ruby 3.2 on CI
• 1f415e6 Improved Docker note [skip ci]
• 702fe4c Added Postgres 15 to CI
• 65e3d2c Version bump to 3.0.1 [skip ci]
• Additional commits viewable in compare view

Updates devise-two-factor from 4.0.2 to 6.1.0

Changelog

Sourced from devise-two-factor's changelog.

CHANGELOG

Unreleased

6.0.0

Breaking Changes

• otp_secret_length and otp_backup_code_length options have changed to be the number of random bytes that are generated. See https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md.
• consume_otp! and invalidate_otp_backup_code! now call save! instead of save. See https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md.

5.1.0

• Remove faker dev dependency
• Insert two_factor_authenticatable at the top of the devise module list
• README and CI improvements

5.0.0

Breaking Changes

• attr_encrypted has been deprecated in favor of native Rails attribute encryption. See https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md for details on how to migrate your records. You must use or build a migration strategy (see examples in https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md) to use existing data!
• Rails 7 is now required.

4.1.0 / 4.1.1

• Add support for attr_encrypted v4

Commits

• 2f704be Add release task from Bundler
• 1698f86 Add Trusted Publisher Github action
• aa95d36 Remove signing certificate
• 3c5b985 Bump to v6.1.0
• d12fecf Merge pull request #291 from el-chogo/el-chogo/rails-8.0-support
• 0f68e58 add rails 8.0 as a supported version
• 1be3f77 Merge pull request #287 from mjankowski/ci-version-support
• c59be18 Remove non-supported rails versions from Appraisals
• c661843 Merge pull request #284 from sunny/patch-1
• 683b4e6 Update CHANGELOG for 6.0.0 release
• Additional commits viewable in compare view

Updates rails-i18n from 6.0.0 to 7.0.10

Changelog

Sourced from rails-i18n's changelog.

7.0.10 (2024-10-28)

• Update following locales:
  • Lithuanian (lt): Add missing keys (x_years, in, model_invalid, required, round_mode, eb, pb)
  • Portuguese (pt): Fixed number.currency.format.format and helpers.submit.update #1122
  • Croatian (hr): use genitive case for month names and put a period after weekday and month abbreviations #1126
  • Korean (ko): Add missing keys (Storage units) #1118
• Fix compatibility with frozen string literals. #1120
• Refactor translations implemented in Ruby to avoid method redefinition warnings on reload. #1128

7.0.9 (2024-03-13)

• Add following locales:
  • Welsh (cy)
• Fix empty am and pm keys to make dates/times in the 12-hour time format distinguishable in every locale #1105
• Update following locales:
  • Afrikaans (af): Fix translation of May #1110
  • Czech (cs): Capitalise date day and month names for consistency #1113
  • Traditional Chinese (zh-HK, zh-TW, zh-YUE): Use traditional "week" character in date.abbr_day_names #1112
  • Italian (it): Fix translation for second prompt #1111
  • Bosnian (bs): am/pm
  • Danish (da): am/pm
  • Galician (gl): am/pm
  • Icelandic (is): am/pm
  • Norwegian Bokmål (nb): am/pm
  • Norwegian Nynorsk (nn): am/pm
  • Portuguese (pt-BR): am/pm
  • Romanian (ro): am/pm
  • Swedish (sv sv-FI sv-SE): am/pm
  • Welsh (cy): Move the keys to right place and add missing keys
  • Danish (da): Remove title case for storage and human decimal units #1108
• Add ordinalization for many locales (be, bs, cs, da, de-AT, de-CH, de-DE, eo, et, fa, fi, hr, hu, is, ka, lb, lt, lv, mk, nb, ne, nn, pl, sk, sl, sq, sr, sw, tr) #1109

7.0.8 (2023-08-15)

• Update following locales:
  • Bengali (bn): Add missing keys (almost_x_years) #1094
  • English (en-US): Normalize and add missing keys (in and round_mode) #1095
  • Korean (ko): Add missing keys (in and round_mode) #1097
  • Norwegian (nb): Fix extra %{count} interpolation in has_one key #1082
  • Portuguese (pt pt-BR): Add missing keys (round_mode) #1100
  • Spanish (es-419 es-AR es-CL es-CO es-CR es-EC es-MX es-NI es-PA es-PE es-US es-VE): Fix typo in word carácter #1090
  • Spanish (es-419 es-AR es-CL es-CO es-CR es-EC es-ES es-MX es-NI es-PA es-PE es-US es-VE): Normalize and add missing keys (in) #1089
  • Ukranian: Use hryvnia symbol as a currency unit #1093

7.0.7 (2023-05-12)

• Non-numerics counts are considered as other in all pluralizations #1067
• Update following locales:

... (truncated)

Commits

• 9259183 7.0.10 release
• 246b2fa Merge pull request #1114 from vfonic/patch-1
• 9583e1f Merge pull request #1128 from Shopify/reloading-safe
• 8b32b36 Fix method redefinition warnings when pluralizations are reloaded
• ea08c7c Merge pull request #1126 from vipera/hr-month-abbreviation-improvements
• 896ea6d Merge branch 'master' into hr-month-abbreviation-improvements
• 68877ea Merge pull request #1124 from olleolleolle/patch-1
• ba6412d Merge pull request #1127 from svenfuchs/digitalfrost-patch-91624
• 84ba405 Merge pull request #1121 from jonas-jasas/master
• 346b3a6 Merge pull request #1118 from kimdj2/add-missing-key-storage-units-ko
• Additional commits viewable in compare view

Updates rails from 6.1.7 to 7.1.5.1

Release notes

Sourced from rails's releases.

7.1.5.1

Active Support

• No changes.

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

  [CVE-2024-54133]

  Gannon McGibbon

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

... (truncated)

Commits

• 14c115b Preparing for 7.1.5.1 release
• 8ac074a Update vendored trix version to 2.1.10
• 5558e72 Add CSP directive validation
• 8984f4c Revert "Merge pull request #53484 from zzak/query_cache-config-disable"
• 30f7974 Revert "Merge pull request #53494 from zzak/re-53492"
• 625ec92 Preparing for 7.1.5 release
• b1a7569 Add yarn.lock allowed dirty files
• d78c6e4 Merge pull request #53494 from zzak/re-53492
• e60b786 Merge pull request #53484 from zzak/query_cache-config-disable
• 252723d Avoid redefining IpAddr#as_json if it already exist
• Additional commits viewable in compare view

Updates thor from 1.2.1 to 1.3.2

Release notes

Sourced from thor's releases.

1.3.2

What's Changed

• Fix a few typos in README by @​duffuniverse in rails/thor#880
• Correctly identify hyphenated and alias command names by @​takmar in rails/thor#878

New Contributors

• @​duffuniverse made their first contribution in rails/thor#880

Full Changelog: rails/thor@v1.3.1...v1.3.2

1.3.1

What's Changed

• Preserve Correct Indentation When Uncommenting Lines by @​viktorianer in rails/thor#873
• Document the '--skip-' option for boolean options. by @​andrewn617 in rails/thor#876

New Contributors

• @​takmar made their first contribution in rails/thor#865
• @​m-nakamura145 made their first contribution in rails/thor#866
• @​cprodhomme made their first contribution in rails/thor#863
• @​ancao90 made their first contribution in rails/thor#872
• @​viktorianer made their first contribution in rails/thor#873
• @​andrewn617 made their first contribution in rails/thor#876

Full Changelog: rails/thor@v1.3.0...v1.3.1

v1.3.0

What's Changed

• use the correct class for shared namespaces by @​Gerst20051 in rails/thor#754
• Allow to Override Order of Commands in Help by @​alessio-signorini in rails/thor#642
• Add support for providing http headers to get by @​dnlgrv in rails/thor#801
• Don't document negative boolean option named no_* by @​BrentWheeldon in rails/thor#797
• CreateFile#identical? fixed for files containing multi-byte UTF-8 codepoints by @​tomclose in rails/thor#786
• Drop support to Ruby 2.6 by @​rafaelfranca in rails/thor#821
• Fix dashless option usage info by @​sambostock in rails/thor#800
• Support Range in enum option by @​phene in rails/thor#775
• Check if type: array values are in enum by @​movermeyer in rails/thor#784
• Fix inject into file warning by @​nicolas-brousse in rails/thor#709
• Support Thor::CoreExt::HashWithIndifferentAccess#slice method by @​shuuuuun in rails/thor#812
• 🌧️ long_desc: new option to disable wrapping by @​igneus in rails/thor#739
• Print default in help when option type is :boolean and default is false by @​nevesenin in rails/thor#849
• Silence encoding warnings in specs by @​p8 in rails/thor#857
• Validate arguments for method_option and class_option by @​p8 in rails/thor#856
• Fix help for file_collision method without block by @​shuuuuun in rails/thor#858
• Extract print methods to seperate classes by @​p8 in rails/thor#854
• Add support for printing tables with borders by @​p8 in rails/thor#855
• Fix printing tables with borders and indentation by @​p8 in rails/thor#861

New Contributors

• @​Gerst20051 made their first contribution in rails/thor#754
• @​alessio-signorini made their first contribution in rails/thor#642

... (truncated)

Commits

• 33b9682 Fix release script
• de55517 Prepare for 1.3.2
• d342a4f Add release workflow
• f2e243d Merge pull request #878 from takmar/fix/find-class-and-command-name
• 3821657 Fix find_class_and_command_by_namespace to correctly identify hyphenated and ...
• 871d132 Add command_exists? method to Thor and Thor::Group classes
• 8f897d5 Merge pull request #880 from duffuniverse/fix-typos-in-readme
• 42fb1db Add a missed comma to readme
• 34f6dbe Fix a few typos in README
• a43d92f Prepare for 1.3.1
• Additional commits viewable in compare view

Updates kt-paperclip from 7.1.1 to 7.2.2

Release notes

Sourced from kt-paperclip's releases.

Release v7.2.2

• Allow for terrapin 1.x (kreeti/kt-paperclip#130)
• include migration statements on ActiveRecord::Migration (kreeti/kt-paperclip#125)

Release v7.2.1

• Use ActiveModel for file size validation (#122)
• Add exception message to avoid exposing class (#115)
• Mutate I18n.load_path only the first time Paperclip::Glue is included (#117)
• Support file extension names both as symbols and strings for :content _type_mappings (#119)
• Fix kwargs vs options hash for Ruby 3.0 compatibility (kreeti/kt-paperclip#116)

Release v7.2.0

• Add logging about Terrapin exception (#108)
• Use a thread local variable for recursion checking (kreeti/kt-paperclip#106)
• Use kwarg when Psych::VERSION >= 3.1.0 (kreeti/kt-paperclip#98)
• AWS: add option s3_acl_enabled (kreeti/kt-paperclip#92)
• Adjust version check to restore compatibility with non-rails projects (#95)
• Unfreeze Paperclip::Schema::COLUMNS used in migrations (kreeti/kt-paperclip#87)

Changelog

Sourced from kt-paperclip's changelog.

[UNRELEASED]

7.2.1 (2023-09-09)

• Improvement: Support file extension names both as symbols and strings for :content_type_mappings

7.2.0 (2023-05-30)

• Paperclip schema statements are consistent with ActiveRecord::Migration::Compatibility versioning. Old migrations containing Paperclip schema statements perform the same schema changes both before and after an ActiveRecord version upgrade.

7.0.1 (2021-10-06)

• Issue file delete only once per unique style when nullifying attachment or destroying an object. Avoids triggering a rate limit error on Google Cloud Storage.

7.0.0 (2021-05-28)

• Replace mimemagic gem with marcel due to licensing issues. See kreeti/kt-paperclip#54 for details and limitations

6.4.1 (2021-01-30)

• Improvement: Use URI.open in ruby > 2.5 (PR #45)

6.4.0 (2020-12-14)

• Improvement: Fix Ruby 2.7 method & syntax deprecation warnings (#38)

6.3.0 (2020-08-10)

• Feature: Add validation_errors_to option - customize copying of errors (#26)
• Stability: Dropped support for ruby 2.1

6.2.2 (2020-02-18)

• Bugfix: Add support for Aliases in S3 credentials YAML (accidentally removed during 6.2.0 upgrade).

6.2.1 (2020-01-30)

• Bugfix: Auto-loading of the gem code (necessitated due to change in gem name).

6.2.0 (2020-01-23):

• Bugfix: Don't do post-processing on invalid attachments (#16).
• Improvement: Use AWS::S3 built in download_file method (#9).
• Stability: Rubocop recommended syntax updates (#10, #11, #13, #14).
• Stability: Testing - replace mocha and bourne with rspec mocks (#6).
• Stability: Fix test suite to run with Rails 5 and Rails 6 (#19, #20, #7).

6.1.0 (2018-07-27):

• BUGFIX: Don't double-encode URLs (Roderick Monje).
• BUGFIX: Only use the content_type when it exists (Jean-Philippe Doyle).
• STABILITY: Better handling of the content-disposition header. Now supports file name that is either enclosed or not in double quotes and is case insensitive as per RC6266 grammar (Hasan Kumar, Yves Riel).
• STABILITY: Change database column type of attachment file size from unsigned 4-byte integer to unsigned 8-byte bigint. The former type limits attachment size to just over 2GB, which can easily be exceeded by a large video file (Laurent Arnoud, Alen Zamanyan).

... (truncated)

Commits

• ff04ddc prepare for release 7.2.2
• 1c6dfe6 include migration statements on ActiveRecord::Migration (#125)
• 0fbd26f Allow for terrapin 1.x (#130)
• 8a6631b prepare for new release
• 743979b Use ActiveModel for size file validatiom #Issue 120 (#122)
• edd1d9d Add gd translation (#114)
• 88a2ce1 Add exception message to avoid exposing class (#115)
• 8bdf43f Mutate I18n.load_path only the first time Paperclip::Glue is included (#117)
• 8e3cd82 Support file extension names both as symbols and strings for :content_type_ma...
• 93a1400 Fix kwargs vs options hash for Ruby 3.0 compatibility (#116)
• Additional commits viewable in compare view

Updates active_model_serializers from 0.10.13 to 0.10.15

Changelog

Sourced from active_model_serializers's changelog.

v0.10.15 (2024-11-30)

Fixes:

• #2482 Fix cant modify frozen Hash error due to rails changes (@​vineelvineel)
• #2460 Don't force ActionController::TestCase to load (@​eugeneius)

Misc:

• #2483 Support Rails 8 (@​pulkit110)

v0.10.14 (2023-10-05)

Breaking changes:

Features:

Fixes:

• #2427 Fix checking of method defined or not (@​y-yagi)

Misc:

• #2453 Update gem requirement to allow Rails 7.1 (@​schinery, @​mediafinger)
• #2451 Upgrade to Ubuntu 22.04 on Github Actions (@​wasifhossain)
• #2442 Remove travis settings (@​ohbarye)

Commits

• 8e1b223 chore(version): bump to v0.10.15
• eef9fd2 Merge pull request #2483 from pulkit110/0-10-stable
• b31d91c Support Rails 8
• b21e78b Merge pull request #2482 from vineelvineel/fix_cant_modify_frozen_hash
• 785b7d3 Fix cant modify frozen Hash error due to rails changes
• bda1950 Merge pull request #2460 from eugeneius/lazy_load_action_controller_test_case
• bb43abd Don't force ActionController::TestCase to load
• 2170177 Merge pull request #2459 from Mubramaj/patch-1
• 09ebef2 Update add_pagination_links.md to add specific instruction for will_paginate gem
• 717ac11 Merge pull request #2455 from schinery/0-10-stable
• Additional commits viewable in compare view

Updates addressable from 2.8.1 to 2.8.7

Changelog

Sourced from addressable's changelog.

Addressable 2.8.7

• Allow public_suffix 6 (#535)

#535: sporkmonger/addressable#535

Addressable 2.8.6

• Memoize regexps for common character classes (#524)

#524: sporkmonger/addressable#524

Addressable 2.8.5

• Fix thread safety issue with encoding tables (#515)
• Define URI::NONE as a module to avoid serialization issues (#509)
• Fix YAML serialization (#508)

#508: sporkmonger/addressable#508 #509: sporkmonger/addressable#509 #515: sporkmonger/addressable#515

Addressable 2.8.4

• Restore Addressable::IDNA.unicode_normalize_kc as a deprecated method (#504)

#504: sporkmonger/addressable#504

Addressable 2.8.3

• Fix template expand level 2 hash support for non-string objects (#499, #498)

#499: sporkmonger/addressable#499 #498: sporkmonger/addressable#498

Addressable 2.8.2