ef9af004f7
Merge pull request #10454 from discourse/dependabot/bundler/rubocop-rspec-1.43.1
...
Build(deps): Bump rubocop-rspec from 1.42.0 to 1.43.1
2020-08-17 11:34:15 -04:00
a7d9334a93
Build(deps-dev): Bump simplecov from 0.18.5 to 0.19.0
...
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov ) from 0.18.5 to 0.19.0.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases )
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md )
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.18.5...v0.19.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-17 11:29:27 -04:00
eb7320f52c
Build(deps): Bump bootsnap from 1.4.7 to 1.4.8
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.4.7 to 1.4.8.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.7...v1.4.8 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-12 18:03:58 +08:00
c38212c73e
Build(deps): Bump omniauth-oauth2 from 1.6.0 to 1.7.0
...
Bumps [omniauth-oauth2](https://github.com/omniauth/omniauth-oauth2 ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/omniauth/omniauth-oauth2/releases )
- [Commits](https://github.com/omniauth/omniauth-oauth2/compare/v1.6.0...v1.7.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-11 12:59:26 -04:00
4f7e7e92b1
Build(deps): Bump rubocop from 0.89.0 to 0.89.1
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.89.0 to 0.89.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.89.0...v0.89.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-11 09:55:17 -04:00
9f7e864226
DEV: Bump logster to 2.9.2
...
This upgrade fixes a bug where all JS error reporting requests were denied
with 429 errors.
2020-08-11 15:24:56 +03:00
d6f79a451b
Build(deps): Bump concurrent-ruby from 1.1.6 to 1.1.7
...
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby ) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases )
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.6...v1.1.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-10 10:50:54 -04:00
07dc5b5269
Build(deps): Bump diffy from 3.3.0 to 3.4.0
...
Bumps [diffy](https://github.com/samg/diffy ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/samg/diffy/releases )
- [Changelog](https://github.com/samg/diffy/blob/main/CHANGELOG )
- [Commits](https://github.com/samg/diffy/compare/3.3.0...3.4.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-07 13:40:44 -04:00
801a078105
Build(deps): Bump rubocop from 0.88.0 to 0.89.0
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.88.0 to 0.89.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.88.0...v0.89.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-06 09:36:41 +08:00
041cd15667
Update rails_failover to 0.5.5.
2020-08-04 10:38:00 +08:00
8246b611ac
DEV: Bump chunky_png from 1.3.11 to 1.3.12 ( #10359 )
...
Bumps [chunky_png](https://github.com/wvanbergen/chunky_png ) from 1.3.11 to 1.3.12.
- [Release notes](https://github.com/wvanbergen/chunky_png/releases )
- [Changelog](https://github.com/wvanbergen/chunky_png/blob/master/CHANGELOG.rdoc )
- [Commits](https://github.com/wvanbergen/chunky_png/compare/v1.3.11...v1.3.12 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-04 11:45:22 +10:00
a3ef35acef
DEV: Bump rack-mini-profiler from 2.0.3 to 2.0.4 ( #10362 )
...
Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler ) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases )
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md )
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.0.3...v2.0.4 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-04 11:42:57 +10:00
1c2c21b810
DEV: Bump rbtrace from 0.4.13 to 0.4.14 ( #10361 )
...
Bumps [rbtrace](https://github.com/tmm1/rbtrace ) from 0.4.13 to 0.4.14.
- [Release notes](https://github.com/tmm1/rbtrace/releases )
- [Commits](https://github.com/tmm1/rbtrace/compare/v0.4.13...v0.4.14 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-04 11:42:10 +10:00
d35120946c
Build(deps): Bump i18n from 1.8.3 to 1.8.5
...
Bumps [i18n](https://github.com/svenfuchs/i18n ) from 1.8.3 to 1.8.5.
- [Release notes](https://github.com/svenfuchs/i18n/releases )
- [Changelog](https://github.com/ruby-i18n/i18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/svenfuchs/i18n/compare/v1.8.3...v1.8.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 15:44:04 +02:00
ea7e7900a4
DEV: Bump rubocop-ast from 0.2.0 to 0.3.0 ( #10353 )
...
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast ) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v0.2.0...v0.3.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-03 17:01:19 +10:00
c23dfb7df7
Build(deps): Bump rack-mini-profiler from 2.0.2 to 2.0.3
...
Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler ) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases )
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md )
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.0.2...v2.0.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-29 08:49:50 -04:00
bc11769118
FIX: Bump onebox to 2.0.1 for engine priority fix
2020-07-28 13:29:15 +01:00
4fd59c9b26
Build(deps): Bump excon from 0.75.0 to 0.76.0
...
Bumps [excon](https://github.com/excon/excon ) from 0.75.0 to 0.76.0.
- [Release notes](https://github.com/excon/excon/releases )
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt )
- [Commits](https://github.com/excon/excon/compare/v0.75.0...v0.76.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-28 09:11:02 +08:00
25f6136b27
Upgrade fastimage and remove our freedom patch
2020-07-27 13:23:17 -04:00
02d675ff4b
Build(deps): Bump unicorn from 5.5.5 to 5.6.0
...
Bumps [unicorn](https://yhbt.net/unicorn/ ) from 5.5.5 to 5.6.0.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 13:07:48 -04:00
ce13b1f94a
Build(deps): Bump oj from 3.10.7 to 3.10.8
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.10.7 to 3.10.8.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.10.7...v3.10.8 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 12:46:13 -04:00
e0d9232259
FIX: use allowlist and blocklist terminology ( #10209 )
...
This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist.
2020-07-27 10:23:54 +10:00
3d7c81149e
Build(deps-dev): Bump parallel_tests from 3.0.0 to 3.1.0
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.0.0...v3.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-24 09:32:39 -04:00
c6202af005
Update rubocop to 2.3.1.
2020-07-24 17:19:21 +08:00
1b57276673
Revert "Bump rubocop-discourse to 2.3.0."
...
This reverts commit a3ed7c9279
2020-07-24 13:18:49 +08:00
a3ed7c9279
Bump rubocop-discourse to 2.3.0.
2020-07-24 12:49:27 +08:00
fe71c43c57
DEV: upgrade mini_racer and libv8
...
This pushes v8 from Chrome 73 (March 2019) -> 84 (July 14 2020)
Not expecting any user facing changes, but it is super nice to be on latest
v8 :confetti:
2020-07-23 16:26:53 +10:00
21d7b55ec6
Build(deps): Bump bootsnap from 1.4.6 to 1.4.7
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.4.6 to 1.4.7.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.6...v1.4.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-22 17:12:36 -04:00
74ddbc91b0
DEV: Update rails_failover to 0.5.4
...
Pulls in
- FIX: Undefined method on nil class error in forking servers.
2020-07-21 16:01:53 +08:00
6623794dab
Build(deps-dev): Bump test-prof from 0.11.3 to 0.12.0
...
Bumps [test-prof](https://github.com/palkan/test-prof ) from 0.11.3 to 0.12.0.
- [Release notes](https://github.com/palkan/test-prof/releases )
- [Changelog](https://github.com/palkan/test-prof/blob/master/CHANGELOG.md )
- [Commits](https://github.com/palkan/test-prof/compare/v0.11.3...v0.12.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 12:12:55 -04:00
874c8ffd0f
Build(deps): Bump rubocop-ast from 0.1.0 to 0.2.0
...
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast ) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v0.1.0...v0.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 12:01:40 -04:00
7f05720e91
Bump logster.
...
Pulls in "FIX: Missing application backtrace in chained loggers."
2020-07-20 13:30:11 +08:00
2e9474e60f
Update rails_failover to 0.5.3.
...
Changelong
- FIX: Incorrectly rescuing from `PG::ServerError`.
2020-07-20 11:05:11 +08:00
b630fccbd7
Update ember source
2020-07-16 11:28:52 -04:00
1eeca264eb
FIX: Properly load ember source map in development mode
2020-07-15 15:20:57 -04:00
8515bdf1d8
DEV: Bump zeitwerk from 2.3.1 to 2.4.0 ( #10236 )
...
Bumps [zeitwerk](https://github.com/fxn/zeitwerk ) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/fxn/zeitwerk/releases )
- [Changelog](https://github.com/fxn/zeitwerk/blob/master/CHANGELOG.md )
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.3.1...v2.4.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 10:09:54 +10:00
85d4370f79
DEV: pin the rotp gem
...
Not ready for an upgrade due to: https://github.com/mdp/rotp/issues/98
The policy here is that for cases like this we pin the version and add
a comment explaining why it is pinned.
We can revisit in a few months depending on upstream.
2020-07-14 17:05:12 +10:00
cc01297f1f
DEV: Bump rubocop from 0.87.1 to 0.88.0 ( #10226 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.87.1 to 0.88.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.87.1...v0.88.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-14 15:57:46 +10:00
ab77707c1e
DEV: Bump oj from 3.10.6 to 3.10.7 ( #10227 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.10.6 to 3.10.7.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.10.6...v3.10.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-14 10:57:23 +10:00
c69983a30d
Build(deps): Bump multi_json from 1.14.1 to 1.15.0 ( #10215 )
...
Bumps [multi_json](https://github.com/intridea/multi_json ) from 1.14.1 to 1.15.0.
- [Release notes](https://github.com/intridea/multi_json/releases )
- [Changelog](https://github.com/intridea/multi_json/blob/master/CHANGELOG.md )
- [Commits](https://github.com/intridea/multi_json/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-13 15:33:49 -04:00
33554e5cbc
Build(deps): Bump cose from 1.1.0 to 1.2.0 ( #10223 )
...
Bumps [cose](https://github.com/cedarcode/cose-ruby ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/cedarcode/cose-ruby/releases )
- [Changelog](https://github.com/cedarcode/cose-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/cedarcode/cose-ruby/compare/v1.1.0...v1.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-13 12:30:39 -04:00
c5da813ff5
Build(deps): Bump rubocop-rspec from 1.41.0 to 1.42.0 ( #10207 )
...
Bumps [rubocop-rspec](https://github.com/rubocop-hq/rubocop-rspec ) from 1.41.0 to 1.42.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rspec/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rspec/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rspec/compare/v1.41.0...v1.42.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-13 12:01:43 -04:00
c8856c7a43
Build(deps): Bump rake-compiler from 1.1.0 to 1.1.1 ( #10206 )
...
Bumps [rake-compiler](https://github.com/luislavena/rake-compiler ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/luislavena/rake-compiler/releases )
- [Changelog](https://github.com/rake-compiler/rake-compiler/blob/master/History.txt )
- [Commits](https://github.com/luislavena/rake-compiler/compare/v1.1.0...v1.1.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-13 11:52:56 -04:00
dadf08fb3b
Build(deps): Bump cose from 1.0.0 to 1.1.0 ( #10203 )
...
Bumps [cose](https://github.com/cedarcode/cose-ruby ) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/cedarcode/cose-ruby/releases )
- [Changelog](https://github.com/cedarcode/cose-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/cedarcode/cose-ruby/compare/v1.0.0...v1.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-09 14:13:32 -04:00
bac25e6dd7
DEV: upgrade rack to version 2.2.3
...
This is very minor, see: https://github.com/advisories/GHSA-j6w9-fv6q-3q52
An attacker can elevate own cookie usage to bypass server cookie restrictions
Technically this is a security commit, but the surface area is extremely
low, we do not expect any real world impact.
2020-07-08 16:42:31 +10:00
8af5194e39
DEV: upgrade rails to version 6.0.3.2
...
This includes a fix for CVE-2020-8185 we are not vulnerable as we do not use
the impacted middleware. However it still makes sense to stay upgraded, other
small fixes exist in this release.
2020-07-08 16:34:29 +10:00
26dc981285
Build(deps): Bump rubocop from 0.86.0 to 0.87.1
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.86.0 to 0.87.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.86.0...v0.87.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-08 08:54:38 +08:00
b973ffe8e0
Build(deps): Bump onebox from 1.9.29 to 1.9.30
...
Bumps [onebox](https://github.com/discourse/onebox ) from 1.9.29 to 1.9.30.
- [Release notes](https://github.com/discourse/onebox/releases )
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md )
- [Commits](https://github.com/discourse/onebox/compare/v1.9.29...v1.9.30 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-08 08:54:20 +08:00
cb421b5358
Build(deps): Bump nokogiri from 1.10.9 to 1.10.10 ( #10171 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.10.9 to 1.10.10.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.9...v1.10.10 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-06 10:13:23 -04:00
b0d17a508b
Build(deps): Bump rubocop-rspec from 1.40.0 to 1.41.0 ( #10164 )
...
Bumps [rubocop-rspec](https://github.com/rubocop-hq/rubocop-rspec ) from 1.40.0 to 1.41.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rspec/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rspec/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rspec/compare/v1.40.0...v1.41.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-03 09:46:35 -04:00
dependabot-preview[bot]
OsamaSayegh
Guo Xiang Tan
David Taylor
Robin Ward
Krzysztof Kotlarek
Sam Saffron