Skip to content

build(deps): bump psych from 5.3.1 to 5.4.0 in /config/release in the release-gems group across 1 directory#1232

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/config/release/release-gems-4ab6beb132
Open

build(deps): bump psych from 5.3.1 to 5.4.0 in /config/release in the release-gems group across 1 directory#1232
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/config/release/release-gems-4ab6beb132

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 3, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the release-gems group with 1 update in the /config/release directory: psych.

Updates psych from 5.3.1 to 5.4.0

Commits
  • f7066d8 v5.4.0
  • 6201ae1 Round the io_reader clamp down to a character boundary
  • 99ecd94 Clamp io_reader copy to libyaml's buffer size
  • 7a73514 Merge pull request #794 from ruby/dependabot/github_actions/step-security/har...
  • cada6bb Bump step-security/harden-runner from 2.19.3 to 2.19.4
  • c06a2c5 Merge pull request #793 from ruby/dependabot/github_actions/step-security/har...
  • 4a7ca7e Bump step-security/harden-runner from 2.19.1 to 2.19.3
  • 790494a Merge pull request #792 from ruby/dependabot/github_actions/step-security/har...
  • 16d8518 Bump step-security/harden-runner from 2.19.0 to 2.19.1
  • 1366654 Bump step-security/harden-runner from 2.17.0 to 2.19.0
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jun 3, 2026
@dependabot
build(deps): bump psych
2383e07 
Bumps the release-gems group with 1 update in the /config/release directory: [psych](https://github.com/ruby/psych).


Updates `psych` from 5.3.1 to 5.4.0
- [Release notes](https://github.com/ruby/psych/releases)
- [Commits](ruby/psych@v5.3.1...v5.4.0)

---
updated-dependencies:
- dependency-name: psych
  dependency-version: 5.4.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: release-gems
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): bump psych from 5.3.1 to 5.4.0 in /config/release in the release-gems group build(deps): bump psych from 5.3.1 to 5.4.0 in /config/release in the release-gems group across 1 directory Jun 8, 2026
@dependabot dependabot Bot force-pushed the dependabot/bundler/config/release/release-gems-4ab6beb132 branch from ddfd3b3 to 2383e07 Compare June 8, 2026 22:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ayousufi ayousufi Awaiting requested review from ayousufi

@BrianSigafoos-SQ BrianSigafoos-SQ Awaiting requested review from BrianSigafoos-SQ BrianSigafoos-SQ is a code owner

@bsorbo bsorbo Awaiting requested review from bsorbo bsorbo is a code owner

@jwils jwils Awaiting requested review from jwils jwils is a code owner

@jwondrusch jwondrusch Awaiting requested review from jwondrusch jwondrusch is a code owner

@myronmarston myronmarston Awaiting requested review from myronmarston myronmarston is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants