Skip to content

Bump the bundler group across 1 directory with 8 updates#1399

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/bundler-d01a2459df
Open

Bump the bundler group across 1 directory with 8 updates#1399
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/bundler-d01a2459df

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 29, 2026

Bumps the bundler group with 8 updates in the / directory:

Package From To
aws-sdk-s3 1.223.0 1.224.0
bootsnap 1.24.4 1.24.5
good_job 4.18.2 4.19.0
jbuilder 2.15.0 2.15.1
pagy 43.5.4 43.5.5
puma 8.0.1 8.0.2
rubocop-rails 2.35.2 2.35.3
rspec-openapi 0.26.0 0.27.0

Updates aws-sdk-s3 from 1.223.0 to 1.224.0

Changelog

Sourced from aws-sdk-s3's changelog.

1.224.0 (2026-05-21)

  • Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.
Commits

Updates bootsnap from 1.24.4 to 1.24.5

Changelog

Sourced from bootsnap's changelog.

1.24.5

  • No longer load the config file by default when setup is done manually. This is so cli applications like homebrew don't mistakenly load another app's boostnap config.
Commits
  • d6ca050 Release 1.24.5
  • 579aa0e Merge pull request #552 from byroot/fix-bootsnap-config
  • 2884e89 Only load config file is directed to by .setup
  • 103a92b Merge pull request #551 from byroot/enable-fstr-global
  • 33c927d Update compiler options when global options change
  • 122db7f Simplify enable_frozen_string_literal(app_only: false)
  • See full diff in compare view

Updates good_job from 4.18.2 to 4.19.0

Release notes

Sourced from good_job's releases.

v4.19.0

Review the Changelog for more details.

Significant changes

Nice changes

Bug fixes and refactors

New Contributors

Full Changelog: bensheldon/good_job@v4.18.2...v4.19.0

Changelog

Sourced from good_job's changelog.

v4.19.0 (2026-05-27)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • Use table_name instead of hardcoding :good_jobs in schema introspection #1774 (eidarus)
  • Fix incorrect ENV variable guard for GOOD_JOB_ENABLE_PAUSES #1772 (jqr)
  • Fix PG::ProgramLimitExceeded in jobs index search for large error payloads #1769 (createdbypete)
  • Fix PG::AmbiguousColumn in skiplocked/hybrid claim with ordered queues + concurrency rules #1768 (createdbypete)
  • Make execution state completely Fiber-safe via Rails isolated execution state #1765 (ollym)
  • Handle nil updated_at in stale? method #1764 (gavinballard)

Closed issues:

  • enable_pauses ENV var check has singular/plural mismatch #1771
  • Raises PG::AmbiguousColumn under hybrid lock strategy on ordered queues with throttle #1767
  • Handle long labels more gracefully #1674
  • Drop Duplicate index #1661
  • Job runner process enters a loop on create_listen_task - stale check fails #1649
  • Set a default queue_select_limit #1596

Merged pull requests:

Commits
  • d80fa63 Release good_job v4.19.0
  • 8bae597 Make execution state completely Fiber-safe via Rails isolated execution state...
  • dcae2b2 Refactor Concurrency::Rule to use explicit ivars instead of options hash (#1776)
  • 613b083 Prune CI test matrix to boundary Ruby versions per Rails version (#1777)
  • 1f78c18 Truncate long labels in dashboard badges (#1766)
  • 13aa397 Handle nil updated_at in stale? method (#1764)
  • befffb0 Set default queue_select_limit to 1000 (#1762)
  • 78b2e42 use table_name instead of hardcoding :good_jobs (#1774)
  • 64be610 Fix PG::AmbiguousColumn in skiplocked/hybrid claim with ordered queues + conc...
  • 2f6264d Fix PG::ProgramLimitExceeded in jobs index search for large error payloads ...
  • Additional commits viewable in compare view

Updates jbuilder from 2.15.0 to 2.15.1

Release notes

Sourced from jbuilder's releases.

v2.15.1

What's Changed

New Contributors

Full Changelog: rails/jbuilder@v2.15.0...v2.15.1

Commits

Updates pagy from 43.5.4 to 43.5.5

Release notes

Sourced from pagy's releases.

Version 43.5.5

Changes in 43.5.5

  • Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator (#907)
    • Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator
    • Simplify decoding logic
    Co-authored-by: Domizio Demichelis dd.nexus@gmail.com

CHANGELOG

Version 43

We needed a leap version to unequivocally signal that it's not just a major version: it's a complete redesign of the legacy code at all levels, usage and API included.

Why 43? Because it's exactly one step beyond "The answer to the ultimate question of life, the Universe, and everything." 😉

Improvements

This version introduces several enhancements, such as new :countish and :keynav_js paginators and improved automation and configuration processes, reducing setup requirements by 99%. The update also includes a simpler API and new interactive development tools, making it a comprehensive upgrade from previous versions.

  • New :countish Paginator
    • Faster than OFFSET and supporting the full UI
  • New Keynav Pagination
    • The pagy-exclusive technique using the fastest keyset pagination alongside all frontend helpers.
  • New interactive dev-tools
    • New PagyWand to integrate the pagy CSS with your app themes.
    • New Pagy AI available right inside your own app.
  • Intelligent automation
  • Simpler API
    • You solely need the pagy method and the @​pagy instance to paginate any collection and use any navigation tag and helper.
    • Methods are autoloaded only if used, and consume no memory otherwise.
    • Methods have narrower scopes and can be overridden without deep knowledge.
  • New documentation
    • Very concise, straightforward, and easy to navigate and understand.

Upgrade to 43

See the Upgrade Guide

... (truncated)

Changelog

Sourced from pagy's changelog.

Version 43.5.5

  • Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator (#907)
    • Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator
    • Simplify decoding logic
    Co-authored-by: Domizio Demichelis dd.nexus@gmail.com
Commits
  • eb4a810 Merge branch 'dev'
  • 8ee37a0 Version 43.5.5
  • ac62e00 Improve comment/docs
  • 81215c4 Update gem and packages
  • 9161301 💎 Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator (...
  • 4e9118c Docs: fix input_nav_js link text in how-to guide (#903)
  • See full diff in compare view

Updates puma from 8.0.1 to 8.0.2

Release notes

Sourced from puma's releases.

v8.0.2

  • Bugfixes
    • Anchor PROXY protocol v1 regex to string start and enforce max line length to prevent injection via crafted request bodies (#3944)
    • Parse PROXY protocol header only on the first request per connection to prevent spoofing on keep-alive connections (#3944)

Security advisories

Changelog

Sourced from puma's changelog.

8.0.2 / 2026-05-27

  • Bugfixes
    • Anchor PROXY protocol v1 regex to string start and enforce max line length to prevent injection via crafted request bodies (#3944)
    • Parse PROXY protocol header only on the first request per connection to prevent spoofing on keep-alive connections (#3944)
Commits

Updates rubocop-rails from 2.35.2 to 2.35.3

Release notes

Sourced from rubocop-rails's releases.

RuboCop Rails v2.35.3

Bug fixes

  • #1630: Fix a false positive in Rails/StrongParametersExpect when negating params[:key] with !, such as !params[:key]. (@​koic)
  • #1629: Fix false positives in Rails/StrongParametersExpect when using the safe navigation operator (&.) on params[:key]. Autocorrecting params[:key]&.downcase to params.expect(:key).downcase silently changes behavior — a missing param goes from returning nil to raising ActionController::ParameterMissing. (@​lucasmazza)
Changelog

Sourced from rubocop-rails's changelog.

2.35.3 (2026-05-27)

Bug fixes

  • #1630: Fix a false positive in Rails/StrongParametersExpect when negating params[:key] with !, such as !params[:key]. ([@​koic][])
  • #1629: Fix false positives in Rails/StrongParametersExpect when using the safe navigation operator (&.) on params[:key]. Autocorrecting params[:key]&.downcase to params.expect(:key).downcase silently changes behavior — a missing param goes from returning nil to raising ActionController::ParameterMissing. ([@​lucasmazza][])
Commits
  • 944f6f5 Cut 2.35.3
  • 7f93b76 Update Changelog
  • 3e9d4a5 Merge pull request #1631 from koic/fix_false_positive_for_rails_strong_parame...
  • 3529b8d [Fix #1630] Fix a false positive in Rails/StrongParametersExpect
  • dbb2e27 Merge pull request #1629 from lucasmazza/fix/strong-parameters-expect-safe-na...
  • 0ea9fbc Fix Rails/StrongParametersExpect to allow safe navigation operator on optiona...
  • 5d4154d Reset the docs version
  • See full diff in compare view

Updates rspec-openapi from 0.26.0 to 0.27.0

Release notes

Sourced from rspec-openapi's releases.

v0.27.0

What's Changed

🎉 Exciting New Features

📦 Other Changes

Full Changelog: exoego/rspec-openapi@v0.26.0...v0.27.0

What's Changed

🎉 Exciting New Features

📦 Other Changes

Full Changelog: exoego/rspec-openapi@v0.26.0...v0.27.0

Commits
  • d182b40 Merge pull request #347 from exoego/release/v0.27.0
  • b0c4758 Bump version to 0.27.0
  • 512f85a Merge pull request #346 from exoego/refactor-rails-test-line-length
  • bba8258 chore: update .rubocop_todo.yml
  • c8e740b refactor: fix offense in rails_test.rb
  • 48a1692 Merge pull request #345 from exoego/refactor-hash
  • b674e87 refactor: return Hash from extractor request_attributes
  • e466581 refactor: simplify SchemaMerger#merge_schema
  • 2421d82 Merge pull request #344 from exoego/refactor-builder
  • 40fc484 refactor: extract BuildContext
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the bundler group across 1 directory with 8 updates
9abf77d 
Bumps the bundler group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) | `1.223.0` | `1.224.0` |
| [bootsnap](https://github.com/rails/bootsnap) | `1.24.4` | `1.24.5` |
| [good_job](https://github.com/bensheldon/good_job) | `4.18.2` | `4.19.0` |
| [jbuilder](https://github.com/rails/jbuilder) | `2.15.0` | `2.15.1` |
| [pagy](https://github.com/ddnexus/pagy) | `43.5.4` | `43.5.5` |
| [puma](https://github.com/puma/puma) | `8.0.1` | `8.0.2` |
| [rubocop-rails](https://github.com/rubocop/rubocop-rails) | `2.35.2` | `2.35.3` |
| [rspec-openapi](https://github.com/exoego/rspec-openapi) | `0.26.0` | `0.27.0` |



Updates `aws-sdk-s3` from 1.223.0 to 1.224.0
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Updates `bootsnap` from 1.24.4 to 1.24.5
- [Release notes](https://github.com/rails/bootsnap/releases)
- [Changelog](https://github.com/rails/bootsnap/blob/main/CHANGELOG.md)
- [Commits](rails/bootsnap@v1.24.4...v1.24.5)

Updates `good_job` from 4.18.2 to 4.19.0
- [Release notes](https://github.com/bensheldon/good_job/releases)
- [Changelog](https://github.com/bensheldon/good_job/blob/main/CHANGELOG.md)
- [Commits](bensheldon/good_job@v4.18.2...v4.19.0)

Updates `jbuilder` from 2.15.0 to 2.15.1
- [Release notes](https://github.com/rails/jbuilder/releases)
- [Commits](rails/jbuilder@v2.15.0...v2.15.1)

Updates `pagy` from 43.5.4 to 43.5.5
- [Release notes](https://github.com/ddnexus/pagy/releases)
- [Changelog](https://github.com/ddnexus/pagy/blob/master/docs/CHANGELOG.md)
- [Commits](ddnexus/pagy@43.5.4...43.5.5)

Updates `puma` from 8.0.1 to 8.0.2
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/main/History.md)
- [Commits](puma/puma@v8.0.1...v8.0.2)

Updates `rubocop-rails` from 2.35.2 to 2.35.3
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop-rails@v2.35.2...v2.35.3)

Updates `rspec-openapi` from 0.26.0 to 0.27.0
- [Release notes](https://github.com/exoego/rspec-openapi/releases)
- [Changelog](https://github.com/exoego/rspec-openapi/blob/master/CHANGELOG.md)
- [Commits](exoego/rspec-openapi@v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-version: 1.224.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: bundler
- dependency-name: bootsnap
  dependency-version: 1.24.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: good_job
  dependency-version: 4.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: bundler
- dependency-name: jbuilder
  dependency-version: 2.15.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: pagy
  dependency-version: 43.5.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: puma
  dependency-version: 8.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: rubocop-rails
  dependency-version: 2.35.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: rspec-openapi
  dependency-version: 0.27.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: bundler
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels May 29, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 29, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants