Bumps the dependencies group with 4 updates: [pg](https://github.com/ged/ruby-pg), [bootsnap](https://github.com/rails/bootsnap), [mini_racer](https://github.com/discourse/mini_racer) and [brakeman](https://github.com/presidentbeef/brakeman).
Updates `pg` from 1.6.2 to 1.6.3 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ged/ruby-pg/blob/master/CHANGELOG.md">pg's changelog</a>.</em></p> <blockquote> <h2>v1.6.3 [2025-12-29] Lars Kanis <a href="mailto:[email protected]">[email protected]</a></h2> <p>Added:</p> <ul> <li>Add binary gems for ruby-4.0, now providing ruby-3.0 to 4.0. <a href="https://redirect.github.com/ged/ruby-pg/issues/682">#682</a></li> <li>Update fat binary gem to OpenSSL-3.6.0 and PostgreSQL-18.1.</li> <li>Improve documentation of PG::Result and README. <a href="https://redirect.github.com/ged/ruby-pg/issues/676">#676</a></li> <li>Update errorcodes to PostgreSQL-18.</li> <li>Use <code>rb_hash_new_capa</code> on Ruby-3.2+ . <a href="https://redirect.github.com/ged/ruby-pg/issues/674">#674</a></li> <li>Deny any server communication on a frozen PG::Connection . <a href="https://redirect.github.com/ged/ruby-pg/issues/677">#677</a></li> <li>Fix possible race condition in PG::Result in Ractor context. <a href="https://redirect.github.com/ged/ruby-pg/issues/674">#674</a></li> </ul> <p>Removed:</p> <ul> <li>Drop binary gem support for platform <code>x86-mingw32</code>. <a href="https://redirect.github.com/ged/ruby-pg/issues/682">#682</a></li> <li>Drop binary gems for ruby-2.7.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ged/ruby-pg/commit/d4539c25dcc89d47088e1423f8d1915c041920f5"><code>d4539c2</code></a> Bump VERSION to pg-1.6.3 and add release notes</li> <li><a href="https://github.com/ged/ruby-pg/commit/720900dbb9d16aa855793146f15c3772e14f627a"><code>720900d</code></a> Merge pull request <a href="https://redirect.github.com/ged/ruby-pg/issues/682">#682</a> from larskanis/ruby-4.0</li> <li><a href="https://github.com/ged/ruby-pg/commit/f605b5937093884089109c8baa5fe268fc513eaf"><code>f605b59</code></a> Remove x86-mingw32 from binary builds</li> <li><a href="https://github.com/ged/ruby-pg/commit/5c690006ba158da70d73d939a233cf75ecdd30ef"><code>5c69000</code></a> Update to ruby-4.0</li> <li><a href="https://github.com/ged/ruby-pg/commit/2acaf3d0f76334e056229efe260e1f558a8c6b42"><code>2acaf3d</code></a> CI: workaround missing ruby-4.0 on Window</li> <li><a href="https://github.com/ged/ruby-pg/commit/b500ded81127963603e1f724e82bed649c9ca8a1"><code>b500ded</code></a> fix comment</li> <li><a href="https://github.com/ged/ruby-pg/commit/bc3f2f8b1110e9bcb225d65554e1a7fc842d0506"><code>bc3f2f8</code></a> CI: Macos-13 on Intel is deprecated</li> <li><a href="https://github.com/ged/ruby-pg/commit/77667eb4313bd7b79356f402b0fa7fba409483b8"><code>77667eb</code></a> Merge pull request <a href="https://redirect.github.com/ged/ruby-pg/issues/678">#678</a> from larskanis/ci-update</li> <li><a href="https://github.com/ged/ruby-pg/commit/6e52ce504d05c5359d55f45d9580672103263b54"><code>6e52ce5</code></a> CI: Update PostgreSQL on Macos</li> <li><a href="https://github.com/ged/ruby-pg/commit/6d40f50e51a037022495fe6d98181435652464ff"><code>6d40f50</code></a> CI: Print mkmf.log on failure on Macos</li> <li>Additional commits viewable in <a href="https://github.com/ged/ruby-pg/compare/v1.6.2...v1.6.3">compare view</a></li> </ul> </details> <br /> Updates `bootsnap` from 1.20.0 to 1.20.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rails/bootsnap/releases">bootsnap's releases</a>.</em></p> <blockquote> <h2>v1.20.1</h2> <h2>What's Changed</h2> <ul> <li>Handle broken symlinks in load path scanning code. Should fix <code>Errno::ENOENT fstatat</code> issues some users have encountered after upgrading to 1.20.0.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rails/bootsnap/compare/v1.20.0...v1.20.1">https://github.com/rails/bootsnap/compare/v1.20.0...v1.20.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rails/bootsnap/blob/main/CHANGELOG.md">bootsnap's changelog</a>.</em></p> <blockquote> <h1>1.20.1</h1> <ul> <li>Handle broken symlinks in load path scanning code. Should fix <code>Errno::ENOENT fstatat</code> issues some users have encountered after upgrading to 1.20.0.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rails/bootsnap/commit/ba59bb8e012ddbe592b0de85d06304afed65688c"><code>ba59bb8</code></a> Release 1.20.1</li> <li><a href="https://github.com/rails/bootsnap/commit/302b7dbbc31c917456369fe136b86c1ffc591a64"><code>302b7db</code></a> Merge pull request <a href="https://redirect.github.com/rails/bootsnap/issues/514">#514</a> from byroot/handle-broken-symlink</li> <li><a href="https://github.com/rails/bootsnap/commit/fd1ddc33aa8a247e204c152ec700167b285188b2"><code>fd1ddc3</code></a> Handle broken symlinks in load path</li> <li>See full diff in <a href="https://github.com/rails/bootsnap/compare/v1.20.0...v1.20.1">compare view</a></li> </ul> </details> <br /> Updates `mini_racer` from 0.19.1 to 0.19.2 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rubyjs/mini_racer/blob/main/CHANGELOG">mini_racer's changelog</a>.</em></p> <blockquote> <ul> <li>0.19.2 - 24-12-2025 <ul> <li>upgrade to node 24.12.0</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rubyjs/mini_racer/commit/6c048935e6f2f70c5bcd7701e1fe27888037644d"><code>6c04893</code></a> FIX: attempt to add musl compatability</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/546a43f2a4bf0d1aa8a50ebd986488f94e7a3cd7"><code>546a43f</code></a> bump v8 node</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/b05ff69a6e76c73dd068b336dd1f5a916336953b"><code>b05ff69</code></a> macos 13 is not a thing</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/b80d2e7f121069c019b6a710ed39a61cb8e59d0e"><code>b80d2e7</code></a> Revert &quot;FIX: workaround missing musl resolution find non musl gem and then le...</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/d0bf9ee6fddee9c62f18ce94f102f721ee79876b"><code>d0bf9ee</code></a> FIX: workaround missing musl resolution find non musl gem and then lean on gl...</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/1cbec75f7e0657dd4cc2163d838a2f0f80141f15"><code>1cbec75</code></a> bump version</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/c042cf4609d85f9ebe172e9681f4f53abdd7fd7c"><code>c042cf4</code></a> Bump ruby/setup-ruby from 1.269.0 to 1.275.0 (<a href="https://redirect.github.com/discourse/mini_racer/issues/384">#384</a>)</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/061550f4053c167021d0ce40bec8907a0d432685"><code>061550f</code></a> Bump ruby/setup-ruby from 1.268.0 to 1.269.0 (<a href="https://redirect.github.com/discourse/mini_racer/issues/381">#381</a>)</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/501ce59d1930f70709a6883235935d2e16500ab4"><code>501ce59</code></a> Bump actions/checkout from 5.0.0 to 6.0.1 (<a href="https://redirect.github.com/discourse/mini_racer/issues/382">#382</a>)</li> <li><a href="https://github.com/rubyjs/mini_racer/commit/5c326c6acadd1f68b55708cfd2a8856bb69fe490"><code>5c326c6</code></a> adds Ruby 4.0.0-preview2 to CI (<a href="https://redirect.github.com/discourse/mini_racer/issues/380">#380</a>)</li> <li>Additional commits viewable in <a href="https://github.com/discourse/mini_racer/compare/v0.19.1...v0.19.2">compare view</a></li> </ul> </details> <br /> Updates `brakeman` from 7.1.1 to 7.1.2 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md">brakeman's changelog</a>.</em></p> <blockquote> <h1>7.1.2 - 2025-12-25</h1> <ul> <li>Update <code>ruby_parser</code> to remove version restriction (Chedli Bourguiba)</li> <li>Raise minimum required Ruby to 3.2.0</li> <li>Use Minitest 6.0</li> <li>Reduce SQL injection false positives from <code>count</code> calls</li> <li>Ignore more Haml attribute builder methods</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/presidentbeef/brakeman/commit/f7cd5222adb0e8729f35eee89b8f1a4365bd7a0e"><code>f7cd522</code></a> Bump to 7.1.2</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/aea2ec0d944bd0e5f605e48c2893e5ba75b4f276"><code>aea2ec0</code></a> Update CHANGES</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/2aaa6e677b780c87f3f792203423d14ff508f6a9"><code>2aaa6e6</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1988">#1988</a> from presidentbeef/ignore_more_haml_builders</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/0924f7b79725e9f45c877e8653a7691492009f94"><code>0924f7b</code></a> Ignore more Haml builders</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/4411a1af95e17d78e1b4eedd4ceb29c369476441"><code>4411a1a</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1987">#1987</a> from chaadow/patch-3</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/0271586a2efdaa69442a711641224d920d57abfc"><code>0271586</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1986">#1986</a> from willnet/use-3-2-in-readme</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/7065ebe73de264f44cdb75c209d1f74861c8280c"><code>7065ebe</code></a> Update ruby_parser to handle ruby 4.0.0+</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/b3f67a4839e085d67d1270e54c91de6d6bcd9d75"><code>b3f67a4</code></a> Update required Ruby version in README</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/901a45de9481ea531ed574a84678c406de7f61eb"><code>901a45d</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1984">#1984</a> from sampart/patch-1</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/6ad33c4002b907edb6f6066202a483a8b2bdefda"><code>6ad33c4</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1985">#1985</a> from presidentbeef/upgrade_minitest_6_0</li> <li>Additional commits viewable in <a href="https://github.com/presidentbeef/brakeman/compare/v7.1.1...v7.1.2">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> You can view, comment on, or merge this pull request online at: https://github.com/openstreetmap/openstreetmap-website/pull/6665 -- Commit Summary -- * Bump the dependencies group with 4 updates -- File Changes -- M Gemfile.lock (12) -- Patch Links -- https://github.com/openstreetmap/openstreetmap-website/pull/6665.patch https://github.com/openstreetmap/openstreetmap-website/pull/6665.diff -- Reply to this email directly or view it on GitHub: https://github.com/openstreetmap/openstreetmap-website/pull/6665 You are receiving this because you are subscribed to this thread. Message ID: <openstreetmap/openstreetmap-website/pull/[email protected]>
_______________________________________________ rails-dev mailing list [email protected] https://lists.openstreetmap.org/listinfo/rails-dev
