Bump the production-dependencies-minor group across 1 directory with 31 updates

[dependabot]

Bumps the production-dependencies-minor group with 29 updates in the / directory:

Package	From	To
rake	13.2.1	13.3.1
rails	7.1.5.2	7.1.6
jbuilder	2.13.0	2.14.1
bootsnap	1.18.4	1.20.1
test-unit	3.2.7	3.7.7
aws-sdk-s3	1.113.0	1.211.0
json	2.12.2	2.18.0
rack-attack	6.5.0	6.8.0
pg	1.5.9	1.6.3
carrierwave	3.1.1	3.1.2
carrierwave-aws	1.6.0	1.6.1
mini_magick	5.2.0	5.3.1
httparty	0.21.0	0.24.0
devise-two-factor	6.1.0	6.3.0
geocoder	1.6.1	1.8.6
table_print	1.5.4	1.5.7
rexml	3.4.2	3.4.4
csv	3.3.4	3.3.5
maintenance_tasks	2.12.0	2.13.0
terser	1.2.5	1.2.6
rails-autoscale-web	1.11.1	1.12.2
lograge	0.3.6	0.14.0
recaptcha	5.19.0	5.21.1
barnes	0.0.8	0.0.9
fx	0.9.0	0.10.0
rails	7.1.6	8.1.2
rails-i18n	7.0.10	8.1.0
has_scope	0.8.2	0.9.0
globalid	1.2.1	1.3.0
js-routes	2.2.7	2.3.6

Updates rake from 13.2.1 to 13.3.1

Commits

• f0001c3 v13.3.1
• a644c80 Merge pull request #483 from luke-gru/fix_test_warnings
• 2465ea5 silence warnings during execution of rake tasks in Rakefile (ex: rake test)
• df25fb1 Merge pull request #610 from pvdb/fix_testhelper_require
• ec12ac9 Merge pull request #635 from nevans/deconstruct_keys-for-nil-keys
• 4664a69 Merge pull request #666 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• 7a0bf15 Bump ruby/setup-ruby from 1.265.0 to 1.266.0
• b3ed789 Merge pull request #665 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• 1e7ef52 Bump ruby/setup-ruby from 1.263.0 to 1.265.0
• 77225e1 Merge pull request #664 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• Additional commits viewable in compare view

Updates rails from 7.1.5.2 to 7.1.6

Release notes

Sourced from rails's releases.

7.1.6

Active Support

• No changes.

Active Model

• No changes.

Active Record

• Gracefully handle Timeout.timeout firing during connection configuration.

  Use of Timeout.timeout could result in improperly initialized database connection.

  This could lead to a partially configured connection being used, resulting in various exceptions, the most common being with the PostgreSQLAdapter raising undefined method key?' for nilorTypeError: wrong argument type nil (expected PG::TypeMap)`.

  Jean Boussier

• Fix error handling during connection configuration.

  Active Record wasn't properly handling errors during the connection configuration phase. This could lead to a partially configured connection being used, resulting in various exceptions, the most common being with the PostgreSQLAdapter raising undefined method key?' for nilorTypeError: wrong argument type nil (expected PG::TypeMap)`.

  Jean Boussier

• Fix prepared statements on mysql2 adapter.

  Jean Boussier

• Fix a race condition in ActiveRecord::Base#method_missing when lazily defining attributes.

  If multiple thread were concurrently triggering attribute definition on the same model, it could result in a NoMethodError being raised.

  Jean Boussier

Action View

• No changes.

Action Pack

... (truncated)

Commits

• ffcbf6f Preparing for 7.1.6 release
• 10a0f90 Upgrade sigstore gem to 0.2.2
• 4df996b Sync changelog
• 310c904 Merge pull request #55570 from zzak/8-0-sidekiq-issues
• c274de0 Merge pull request #55747 from skipkayhil/hm-kwzpqqkssmwtsunu
• 1d82970 Add the Action Cable configuration
• 8323dd6 Merge pull request #54164 from zzak/asto-test-mini_magick-deprecation-warning
• 4eb8085 Merge pull request #55812 from yahonda/bump-microsoftedge-version-to-latest
• d100e46 Don't load action cable in the activestorage dummy app
• 91fc9b2 Don't load sprockets-rails and propshaft in the same application
• Additional commits viewable in compare view

Updates jbuilder from 2.13.0 to 2.14.1

Release notes

Sourced from jbuilder's releases.

v2.14.1

What's Changed

• Ensure that Jbuilder.encode properly forwards arguments to .new by @​flavorjones in rails/jbuilder#601

New Contributors

• @​flavorjones made their first contribution in rails/jbuilder#601

Full Changelog: rails/jbuilder@v2.14.0...v2.14.1

v2.14.0

What's Changed

• Drop support to Ruby < 3.0 and Rails < 7.0
• Test against Rails 8 and fix Rails 7 logger dependency by @​excid3 in rails/jbuilder#582
• Add status: :see_other to update action by @​excid3 in rails/jbuilder#583
• Force close final statement in templates by @​ienders in rails/jbuilder#578
• Optimize _is_collection? method by @​moberegger in rails/jbuilder#590
• Add #frozen_string_literal: true to all files by @​moberegger in rails/jbuilder#599
• Optimize _key to prevent string allocation when formatting Symbols by @​moberegger in rails/jbuilder#593
• Optimize key formatter by @​moberegger in rails/jbuilder#597
• Optimize internal extract! calls to save on memory allocation by @​moberegger in rails/jbuilder#598
• Fix regression in API controllers with view_cache_dependencies helper by @​excid3 in rails/jbuilder#575
• Optimize method_missing via alias_method by @​moberegger in rails/jbuilder#600
• Cleanup project for Rails 7+ support by @​moberegger in rails/jbuilder#594
• Fix warnings and prevent Jbuilder::VERSION constant from being obliterated by @​pixeltrix in rails/jbuilder#574
• Optimize memory allocation when rendering partials by @​moberegger in rails/jbuilder#591

New Contributors

• @​richardvenneman made their first contribution in rails/jbuilder#576
• @​ienders made their first contribution in rails/jbuilder#578
• @​moberegger made their first contribution in rails/jbuilder#590

Full Changelog: rails/jbuilder@v2.13.0...v2.14.0

Commits

• 38339ad Prepare for 2.14.1
• 2400fd9 Merge pull request #601 from flavorjones/flavorjones/fix-encode-arguments
• a6863b5 Ensure that Jbuilder.encode properly forwards arguments to .new
• 30ba7df Prepare for 2.14.0
• 5f4af71 Merge pull request #591 from moberegger/moberegger/optimize_options_merges
• 6fd6c06 Small _set_inline_partial optimization
• b7b5abb Stop mutating options in partial! method
• 7e16adf Stop mutating options in set! method
• 8474b41 Remove _partial micro-optimization
• 9ffacf7 Merge pull request #574 from pixeltrix/fix-warnings-and-version-constant
• Additional commits viewable in compare view

Updates bootsnap from 1.18.4 to 1.20.1

Release notes

Sourced from bootsnap's releases.

v1.20.1

What's Changed

• Handle broken symlinks in load path scanning code. Should fix Errno::ENOENT fstatat issues some users have encountered after upgrading to 1.20.0.

Full Changelog: rails/bootsnap@v1.20.0...v1.20.1

v1.20.0

What's Changed

• Optimized load path scanning with a C extension. Should be about 2x faster on supported platforms.

Full Changelog: rails/bootsnap@v1.19.0...v1.20.0

Changelog

Sourced from bootsnap's changelog.

1.20.1

• Handle broken symlinks in load path scanning code. Should fix Errno::ENOENT fstatat issues some users have encountered after upgrading to 1.20.0.

1.20.0

• Optimized load path scanning with a C extension. Should be about 2x faster on supported platforms.

1.19.0

• Remove JSON parsing cache. Recent versions of the json gem are as fast as msgpack if not faster.

1.18.6

• Fix cgroup CPU limits detection in CLI.

1.18.5

• Attempt to detect a QEMU bug that can cause bootsnap precompile to hang forever when building ARM64 docker images from x86_64 machines. See #495.
• Improve CLI to detect cgroup CPU limits and avoid spawning too many worker processes.

Commits

• ba59bb8 Release 1.20.1
• 302b7db Merge pull request #514 from byroot/handle-broken-symlink
• fd1ddc3 Handle broken symlinks in load path
• fac34b8 Release 1.20.0
• 71311d4 Include Bootsnap::VERSION in LoadPathCache version
• f5c43ac Merge pull request #512 from byroot/prune-load-dir
• f94f668 Stop caching directories in LoadPathCache
• e3b5292 Merge pull request #511 from byroot/c-ext-load-path-scan
• e91dd21 Implement PathScanner in C to avoid N+1 stat(2) calls
• c77d5cc Cleanup the c extension
• Additional commits viewable in compare view

Updates test-unit from 3.2.7 to 3.7.7

Release notes

Sourced from test-unit's releases.

test-unit 3.7.7 - 2026-01-01

Fixes

• Fixed a bug that NoMemoryError occurred with RBS tests + MSVC Ruby.
  • GH-358
  • GH-363
  • Reported by Nobuyoshi Nakada

Thanks

• Nobuyoshi Nakada

test-unit 3.7.6 - 2025-12-25

Fixes

• Fixed a bug that sub_test_case may cause a runtime error. This also covers a minor case.
  • GH-359

test-unit 3.7.5 - 2025-12-24

Fixes

• Fixed a bug that sub_test_case may cause a runtime error.
  • GH-355

test-unit 3.7.4 - 2025-12-23

Improvements

• Added support for process based parallel test running. You can use it by the --parallel=process option. You need to specify load path options (e.g. -Ilib). Tests that startup/shutdown (test case level setup/teardown) are defined run in the same process.

  • GH-235
  • GH-339
  • GH-340
  • GH-341
  • GH-342
  • GH-344
  • GH-346
  • GH-348
  • Co authored by Naoto Ono

• Added support for worker_id for the parallel runner. You can use it in your test, setup/teardown and startup/shutdown (test case level setup/teardown).

  • GH-235

... (truncated)

Commits

• d2a49b7 Fix 3.7.7 entry (#365)
• 6aeaf5f Add 3.7.7 entry (#364)
• 813ea12 Fix NoMemoryError problem with RBS tests + MSVC Ruby (#363)
• 745d395 Bump version (#362)
• af736fc Add 3.7.6 entry (#360)
• 9c6fce7 Remove "+" from auto generated sub test case name (#359)
• b3872dc Bump version
• cc8dea4 Add 3.7.5 entry
• c7b1175 Remove "/" from auto generated sub test case name (#356)
• fefef05 Bump version (#354)
• Additional commits viewable in compare view

Updates aws-sdk-s3 from 1.113.0 to 1.211.0

Changelog

Sourced from aws-sdk-s3's changelog.

1.211.0 (2026-01-08)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Falls back to header request checksums when using custom endpoints or endpoint providers for PutObject and UploadPart operations.

1.210.1 (2026-01-06)

• Issue - Normalize response encoding to UTF-8 for proper XML error parsing in HTTP 200 responses.

1.210.0 (2026-01-05)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Feature - Added :http_chunk_size parameter to TransferManager#upload_file to control the buffer size when streaming request bodies over HTTP. Larger chunk sizes may improve network throughput at the cost of higher memory usage (Ruby MRI only).

• Feature - Improved memory efficiency when calculating request checksums for large file uploads (Ruby MRI only).

1.209.0 (2025-12-23)

• Feature - Add additional validation to Outpost bucket names.

1.208.0 (2025-12-16)

• Feature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.

1.207.0 (2025-12-15)

• Feature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.

1.206.0 (2025-12-02)

• Feature - New S3 Storage Class FSX_ONTAP

1.205.0 (2025-11-20)

• Feature - Enable / Disable ABAC on a general purpose bucket.

1.204.0 (2025-11-19)

• Feature - Adds support for blocking SSE-C writes to general purpose buckets.

... (truncated)

Commits

• See full diff in compare view

Updates json from 2.12.2 to 2.18.0

Release notes

Sourced from json's releases.

v2.18.0

What's Changed

• Add :allow_control_characters parser options, to allow JSON strings containing unescaped ASCII control characters (e.g. newlines).

Full Changelog: ruby/json@v2.17.1...v2.18.0

v2.17.1

What's Changed

• Fix a regression in parsing of unicode surogate pairs (\uXX\uXX) that could cause an invalid string to be returned.

Full Changelog: ruby/json@v2.17.0...v2.17.1

v2.17.0

What's Changed

• Improve JSON.load and JSON.unsafe_load to allow passing options as second argument.
• Fix the parser to no longer ignore invalid escapes in strings. Only \", \\, \b, \f, \n, \r, \t and \u are valid JSON escapes.
• Fixed JSON::Coder to use the depth it was initialized with.
• On TruffleRuby, fix the generator to not call to_json on the return value of as_json for Float::NAN.
• Fixed handling of state.depth: when to_json changes state.depth but does not restore it, it is reset automatically to its initial value. In particular, when a NestingError is raised, depth is no longer equal to max_nesting after the call to generate, and is reset to its initial value. Similarly when to_json raises an exception.

Full Changelog: ruby/json@v2.16.0...v2.17.0

v2.16.0

What's Changed

• Deprecate JSON::State#[] and JSON::State#[]=. Consider using JSON::Coder instead.
• JSON::Coder now also yields to the block when encountering strings with invalid encoding.
• Fix GeneratorError messages to be UTF-8 encoded.
• Fix memory leak when Exception is raised, or throw is used during JSON generation.
• Optimized floating point number parsing by integrating the ryu algorithm (thanks to Josef Šimánek).
• Optimized numbers parsing using SWAR (thanks to Scott Myron).
• Optimized parsing of pretty printed documents using SWAR (thanks to Scott Myron).

Full Changelog: ruby/json@v2.15.2...v2.16.0

v2.15.2

What's Changed

• Fix JSON::Coder to have one dedicated depth counter per invocation. After encountering a circular reference in JSON::Coder#dump, any further #dump call would raise JSON::NestingError.

Full Changelog: ruby/json@v2.15.1...v2.15.2

... (truncated)

Changelog

Sourced from json's changelog.

2025-12-11 (2.18.0)

• Add :allow_control_characters parser options, to allow JSON strings containing unescaped ASCII control characters (e.g. newlines).

2025-12-04 (2.17.1)

• Fix a regression in parsing of unicode surogate pairs (\uXX\uXX) that could cause an invalid string to be returned.

2025-12-03 (2.17.0)

• Improve JSON.load and JSON.unsafe_load to allow passing options as second argument.
• Fix the parser to no longer ignore invalid escapes in strings. Only \", \\, \b, \f, \n, \r, \t and \u are valid JSON escapes.
• Fixed JSON::Coder to use the depth it was initialized with.
• On TruffleRuby, fix the generator to not call to_json on the return value of as_json for Float::NAN.
• Fixed handling of state.depth: when to_json changes state.depth but does not restore it, it is reset automatically to its initial value. In particular, when a NestingError is raised, depth is no longer equal to max_nesting after the call to generate, and is reset to its initial value. Similarly when to_json raises an exception.

2025-11-07 (2.16.0)

• Deprecate JSON::State#[] and JSON::State#[]=. Consider using JSON::Coder instead.
• JSON::Coder now also yields to the block when encountering strings with invalid encoding.
• Fix GeneratorError messages to be UTF-8 encoded.
• Fix memory leak when Exception is raised, or throw is used during JSON generation.
• Optimized floating point number parsing by integrating the ryu algorithm (thanks to Josef Šimánek).
• Optimized numbers parsing using SWAR (thanks to Scott Myron).
• Optimized parsing of pretty printed documents using SWAR (thanks to Scott Myron).

2025-10-25 (2.15.2)

• Fix JSON::Coder to have one dedicated depth counter per invocation. After encountering a circular reference in JSON::Coder#dump, any further #dump call would raise JSON::NestingError.

2025-10-07 (2.15.1)

• Fix incorrect escaping in the JRuby extension when encoding shared strings.

2025-09-22 (2.15.0)

• JSON::Coder callback now receive a second argument to convey whether the object is a hash key.
• Tuned the floating point number generator to not use scientific notation as aggressively.

2025-09-18 (2.14.1)

• Fix IndexOutOfBoundsException in the JRuby extension when encoding shared strings.

2025-09-18 (2.14.0)

... (truncated)

Commits

• 1cdd212 Release 2.18.0
• 3459499 Add allow_control_characters parsing option
• 1da3fd9 Add a specific error for unescaped newlines
• cf3993c Remove dead code from JSON::TruffleRuby::Generator
• 4218a42 Remove dead code in benchmark/encoder.rb
• e5e4fd5 Release 2.17.1
• 0fce370 Fix a regression in parsing of unicode surogate pairs
• 4bdb2d1 Release 2.17.0
• ccca602 Fix handling of depth
• 7b62fac Fix duplicated test_unsafe_load_with_options test case
• Additional commits viewable in compare view

Updates rack-attack from 6.5.0 to 6.8.0

Release notes

Sourced from rack-attack's releases.

v6.8.0

What's Changed

Changed

• Avoid RedisCacheStore#increment on Rails 6+ (which might improve performance) by @​jdelStrother (#597)

Fixed

• Fix #588 don't fail if request.ip is missing, by @​santib (#630)
• Fix reset! when using namespaced cache store by @​santib (#673)

Deprecated

• Soft deprecate integration with rack 1.x, may or may not work with it.
• Soft deprecate integration with rails 5.2 or less, may or may not work with it.

Removed

• Remove support for unmaintained ActiveSupport::Cache::RedisStore, by @​mitchellhenke (#625)

New Contributors

• @​floehopper made their first contribution in rack/rack-attack#618
• @​mttkay made their first contribution in rack/rack-attack#622
• @​mitchellhenke made their first contribution in rack/rack-attack#625
• @​santib made their first contribution in rack/rack-attack#629
• @​tisba made their first contribution in rack/rack-attack#654
• @​fynsta made their first contribution in rack/rack-attack#658
• @​alexsmartens made their first contribution in rack/rack-attack#664

Full Changelog: rack/rack-attack@v6.7.0...v6.8.0

v6.7.0

What's Changed

• Replace git.io URL by @​kyoshidajp in rack/rack-attack#579
• test: update rack-test to v2 from v1 by @​grzuy in rack/rack-attack#587
• Update example description to not suggest using a deprecated method by @​MaksimAbramchuk in rack/rack-attack#589
• Add note about cache stores and in-memory caches. by @​nateberkopec in rack/rack-attack#604
• ci: tests against redis gem v5 by @​grzuy in rack/rack-attack#612
• Support rack 3 by @​ioquatix in rack/rack-attack#586
• Gem release management. by @​ioquatix in rack/rack-attack#614

New Contributors

• @​kyoshidajp made their first contribution in rack/rack-attack#579
• @​MaksimAbramchuk made their first contribution in rack/rack-attack#589
• @​nateberkopec made their first contribution in rack/rack-attack#604

Full Changelog: rack/rack-attack@v6.6.1...v6.7.0

... (truncated)

Changelog

Sourced from rack-attack's changelog.

[6.8.0] - 2025-10-14

Changed

• Avoid RedisCacheStore#increment on Rails 6+ (which might improve performance) by @​jdelStrother (#597)

Fixed

• Fix #588 don't fail if request.ip is missing, by @​santib (#630)
• Fix reset! when using namespaced cache store by @​santib (#673)

Deprecated

• Soft deprecate integration with rack 1.x, may or may not work with it.
• Soft deprecate integration with rails 5.2 or less, may or may not work with it.

Removed

• Remove support for unmaintained ActiveSupport::Cache::RedisStore, by @​mitchellhenke (#625)

[6.7.0] - 2023-07-26

• Replace git.io URL by @​kyoshidajp in #579
• test: update rack-test to v2 from v1 by @​grzuy in #587
• Update example description to not suggest using a deprecated method by @​MaksimAbramchuk in #589
• Add note about cache stores and in-memory caches. by @​nateberkopec in #604
• ci: tests against redis gem v5 by @​grzuy in #612
• Support rack 3 by @​ioquatix in #586
• Gem release management. by @​ioquatix in #614

[6.6.1] - 2022-04-14

Fixed

• Fixes deprecation warning in redis 4.6+ ([@​ixti])

[6.6.0] - 2022-01-29

Added

• Ability to have access to the request object instead of only env (still can access env with request.env) when customizing throttle and blocklist responses with new methods Rack::Attack.blocklisted_responder= and Rack::Attack.throttled_responder= which yield the request to your lambda. ([@​NikolayRys])

Deprecated

• Rack::Attack.blocklisted_response=
• Rack::Attack.throttled_response=

Commits

• 65f1ead Bumps gem version to v6.8.0
• e84eaf5 Upgrade GHA Runners (#694)
• 4606efb build(deps): bump actions/checkout from 4 to 5 (#690)
• 40d83d1 Fix GHA Runner (#692)
• 1dba6ec Remove CodeClimate (#693)
• 4677708 Add Ruby 3.4 to the CI (#681)
• 8710876 Fix CI (#683)
• 86650c4 Fix reset! when using namespaced cache store (#673)
• 8d5b210 Fix wrong merge resolution (#680)
• 6db4a73 Drop Dalli 2 support (#679)
• Additional commits viewable in compare view

Updates pg from 1.5.9 to 1.6.3

Changelog

Sourced from pg's changelog.

v1.6.3 [2025-12-29] Lars Kanis lars@greiz-reinsdorf.de

Added:

• Add binary gems for ruby-4.0, now providing ruby-3.0 to 4.0. #682
• Update fat binary gem to OpenSSL-3.6.0 and PostgreSQL-18.1.
• Improve documentation of PG::Result and README. #676
• Update errorcodes to PostgreSQL-18.
• Use rb_hash_new_capa on Ruby-3.2+ . #674
• Deny any server communication on a frozen PG::Connection . #677
• Fix possible race condition in PG::Result in Ractor context. #674

Removed:

• Drop binary gem support for platform x86-mingw32. #682
• Drop binary gems for ruby-2.7.

v1.6.2 [2025-09-02] Lars Kanis lars@greiz-reinsdorf.de

• Remove several absolute paths from native binaries which pointed to build directories. #668
• Fix bad fallback path to pg_service.conf. #666
• Use rbpg_ prefix for base64_* functions to avoid name clashes with functions provided by other libraries like Heimdal on Macos. #667
• Raise a more descriptive error message in case of pg_ext LoadError. #664
• Freeze some constants to make them available in a Ractor context. #660
• Several documentation improvements.
• Update native binary gems to OpenSSL-3.5.2, krb5-1.22.1 and PostgreSQL-17.6.

v1.6.1 [2025-08-03] Lars Kanis lars@greiz-reinsdorf.de

• Add binary gems for platforms aarch64-linux-musl and x86_64-linux-musl without the need to install package gcompat. #657.
• Serialize CompositeCoder#dimensions only when set. #652 This fixes the compatibility to pg-1.5.9, when deserializing Marshal data from pg-1.6, as long as the new attribute isn't used.
• Remove dependency to MSYS2 package "postgresql" from binary Windows gem #654

v1.6.0 [2025-07-27] Lars Kanis lars@greiz-reinsdorf.de

Added:

• Add binary gems for Ruby 3.4.
• Add fat binary gem for platform aarch64-mingw-ucrt aka Windows on ARM #626, for platform Macos on Intel and ARM #643, for platform aarch64-linux #646 and for platform x86_64-linux #551.
• Update fat binary gem to OpenSSL-3.5.1 and PostgreSQL-17.5.
• Add a patch to libpq to avoid starvation on bigger SSL records, which some database engines other than vanilla PostgreSQL use. This patch applies to platform specific binary gems only. #616
• Add support for new query cancel functions of PostgreSQL-17. This adds the new class PG::CancelConnection which provides the ability to cancel a query per blocking or per non-blocking functions. If the new functions are available they are used and the older are no longer compiled in. This way we can get rid of reading out the internal PGcancel struct by Connection#backend_key. #614

... (truncated)

Commits

• d4539c2 Bump VERSION to pg-1.6.3 and add release notes
• 720900d Merge pull request #682 from larskanis/ruby-4.0
• f605b59 Remove x86-mingw32 from binary builds
• 5c69000 Update to ruby-4.0
• 2acaf3d CI: workaround missing ruby-4.0 on Window
• b500ded fix comment
• bc3f2f8 CI: Macos-13 on Intel is deprecated
• 77667eb Merge pull request #678 from larskanis/ci-update
• 6e52ce5 CI: Update PostgreSQL on Macos
• 6d40f50 CI: Print mkmf.log on failure on Macos
• Additional commits viewable in compare view

Updates carrierwave from 3.1.1 to 3.1.2

Release notes

Sourced from carrierwave's releases.

3.1.2

Fixed

• Fix failing to remove existing files on updating by #remove_#{column}=, ##{column}_cache=, and #remote_#{column}_url= (@​mshibuya 7b2ce50, #2778, #2779)

Changelog

Sourced from carrierwave's changelog.

3.1.2 - 2025-04-13

Fixed

• Fix failing to remove existing files on updating by #remove_#{column}=, ##{column}_cache=, and #remote_#{column}_url= (@​mshibuya 7b2ce50, #2778, #2779)

Commits

• 8e5db8c Version 3.1.2
• 7b2ce50 Fix failing to remove existing files on updating by #remove_#{column}=, `##...
• 9001ab7 Fix specs breaking with MiniMagick 5.x
• See full diff in compare view

Updates carrierwave-aws from 1.6.0 to 1.6.1

Changelog

Sourced from carrierwave-aws's changelog.

Version 1.6.1 2026-01-10

• Fixed: Replace deprecated Aws::S3::Object#upload_file with TransferManager if available [Jules, Foto]
• Fixed: Correct typo MULTIPART_TRESHOLD to MULTIPART_THRESHOLD [Naoki Hayashida]

Commits

• 0d3cb7c Release v1.6.1
• a585cb9 Bump actions/checkout from 4 to 6 (#193)
• e35e315 Follow-up for #191
• 03e8399 Replace deprecated Aws::S3::Object#upload_file with TransferManager (#191)
• 1117b0e Fix typo MULTIPART_TRESHOLD to MULTIPART_THRESHOLD (#188)
• 8eb1c77 Add dependabot.yml (#186)
• 178f675 Merge pull request #182 from w-masahiro-ct/improve-test-ci
• 606c957 Fix test failure
• c113480 Improve test CI
• 09c5baa Correct PR attribution 🙇
• See full diff in compare view

Updates mini_magick from 5.2.0 to 5.3.1

Release notes

Sourced from mini_magick's releases.

v5.3.1

• Fixed MiniMagick.cli_prefix being mutated when set to an array.

v5.3.0

• Actually require Ruby 2.5+ in the gemspec.
• Fix Ruby 2.5 compatibility when using MiniMagick.restricted_env configuration.
• Drop benchmark dependency.
• Fix keyword argument forwarding when trying to call MiniMagick.compare(errors: false)

Commits

• ddcbfe9 Bump to 5.3.1
• ed5897b Simplify spec
• 862ffbb Fix configured cli_prefix being muated (#597)
• c53b8bb Bump to 5.3.0
• eda3dde Bump ruby 2.5+ requirement in the gemspec
• ed928b1 Add spec for the keyword arguments
• 6de850a Try using ENV.to_h for compatibility with Ruby 2.5 (#593)
• c1b2e2c Fix option forwarding in MiniMagick::Tool.new (#596)
• dfd3de0 Fix typo in README: change tmdir to tmpdir in configuration example (#595)
• 23239db Drop benchmark dependency (#592)
• Additional commits viewable in compare view

Updates httparty from 0.21.0 to 0.24.0

Release notes

Sourced from httparty's releases.

v0.24.0

What's Changed

• Force binary encoding throughout by @​jnunemaker in jnunemaker/httparty#823
• set Content-Type for Hash body in requests by @​jnunemaker in jnunemaker/httparty#828
• feat: stream multipart file uploads to reduce memory usage by @​jnunemaker in jnunemaker/httparty#829
• fix: prevent SSRF via absolute URL bypassing base_uri by @​jnunemaker in jnunemaker/httparty#830

Full Changelog: jnunemaker/httparty@v0.23.2...v0.24.0

0.23.2

What's Changed

• Add changelog_uri metadata to gemspec by @​baraidrissa in jnunemaker/httparty#817
• Fix multipart with files in binary mode and fields including non-ASCII characters by @​rdimartino in jnunemaker/httparty#822

New Contributors

• @​baraidrissa made their first contribution in jnunemaker/httparty#817
• @​rdimartino made their first contribution in jnunemaker/httparty#822

Full Changelog: jnunemaker/httparty@v0.23.1...v0.23.2

v0.23.1

• Add foul option to class level jnunemaker/httparty@d268387

Full Changelog: