Bump addressable from 2.6.0 to 2.8.1#63
Open
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.6.0 to 2.8.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md">addressable's changelog</a>.</em></p> <blockquote> <h1>Addressable 2.8.1</h1> <ul> <li>refactor <code>Addressable::URI.normalize_path</code> to address linter offenses (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/430">#430</a>)</li> <li>remove redundant colon in <code>Addressable::URI::CharacterClasses::AUTHORITY</code> regex (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/438">#438</a>)</li> <li>update gemspec to reflect supported Ruby versions (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/466">#466</a>, <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/464">#464</a>, <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/463">#463</a>)</li> <li>compatibility w/ public_suffix 5.x (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/466">#466</a>, <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/465">#465</a>, <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/460">#460</a>)</li> <li>fixes "invalid byte sequence in UTF-8" exception when unencoding URLs containing non UTF-8 characters (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/459">#459</a>)</li> <li><code>Ractor</code> compatibility (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/449">#449</a>)</li> <li>use the whole string instead of a single line for template match (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/431">#431</a>)</li> <li>force UTF-8 encoding only if needed (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/341">#341</a>)</li> </ul> <p><a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/460">#460</a>: <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/460">sporkmonger/addressable#460</a> <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/463">#463</a>: <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/463">sporkmonger/addressable#463</a> <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/464">#464</a>: <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/464">sporkmonger/addressable#464</a> <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/465">#465</a>: <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/465">sporkmonger/addressable#465</a> <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/466">#466</a>: <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/pull/466">sporkmonger/addressable#466</a></p> <h1>Addressable 2.8.0</h1> <ul> <li>fixes ReDoS vulnerability in Addressable::Template#match</li> <li>no longer replaces <code>+</code> with spaces in queries for non-http(s) schemes</li> <li>fixed encoding ipv6 literals</li> <li>the <code>:compacted</code> flag for <code>normalized_query</code> now dedupes parameters</li> <li>fix broken <code>escape_component</code> alias</li> <li>dropping support for Ruby 2.0 and 2.1</li> <li>adding Ruby 3.0 compatibility for development tasks</li> <li>drop support for <code>rack-mount</code> and remove Addressable::Template#generate</li> <li>performance improvements</li> <li>switch CI/CD to GitHub Actions</li> </ul> <h1>Addressable 2.7.0</h1> <ul> <li>added <code>:compacted</code> flag to <code>normalized_query</code></li> <li><code>heuristic_parse</code> handles <code>mailto:</code> more intuitively</li> <li>dropped explicit support for JRuby 9.0.5.0</li> <li>compatibility w/ public_suffix 4.x</li> <li>performance improvements</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sporkmonger/addressable/commit/8657465b438d93c707aff4346fdcf74c742b4a53"><code>8657465</code></a> Update version, gemspec, and CHANGELOG for 2.8.1 (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/474">#474</a>)</li> <li><a href="https://github.com/sporkmonger/addressable/commit/4fc5bb6eee91d49c2f3ed7e6f060aa32e2c5929b"><code>4fc5bb6</code></a> CI: remove Ubuntu 18.04 job (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/473">#473</a>)</li> <li><a href="https://github.com/sporkmonger/addressable/commit/860fede2984a6ce0551e43db68262a2ec7705914"><code>860fede</code></a> Force UTF-8 encoding only if needed (<a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/341">#341</a>)</li> <li><a href="https://github.com/sporkmonger/addressable/commit/99810afbd2313a550b812c512a27e99a1f376b87"><code>99810af</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/431">#431</a> from ojab/ct-_do_not_parse_multiline_strings</li> <li><a href="https://github.com/sporkmonger/addressable/commit/7ce0f485021d6ff629f0d97c5ec656636d853876"><code>7ce0f48</code></a> Merge branch 'main' into ct-_do_not_parse_multiline_strings</li> <li><a href="https://github.com/sporkmonger/addressable/commit/7ecf75146c1a53b089150ccc33c909214d728323"><code>7ecf751</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/449">#449</a> from okeeblow/freeze_concatenated_strings</li> <li><a href="https://github.com/sporkmonger/addressable/commit/41f12dd5a04a4bc0d5e9fc89ff538869581dbb34"><code>41f12dd</code></a> Merge branch 'main' into freeze_concatenated_strings</li> <li><a href="https://github.com/sporkmonger/addressable/commit/068f673a46ef69f7a72ff0f5d3ab972abc626a25"><code>068f673</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/459">#459</a> from jarthod/iso-encoding-problem</li> <li><a href="https://github.com/sporkmonger/addressable/commit/b4c98820f27937454bd596bc72b5d07872ead06b"><code>b4c9882</code></a> Merge branch 'main' into iso-encoding-problem</li> <li><a href="https://github.com/sporkmonger/addressable/commit/08d27e85f8479d12bfbf139434261f93c7de896a"><code>08d27e8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sporkmonger/addressable/issues/471">#471</a> from sporkmonger/sporkmonger-enable-codeql</li> <li>Additional commits viewable in <a href="https://github.com/sporkmonger/addressable/compare/addressable-2.6.0...addressable-2.8.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/TurtleTony/rails-image-board/network/alerts). </details>
AI Analysis
This issue appears to be discussing a feature request or bug report related to the repository. Based on the content, it seems to be still under discussion. The issue was opened by dependabot[bot] and has received 0 comments.
Add a comment
Comment form would go here