Bump actionpack from 6.1.3.2 to 6.1.4.1#10

Bumps [actionpack](https://github.com/rails/rails) from 6.1.3.2 to 6.1.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rails/rails/releases">actionpack's releases</a>.</em></p> <blockquote> <h2>6.1.4</h2> <h2>Active Support</h2> <ul> <li> <p>MemCacheStore: convert any underlying value (including <code>false</code>) to an <code>Entry</code>.</p> <p>See <a href="https://github-redirect.dependabot.com/rails/rails/pull/42559">#42559</a>.</p> <p><em>Alex Ghiculescu</em></p> </li> <li> <p>Fix bug in <code>number_with_precision</code> when using large <code>BigDecimal</code> values.</p> <p>Fixes <a href="https://github-redirect.dependabot.com/rails/rails/issues/42302">#42302</a>.</p> <p><em>Federico Aldunate</em>, <em>Zachary Scott</em></p> </li> <li> <p>Check byte size instead of length on <code>secure_compare</code>.</p> <p><em>Tietew</em></p> </li> <li> <p>Fix <code>Time.at</code> to not lose <code>:in</code> option.</p> <p><em>Ryuta Kamizono</em></p> </li> <li> <p>Require a path for <code>config.cache_store = :file_store</code>.</p> <p><em>Alex Ghiculescu</em></p> </li> <li> <p>Avoid having to store complex object in the default translation file.</p> <p><em>Rafael Mendonça França</em></p> </li> </ul> <h2>Active Model</h2> <ul> <li> <p>Fix <code>to_json</code> for <code>ActiveModel::Dirty</code> object.</p> <p>Exclude +mutations_from_database+ attribute from json as it lead to recursion.</p> <p><em>Anil Maurya</em></p> </li> </ul> <h2>Active Record</h2> <ul> <li> <p>Do not try to rollback transactions that failed due to a <code>ActiveRecord::TransactionRollbackError</code>.</p> <p><em>Jamie McCarthy</em></p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rails/rails/blob/v6.1.4.1/actionpack/CHANGELOG.md">actionpack's changelog</a>.</em></p> <blockquote> <h2>Rails 6.1.4.1 (August 19, 2021)</h2> <ul> <li> <p>[CVE-2021-22942] Fix possible open redirect in Host Authorization middleware.</p> <p>Specially crafted &quot;X-Forwarded-Host&quot; headers in combination with certain &quot;allowed host&quot; formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.</p> </li> </ul> <h2>Rails 6.1.4 (June 24, 2021)</h2> <ul> <li> <p>Ignore file fixtures on <code>db:fixtures:load</code></p> <p><em>Kevin Sjöberg</em></p> </li> <li> <p>Fix ActionController::Live controller test deadlocks by removing the body buffer size limit for tests.</p> <p><em>Dylan Thacker-Smith</em></p> </li> <li> <p>Correctly place optional path parameter booleans.</p> <p>Previously, if you specify a url parameter that is part of the path as false it would include that part of the path as parameter for example:</p> <pre><code>get &quot;(/optional/:optional_id)/things&quot; =&gt; &quot;foo#foo&quot;, as: :things things_path(optional_id: false) # =&gt; /things?optional_id=false </code></pre> <p>After this change, true and false will be treated the same when used as optional path parameters. Meaning now:</p> <pre><code>get '(this/:my_bool)/that' as: :that <p>that_path(my_bool: true) # =&gt; <code>/this/true/that</code> that_path(my_bool: false) # =&gt; <code>/this/false/that</code> </code></pre></p> <p><em>Adam Hess</em></p> </li> <li> <p>Add support for 'private, no-store' Cache-Control headers.</p> <p>Previously, 'no-store' was exclusive; no other directives could be specified.</p> <p><em>Alex Smith</em></p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rails/rails/commit/90357af08048ef5076730505f6e7b14a81f33d0c"><code>90357af</code></a> Preparing for 6.1.4.1 release</li> <li><a href="https://github.com/rails/rails/commit/e63dcc1db405be1671bac056ceca1cc8b4eeeb6a"><code>e63dcc1</code></a> Bump version / update changelog</li> <li><a href="https://github.com/rails/rails/commit/5e9973d6e020b98a5ec71578aa1837efcf4d7b7e"><code>5e9973d</code></a> Refactor CVE-2021-22881 fix</li> <li><a href="https://github.com/rails/rails/commit/83217025a171593547d1268651b446d3533e2019"><code>8321702</code></a> Preparing for 6.1.4 release</li> <li><a href="https://github.com/rails/rails/commit/e71539cc27f970bfc3aad5d30c88b15e43b8e162"><code>e71539c</code></a> Update CHANGELOG</li> <li><a href="https://github.com/rails/rails/commit/8877b88223aed6fc40d2ef21d0dffb616ba0e70d"><code>8877b88</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/42153">#42153</a> from kevinsjoberg/ignore-file-fixtures-on-load</li> <li><a href="https://github.com/rails/rails/commit/5b4466d122f751a6de1a228e5531c03d396e9edd"><code>5b4466d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/41609">#41609</a></li> <li><a href="https://github.com/rails/rails/commit/fab5a817d05ea1fd4641c526ce5ef604f1b335fe"><code>fab5a81</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/42437">#42437</a> from HParker/digest-find-parent-controller-template</li> <li><a href="https://github.com/rails/rails/commit/3bbf3ac5de8ea613b4ce5554d4c39bc4e96998b4"><code>3bbf3ac</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/42244">#42244</a> from hahmed/fix-invalid-statement-compile-error</li> <li><a href="https://github.com/rails/rails/commit/d83a3189d5248479bbf8f123ff8dd0c770e38421"><code>d83a318</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/42283">#42283</a> from HParker/named-routes-identifies-false</li> <li>Additional commits viewable in <a href="https://github.com/rails/rails/compare/v6.1.3.2...v6.1.4.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sas2job/magic_ball_tg_bot/network/alerts). </details>