Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump prism from 1.0.0 to 1.1.0 #684

Merged
merged 1 commit into from
Oct 3, 2024
Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 3, 2024

Bumps prism from 1.0.0 to 1.1.0.

Release notes

Sourced from prism's releases.

v1.1.0

Added

  • Explicitly type each child node field in the Ruby API.
  • Add the main_script option to the parse APIs, which controls whether or not shebangs are considered.
  • Add the partial_script options to the parse APIs, which controls whether or not jumps that would otherwise be considered invalid are allowed. This is useful for parsing things like ERB sources, where you know it will be evaluated in a different context. Note that this functionality is replacing the previous idiom of passing in a list of scopes to indicate an eval context, because that behavior has changed upstream in ruby/ruby.
  • Add ArgumentsNode#contains_multiple_splats?.
  • Add ArgumentsNode#contains_forwarding?.
  • Accept all valid Ruby versions for the version option on parse APIs.
  • Accept version shorthands like "3.3" and "3.4" for the version option on parse APIs.
  • Support a max depth to protect against malicious payloads without hitting the stack limit.

Changed

  • Fix some token incompatibilities in the parser translation.
  • Fix up parsing tempfiles on Windows.
  • Fix up handling UTF-8 characters in file paths on Windows.
  • Do not warn for a \r at the end of a shebang on Windows.
  • Properly handle erroring for parsing a directory on Windows.
  • When a numbered reference is out of range, warn instead of raise.
  • Allow returns in default parameter values.
  • Reject many more invalid syntax patterns.
Changelog

Sourced from prism's changelog.

[1.1.0] - 2024-10-02

Added

  • Explicitly type each child node field in the Ruby API.
  • Add the main_script option to the parse APIs, which controls whether or not shebangs are considered.
  • Add the partial_script options to the parse APIs, which controls whether or not jumps that would otherwise be considered invalid are allowed. This is useful for parsing things like ERB sources, where you know it will be evaluated in a different context. Note that this functionality is replacing the previous idiom of passing in a list of scopes to indicate an eval context, because that behavior has changed upstream in ruby/ruby.
  • Add ArgumentsNode#contains_multiple_splats?.
  • Add ArgumentsNode#contains_forwarding?.
  • Accept all valid Ruby versions for the version option on parse APIs.
  • Accept version shorthands like "3.3" and "3.4" for the version option on parse APIs.
  • Support a max depth to protect against malicious payloads without hitting the stack limit.

Changed

  • Fix some token incompatibilities in the parser translation.
  • Fix up parsing tempfiles on Windows.
  • Fix up handling UTF-8 characters in file paths on Windows.
  • Do not warn for a \r at the end of a shebang on Windows.
  • Properly handle erroring for parsing a directory on Windows.
  • When a numbered reference is out of range, warn instead of raise.
  • Allow returns in default parameter values.
  • Reject many more invalid syntax patterns.
Commits
  • 5bf1903 Merge pull request #3128 from ruby/bump-version
  • f800268 Bump to v1.1.0
  • 2744eb3 Merge pull request #3127 from ruby/fix-up-binding-power
  • f29ceae Fix up binding power for singleton method receiver
  • 7cc60a3 Merge pull request #3126 from ianks/cargo-leak-fix
  • f06ecf4 Disable leak sanitize step in Rust in CI for now
  • e6c0ede Merge pull request #3125 from ruby/double-range-in-arguments
  • aee2de9 Fix up doubled range in arguments
  • 7ea42f6 Merge pull request #3124 from ruby/beginless-ranges
  • ab9d809 Fix up beginless ranges in method definitions
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [prism](https://github.com/ruby/prism) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/ruby/prism/releases)
- [Changelog](https://github.com/ruby/prism/blob/main/CHANGELOG.md)
- [Commits](ruby/prism@v1.0.0...v1.1.0)

---
updated-dependencies:
- dependency-name: prism
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 3, 2024
@davidrunger davidrunger merged commit 48e7bdc into main Oct 3, 2024
1 check passed
@davidrunger davidrunger deleted the dependabot/bundler/prism-1.1.0 branch October 3, 2024 13:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant