Bump the ruby-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the ruby-dependencies group with 5 updates in the / directory:

Package	From	To
pg	1.5.6	1.5.9
uglifier	4.2.0	4.2.1
bootsnap	1.18.3	1.18.4
jbuilder	2.12.0	2.13.0
puma	6.4.2	6.4.3

Updates pg from 1.5.6 to 1.5.9

Changelog

Sourced from pg's changelog.

v1.5.9 [2024-10-24] Lars Kanis [email protected]

• Enable thread safety in static OpenSSL build for Windows. #595
• Remove raising conect_timeout from 1 to 2 seconds. #590
• Fix binary copy_data in Ractor context. #594
• Exclude CI files and hidden files from built gem. #591 This is to simplify security inspection.
• Update error classes to PostgreSQL-17.
• Update Windows fat binary gem to OpenSSL-3.4.0 and PostgreSQL-17.0.

v1.5.8 [2024-09-06] Lars Kanis [email protected]

• Fix host list duplication every time conn.reset is used. #586
• Add default decoder for anonymous record types to BasicTypeRegistry #579
• Update Windows fat binary gem to OpenSSL-3.3.2 and PostgreSQL-16.4.

v1.5.7 [2024-07-28] Lars Kanis [email protected]

• Remove deprecated use of fptr->fd.#562 Direct access is disallowed since ruby-3.4.
• Make pgconn_connect_poll close the socket prior to calling PQconnectPoll. #564 This could result in an exception while connecting when used multi threaded.
• Fix several typos and improve spelling in documentation and code. #566
• Add missing PG::RollbackTransaction as an option to exit conn.transaction. #560 Usage like in rails: https://api.rubyonrails.org/classes/ActiveRecord/Rollback.html
• Don't print a warning when bigdecimal is required on ruby-3.4+ #574
• Update Windows fat binary gem to OpenSSL-3.3.1 and PostgreSQL-16.3.

Commits

• afe2f20 Bump VERSION to 1.5.9
• 9f8a6c6 Add History entry for pg-1.5.9
• 342bdbb Merge pull request #599 from larskanis/update-postgres
• ca8e69c Remove skip on Windows since the issue is fixed
• 70c02ea Work around missing dependency to errorcodes.h in PostgreSQL-17.0
• 4a52437 CI: Update jobs to postgresql-1.7.0
• d8c3753 Update to postgresql-17.0 and openssl-3.4.0 for Windows binary gems
• 86367c6 Update error codes by rake update_error_codes
• 94f1d7f Merge pull request #598 from larskanis/osl-threads
• 716221a Enable thread safety in static OpenSSL build
• Additional commits viewable in compare view

Updates uglifier from 4.2.0 to 4.2.1

Changelog

Sourced from uglifier's changelog.

4.2.1 (22 September 2024)

• fix Ruby 3.4 compatiblity, drop Ruby 2.3 and older support (#195)
• fix typos (#194)

Commits

• 959b740 Bump version to 4.2.1
• 5a6a6f4 Update changelog
• f7ee1a2 Merge branch 'drop-base64'
• b808f14 Merge pull request #194 from kianmeng/fix-typos
• 46b75e4 Bump required ruby version to 2.4
• 81fbc31 Merge pull request #196 from lautis/ci-ruby-versions
• 030a33e Use released version of alaska runtime to run tests
• 15d317d Update build matrix
• 89c6136 Drop base64 gem from dependency
• 0947f7c Merge pull request #191 from SimenB/master-1
• Additional commits viewable in compare view

Updates bootsnap from 1.18.3 to 1.18.4

Changelog

Sourced from bootsnap's changelog.

1.18.4

• Allow using bootsnap without bundler. See #488.
• Fix startup failure if the cache directory points to a broken symlink.

Commits

• cae219a Release 1.18.4
• 407bdef Merge pull request #489 from Shopify/fix-load-error
• 7afa951 Fix bootsnap setup in environments without bundler
• c5513d9 Merge pull request #487 from Uaitt/update-gh-action-versions
• 65691ca Update GitHub actions versions
• 156b8c9 Merge pull request #485 from Uaitt/changelog-typo
• e76fe38 Merge pull request #486 from Uaitt/correct-rubocop-offenses
• 9ec8d70 Correct Rubocop offenses
• 47ad134 Correct a typo present in the CHANGELOG
• f627992 Add --version flag
• Additional commits viewable in compare view

Updates jbuilder from 2.12.0 to 2.13.0

Release notes

Sourced from jbuilder's releases.

v2.13.0

What's Changed

• Redirect to @record or path in controller generator by @​jeromedalbert in rails/jbuilder#569
• Return early from collection partial rendering if blank by @​tylerjc in rails/jbuilder#560
• Add missing ':see_other' status code in generated destroy controller method by @​ldeld in rails/jbuilder#538
• Remove OpenStruct references from Jbuilder by @​mtsmfm in rails/jbuilder#567
• Use new params.expect syntax instead of params.require by @​jeromedalbert in rails/jbuilder#573

New Contributors

• @​jeromedalbert made their first contribution in rails/jbuilder#570
• @​tylerjc made their first contribution in rails/jbuilder#560
• @​ldeld made their first contribution in rails/jbuilder#538
• @​mtsmfm made their first contribution in rails/jbuilder#567

Full Changelog: rails/jbuilder@v2.12.0...v2.13.0

Commits

• 9aa3dd9 Use new version const
• acf7a46 No lock committed
• d469896 Bump version for 2.13.0
• 9bcd653 Add test binstub
• 99c42bd Add release binstub
• e18fe2a Give Jbuilder a programmatically accessible version
• 1a18149 Use new params.expect syntax (#573)
• 5288e8a Remove OpenStruct references from Jbuilder (#567)
• acf44b8 Add missing ':see_other' status code in generated destroy controller method (...
• 0adeb96 Suggestion: Return early from collection partial rendering if blank. (#560)
• Additional commits viewable in compare view

Updates puma from 6.4.2 to 6.4.3

Release notes

Sourced from puma's releases.

6.4.3

• Security
  • Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4)

Changelog

Sourced from puma's changelog.

6.4.3 / 2024-09-19

• Security
  • Discards any headers using underscores if the non-underscore version also exists. Without this, an attacker could overwrite values set by intermediate proxies (e.g. X-Forwarded-For). (CVE-2024-45614/GHSA-9hf4-67fc-4vf4)

Commits

• e867e53 6.4.3
• 63a27b5 5.6.9 release note [ci skip]
• cac3fd1 Merge commit from fork
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #166.