Skip to content

Bump the bundler group group in /apidocs/cloud-api-source with 11 updates#2

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/bundler/apidocs/cloud-api-source/bundler-security-group-ff50f5a72e
Open

Bump the bundler group group in /apidocs/cloud-api-source with 11 updates#2
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/bundler/apidocs/cloud-api-source/bundler-security-group-ff50f5a72e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 1, 2024

Copy link
Copy Markdown

Bumps the bundler group group in /apidocs/cloud-api-source with 11 updates:

Package From To
redcarpet 3.3.2 3.5.1
rake 10.4.2 12.3.3
activesupport 4.1.11 4.1.16
ffi 1.9.8 1.16.3
haml 4.0.6 6.3.0
json 1.8.3 1.8.6
kramdown 1.7.0 1.17.0
rack 1.6.4 1.6.13
sprockets 2.12.3 2.12.5
tzinfo 1.2.2 1.2.11
uglifier 2.7.1 2.7.2

Updates redcarpet from 3.3.2 to 3.5.1

Release notes

Sourced from redcarpet's releases.

Redcarpet v3.5.1

Fix a security vulnerability using :quote in combination with the :escape_html option.

Reported by Johan Smits.

v3.5.0

This release mostly ships with bug fixes and tiny improvements.

Improvements

  • Avoid mutating the options hash passed to a render object (See #663).

  • Automatically enable the fenced_code_blocks option passing a HTML_TOC object to the Markdown object's constructor since some languages rely on the sharp to comment code (See #451).

  • Remove the rel and rev attributes from the output generated for footnotes as they don't pass the HTML 5 validation (See #536).

  • Allow passing Range objects to the nesting_level option to have a higher level of customization for table of contents (See #519):

    Redcarpet::Render::HTML_TOC.new(nesting_level: 2..5)

Bug fixes

  • Fix a segfault rendering quotes using StripDown and the :quote option.

  • Fix SmartyPants single quotes right after a link. For example:

    [John](http://john.doe)'s cat

    Will now properly converts ' to a right single quote (i.e. ).

v3.4.0

Redcarpet v3.4.0

This new release ships with a bunch of bug fixes especially regarding anchor generation.

Improvements to anchor generation

The anchor generation now relies on a djb2 hashing algorithm whenever the generated anchor is empty as non alpha-numeric chars. This is specifically interesting for CJK contents as Redcarpet used to generate empty anchors dealing with titles in these locales.

Special thanks to Alexey Kopytko and namusyaka for their work on that !

Also now, the html-escaped entities are removed from anchors generated with the HTML render in order to be consistent with the HTML_TOC render and as it is more expected.

Other improvements

  • Table headers don't require a minimum of three dashes anymore; a single one can be used for each row.
  • The Markdown and rendering options are now exposed through a Hash inside the @options instance variable inside your custom render objects.

Bug fixes

... (truncated)

Changelog

Sourced from redcarpet's changelog.

Version 3.5.1 (Security)

  • Fix a security vulnerability using :quote in combination with the :escape_html option.

    Reported by Johan Smits.

Version 3.5.0

  • Avoid mutating the options hash passed to a render object.

    Refs #663.

    Max Schwenk

  • Fix a segfault rendering quotes using StripDown and the :quote option.

    Fixes #639.

  • Fix warning: instance variable @options not initialized when running under verbose mode (-w, $VERBOSE = true).

  • Fix SmartyPants single quotes right after a link. For example:

    [John](http://john.doe)'s cat

    Will now properly converts ' to a right single quote (i.e. ).

    Fixes #624.

  • Remove the rel and rev attributes from the output generated for footnotes as they don't pass the HTML 5 validation.

    Fixes #536.

  • Automatically enable the fenced_code_blocks option passing a HTML_TOC object to the Markdown object's constructor since some languages rely on the sharp to comment code.

    Fixes #451.

  • Allow passing Range objects to the nesting_level option to have a higher level of customization for table of contents:

    Redcarpet::Render::HTML_TOC.new(nesting_level: 2..5)

... (truncated)

Commits
  • a699c82 Fix a security issue using :quote with :escape_html
  • 6270d6b Redcarpet v3.5.0
  • 94f6e27 Tiny follow-up to #663
  • 3100f65 Merge pull request #663 from maschwenk/dont-mutate-options
  • fc52d9c Add regression test
  • 03e7997 Don't mutated passed options
  • 92a7b3a Fix a segfault with StripDown and the :quote option
  • 7352162 Merge pull request #649 from rbalint/master
  • e23383e Merge pull request #650 from kolen/fix-warning-options-not-initialized
  • 6b86656 Fix "instance variable @​options not initialized" warning
  • Additional commits viewable in compare view

Updates rake from 10.4.2 to 12.3.3

Changelog

Sourced from rake's changelog.

=== 12.3.3

==== Bug fixes

  • Use the application's name in error message if a task is not found. Pull Request #303 by tmatilai

==== Enhancements:

  • Use File.open explicitly.

=== 12.3.2

==== Bug fixes

  • Fixed test fails caused by 2.6 warnings. Pull Request #297 by hsbt

==== Enhancements:

  • Rdoc improvements. Pull Request #293 by colby-swandale
  • Improve multitask performance. Pull Request #273 by jsm
  • Add alias prereqs. Pull Request #268 by take-cheeze

=== 12.3.1

==== Bug fixes

  • Support did_you_mean >= v1.2.0 which has a breaking change on formatters. Pull request #262 by FUJI Goro.

==== Enhancements:

  • Don't run task if it depends on already invoked but failed task. Pull request #252 by Gonzalo Rodriguez.
  • Make space trimming consistent for all task arguments. Pull request #259 by Gonzalo Rodriguez.
  • Removes duplicated inclusion of Rake::DSL in tests. Pull request #254 by Gonzalo Rodriguez.
  • Re-raise a LoadError that didn't come from require in the test loader. Pull request #250 by Dylan Thacker-Smith.

=== 12.3.0

==== Compatibility Changes

  • Bump required_ruby_version to Ruby 2.0.0. Rake has already

... (truncated)

Commits
  • 5c87c46 Bump version to 12.3.3.
  • 5b8f8fc Use File.open explicitly.
  • 6497ba4 Merge pull request #317 from ruby/ignore-gitignore
  • be62efb Removed gitignore from gemspec files.
  • 1c22b49 Merge pull request #309 from RDIL/patch-1
  • 496944a Remove deprecated travis ci option
  • 489c7d8 Merge pull request #307 from ruby/azure-pipelines
  • 77eb6d8 Only enabled macOS environment
  • 72ffa2e use realpath
  • 7744872 Do not specify ruby version of macOS
  • Additional commits viewable in compare view

Updates activesupport from 4.1.11 to 4.1.16

Commits
  • d880330 Preparing for 4.1.16 release
  • 871d63e Preparing for 4.1.16.rc1 release
  • d5c4b82 Preparing for 4.1.15 release
  • 06d2bfd Preparing for 4.1.15.rc1 release
  • c016607 Merge branch '4-1-14' into 4-1-stable
  • 4cffd33 Preparing for 4.1.14.2 release
  • 7921ff8 Merge branch '4-1-sec' into 4-1-stable
  • 31ab3aa bumping version
  • 50d3d7d Eliminate instance level writers for class accessors
  • 859ca44 use secure string comparisons for basic auth username / password
  • Additional commits viewable in compare view

Updates ffi from 1.9.8 to 1.16.3

Changelog

Sourced from ffi's changelog.

1.16.3 / 2023-10-04

Fixed:

  • Fix gcc error when building on CentOS 7. #1052
  • Avoid trying to store new DataConverter type in frozen TypeDefs hash. #1057

1.16.2 / 2023-09-25

Fixed:

  • Handle null pointer crash after fork. #1051

1.16.1 / 2023-09-24

Fixed:

  • Fix compiling the builtin libffi. #1049

1.16.0 / 2023-09-23

Fixed:

  • Fix an issue with signed bitmasks when using flags on the most significant bit. #949
  • Fix FFI::Pointer#initialize using NUM2LL instead of NUM2ULL.
  • Fix FFI::Type#inspect to properly display the constant name. #1002
  • Use libffi closure allocations on hppa-Linux. #1017 Previously they would segfault.
  • Fix class name of Symbol#inspect.
  • Fix MSVC support of libtest. #1028
  • Fix attach_function of functions ending in ? or ! #971

Added:

  • Convert all C-based classes to TypedData and use write barriers. #994, #995, #996, #997, #998, #999, #1000, #1001, #1003, #1004, #1005, #1006, #1007, #1008, #1009, #1010, #1011, #1012 This results in less pressure on the garbage collector, since the objects can be promoted to the old generation, which means they only get marked on major GC.
  • Implement ObjectSpace.memsize_of() of all C-based classes.
  • Make FFI Ractor compatible. #1023 Modules extended per extend FFI::Library need to be frozen in order to be used by non-main Ractors. This can be done by calling freeze below of all C interface definitions.
    • In a Ractor it's possible to:
      • load DLLs and call its functions, access its global variables
      • use builtin typedefs
      • use and modify ractor local typedefs
      • define callbacks
      • receive async callbacks from non-ruby threads
      • use frozen FFI::Library based modules with all attributes (enums, structs, typedefs, functions, callbacks)
      • invoke frozen functions and callbacks defined in the main Ractor

... (truncated)

Commits

Updates haml from 4.0.6 to 6.3.0

Release notes

Sourced from haml's releases.

v6.3.0

v6.2.5

  • Deprecate Haml::RailsTemplate#default_format that was added in v6.1.3 for Turbo (discussion)

v6.2.4

  • Support case-in statement #1155

v6.2.3

  • Resurrect RDFa doctype support #1147

v6.2.2

  • Allow adding custom attributes to Haml::BOOLEAN_ATTRIBUTES #1148
  • Consider aria-xxx: false as a boolean attribute

v6.2.1

  • Fix v6.2.0's bug in rendering dynamic aria attributes #1149

v6.2.0

  • Drop the C extension #1146

v6.1.4

  • Let Haml::Util.escape_html use ERB::Escape if available #1145

v6.1.3

  • Add Haml::RailsTemplate#default_format for Turbo compatibility #1144

v6.1.2

  • Use the rails template path as filename #1140

v6.1.1

  • Fix an empty output of Ruby 3.1's Hash shorthand syntax #1083

v6.1.0

  • Optimize away a to_s call on = scripts
  • Fix escaping for objects that return an html_safe string on to_s #1117

v6.0.12

  • Fix a whitespace removal with > and an if-else statement #1114

v6.0.11

  • Fix a whitespace removal with > and an if statement #1114

v6.0.10

  • Evaluate :erb filter in the template context like Haml 5

v6.0.9

... (truncated)

Changelog

Sourced from haml's changelog.

6.3.0

6.2.5

  • Deprecate Haml::RailsTemplate#default_format that was added in v6.1.3 for Turbo (discussion)

6.2.4

  • Support case-in statement #1155

6.2.3

  • Resurrect RDFa doctype support #1147

6.2.2

  • Allow adding custom attributes to Haml::BOOLEAN_ATTRIBUTES #1148
  • Consider aria-xxx: false as a boolean attribute

6.2.1

  • Fix v6.2.0's bug in rendering dynamic aria attributes #1149

6.2.0

  • Drop the C extension #1146

6.1.4

  • Let Haml::Util.escape_html use ERB::Escape if available #1145

6.1.3

  • Add Haml::RailsTemplate#default_format for Turbo compatibility #1144

6.1.2

  • Use the rails template path as filename #1140

6.1.1

  • Fix an empty output of Ruby 3.1's Hash shorthand syntax #1083

6.1.0

  • Optimize away a to_s call on = scripts
  • Fix escaping for objects that return an html_safe string on to_s #1117

... (truncated)

Commits

Updates json from 1.8.3 to 1.8.6

Release notes

Sourced from json's releases.

v1.8.6

Full Changelog: ruby/json@v1.8.5...v1.8.6

v1.8.5

Full Changelog: ruby/json@v1.8.3...v1.8.5

Changelog

Sourced from json's changelog.

2017-01-13 (1.8.6)

  • Be compatible with ancient ruby 1.8 (maybe?)

2015-09-11 (1.8.5)

  • Be compatible with ruby 2.4.0
  • There were still some mentions of dual GPL licensing in the source, but JSON has just the Ruby license that itself includes an explicit dual-licensing clause that allows covered software to be distributed under the terms of the Simplified BSD License instead for all ruby versions >= 1.9.3. This is however a GPL compatible license according to the Free Software Foundation. I changed these mentions to be consistent with the Ruby license setting in the gemspec files which were already correct now.
Commits
  • 7f4cfd8 Try to be compatible with ruby 1.8
  • 4cf6c62 Update gemspecs
  • 48c5e99 Stop testing on 1.8, it might work though
  • 5d46fb9 Travis don't know how to build these rubies
  • 7f05140 Fix conversion crash on 1.9
  • 2bcacc1 Require ruby version 2.0 or better
  • f8e2aa6 Reduce supported ruby versions
  • b4eeed1 Test newer rubies
  • c7a6e31 Use 2.3.1 for testing
  • 953f474 Merge RUBY_INTEGER_UNIFICATION changes
  • Additional commits viewable in compare view

Updates kramdown from 1.7.0 to 1.17.0

Commits

Updates rack from 1.6.4 to 1.6.13

Commits
  • 47a1fd7 bump version
  • b8dc520 Handle case where session id key is requested but it is missing
  • 698a060 Merge pull request #1462 from jeremyevans/sessionid-to_s
  • de902e4 Merge branch '1-6-sec' into 1-6-stable
  • b7d6546 Bump version
  • d3e2f88 making diff smaller
  • 99a8a87 fix memcache tests on 1.6
  • f2cb48e fix tests on 1.6
  • 7ff635c Introduce a new base class to avoid breaking when upgrading
  • 3232f93 Add a version prefix to the private id to make easier to migrate old values
  • Additional commits viewable in compare view

Updates sprockets from 2.12.3 to 2.12.5

Commits

Updates tzinfo from 1.2.2 to 1.2.11

Release notes

Sourced from tzinfo's releases.

v1.2.11

  • Eliminate Object#untaint deprecation warnings on JRuby 9.4.0.0. #145.

TZInfo v1.2.11 on RubyGems.org

v1.2.10

  • Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when used with RubyDataSource. Please refer to GHSA-5cm2-9h8c-rvfx for details. CVE-2022-31163.
  • Ignore the SECURITY file from Arch Linux's tzdata package. #134.

TZInfo v1.2.10 on RubyGems.org

v1.2.9

  • Fixed an incorrect InvalidTimezoneIdentifier exception raised when loading a zoneinfo file that includes rules specifying an additional transition to the final defined offset (for example, Africa/Casablanca in version 2018e of the Time Zone Database). #123.

TZInfo v1.2.9 on RubyGems.org

v1.2.8

  • Added support for handling "slim" format zoneinfo files that are produced by default by zic version 2020b and later. The POSIX-style TZ string is now used calculate DST transition times after the final defined transition in the file. The 64-bit section is now always used regardless of whether Time has support for 64-bit times. #120.
  • Rubinius is no longer supported.

TZInfo v1.2.8 on RubyGems.org

v1.2.7

  • Fixed 'wrong number of arguments' errors when running on JRuby 9.0. #114.
  • Fixed warnings when running on Ruby 2.8. #112.

TZInfo v1.2.7 on RubyGems.org

v1.2.6

  • Timezone#strftime('%s', time) will now return the correct number of seconds since the epoch. #91.
  • Removed the unused TZInfo::RubyDataSource::REQUIRE_PATH constant.
  • Fixed "SecurityError: Insecure operation - require" exceptions when loading data with recent Ruby releases in safe mode.
  • Fixed warnings when running on Ruby 2.7. #106 and #111.

TZInfo v1.2.6 on RubyGems.org

v1.2.5

  • Support recursively (deep) freezing Country and Timezone instances. #80.
  • Allow negative daylight savings time offsets to be derived when reading from zoneinfo files. The utc_offset and std_offset are now derived correctly for Europe/Dublin in the 2018a and 2018b releases of the Time Zone Database.

TZInfo v1.2.5 on RubyGems.org

v1.2.4

  • Ignore the leapseconds file that is included in zoneinfo directories installed with version 2017c and later of the Time Zone Database.

TZInfo v1.2.4 on RubyGems.org

v1.2.3

  • Reduce the number of String objects allocated when loading zoneinfo files. #54.

... (truncated)

Changelog

Sourced from tzinfo's changelog.

Version 1.2.11 - 28-Jan-2023

  • Eliminate Object#untaint deprecation warnings on JRuby 9.4.0.0. #145.

Version 1.2.10 - 19-Jul-2022

  • Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when used with RubyDataSource. Please refer to GHSA-5cm2-9h8c-rvfx for details. CVE-2022-31163.
  • Ignore the SECURITY file from Arch Linux's tzdata package. #134.

Version 1.2.9 - 16-Dec-2020

  • Fixed an incorrect InvalidTimezoneIdentifier exception raised when loading a zoneinfo file that includes rules specifying an additional transition to the final defined offset (for example, Africa/Casablanca in version 2018e of the Time Zone Database). #123.

Version 1.2.8 - 8-Nov-2020

  • Added support for handling "slim" format zoneinfo files that are produced by default by zic version 2020b and later. The POSIX-style TZ string is now used calculate DST transition times after the final defined transition in the file. The 64-bit section is now always used regardless of whether Time has support for 64-bit times. #120.
  • Rubinius is no longer supported.

Version 1.2.7 - 2-Apr-2020

  • Fixed 'wrong number of arguments' errors when running on JRuby 9.0. #114.
  • Fixed warnings when running on Ruby 2.8. #112.

Version 1.2.6 - 24-Dec-2019

  • Timezone#strftime('%s', time) will now return the correct number of seconds since the epoch. #91.
  • Removed the unused TZInfo::RubyDataSource::REQUIRE_PATH constant.
  • Fixed "SecurityError: Insecure operation - require" exceptions when loading data with recent Ruby releases in safe mode.
  • Fixed warnings when running on Ruby 2.7. #106 and #111.

Version 1.2.5 - 4-Feb-2018

... (truncated)

Commits
  • 2dc46fd Preparing v1.2.11.
  • c854e6a Update copyright years.
  • 9c092f3 Eliminate Object#untaint deprecation warnings on JRuby 9.4.0.0.
  • 4e5f8b7 Add Ruby 3.1, 3.2 and JRuby 9.4.
  • 2f58c69 Update the dependency on actions/checkout.
  • e52c056 Revert "Workaround for 'Permission denied - NUL' errors with JRuby on Windows."
  • 0814dcd Fix the release date.
  • fd05e2a Preparing v1.2.10.
  • b98c32e Merge branch 'fix-directory-traversal-1.2' into 1.2
  • ac3ee68 Remove unnecessary escaping of + within regex character classes.
  • Additional commits viewable in compare view

Updates uglifier from 2.7.1 to 2.7.2

Changelog

Sourced from uglifier's changelog.

2.7.2 (26 August 2015)

  • update UglifyJS to 2.4.24
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the bundler group group in /apidocs/cloud-api-source with 11 updates:

| Package | From | To |
| --- | --- | --- |
| [redcarpet](https://github.com/vmg/redcarpet) | `3.3.2` | `3.5.1` |
| [rake](https://github.com/ruby/rake) | `10.4.2` | `12.3.3` |
| [activesupport](https://github.com/rails/rails) | `4.1.11` | `4.1.16` |
| [ffi](https://github.com/ffi/ffi) | `1.9.8` | `1.16.3` |
| [haml](https://github.com/haml/haml) | `4.0.6` | `6.3.0` |
| [json](https://github.com/flori/json) | `1.8.3` | `1.8.6` |
| [kramdown](https://github.com/gettalong/kramdown) | `1.7.0` | `1.17.0` |
| [rack](https://github.com/rack/rack) | `1.6.4` | `1.6.13` |
| [sprockets](https://github.com/rails/sprockets) | `2.12.3` | `2.12.5` |
| [tzinfo](https://github.com/tzinfo/tzinfo) | `1.2.2` | `1.2.11` |
| [uglifier](https://github.com/lautis/uglifier) | `2.7.1` | `2.7.2` |


Updates `redcarpet` from 3.3.2 to 3.5.1
- [Release notes](https://github.com/vmg/redcarpet/releases)
- [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md)
- [Commits](vmg/redcarpet@v3.3.2...v3.5.1)

Updates `rake` from 10.4.2 to 12.3.3
- [Release notes](https://github.com/ruby/rake/releases)
- [Changelog](https://github.com/ruby/rake/blob/master/History.rdoc)
- [Commits](ruby/rake@v10.4.2...v12.3.3)

Updates `activesupport` from 4.1.11 to 4.1.16
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v7.1.3.2/activesupport/CHANGELOG.md)
- [Commits](rails/rails@v4.1.11...v4.1.16)

Updates `ffi` from 1.9.8 to 1.16.3
- [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md)
- [Commits](ffi/ffi@1.9.8...v1.16.3)

Updates `haml` from 4.0.6 to 6.3.0
- [Release notes](https://github.com/haml/haml/releases)
- [Changelog](https://github.com/haml/haml/blob/main/CHANGELOG.md)
- [Commits](haml/haml@4.0.6...v6.3.0)

Updates `json` from 1.8.3 to 1.8.6
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](ruby/json@v1.8.3...v1.8.6)

Updates `kramdown` from 1.7.0 to 1.17.0
- [Release notes](https://github.com/gettalong/kramdown/releases)
- [Changelog](https://github.com/gettalong/kramdown/blob/master/doc/news.page)
- [Commits](https://github.com/gettalong/kramdown/commits)

Updates `rack` from 1.6.4 to 1.6.13
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](rack/rack@1.6.4...1.6.13)

Updates `sprockets` from 2.12.3 to 2.12.5
- [Release notes](https://github.com/rails/sprockets/releases)
- [Changelog](https://github.com/rails/sprockets/blob/main/CHANGELOG.md)
- [Commits](rails/sprockets@v2.12.3...v2.12.5)

Updates `tzinfo` from 1.2.2 to 1.2.11
- [Release notes](https://github.com/tzinfo/tzinfo/releases)
- [Changelog](https://github.com/tzinfo/tzinfo/blob/master/CHANGES.md)
- [Commits](tzinfo/tzinfo@v1.2.2...v1.2.11)

Updates `uglifier` from 2.7.1 to 2.7.2
- [Changelog](https://github.com/lautis/uglifier/blob/master/CHANGELOG.md)
- [Commits](lautis/uglifier@v2.7.1...v2.7.2)

---
updated-dependencies:
- dependency-name: redcarpet
  dependency-type: direct:production
  dependency-group: bundler-security-group
- dependency-name: rake
  dependency-type: direct:production
  dependency-group: bundler-security-group
- dependency-name: activesupport
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: ffi
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: haml
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: json
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: kramdown
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: rack
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: sprockets
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: tzinfo
  dependency-type: indirect
  dependency-group: bundler-security-group
- dependency-name: uglifier
  dependency-type: indirect
  dependency-group: bundler-security-group
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants