Build(deps): Update pundit requirement from >= 2.1, < 2.5 to >= 2.1, < 2.6 (#777)

rsmithlal · web-flow · commit a60f125dbbd3 · 2025-03-07T14:05:35.000-03:30
Updates the requirements on [pundit](https://github.com/varvet/pundit) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/varvet/pundit/blob/main/CHANGELOG.md">pundit's changelog</a>.</em></p> <blockquote> <h2>2.5.0 (2025-03-03)</h2> <h3>Added</h3> <ul> <li>Add <code>Pundit::Authorization#pundit_reset!</code> hook to reset the policy and policy scope cache. <a href="https://redirect.github.com/varvet/pundit/issues/830">#830</a></li> <li>Add links to gemspec. <a href="https://redirect.github.com/varvet/pundit/issues/845">#845</a></li> <li>Register policies directories for Rails 8 code statistics <a href="https://redirect.github.com/varvet/pundit/issues/833">#833</a></li> <li>Added an example for how to use pundit with Rails 8 authentication generator <a href="https://redirect.github.com/varvet/pundit/issues/850">#850</a></li> </ul> <h3>Changed</h3> <ul> <li>Deprecated <code>Pundit::SUFFIX</code>, moved it to <code>Pundit::PolicyFinder::SUFFIX</code> <a href="https://redirect.github.com/varvet/pundit/issues/835">#835</a></li> <li>Explicitly require less of <code>active_support</code> <a href="https://redirect.github.com/varvet/pundit/issues/837">#837</a></li> <li>Using <code>permit</code> matcher without a surrouding <code>permissions</code> block now raises a useful error. <a href="https://redirect.github.com/varvet/pundit/issues/836">#836</a></li> </ul> <h3>Fixed</h3> <ul> <li>Using a hash as custom cache in <code>Pundit.authorize</code> now works as documented. <a href="https://redirect.github.com/varvet/pundit/issues/838">#838</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/varvet/pundit/commit/be91242e4faed5d07bb78f8496d6c69cc76c5196"><code>be91242</code></a> Merge pull request <a href="https://redirect.github.com/varvet/pundit/issues/851">#851</a> from varvet/kbs/new-release</li> <li><a href="https://github.com/varvet/pundit/commit/37f80995f582fbb436a5f5f841717236e82e6443"><code>37f8099</code></a> Bump to v2.5.0</li> <li><a href="https://github.com/varvet/pundit/commit/56941c3d0c58d00c0eb8070a4bfb24c2b7ec4c79"><code>56941c3</code></a> Update issue links in CHANGELOG</li> <li><a href="https://github.com/varvet/pundit/commit/51ce6a964cb5b9426263dc562312bdb854e22d8e"><code>51ce6a9</code></a> Merge pull request <a href="https://redirect.github.com/varvet/pundit/issues/850">#850</a> from SuzukiRyuichiro/current-user-for-rails-8-auth</li> <li><a href="https://github.com/varvet/pundit/commit/b117d412f95aa9d26b533a73b39df22f8449d5b8"><code>b117d41</code></a> rephrase the sentence for better readability</li> <li><a href="https://github.com/varvet/pundit/commit/f8c9f45cf8df33ceb8879548a0db3f255a699a00"><code>f8c9f45</code></a> chore: update changelog;'</li> <li><a href="https://github.com/varvet/pundit/commit/9f3e70e0f683cd29d913c6c32f614d82774acb2c"><code>9f3e70e</code></a> feat: add some documentation to provide hints for how to use pundit when peop...</li> <li><a href="https://github.com/varvet/pundit/commit/55074301a35dbafc65387816ee1f3d68997bf0d4"><code>5507430</code></a> Merge pull request <a href="https://redirect.github.com/varvet/pundit/issues/833">#833</a> from javierav/rails-stats</li> <li><a href="https://github.com/varvet/pundit/commit/8dfc38f16d3811385347e38dbaaf78cb9cb92cf9"><code>8dfc38f</code></a> Merge branch 'main' into rails-stats</li> <li><a href="https://github.com/varvet/pundit/commit/cbaa0ab8979d17bf36399127241ac2d6d81f0bf8"><code>cbaa0ab</code></a> Merge pull request <a href="https://redirect.github.com/varvet/pundit/issues/845">#845</a> from eizengan/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/varvet/pundit/compare/v2.4.0...v2.5.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pundit&package-manager=bundler&previous-version=2.4.0&new-version=2.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -44,7 +44,7 @@ PATH
       mobility-actiontext (~> 1.1)
       noticed
       premailer-rails
-      pundit (>= 2.1, < 2.5)
+      pundit (>= 2.1, < 2.6)
       pundit-resources
       rack-cors (>= 1.1.1, < 2.1.0)
       rack-mini-profiler
@@ -479,7 +479,7 @@ GEM
     public_suffix (6.0.1)
     puma (6.6.0)
       nio4r (~> 2.0)
-    pundit (2.4.0)
+    pundit (2.5.0)
       activesupport (>= 3.0.0)
     racc (1.8.1)
     rack (3.1.11)
diff --git a/better_together.gemspec b/better_together.gemspec
@@ -52,7 +52,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'mobility-actiontext', '~> 1.1'
   spec.add_dependency 'noticed'
   spec.add_dependency 'premailer-rails'
-  spec.add_dependency 'pundit', '>= 2.1', '< 2.5'
+  spec.add_dependency 'pundit', '>= 2.1', '< 2.6'
   spec.add_dependency 'pundit-resources'
   spec.add_dependency 'rack-cors', '>= 1.1.1', '< 2.1.0'
   spec.add_dependency 'rack-mini-profiler'
