Bump bundler-audit from 0.9.1 to 0.9.2 (#615)

rsmithlal · web-flow · commit e47e46bd35cd · 2024-08-23T13:57:05.000-02:30
Bumps [bundler-audit](https://github.com/postmodern/bundler-audit) from 0.9.1 to 0.9.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postmodern/bundler-audit/releases">bundler-audit's releases</a>.</em></p> <blockquote> <h2>0.9.2</h2> <ul> <li>Officially support Ruby 3.2 and 3.3.</li> <li>Corrected the gemspec license to indicate GPL-3.0 <em>or</em> later.</li> </ul> <h4>CLI</h4> <ul> <li>Correctly handle <code>Bundler::Audit::Database::UpdateFailed</code> exceptions in <code>bundle-audit update</code>.</li> <li>Changed wording from &quot;upgrade to&quot; to &quot;update to&quot; in <code>bundle-audit check</code> output.</li> </ul> <h4>Rake Task</h4> <ul> <li>Fixed empty <code>bundle:audit:update</code> rake task.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md">bundler-audit's changelog</a>.</em></p> <blockquote> <h3>0.9.2 / 2024-08-22</h3> <ul> <li>Officially support Ruby 3.2 and 3.3.</li> <li>Corrected the gemspec license to indicate GPL-3.0 <em>or</em> later.</li> </ul> <h4>CLI</h4> <ul> <li>Correctly handle {Bundler::Audit::Database::UpdateFailed} exceptions in <code>bundle-audit update</code>.</li> <li>Changed wording from &quot;upgrade to&quot; to &quot;update to&quot; in <code>bundle-audit check</code> output.</li> </ul> <h4>Rake Task</h4> <ul> <li>Fixed empty <code>bundle:audit:update</code> rake task.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rubysec/bundler-audit/commit/766e968099db047e3cbabab3f4e8908f585ecfb5"><code>766e968</code></a> Updated the ChangeLog for 0.9.2.</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/d3240ddafee2aecc1b464620b57e24c5d90631aa"><code>d3240dd</code></a> Update the copyright years to 2024.</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/fc70f244c9c8f237730c50572e2fce34fe77df37"><code>fc70f24</code></a> Version bump to 0.9.2.</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/3a5b620a1ccdfa483db01b86d5166dc571c28820"><code>3a5b620</code></a> Changed &quot;upgrade to&quot; to &quot;update to&quot; to match <code>bundle update</code> (closes <a href="https://redirect.github.com/postmodern/bundler-audit/issues/394">#394</a>).</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/ae4e6eeff71a168d589e1f76a974774f53098220"><code>ae4e6ee</code></a> Replace deprecated license identifier for <code>GPL-3.0-or-later</code></li> <li><a href="https://github.com/rubysec/bundler-audit/commit/555da0d3747ec86699ebb39a6eea54a3cb3870e1"><code>555da0d</code></a> I prefer explicit parenthesis.</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/4923679b8e0157d6032f88b3983809ef87f19c32"><code>4923679</code></a> Use truffleruby stable in the CI matrix.</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/3f9caf6d1294dab9bf83d2dce32be7fa8f77bf1a"><code>3f9caf6</code></a> Added ruby-3.3 to the CI matrix.</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/0914fad1f86aefc2497a9d5188d9f60bfc52ec2f"><code>0914fad</code></a> Quote ruby version numbers to prevent them from being parsed as floats.</li> <li><a href="https://github.com/rubysec/bundler-audit/commit/dd2e6595277934fdba999f2a1c2bf69eb3365587"><code>dd2e659</code></a> Drop ruby-2.x from the CI matrix.</li> <li>Additional commits viewable in <a href="https://github.com/postmodern/bundler-audit/compare/v0.9.1...v0.9.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bundler-audit&package-manager=bundler&previous-version=0.9.1&new-version=0.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -162,7 +162,7 @@ GEM
     brakeman (6.2.1)
       racc
     builder (3.3.0)
-    bundler-audit (0.9.1)
+    bundler-audit (0.9.2)
       bundler (>= 1.2.0, < 3)
       thor (~> 1.0)
     byebug (11.1.3)
