Skip to content

chore(deps): bump the ruby-deps group with 7 updates #2279

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): bump the ruby-deps group with 7 updates #2279

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 13, 2025
edited
Loading

Bumps the ruby-deps group with 7 updates:

Package From To
turbo-rails 2.0.12 2.0.16
rails 7.0.8.1 8.0.2.1
acts-as-taggable-on 11.0.0 12.0.0
selenium-webdriver 4.34.0 4.35.0
jbuilder 2.13.0 2.14.1
rubocop 1.79.1 1.79.2
rubocop-rails 2.32.0 2.33.3

Updates turbo-rails from 2.0.12 to 2.0.16

Release notes

Sourced from turbo-rails's releases.

v2.0.14

What's Changed

New Contributors

Full Changelog: hotwired/turbo-rails@v2.0.13...v2.0.14

v2.0.13

What's Changed

Full Changelog: hotwired/turbo-rails@v2.0.12...v2.0.13

Commits
  • 1782f02 Bump version
  • 313cef2 @​hotwired/turbo-rails v8.0.16
  • 92f5a8d Bump version
  • abb445e Bump version
  • 1ac14bd @​hotwired/turbo-rails v8.0.14
  • cb47713 Fix stream_name calculation inside of thread (#727)
  • 3db32e4 Merge pull request #722 from hotwired/dependabot/github_actions/oven-sh/setup...
  • 25c359b Bump oven-sh/setup-bun from 1 to 2
  • 94767d3 Include CSRF \<meta> elements in frame layout (#697)
  • 8241ae3 Update @​rails/actioncable dependency to version >=7.0 (#705)
  • Additional commits viewable in compare view

Updates rails from 7.0.8.1 to 8.0.2.1

Release notes

Sourced from rails's releases.

8.0.2.1

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • Call inspect on ids in RecordNotFound error

    [CVE-2025-55193]

    Gannon McGibbon, John Hawthorn

Action View

  • No changes.

Action Pack

  • No changes.

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

Remove dangerous transformations

[CVE-2025-24293]

... (truncated)

Commits
  • b0c813b Preparing for 8.0.2.1 release
  • a6d50ae Update CHANGELOGs
  • 568c0bc Call inspect on ids in RecordNotFound error
  • 2d61273 Active Storage: Remove dangerous transformations
  • 3235827 Preparing for 8.0.2 release
  • 3e98891 Upgrade development gems
  • 0a87e3e Merge pull request #54239 from byroot/docker-test-ruby-upgrade
  • e2b9a41 Sync CHANGELOG
  • 4bf434c Merge pull request #54735 from flavorjones/flavorjones-sqlite-adapter-quote-i...
  • 1f5de2f Merge pull request #54649 from yedhink/54529-doc-plural-table-names-limitation
  • Additional commits viewable in compare view

Updates acts-as-taggable-on from 11.0.0 to 12.0.0

Changelog

Sourced from acts-as-taggable-on's changelog.

v12.0.0) / 2024-11-09

  • Breaking Changes
    • Drop support for Ruby < 3.2
  • Features
    • Add support for Rails 8.0
Commits
  • 69e6bff release 12.0.0
  • 5b66e47 Merge pull request #1136 from matthewbjones/rails8.0
  • b54771d feat!: support rails 8.0
  • 1890a97 Merge pull request #1133 from mark-young-atg/provide_changelog_link_on_rubygems
  • e8e7855 Provide a 'Changelog' link on rubygems.org/gems/acts-as-taggable-on
  • See full diff in compare view

Updates selenium-webdriver from 4.34.0 to 4.35.0

Release notes

Sourced from selenium-webdriver's releases.

Selenium 4.35.0

Detailed Changelogs by Component

Java     |     Python     |     DotNet     |     Ruby     |     JavaScript

What's Changed

... (truncated)

Changelog

Sourced from selenium-webdriver's changelog.

4.35.0 (2025-08-12)

  • Add CDP for Chrome 139 and remove 136
  • Fix typos in javascript & rb (#16019)
  • Allow to use rubyzip v3 (#16108)
Commits

Updates jbuilder from 2.13.0 to 2.14.1

Release notes

Sourced from jbuilder's releases.

v2.14.1

What's Changed

New Contributors

Full Changelog: rails/jbuilder@v2.14.0...v2.14.1

v2.14.0

What's Changed

New Contributors

Full Changelog: rails/jbuilder@v2.13.0...v2.14.0

Commits
  • 38339ad Prepare for 2.14.1
  • 2400fd9 Merge pull request #601 from flavorjones/flavorjones/fix-encode-arguments
  • a6863b5 Ensure that Jbuilder.encode properly forwards arguments to .new
  • 30ba7df Prepare for 2.14.0
  • 5f4af71 Merge pull request #591 from moberegger/moberegger/optimize_options_merges
  • 6fd6c06 Small _set_inline_partial optimization
  • b7b5abb Stop mutating options in partial! method
  • 7e16adf Stop mutating options in set! method
  • 8474b41 Remove _partial micro-optimization
  • 9ffacf7 Merge pull request #574 from pixeltrix/fix-warnings-and-version-constant
  • Additional commits viewable in compare view

Updates rubocop from 1.79.1 to 1.79.2

Release notes

Sourced from rubocop's releases.

RuboCop v1.79.2

Bug fixes

  • #11664: Cache wasn't getting used when using parallelization. (@​jvlara)
  • #14411: Fix false negatives for Layout/EmptyLinesAroundClassBody when a class body starts with a blank line and defines a multiline superclass. (@​koic)
  • #14413: Fix a false positive for Layout/EmptyLinesAroundArguments with multiline strings that contain only whitespace. (@​earlopain)
  • #14408: Fix false-positive for Layout/EmptyLinesAfterModuleInclusion when inclusion is called with modifier. (@​r7kamura)
  • #14402: Fix false positives for Lint/UselessAssignment when duplicate assignments appear in if branch inside a loop and the variable is used outside while loop. (@​koic)
  • #14416: Fix false positives for Style/MapToHash when using to_h with block argument. (@​koic)
  • #14418: Fix false positives for Style/MapToSet when using to_set with block argument. (@​koic)
  • #14420: Fix false positives for Style/SafeNavigation when ternary expression with operator method call with method chain. (@​koic)

Changes

  • #14407: Register offense for parentheses around method calls with blocks in Style/RedundantParentheses. (@​lovro-bikic)
Changelog

Sourced from rubocop's changelog.

1.79.2 (2025-08-05)

Bug fixes

  • #11664: Cache wasn't getting used when using parallelization. ([@​jvlara][])
  • #14411: Fix false negatives for Layout/EmptyLinesAroundClassBody when a class body starts with a blank line and defines a multiline superclass. ([@​koic][])
  • #14413: Fix a false positive for Layout/EmptyLinesAroundArguments with multiline strings that contain only whitespace. ([@​earlopain][])
  • #14408: Fix false-positive for Layout/EmptyLinesAfterModuleInclusion when inclusion is called with modifier. ([@​r7kamura][])
  • #14402: Fix false positives for Lint/UselessAssignment when duplicate assignments appear in if branch inside a loop and the variable is used outside while loop. ([@​koic][])
  • #14416: Fix false positives for Style/MapToHash when using to_h with block argument. ([@​koic][])
  • #14418: Fix false positives for Style/MapToSet when using to_set with block argument. ([@​koic][])
  • #14420: Fix false positives for Style/SafeNavigation when ternary expression with operator method call with method chain. ([@​koic][])

Changes

  • #14407: Register offense for parentheses around method calls with blocks in Style/RedundantParentheses. ([@​lovro-bikic][])
Commits
  • 517485a Cut 1.79.2
  • ccba99f Update Changelog
  • a62c3a9 Fix flaky spec for rubocop_extra_features
  • bf3806e [Fix #14413] Fix a false positive for Layout/EmptyLinesAroundArguments with...
  • 9faac23 [Fix #14420] Fix false positives for Style/SafeNavigation
  • 2bf71f1 Merge pull request #14418 from koic/fix_false_positives_for_style_map_to_set
  • f807efa Merge pull request #14417 from koic/fix_false_positives_for_style_map_to_hash
  • d7b9750 Fix false positives for Style/MapToSet
  • a805ea3 [Fix #14416] Fix false positives for Style/MapToHash
  • eb470ce Merge pull request #14414 from jvlara/fix/correct-cache-usage-on-autoload-for...
  • Additional commits viewable in compare view

Updates rubocop-rails from 2.32.0 to 2.33.3

Release notes

Sourced from rubocop-rails's releases.

RuboCop Rails v2.33.3

Bug fixes

RuboCop Rails v2.33.2

Bug fixes

  • #1488: Fix an error for Rails/ReadWriteAttribute with a frozen string attribute name. (@​viralpraxis)

RuboCop Rails v2.33.1

Bug fixes

  • #1508: Fix an error for Rails/TransactionExitStatement when transaction is part of a method chain. (@​earlopain)
  • #1510: Fix Rails/OrderArguments cop false positives when using column index argument. (@​viralpraxis)
  • #1511: Don't register offenses for Rails/WhereExists when exists? is given multiple or splat arguments. (@​lovro-bikic)

RuboCop Rails v2.33.0

New features

Bug fixes

  • #1497: Fix bugs in Rails/PluckId and Rails/PluckInWhere. (@​r7kamura)
  • #1478: Fix a false negative for Rails/EnvLocal when having preceding conditions. (@​fatkodima)
  • #1505: Fix false negatives for Rails/Pluck when map method call is used in a block without a receiver. (@​koic)
  • #1486: Fix false positives for Rails/Output when p method is a DSL. (@​koic)
  • #1495: Fix false positives for Rails/TransactionExitStatement when break is used in loop in transactions. (@​koic)
  • #1483: Fix autocorrection error when Rails/IndexWith has nested offenses. (@​lovro-bikic)

Changes

... (truncated)

Changelog

Sourced from rubocop-rails's changelog.

2.33.3 (2025-08-14)

Bug fixes

  • #1516: Fix wrong autocorrect for Rails/FindByOrAssignmentMemoization. ([@​earlopain][])

2.33.2 (2025-08-13)

Bug fixes

  • #1488: Fix an error for Rails/ReadWriteAttribute with a frozen string attribute name. ([@​viralpraxis][])

2.33.1 (2025-08-12)

Bug fixes

  • #1508: Fix an error for Rails/TransactionExitStatement when transaction is part of a method chain. ([@​earlopain][])
  • #1510: Fix Rails/OrderArguments cop false positives when using column index argument. ([@​viralpraxis][])
  • #1511: Don't register offenses for Rails/WhereExists when exists? is given multiple or splat arguments. ([@​lovro-bikic][])

2.33.0 (2025-08-10)

New features

Bug fixes

  • #1497: Fix bugs in Rails/PluckId and Rails/PluckInWhere. ([@​r7kamura][])
  • #1478: Fix a false negative for Rails/EnvLocal when having preceding conditions. ([@​fatkodima][])
  • #1505: Fix false negatives for Rails/Pluck when map method call is used in a block without a receiver. ([@​koic][])
  • #1486: Fix false positives for Rails/Output when p method is a DSL. ([@​koic][])
  • #1495: Fix false positives for Rails/TransactionExitStatement when break is used in loop in transactions. ([@​koic][])
  • #1483: Fix autocorrection error when Rails/IndexWith has nested offenses. ([@​lovro-bikic][])

Changes

Commits
  • d0dc3fb Cut 2.33.3
  • 6ccab18 Update Changelog
  • 812d404 Merge pull request #1516 from Earlopain/find-by-autocorrect
  • 1872c95 Fix wrong autocorrect for Rails/FindByOrAssignmentMemoization
  • e6c2b15 Switch back docs version to master
  • 61032ee Cut 2.33.2
  • fa6548a Update Changelog
  • 501e5d3 [Fix #1513] Tweak autocorrection code for Rails/FindByOrAssignmentMemoization
  • f178f30 Merge pull request #1514 from viralpraxis/fix-rails-read-write-attribute-froz...
  • 7269eb8 [Fix #1488] Fix an error for Rails/ReadWriteAttribute cop
  • Additional commits viewable in compare view

Updates selenium-webdriver from 4.34.0 to 4.35.0

Release notes

Sourced from selenium-webdriver's releases.

Selenium 4.35.0

Detailed Changelogs by Component

Java     |     Python     |     DotNet     |     Ruby     |     JavaScript

What's Changed

... (truncated)

Changelog

Sourced from selenium-webdriver's changelog.

4.35.0 (2025-08-12)

  • Add CDP for Chrome 139 and remove 136
  • Fix typos in javascript & rb (#16019)
  • Allow to use rubyzip v3 (#16108)
Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
rails [> 7.0.8.1]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will...

Description has been truncated

@dependabot dependabot bot added dependencies ruby Pull requests that update Ruby code labels Aug 13, 2025
@dependabot dependabot bot force-pushed the dependabot/bundler/ruby-deps-837af1e24f branch from 081d73c to 89f33d6 Compare August 14, 2025 07:34
@dependabot
chore(deps): bump the ruby-deps group with 7 updates
27bbfea 
Bumps the ruby-deps group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [turbo-rails](https://github.com/hotwired/turbo-rails) | `2.0.12` | `2.0.16` |
| [rails](https://github.com/rails/rails) | `7.0.8.1` | `8.0.2.1` |
| [acts-as-taggable-on](https://github.com/mbleigh/acts-as-taggable-on) | `11.0.0` | `12.0.0` |
| [selenium-webdriver](https://github.com/SeleniumHQ/selenium) | `4.34.0` | `4.35.0` |
| [jbuilder](https://github.com/rails/jbuilder) | `2.13.0` | `2.14.1` |
| [rubocop](https://github.com/rubocop/rubocop) | `1.79.1` | `1.79.2` |
| [rubocop-rails](https://github.com/rubocop/rubocop-rails) | `2.32.0` | `2.33.3` |


Updates `turbo-rails` from 2.0.12 to 2.0.16
- [Release notes](https://github.com/hotwired/turbo-rails/releases)
- [Commits](hotwired/turbo-rails@v2.0.12...v2.0.16)

Updates `rails` from 7.0.8.1 to 8.0.2.1
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v7.0.8.1...v8.0.2.1)

Updates `acts-as-taggable-on` from 11.0.0 to 12.0.0
- [Release notes](https://github.com/mbleigh/acts-as-taggable-on/releases)
- [Changelog](https://github.com/mbleigh/acts-as-taggable-on/blob/master/CHANGELOG.md)
- [Commits](mbleigh/acts-as-taggable-on@v11.0.0...v12.0.0)

Updates `selenium-webdriver` from 4.34.0 to 4.35.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](SeleniumHQ/selenium@selenium-4.34.0...selenium-4.35.0)

Updates `jbuilder` from 2.13.0 to 2.14.1
- [Release notes](https://github.com/rails/jbuilder/releases)
- [Commits](rails/jbuilder@v2.13.0...v2.14.1)

Updates `rubocop` from 1.79.1 to 1.79.2
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop@v1.79.1...v1.79.2)

Updates `rubocop-rails` from 2.32.0 to 2.33.3
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop-rails@v2.32.0...v2.33.3)

Updates `selenium-webdriver` from 4.34.0 to 4.35.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](SeleniumHQ/selenium@selenium-4.34.0...selenium-4.35.0)

---
updated-dependencies:
- dependency-name: turbo-rails
  dependency-version: 2.0.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: rails
  dependency-version: 8.0.2.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ruby-deps
- dependency-name: acts-as-taggable-on
  dependency-version: 12.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ruby-deps
- dependency-name: selenium-webdriver
  dependency-version: 4.35.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: ruby-deps
- dependency-name: jbuilder
  dependency-version: 2.14.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-deps
- dependency-name: rubocop
  dependency-version: 1.79.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: rubocop-rails
  dependency-version: 2.33.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: ruby-deps
- dependency-name: selenium-webdriver
  dependency-version: 4.35.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: ruby-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/bundler/ruby-deps-837af1e24f branch from 89f33d6 to 27bbfea Compare August 14, 2025 07:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies ruby Pull requests that update Ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants