Bump the ruby-deps group across 4 directories with 29 updates

[dependabot]

Bumps the ruby-deps group with 1 update in the / directory: rack.
Bumps the ruby-deps group with 5 updates in the /examples/camping directory:

Package	From	To
rack	2.2.18	2.2.19
camping	2.1.532	3.2.6
rack	2.2.19	3.2.2
rackup	1.0.1	2.1.0
rexml	3.4.3	3.4.4
rubyzip	3.1.0	3.1.1

Bumps the ruby-deps group with 2 updates in the /examples/rails7 directory: rack and rails.
Bumps the ruby-deps group with 2 updates in the /examples/sinatra directory: rack and sinatra.

Updates rack from 2.2.18 to 2.2.19

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates rack from 2.2.18 to 2.2.19

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates camping from 2.1.532 to 3.2.6

Updates rack from 2.2.19 to 3.2.2

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates rackup from 1.0.1 to 2.1.0

Changelog

Sourced from rackup's changelog.

v2.1.0

• Correctly support streaming responses with webrick.

v2.0.0

• Initial release and migration of code from rack.

Commits

• eaea24a Bump minor version.
• 482635c Correctly support streaming responses with webrick. (#8)
• f3cab52 Update contributors according to enhanced mailmap.
• 036b1bd Bump major version.
• 686416d Install Ragel dependency for Puma.
• 690883d Test falcon and puma external test suites.
• 8321537 Add missing rackup executable.
• 1c1dfd6 Test on main rack.
• ce660d5 Revert "Prepare for Rack 2.x compatible release."
• See full diff in compare view

Updates rexml from 3.4.3 to 3.4.4

Release notes

Sourced from rexml's releases.

REXML 3.4.4 - 2025-09-10

Improvement

• Accept REXML::Document.new("") for backward compatibility
  • GH-296
  • GH-295
  • Patch by NAITOH Jun
  • Reported by Joe Rafaniello

Thanks

• NAITOH Jun

• Joe Rafaniello

Changelog

Sourced from rexml's changelog.

3.4.4 - 2025-09-10 {#version-3-4-4}

Improvement

• Accept REXML::Document.new("") for backward compatibility
  • GH-296
  • GH-295
  • Patch by NAITOH Jun
  • Reported by Joe Rafaniello

Thanks

• NAITOH Jun

• Joe Rafaniello

Commits

• 4f32ea3 Add 3.4.4 entry (#297)
• 37cde3f Accept REXML::Document.new("") for backward compatibility (#295)
• 4ffe211 Bump version
• See full diff in compare view

Updates rubyzip from 3.1.0 to 3.1.1

Release notes

Sourced from rubyzip's releases.

v3.1.1

Version 3.1.1

The 3.1.x line adds AES decryption.

⚠️ There are breaking changes in the 3.x series ⚠️

Please see the README and Updating to version 3.x in the wiki for help upgrading from version 2.4.x to version 3.x.

Changelog

Sourced from rubyzip's changelog.

3.1.1 (2025-09-26)

• Improve the IO pipeline when decompressing. #649 (which also fixes #647)

Tooling/internal:

• Improve the DecryptedIo class with various updates and optimizations.
• Remove the NullDecrypter class.
• Properly convert the test suite to use minitest.
• Move all test helper code into separate files.
• Updates to the Actions CI, including new OS versions.
• Update rubocop versions and fix resultant cop failures. #646

Commits

• f87340d Update version number and Changelog for release.
• 813d96d Add a Rubocop badge to the README.
• 61c25b0 Reduce the number of YJIT test runs in CI.
• 69dcb8e Allow Windows CI builds to fail.
• da44b2c Update OS versions in the Actions CI.
• fd78455 Use require_relative when pulling in test_helper.
• 78848c5 Only require test helpers where they are needed.
• e55f7c9 Move all test helper code into separate files.
• 5f1fcb2 Remove unnecessary perms from gentestfiles.rb.
• ceabd03 Remove unnecessary requires from test_helper.rb.
• Additional commits viewable in compare view

Updates rackup from 1.0.1 to 2.1.0

Changelog

Sourced from rackup's changelog.

v2.1.0

• Correctly support streaming responses with webrick.

v2.0.0

• Initial release and migration of code from rack.

Commits

• eaea24a Bump minor version.
• 482635c Correctly support streaming responses with webrick. (#8)
• f3cab52 Update contributors according to enhanced mailmap.
• 036b1bd Bump major version.
• 686416d Install Ragel dependency for Puma.
• 690883d Test falcon and puma external test suites.
• 8321537 Add missing rackup executable.
• 1c1dfd6 Test on main rack.
• ce660d5 Revert "Prepare for Rack 2.x compatible release."
• See full diff in compare view

Updates rack from 2.2.18 to 2.2.19

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates rails from 7.2.2.2 to 8.0.3

Release notes

Sourced from rails's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Commits

• 529f933 Preparing for 8.0.3 release
• 6409b24 Merge pull request #55719 from skipkayhil/hm-fix-label-for-namespace
• 030f68c Remove lock for rdoc gem in Gemfile
• 0160f42 Sync CHANGELOGs
• 6394bfb Merge pull request #55725 from byroot/js-include-type-module-sym
• 0ff0d09 Merge pull request #55724 from fatkodima/preserve-locale-eml-preview
• 74038d7 Merge pull request #55722 from kozy4324/fix-lease-sticky-flag-timing
• 78fe965 Merge pull request #55710 from Shopify/grodowski/file-update-checker-time-tra...
• 4fc9618 Merge pull request #55703 from byroot/hly-fix-query-cache-system-tests-2
• 847072c Fix TransitionTable#as_json compatibility with json 2.14.0
• Additional commits viewable in compare view

Updates actioncable from 7.2.2.2 to 8.0.3

Release notes

Sourced from actioncable's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from actioncable's changelog.

Rails 8.0.3 (September 22, 2025)

• Fixed compatibility with redis gem 5.4.1

  Jean Boussier

• Fixed a possible race condition in stream_from.

  OuYangJinTing

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.1 (December 13, 2024)

• Ensure the Postgresql adapter always use a dedicated connection even during system tests.

  Fix an issue with the Action Cable Postgresql adapter causing deadlock or various weird pg client error during system tests.

  Jean Boussier

Rails 8.0.0.1 (December 10, 2024)

• No changes.

Rails 8.0.0 (November 07, 2024)

• No changes.

Rails 8.0.0.rc2 (October 30, 2024)

• No changes.

Rails 8.0.0.rc1 (October 19, 2024)

• No changes.

... (truncated)

Commits

• 529f933 Preparing for 8.0.3 release
• 0160f42 Sync CHANGELOGs
• 5eb4c3d Merge pull request #54031 from bai/bun-lockfile-txt
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• 5f3b209 Replace "mailing list" with "forum" [ci-skip]
• e0278f5 Merge pull request #55359 from byroot/actioncable-redis-5.4.1-compat
• cb04cf5 Appease rubocop
• 11493e8 Fix changelog formatting
• f5b8826 Merge pull request #55201 from OuYangJinTing/fix/actioncable/channel
• Additional commits viewable in compare view

Updates actionmailbox from 7.2.2.2 to 8.0.3

Release notes

Sourced from actionmailbox's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from actionmailbox's changelog.

Rails 8.0.3 (September 22, 2025)

• No changes.

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.1 (December 13, 2024)

• No changes.

Rails 8.0.0.1 (December 10, 2024)

• No changes.

Rails 8.0.0 (November 07, 2024)

• No changes.

Rails 8.0.0.rc2 (October 30, 2024)

• No changes.

Rails 8.0.0.rc1 (October 19, 2024)

• No changes.

Rails 8.0.0.beta1 (September 26, 2024)

Please check 7-2-stable for previous changes.

Commits

• 529f933 Preparing for 8.0.3 release
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• 5308e75 Merge pull request #53383 from Earlopain/rack-3.2-deprecation
• 2ec3115 Fix CHANGELOG
• 3235827 Preparing for 8.0.2 release
• 6644442 Merge pull request #54617 from byroot/move-strict-warnings
• cf6ff17 Preparing for 8.0.1 release
• a993c27 Preparing for 8.0.0.1 release
• dd8f718 Preparing for 8.0.0 release
• Additional commits viewable in compare view

Updates actionmailer from 7.2.2.2 to 8.0.3

Release notes

Sourced from actionmailer's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from actionmailer's changelog.

Rails 8.0.3 (September 22, 2025)

• No changes.

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.1 (December 13, 2024)

• No changes.

Rails 8.0.0.1 (December 10, 2024)

• No changes.

Rails 8.0.0 (November 07, 2024)

• No changes.

Rails 8.0.0.rc2 (October 30, 2024)

• No changes.

Rails 8.0.0.rc1 (October 19, 2024)

• No changes.

Rails 8.0.0.beta1 (September 26, 2024)

Please check 7-2-stable for previous changes.

Commits

• 529f933 Preparing for 8.0.3 release
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• 5f3b209 Replace "mailing list" with "forum" [ci-skip]
• 2ec3115 Fix CHANGELOG
• 3235827 Preparing for 8.0.2 release
• 84f47ad Merge pull request #54702 from fatkodima/fix-action_mailer-default_options-docs
• 6644442 Merge pull request #54617 from byroot/move-strict-warnings
• f97b866 Use monospace formatting [ci-skip]
• cf6ff17 Preparing for 8.0.1 release
• Additional commits viewable in compare view

Updates actionpack from 7.2.2.2 to 8.0.3

Release notes

Sourced from actionpack's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from actionpack's changelog.

Rails 8.0.3 (September 22, 2025)

• URL helpers for engines mounted at the application root handle SCRIPT_NAME correctly.

  Fixed an issue where SCRIPT_NAME is not applied to paths generated for routes in an engine mounted at "/".

  Mike Dalessio

• Fix Rails.application.reload_routes! from clearing almost all routes.

  When calling Rails.application.reload_routes! inside a middleware of a Rake task, it was possible under certain conditions that all routes would be cleared. If ran inside a middleware, this would result in getting a 404 on most page you visit. This issue was only happening in development.

  Edouard Chin

• Address rack 3.2 deprecations warnings.

  warning: Status code :unprocessable_entity is deprecated and will be removed in a future version of Rack.
  Please use :unprocessable_content instead.
  

  Rails API will transparently convert one into the other for the foreseeable future.

  Earlopain, Jean Boussier

• Support hash-source in Content Security Policy.

  madogiwa

• Always return empty body for HEAD requests in PublicExceptions and DebugExceptions.

  This is required by Rack::Lint (per RFC9110).

  Hartley McGuire

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• Improve with_routing test helper to not rebuild the middleware stack.

  Otherwise some middleware configuration could be lost.

... (truncated)

Commits

• 529f933 Preparing for 8.0.3 release
• 0160f42 Sync CHANGELOGs
• 847072c Fix TransitionTable#as_json compatibility with json 2.14.0
• a195ea9 Fix SCRIPT_NAME handling in URL helpers for root-mounted engines (#55668)
• 87e495d Merge pull request #55675 from skipkayhil/hm-ouuplulxpznztlyp
• 13123c4 Merge pull request #54306 from Edouard-chin/ec-routes-reloading
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• d6a8692 Merge pull request #54207 from madogiwa0124/support-csp-hash-source
• f495b6e Format example as code instead of ASCII table [ci-skip]
• Additional commits viewable in compare view

Updates actiontext from 7.2.2.2 to 8.0.3

Release notes

Sourced from actiontext's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from actiontext's changelog.

Rails 8.0.3 (September 22, 2025)

• Add rollup-plugin-terser as a dev dependency.

  Édouard Chin

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.1 (December 13, 2024)

• No changes.

Rails 8.0.0.1 (December 10, 2024)

• Update vendored trix version to 2.1.10

  John Hawthorn

Rails 8.0.0 (November 07, 2024)

• No changes.

Rails 8.0.0.rc2 (October 30, 2024)

• No changes.

Rails 8.0.0.rc1 (October 19, 2024)

• No changes.

Rails 8.0.0.beta1 (September 26, 2024)

... (truncated)

Commits

• 529f933 Preparing for 8.0.3 release
• 6409b24 Merge pull request #55719 from skipkayhil/hm-fix-label-for-namespace
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• 91d803c Remove RDoc artifacts [ci-skip]
• 144c965 Fix RDoc links for ActionText::RichText#embeds [ci-skip]
• e4aefa9 Merge pull request #54798 from Edouard-chin/ec-actiontext-rollup
• 2ec3115 Fix CHANGELOG
• 3235827 Preparing for 8.0.2 release
• 6644442 Merge pull request #54617 from byroot/move-strict-warnings
• Additional commits viewable in compare view

Updates actionview from 7.2.2.2 to 8.0.3

Release notes

Sourced from actionview's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from actionview's changelog.

Rails 8.0.3 (September 22, 2025)

• Fix label with for option not getting prefixed by form namespace value

  Abeid Ahmed, Hartley McGuire

• Fix javascript_include_tag type option to accept either strings and symbols.

  javascript_include_tag "application", type: :module
  javascript_include_tag "application", type: "module"

  Previously, only the string value was recognized.

  Jean Boussier

• Fix excerpt helper with non-whitespace separator.

  Jonathan Hefner

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• Respect html_options[:form] when collection_checkboxes generates the hidden <input>.

  Riccardo Odone

• Layouts have access to local variables passed to render.

  This fixes #31680 which was a regression in Rails 5.1.

  Mike Dalessio

• Argument errors related to strict locals in templates now raise an ActionView::StrictLocalsError, and all other argument errors are reraised as-is.

  Previously, any ArgumentError raised during template rendering was swallowed during strict local error handling, so that an ArgumentError unrelated to strict locals (e.g., a helper method invoked with incorrect arguments) would be replaced by a similar ArgumentError with an unrelated backtrace, making it difficult to debug templates.

  Now, any ArgumentError unrelated to strict locals is reraised, preserving the original backtrace for developers.

... (truncated)

Commits

• 529f933 Preparing for 8.0.3 release
• 6409b24 Merge pull request #55719 from skipkayhil/hm-fix-label-for-namespace
• 0160f42 Sync CHANGELOGs
• 6394bfb Merge pull request #55725 from byroot/js-include-type-module-sym
• 93fcfc1 Merge pull request #55587 from marcoroth/erubi-typo
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• 4a441e9 Merge pull request #55476 from jonathanhefner/excerpt-with-non-whitespace-sep...
• 5f3b209 Replace "mailing list" with "forum" [ci-skip]
• e4049d3 Add missing punctuation [ci-skip]
• Additional commits viewable in compare view

Updates activejob from 7.2.2.2 to 8.0.3

Release notes

Sourced from activejob's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from activejob's changelog.

Rails 8.0.3 (September 22, 2025)

• Include the actual Active Job locale when serializing rather than I18n locale.

  Adrien S

• Fix retry_job instrumentation when using :test adapter for Active Job.

  fatkodima

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.1 (December 13, 2024)

• Avoid crashing in Active Job logger when logging enqueueing errors

  ActiveJob.perform_all_later could fail with a TypeError when all provided jobs failed to be enqueueed.

  Efstathios Stivaros

Rails 8.0.0.1 (December 10, 2024)

• No changes.

Rails 8.0.0 (November 07, 2024)

• No changes.

Rails 8.0.0.rc2 (October 30, 2024)

• No changes.

Rails 8.0.0.rc1 (October 19, 2024)

• Remove deprecated config.active_job.use_big_decimal_serializer.

... (truncated)

Commits

• 529f933 Preparing for 8.0.3 release
• 0160f42 Sync CHANGELOGs
• 5243215 Merge pull request #55682 from npezza93/bug-fix
• fd6ae05 Merge pull request #55661 from npezza93/job-date
• ae73ec6 Merge pull request #55568 from zzak/sidekiq-issues
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• 5f3b209 Replace "mailing list" with "forum" [ci-skip]
• e4049d3 Add missing punctuation [ci-skip]
• 69f3f88 Fully qualify ActiveJob::Arguments for auto-link [ci-skip]
• Additional commits viewable in compare view

Updates activemodel from 7.2.2.2 to 8.0.3

Release notes

Sourced from activemodel's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

  Alessandro Dal Grande

• Fix configuring RedisCacheStore with raw: true.

  fatkodima

... (truncated)

Changelog

Sourced from activemodel's changelog.

Rails 8.0.3 (September 22, 2025)

• Fix has_secure_password to perform confirmation validation of the password even when blank.

  The validation was incorrectly skipped when the password only contained whitespace characters.

  Fabio Sangiovanni

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.1 (December 13, 2024)

• No changes.

Rails 8.0.0.1 (December 10, 2024)

• No changes.

Rails 8.0.0 (November 07, 2024)

• No changes.

Rails 8.0.0.rc2 (October 30, 2024)

• No changes.

Rails 8.0.0.rc1 (October 19, 2024)

• Add :except_on option for validations. Grants the ability to skip validations in specified contexts.

  class User < ApplicationRecord
      #...
      validates :birthday, presence: { except_on: :admin }
      #...
  end

... (truncated)

Commits

• 529f933 Preparing for 8.0.3 release
• 1cab75f Merge pull request #55677 from alexkuebo/patch-1
• b2ad417 Merge security patches in 8-0-stable
• b0c813b Preparing for 8.0.2.1 release
• f5a0c11 Use comment for example return values [ci-skip]
• 5f3b209 Replace "mailing list" with "forum" [ci-skip]
• bbb624b Link using rdoc-ref instead of rdoc-label [ci-skip]
• cb12148 Use headings for args documentation [ci-skip]
• 739827f Improve Active Model changelog
• 2b971fd Merge pull request #55232 from callmesangio/fix-gh-55225
• Additional commits viewable in compare view

Updates activerecord from 7.2.2.2 to 8.0.3

Release notes

Sourced from activerecord's releases.

8.0.3

Active Support

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Make ActiveSupport::Logger #freeze-friendly.

  Joshua Young

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it...

  Description has been truncated

[chadlwilson]

@dependabot ignore camping major version

[dependabot]

OK, I won't notify you about version 3.x.x of camping again, unless you unignore it.

[chadlwilson]

@dependabot ignore rails major version

[dependabot]

OK, I won't notify you about version 8.x.x of rails again, unless you unignore it.

[dependabot]

Looks like these dependencies are no longer being updated by Dependabot, so this is no longer needed.