forked from line/line-bot-sdk-ruby
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit 2479887
authored
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?v=4&size=40){kind=avatar}
Update dependency rack to '~> 3.1.0' (line#545)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [rack](https://redirect.github.com/rack/rack)
([changelog](https://redirect.github.com/rack/rack/blob/main/CHANGELOG.md))
| `'~> 3.0.14'` -> `'~> 3.1.0'` |
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
---
### Release Notes
<details>
<summary>rack/rack (rack)</summary>
###
[`v3.1.13`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#3113---2025-04-13)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.12...v3.1.13)
- Ensure `Rack::ETag` correctly updates response body.
([#​2324](https://redirect.github.com/rack/rack/pull/2324),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
###
[`v3.1.12`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#3112---2025-03-11)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.11...v3.1.12)
##### Security
-
[CVE-2025-27610](https://redirect.github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v)
Local file inclusion in `Rack::Static`.
###
[`v3.1.11`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#3111---2025-03-04)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.10...v3.1.11)
##### Security
-
[CVE-2025-27111](https://redirect.github.com/rack/rack/security/advisories/GHSA-8cgq-6mh2-7j6v)
Possible Log Injection in `Rack::Sendfile`.
###
[`v3.1.10`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#3110---2025-02-12)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.9...v3.1.10)
##### Security
-
[CVE-2025-25184](https://redirect.github.com/rack/rack/security/advisories/GHSA-7g2v-jj9q-g3rg)
Possible Log Injection in `Rack::CommonLogger`.
###
[`v3.1.9`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#319---2025-01-31)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.8...v3.1.9)
##### Fixed
- `Rack::MediaType#params` now handles parameters without values.
([#​2263](https://redirect.github.com/rack/rack/pull/2263),
[@​AllyMarthaJ](https://redirect.github.com/AllyMarthaJ))
###
[`v3.1.8`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#318---2024-10-14)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.7...v3.1.8)
##### Fixed
- Resolve deprecation warnings about uri `DEFAULT_PARSER`.
([#​2249](https://redirect.github.com/rack/rack/pull/2249),
\[[@​earlopain](https://redirect.github.com/earlopain)])
###
[`v3.1.7`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#317---2024-07-11)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.6...v3.1.7)
##### Fixed
- Do not remove escaped opening/closing quotes for content-disposition
filenames.
([#​2229](https://redirect.github.com/rack/rack/pull/2229),
\[[@​jeremyevans](https://redirect.github.com/jeremyevans)])
- Fix encoding setting for non-binary IO-like objects in
MockRequest#env_for.
([#​2227](https://redirect.github.com/rack/rack/pull/2227),
\[[@​jeremyevans](https://redirect.github.com/jeremyevans)])
- `Rack::Response` should not generate invalid `content-length` header.
([#​2219](https://redirect.github.com/rack/rack/pull/2219),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Allow empty PATH_INFO.
([#​2214](https://redirect.github.com/rack/rack/pull/2214),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
###
[`v3.1.6`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#316---2024-07-03)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.5...v3.1.6)
##### Fixed
- Fix several edge cases in `Rack::Request#parse_http_accept_header`'s
implementation.
([#​2226](https://redirect.github.com/rack/rack/pull/2226),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
###
[`v3.1.5`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#315---2024-07-02)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.4...v3.1.5)
##### Security
- Fix potential ReDoS attack in
`Rack::Request#parse_http_accept_header`.
([GHSA-cj83-2ww7-mvq7](https://redirect.github.com/rack/rack/security/advisories/GHSA-cj83-2ww7-mvq7),
[@​dwisiswant0](https://redirect.github.com/dwisiswant0))
###
[`v3.1.4`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#314---2024-06-22)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.3...v3.1.4)
##### Fixed
- Fix `Rack::Lint` matching some paths incorrectly as authority form.
([#​2220](https://redirect.github.com/rack/rack/pull/2220),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
###
[`v3.1.3`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#313---2024-06-12)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.2...v3.1.3)
##### Fixed
- Fix passing non-strings to `Rack::Utils.escape_html`.
([#​2202](https://redirect.github.com/rack/rack/pull/2202),
\[[@​earlopain](https://redirect.github.com/earlopain)])
- `Rack::MockResponse` gracefully handles empty cookies
([#​2203](https://redirect.github.com/rack/rack/pull/2203)
\[[@​wynksaiddestroy](https://redirect.github.com/wynksaiddestroy)])
###
[`v3.1.2`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#312---2024-06-11)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.1...v3.1.2)
- `Rack::Response` will take in to consideration chunked encoding
responses
([#​2204](https://redirect.github.com/rack/rack/pull/2204),
\[[@​tenderlove](https://redirect.github.com/tenderlove)])
###
[`v3.1.1`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#3113---2025-04-13)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.1.0...v3.1.1)
- Ensure `Rack::ETag` correctly updates response body.
([#​2324](https://redirect.github.com/rack/rack/pull/2324),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
###
[`v3.1.0`](https://redirect.github.com/rack/rack/blob/HEAD/CHANGELOG.md#310---2024-06-11)
[Compare
Source](https://redirect.github.com/rack/rack/compare/v3.0.15...v3.1.0)
:warning: **This release includes several breaking changes.** Refer to
the **Removed** section below for the list of deprecated methods that
have been removed in this release.
Rack v3.1 is primarily a maintenance release that removes features
deprecated in Rack v3.0. Alongside these removals, there are several
improvements to the Rack SPEC, mainly focused on enhancing input and
output handling. These changes aim to make Rack more efficient and align
better with the requirements of server implementations and relevant HTTP
specifications.
##### SPEC Changes
- `rack.input` is now optional.
([#​1997](https://redirect.github.com/rack/rack/pull/1997),
[#​2018](https://redirect.github.com/rack/rack/pull/2018),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- `PATH_INFO` is now validated according to the HTTP/1.1 specification.
([#​2117](https://redirect.github.com/rack/rack/pull/2117),
[#​2181](https://redirect.github.com/rack/rack/pull/2181),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- `OPTIONS *` is now accepted.
([#​2114](https://redirect.github.com/rack/rack/pull/2114),
[@​doriantaylor](https://redirect.github.com/doriantaylor))
- Introduce optional `rack.protocol` request and response header for
handling connection upgrades.
([#​1954](https://redirect.github.com/rack/rack/pull/1954),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
##### Added
- Introduce `Rack::Multipart::MissingInputError` for improved handling
of missing input in `#parse_multipart`.
([#​2018](https://redirect.github.com/rack/rack/pull/2018),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Introduce `module Rack::BadRequest` which is included in multipart and
query parser errors.
([#​2019](https://redirect.github.com/rack/rack/pull/2019),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Add `.mjs` MIME type
([#​2057](https://redirect.github.com/rack/rack/pull/2057),
[@​axilleas](https://redirect.github.com/axilleas))
- `set_cookie_header` utility now supports the `partitioned` cookie
attribute. This is required by Chrome in some embedded contexts.
([#​2131](https://redirect.github.com/rack/rack/pull/2131),
[@​flavio-b](https://redirect.github.com/flavio-b))
- Introduce `rack.early_hints` for sending `103 Early Hints`
informational responses.
([#​1831](https://redirect.github.com/rack/rack/pull/1831),
[@​casperisfine](https://redirect.github.com/casperisfine),
\[[@​jeremyevans](https://redirect.github.com/jeremyevans)])
##### Changed
- MIME type for JavaScript files (`.js`) changed from
`application/javascript` to `text/javascript`
([`1bd0f15`](https://redirect.github.com/rack/rack/commit/1bd0f1597d8f4a90d47115f3e156a8ce7870c9c8),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Update MIME types associated to `.ttf`, `.woff`, `.woff2` and `.otf`
extensions to use mondern `font/*` types.
([#​2065](https://redirect.github.com/rack/rack/pull/2065),
\[[@​davidstosik](https://redirect.github.com/davidstosik)])
- `Rack::Utils.escape_html` is now delegated to `CGI.escapeHTML`. `'` is
escaped to `#​39;` instead of `#x27;`. (decimal vs hexadecimal)
([#​2099](https://redirect.github.com/rack/rack/pull/2099),
[@​JunichiIto](https://redirect.github.com/JunichiIto))
- Clarify use of `@buffered` and only update `content-length` when
`Rack::Response#finish` is invoked.
([#​2149](https://redirect.github.com/rack/rack/pull/2149),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
##### Deprecated
- Deprecate automatic cache invalidation in `Request#{GET,POST}`
([#​2073](https://redirect.github.com/rack/rack/pull/2073),
\[[@​jeremyevans](https://redirect.github.com/jeremyevans)])
- Only cookie keys that are not valid according to the HTTP
specifications are escaped. We are planning to deprecate this behaviour,
so now a deprecation message will be emitted in this case. In the
future, invalid cookie keys may not be accepted.
([#​2191](https://redirect.github.com/rack/rack/pull/2191),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- `Rack::Logger` is deprecated.
([#​2197](https://redirect.github.com/rack/rack/pull/2197),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Add fallback lookup and deprecation warning for obsolete status
symbols.
([#​2137](https://redirect.github.com/rack/rack/pull/2137),
[@​wtn](https://redirect.github.com/wtn))
- Deprecate `Rack::Request#values_at`, use `request.params.values_at`
instead
([#​2183](https://redirect.github.com/rack/rack/pull/2183),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
##### Removed
- Remove deprecated `Rack::Auth::Digest` with no replacement.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::Cascade::NotFound` with no replacement.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::Chunked` with no replacement.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::File`, use `Rack::Files` instead.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::QueryParser` `key_space_limit` parameter with
no replacement.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::Response#header`, use
`Rack::Response#headers` instead.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated cookie methods from `Rack::Utils`:
`add_cookie_to_header`, `make_delete_cookie_header`,
`add_remove_cookie_to_header`.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::Utils::HeaderHash`.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::VERSION`, `Rack::VERSION_STRING`,
`Rack.version`, use `Rack.release` instead.
([#​1966](https://redirect.github.com/rack/rack/pull/1966),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove non-standard status codes 306, 509, & 510 and update
descriptions for 413, 422, & 451.
([#​2137](https://redirect.github.com/rack/rack/pull/2137),
[@​wtn](https://redirect.github.com/wtn))
- Remove any dependency on `transfer-encoding: chunked`.
([#​2195](https://redirect.github.com/rack/rack/pull/2195),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
- Remove deprecated `Rack::Request#[]`, use `request.params[key]`
instead
([#​2183](https://redirect.github.com/rack/rack/pull/2183),
\[[@​ioquatix](https://redirect.github.com/ioquatix)])
##### Fixed
- In `Rack::Files`, ignore the `Range` header if served file is 0 bytes.
([#​2159](https://redirect.github.com/rack/rack/pull/2159),
\[[@​zarqman](https://redirect.github.com/zarqman)])
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/line/line-bot-sdk-ruby).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNTcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjI1Ny4zIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY3kgdXBncmFkZSJdfQ==-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>1 parent fb21a60 commit 2479887Copy full SHA for 2479887
File tree
Expand file treeCollapse file tree
2 files changed
+3
-3
lines changedOpen diff view settings
Filter options
Expand file treeCollapse file tree
2 files changed
+3
-3
lines changedOpen diff view settings
Collapse file
+1-1Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
7 | | - | |
| 7 | + | |
8 | 8 | | |
9 | 9 | | |
10 | 10 | | |
| |||
Collapse file
+2-2Lines changed: 2 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
58 | 58 | | |
59 | 59 | | |
60 | 60 | | |
61 | | - | |
| 61 | + | |
62 | 62 | | |
63 | 63 | | |
64 | 64 | | |
| |||
138 | 138 | | |
139 | 139 | | |
140 | 140 | | |
141 | | - | |
| 141 | + | |
142 | 142 | | |
143 | 143 | | |
144 | 144 | | |
| |||
0 commit comments