fix(deps): update ruby packages

This MR contains the following updates:

Package	Update	Change
prometheus-client	patch	4.2.0 -> 4.2.1
puma (source, changelog)	patch	6.3.0 -> 6.3.1
rails (source, changelog)	patch	7.0.6 -> 7.0.7.2
rubocop (source, changelog)	minor	1.55.1 -> 1.56.2
selenium-webdriver (source, changelog)	minor	4.10.0 -> 4.11.0
stimulus-rails (source)	patch	1.2.1 -> 1.2.2
timecop	patch	0.9.6 -> 0.9.8

---

Release Notes

prometheus/client_ruby (prometheus-client)

v4.2.1

Compare Source

Codename: If a bug falls in the forest

Bug fixes

• #​291 Handle / in job name in Prometheus::Client::Push: Previously, if you included a / in your job name when using the Pushgateway client, you'd get a 400 error back as we didn't encode it properly. We now base64 encode it per the Pushgateway spec.

  It's possible that nobody has hit this bug (/ is fairly unlikely to appear in a job name) or that the error message (a 400 from Pushgateway with a complaint about an odd number of path components) didn't make it look like a bug in the Ruby client. Either way, this hopefully brings us fully in line with the spec!

puma/puma (puma)

v6.3.1

Compare Source

• Security
  • Address HTTP request smuggling vulnerabilities with zero-length Content Length header and trailer fields (GHSA-68xg-gqqm-vgj8)

rails/rails (rails)

v7.0.7.2: 7.0.7.2 release

Compare Source

No changes between this and 7.0.7.2. This release was just to fix file permissions in the previous release.

v7.0.7.1: 7.0.7.1

Compare Source

Active Support

• Use a temporary file for storing unencrypted files while editing

  [CVE-2023-38037]

Active Model

• No changes.

Active Record

• No changes.

Action View

• No changes.

Action Pack

• No changes.

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• No changes.

Railties

• No changes.

v7.0.7: 7.0.7

Compare Source

Active Support

• Fix Cache::NullStore with local caching for repeated reads.

  fatkodima

• Fix to_s with no arguments not respecting custom :default formats

  Hartley McGuire

• Fix ActiveSupport::Inflector.humanize(nil) raising NoMethodError: undefined method `end_with?' for nil:NilClass.

  James Robinson

• Fix Enumerable#sum for Enumerator#lazy.

  fatkodima, Matthew Draper, Jonathan Hefner

• Improve error message when EventedFileUpdateChecker is used without a compatible version of the Listen gem

  Hartley McGuire

Active Model

• Error.full_message now strips ":base" from the message.

  zzak

• Add a load hook for ActiveModel::Model (named active_model) to match the load hook for ActiveRecord::Base and allow for overriding aspects of the ActiveModel::Model class.

Active Record

• Restores functionality to the missing method when using enums and fixes.

  paulreece

• Fix StatementCache::Substitute with serialized type.

  ywenc

• Fix :db_runtime on notification payload when application have multiple databases.

  Eileen M. Uchitelle

• Correctly dump check constraints for MySQL 8.0.16+.

  Steve Hill

• Fix ActiveRecord::QueryMethods#in_order_of to include nils, to match the behavior of Enumerable#in_order_of.

  For example, Post.in_order_of(:title, [nil, "foo"]) will now include posts with nil titles, the same as Post.all.to_a.in_order_of(:title, [nil, "foo"]).

  fatkodima

• Revert "Fix autosave associations with validations added on :base of the associated objects."

  This change intended to remove the :base attribute from the message, but broke many assumptions which key these errors were stored.

  zzak

• Fix #previously_new_record? to return true for destroyed records.

  Before, if a record was created and then destroyed, #previously_new_record? would return true. Now, any UPDATE or DELETE to a record is considered a change, and will result in #previously_new_record? returning false.

  Adrianna Chang

• Revert breaking changes to has_one relationship deleting the old record before the new one is validated.

  zzak

• Fix support for Active Record instances being uses in queries.

  As of 7.0.5, query arguments were deep duped to avoid mutations impacting the query cache, but this had the adverse effect to clearing the primary key when the query argument contained an ActiveRecord::Base instance.

  This broke the noticed gem.

  Jean Boussier

Action View

• Fix render collection: @​records, cache: true to cache fragments as bare strings

  Previously it would incorrectly cache them as Action View buffers.

  Jean Boussier

• Don't double-encode nested field_id and field_name index values

  Pass index: @​options as a default keyword argument to field_id and field_name view helper methods.

  Sean Doyle

Action Pack

• No changes.

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

• No changes.

Action Mailbox

• No changes.

Action Text

• No changes.

Railties

• Update default scaffold templates to set 303 (See Other) as status code on redirect for the update action for XHR requests other than GET or POST to avoid issues (e.g browsers trying to follow the redirect using the original request method resulting in double PATCH/PUT)

  Guillermo Iguaran

rubocop/rubocop (rubocop)

v1.56.2

Compare Source

Bug fixes

• #​12138: Fix a false positive for Layout/LineContinuationLeadingSpace when a backslash is part of a multiline string literal. ([@​ymap][])
• #​12155: Fix false positive for Layout/RedundantLineBreak when using a modified singleton method definition. ([@​koic][])
• #​12143: Fix a false positive for Lint/ToEnumArguments when using anonymous keyword arguments forwarding. ([@​koic][])
• #​12148: Fix an incorrect autocorrect for Lint/NonAtomicFileOperation when using FileUtils.remove_dir, FileUtils.remove_entry, or FileUtils.remove_entry_secure. ([@​koic][])
• #​12141: Fix false positive for Style/ArgumentsForwarding when method def includes additional kwargs. ([@​owst][])
• #​12154: Fix incorrect diagnosticProvider value of LSP. ([@​koic][])

v1.56.1

Compare Source

Bug fixes

• #​12136: Fix a false negative for Layout/LeadingCommentSpace when using #+ or #- as they are not RDoc comments. ([@​koic][])
• #​12113: Fix a false positive for Bundler/DuplicatedGroup when groups are duplicated but source, git, platforms, or path values are different. ([@​koic][])
• #​12134: Fix a false positive for Style/MethodCallWithArgsParentheses when parentheses are used in one-line in pattern matching. ([@​koic][])
• #​12111: Fix an error for Bundler/DuplicatedGroup group declaration has keyword option. ([@​koic][])
• #​12109: Fix an error for Style/ArgumentsForwarding cop when forwarding kwargs/block arg and an additional arg. ([@​ydah][])
• #​12117: Fix a false positive for Style/ArgumentsForwarding cop when not always forwarding block. ([@​owst][])
• #​12115: Fix an error for Style/Lambda when using numbered parameter with a multiline -> call. ([@​koic][])
• #​12124: Fix false positives for Style/RedundantParentheses when parentheses in super or yield call with multiline style argument. ([@​koic][])
• #​12120: Fix false positives for Style/SymbolArray when %i array containing unescaped [, ], (, or ). ([@​koic][])
• #​12133: Fix Style/RedundantSelfAssignmentBranch to handle heredocs. ([@​r7kamura][])
• #​12105: Fix target ruby Gem::Requirement matcher and version parsing to support multiple version constraints. ([@​ItsEcholot][])

v1.56.0

Compare Source

New features

• #​12074: Add new Bundler/DuplicatedGroup cop. ([@​OwlKing][])
• #​12078: Make LSP server support rubocop.formatAutocorrectsAll execute command. ([@​koic][])

Bug fixes

• #​12106: Fix a false negative for Style/RedundantReturn when returning value with guard clause and return is used. ([@​koic][])
• #​12095: Fix a false positive for Style/Alias when EncforcedStyle: prefer_alias and using alias with interpolated symbol argument. ([@​koic][])
• #​12098: Fix a false positive for Style/ClassEqualityComparison when comparing interpolated string class name for equality. ([@​koic][])
• #​12102: Fix an error for Style/LambdaCall when using nested lambda call x.().(). ([@​koic][])
• #​12099: Fix an incorrect autocorrect for Style/Alias when EncforcedStyle: prefer_alias_method and using alias with interpolated symbol argument. ([@​koic][])
• #​12085: Fix an error for Lint/SuppressedException when AllowNil: true is set and endless method definition is used. ([@​koic][])
• #​12087: Fix false positives for Style/ArgumentsForwarding with additional args/kwargs in def/send nodes. ([@​owst][])
• #​12071: Fix Style/SymbolArray false positives when using square brackets or interpolation in a symbol literal in a percent style array. ([@​jasondoc3][])
• #​12061: Support regex in StringLiteralsInInterpolation. ([@​jonas054][])
• #​12091: With --fail-level A ignore non-correctable offenses at :info severity. ([@​naveg][])

Changes

• #​12094: Add base64 gem to runtime dependency to suppress Ruby 3.3's warning. ([@​koic][])

SeleniumHQ/selenium (selenium-webdriver)

v4.11.0

========================= Ruby:

• Made network interception threads fail silently (#​12226)
• Have Selenium Manager binary locate drivers on PATH (#​12345)
• Add browser output from selenium manager to options (#​12398)
• Remove deprecated code (#​12417) BiDi:
• Released selenium-devtools 0.115.0 (supports CDP v85, v113, v114, v115) Edge:
• Adding ignore process match for IE Mode across bindings (#​12279)

hotwired/stimulus-rails (stimulus-rails)

v1.2.2

Compare Source

What's Changed

• Upgrade to Stimulus 3.2.2 by @​dhh
• Use stimulus router lookup table to decide if controller is registered by @​ikanade in https://github.com/hotwired/stimulus-rails/pull/113
• Add skip_manifest option to generator by @​KevinBerthier in https://github.com/hotwired/stimulus-rails/pull/123

New Contributors

• @​ikanade made their first contribution in https://github.com/hotwired/stimulus-rails/pull/113
• @​KevinBerthier made their first contribution in https://github.com/hotwired/stimulus-rails/pull/123

Full Changelog: https://github.com/hotwired/stimulus-rails/compare/v1.2.1...v1.2.2

travisjeffery/timecop (timecop)

v0.9.8

Compare Source

• Revert Reduce memory usage (#​404)
• More better support for commercial and week-based date formats(#​408)

v0.9.7

Compare Source

• Fix frozen? to return false when traveling or scaled (TKTK)
• Reduce memory usage (#​404)
• Better support for commercial and week-based date formats(#​406)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.