Bump puma from 3.12.6 to 4.3.8
Created by: dependabot[bot]
Bumps puma from 3.12.6 to 4.3.8.
Release notes
Sourced from puma's releases.
v4.3.8
- Security
- Close keepalive connections after the maximum number of fast inlined requests (#2625)
v4.3.6
https://github.com/puma/puma/compare/v4.3.5...4.3.6
A quick fix for a build error on Mac OS and a JSON require fix for those using phased restart.
- Explicitly include ctype.h to fix compilation warning and build error on macOS with Xcode 12 (#2304)
- Don't require json at boot (#2269)
v4.3.0 - Mysterious Traveller
Features
Bugfixes
4.2.1
- 3 bugfixes
4.2.0 - Distant Airhorns
- 6 features
- Pumactl has a new -e environment option and reads config/puma/.rb config files (#1885)
- Semicolons are now allowed in URL paths (MRI only), useful for Angular or Redmine (#1934)
- Allow extra dependencies to be defined when using prune_bundler (#1105)
- Puma now reports the correct port when binding to port 0, also reports other listeners when binding to localhost (#1786)
- Sending SIGINFO to any Puma worker now prints currently active threads and their backtraces (#1320)
- Puma threads all now have their name set on Ruby 2.3+ (#1968)
- 4 bugfixes
- Absolutely thousands of lines of test improvements and fixes thanks to
@MSP-Greg
... (truncated)
Changelog
Sourced from puma's changelog.
4.3.8 / 2021-05-11
- Security
- Close keepalive connections after the maximum number of fast inlined requests (#2625)
4.3.7 / 2020-11-30
4.3.6 / 2020-09-05
Commits
-
b911c13
4.3.8 release note -
09bb777
Bump version constant -
8088950
Close keepalive connections after MAX_FAST_INLINE requests -
f3c95af
4.3.7 -
77a90ec
Backport set CONTENT_LENGTH for chunked requests (#2496) -
a418e5c
Updates to 4.3.6 to pass CI, adds Ubuntu 20.04 [changelog skip] (#2380) -
3e3647a
v4.3.6 -
73cfdf5
Merge pull request #2314 from venables/fix-include -
fa54f4d
Merge pull request #2269 from MSP-Greg/json-require -
a24b51b
Bump version - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.