{"id":3072,"name":"sinatra","ecosystem":"rubygems","repository_url":"https://github.com/sinatra/sinatra","issues_count":283,"created_at":"2025-06-06T15:56:18.844Z","updated_at":"2025-06-06T15:56:18.844Z","purl":"pkg:gem/sinatra","metadata":{"id":302921,"name":"sinatra","ecosystem":"rubygems","description":"Sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.","homepage":"http://sinatrarb.com/","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/sinatra/sinatra","keywords_array":[],"namespace":null,"versions_count":106,"first_release_published_at":"2009-07-25T17:52:06.000Z","latest_release_published_at":"2024-11-20T15:49:13.691Z","latest_release_number":"4.1.1","last_synced_at":"2025-06-06T01:06:44.398Z","created_at":"2022-04-06T10:58:45.006Z","updated_at":"2025-06-06T01:09:59.619Z","registry_url":"https://rubygems.org/gems/sinatra","install_command":"gem install sinatra -s https://rubygems.org","documentation_url":"http://www.rubydoc.info/gems/sinatra/","metadata":{"funding":null},"repo_metadata":{"id":481356,"uuid":"106995","full_name":"sinatra/sinatra","owner":"sinatra","description":"Classy web-development dressed in a DSL (official / canonical repo)","archived":false,"fork":false,"pushed_at":"2025-05-24T00:17:45.000Z","size":7724,"stargazers_count":12308,"open_issues_count":38,"forks_count":2074,"subscribers_count":372,"default_branch":"main","last_synced_at":"2025-06-03T08:21:51.641Z","etag":null,"topics":["rack","ruby","sinatra","web-framework"],"latest_commit_sha":null,"homepage":"https://sinatrarb.com","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sinatra.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS.md","dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2009-01-14T01:27:30.000Z","updated_at":"2025-06-01T17:30:12.000Z","dependencies_parsed_at":"2023-07-05T15:03:26.510Z","dependency_job_id":"0cbf1bf2-fcba-4a3d-9cbb-7c77433cd992","html_url":"https://github.com/sinatra/sinatra","commit_stats":{"total_commits":3683,"total_committers":529,"mean_commits":6.96219281663516,"dds":0.7366277491175672,"last_synced_commit":"7b50a1bbb5324838908dfaa00ec53ad322673a29"},"previous_names":[],"tags_count":156,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sinatra","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":257777828,"owners_count":22600749,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"sinatra","name":"Sinatra","uuid":"8312","kind":"organization","description":null,"email":null,"website":"http://www.sinatrarb.com","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/8312?v=4","repositories_count":12,"last_synced_at":"2024-03-25T19:32:57.740Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/sinatra","funding_links":[],"total_stars":15588,"followers":46,"following":0,"created_at":"2022-11-02T16:17:24.429Z","updated_at":"2024-03-25T19:33:04.877Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sinatra","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sinatra/repositories"},"tags":[{"name":"v4.0.1","sha":"7dc5940e44cfa6d176b267f2165aa8116032669d","kind":"tag","published_at":"2025-05-23T22:16:25.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v4.0.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v4.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.0.1/manifests"},{"name":"v4.1.1","sha":"7b50a1bbb5324838908dfaa00ec53ad322673a29","kind":"tag","published_at":"2024-11-20T15:48:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v4.1.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v4.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.1.1/manifests"},{"name":"v4.1.0","sha":"73f3291d114b5b211e067263eeb9c0e197fe8500","kind":"tag","published_at":"2024-11-18T11:31:55.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v4.1.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v4.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.1.0/manifests"},{"name":"v4.0.0","sha":"b626e2d82c23b4fde0b51782fd32ca27ccde1d1a","kind":"tag","published_at":"2024-01-19T11:49:57.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v4.0.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v4.0.0/manifests"},{"name":"v3.2.0","sha":"4e8fdb5172a81c1c237388f264e5684a4a15ed4f","kind":"tag","published_at":"2023-12-29T17:55:25.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.2.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.2.0/manifests"},{"name":"v3.1.0","sha":"a182dcaa86affe38f1f78e5f2c96dfbffaf7597a","kind":"tag","published_at":"2023-08-07T09:20:34.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.1.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.1.0/manifests"},{"name":"v3.0.6","sha":"516ee3bc5a256c52e1452009168c2caf2751c5fb","kind":"tag","published_at":"2023-04-11T15:34:10.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.0.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.6/manifests"},{"name":"v3.0.5","sha":"186106d153d08c77e4add922e93b6c4a9d9315f6","kind":"tag","published_at":"2022-12-16T23:13:16.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.0.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.5/manifests"},{"name":"v2.2.4","sha":"7c88c7cca61ba47642a3516392116f521ca2d1a2","kind":"tag","published_at":"2022-12-16T22:51:58.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.2.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.4/manifests"},{"name":"v2.2.3","sha":"0bdb254b9a21aaef9eb24540f174318abefca2a2","kind":"tag","published_at":"2022-11-25T20:22:35.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.2.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.3/manifests"},{"name":"v3.0.4","sha":"eca7b54a64d1b64c4245c0f025e8dabb1cafde7c","kind":"tag","published_at":"2022-11-25T16:37:43.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.0.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.4/manifests"},{"name":"v3.0.3","sha":"cafaab99db5b644e5fbe2a19bdba168e671ff1f2","kind":"tag","published_at":"2022-11-11T19:41:07.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.0.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.3/manifests"},{"name":"v3.0.2","sha":"ceb49f043c37244bc017c9f33f5fdf18f1662ac7","kind":"tag","published_at":"2022-10-01T17:23:11.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.0.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.2/manifests"},{"name":"v3.0.1","sha":"2b659be947998a5a39bcf0b3d93eaac31af82ac5","kind":"tag","published_at":"2022-09-26T16:04:44.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.0.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.1/manifests"},{"name":"v3.0.0","sha":"815b69fe2510930de97a89f9318fcfa35165e96e","kind":"tag","published_at":"2022-09-26T01:05:25.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v3.0.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v3.0.0/manifests"},{"name":"v2.2.2","sha":"a2b82435c32ece4f649b1c9494913cb89fbc659a","kind":"tag","published_at":"2022-07-23T21:16:31.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.2.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.2/manifests"},{"name":"v2.2.1","sha":"e6a2420e326fe29d029ffb64db7ce09e3fe9e99c","kind":"tag","published_at":"2022-07-15T14:34:53.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.2.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.1/manifests"},{"name":"v2.2.0","sha":"44ce685218a29a58ea059b3dfd1a39db8c7dd6d5","kind":"commit","published_at":"2022-02-02T20:50:44.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.2.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.2.0/manifests"},{"name":"v2.1.0","sha":"0d7e580133a5bb65b05214be7aa9cf195a4698e9","kind":"tag","published_at":"2020-09-04T18:46:57.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.1.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.1.0/manifests"},{"name":"v2.0.8.1","sha":"a4dd24add24f2dd0e7299b9e68e12038138294d3","kind":"tag","published_at":"2020-01-01T20:01:37.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.8.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.8.1/manifests"},{"name":"v2.0.8","sha":"cf1c6b156b30417b6998a94c941d675179fac7b0","kind":"tag","published_at":"2020-01-01T09:39:47.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.8","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.8/manifests"},{"name":"v2.0.7","sha":"32d683317790180d19ff5974aea2dd277e37724f","kind":"tag","published_at":"2019-08-22T10:00:32.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.7","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.7/manifests"},{"name":"v2.0.6","sha":"6795b45876c71f3de18c7ae36475b928ccf7fcaa","kind":"tag","published_at":"2019-08-21T16:45:51.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.6/manifests"},{"name":"v2.0.5","sha":"7a5c499f0e6099137fd1cb4ee20178af2a125d47","kind":"tag","published_at":"2018-12-22T11:06:45.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.5/manifests"},{"name":"v2.0.4","sha":"b62c8c588a2253928d3fc7a59ea394e8a6f90082","kind":"tag","published_at":"2018-09-15T09:34:41.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.4/manifests"},{"name":"v2.0.3","sha":"51f176109aefa5a52402bb3062fd0b4d64580b46","kind":"tag","published_at":"2018-06-08T16:00:12.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.3/manifests"},{"name":"v2.0.2","sha":"c8910e9a7f9537e397f34b9e71e15757ccfbbae3","kind":"tag","published_at":"2018-06-05T16:50:56.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.2/manifests"},{"name":"v2.0.1","sha":"4831ab658046ff12f8c3cb17a9833f942f49f7ff","kind":"tag","published_at":"2018-02-16T15:39:39.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.1/manifests"},{"name":"v2.0.1.rc1","sha":"c5fceaab24a7a97bb70c2a87c44a97ba51feeb8b","kind":"tag","published_at":"2018-02-12T14:47:04.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.1.rc1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.1.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.1.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.1.rc1/manifests"},{"name":"v2.0.0","sha":"5de64980e0f0fe146d8b60ca3b009f183113e68b","kind":"tag","published_at":"2017-05-07T00:02:22.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0/manifests"},{"name":"v2.0.0.rc6","sha":"27373cc4d041c03dfd97f17a8944e91651c6e4cc","kind":"tag","published_at":"2017-05-06T23:56:08.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0.rc6","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0.rc6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc6/manifests"},{"name":"2.0.0.rc5","sha":"c9b8b2037395b5b865b28ed5ef682e62588e295b","kind":"tag","published_at":"2017-05-06T23:48:47.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/2.0.0.rc5","html_url":"https://github.com/sinatra/sinatra/releases/tag/2.0.0.rc5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/2.0.0.rc5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/2.0.0.rc5/manifests"},{"name":"v2.0.0.rc5","sha":"c9b8b2037395b5b865b28ed5ef682e62588e295b","kind":"tag","published_at":"2017-05-06T23:48:46.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0.rc5","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0.rc5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc5/manifests"},{"name":"2.0.0.rc4","sha":"d7c28052e5bf9869db11415c4e85c6d427884de8","kind":"tag","published_at":"2017-05-06T23:44:31.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/2.0.0.rc4","html_url":"https://github.com/sinatra/sinatra/releases/tag/2.0.0.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/2.0.0.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/2.0.0.rc4/manifests"},{"name":"v2.0.0.rc4","sha":"d7c28052e5bf9869db11415c4e85c6d427884de8","kind":"tag","published_at":"2017-05-06T23:44:28.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0.rc4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc4/manifests"},{"name":"2.0.0.rc3","sha":"7bfd9e18ba83ab634425d17f5f7d5b19359991b2","kind":"tag","published_at":"2017-05-06T23:28:37.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/2.0.0.rc3","html_url":"https://github.com/sinatra/sinatra/releases/tag/2.0.0.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/2.0.0.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/2.0.0.rc3/manifests"},{"name":"v2.0.0.rc3","sha":"7bfd9e18ba83ab634425d17f5f7d5b19359991b2","kind":"tag","published_at":"2017-05-06T23:28:33.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0.rc3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc3/manifests"},{"name":"v2.0.0.rc2","sha":"3b4fc7dfe08f9bed5ad0f74f4febc144aabd2315","kind":"tag","published_at":"2017-03-19T03:32:56.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0.rc2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc2/manifests"},{"name":"v2.0.0.rc1","sha":"438f7659114c96a6e7cc261f3902a65e89c426d7","kind":"tag","published_at":"2017-03-04T18:17:27.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0.rc1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.rc1/manifests"},{"name":"v1.4.8","sha":"1f4444df234a81df582d3171131f8c5e8dd3e6ea","kind":"tag","published_at":"2017-01-30T03:31:58.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.8","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.8/manifests"},{"name":"v2.0.0.beta2","sha":"1b0edc0aeaaf4839cadfcec1b21da86e6af1d4c0","kind":"tag","published_at":"2016-08-22T16:58:52.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v2.0.0.beta2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v2.0.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v2.0.0.beta2/manifests"},{"name":"v1.4.7","sha":"14db1440b53f8b21519b3674a0157d680eb72dc7","kind":"tag","published_at":"2016-01-24T12:26:59.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.7","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.7/manifests"},{"name":"v1.4.6","sha":"b186cd568aa12b247c06366d433fb34bc28195d6","kind":"commit","published_at":"2015-03-24T02:29:21.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.6/manifests"},{"name":"v1.4.5","sha":"1ac65a4089a5e247067cd0934408319430ee52e0","kind":"tag","published_at":"2014-04-08T15:21:12.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.5/manifests"},{"name":"v1.4.4","sha":"a7d88914ab67f5470d4d55de63a2eff284af4871","kind":"tag","published_at":"2013-10-21T10:12:10.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.4/manifests"},{"name":"1.4.3","sha":"96c755ed279d385f4a84d100a8c6a1ae6645dd7d","kind":"tag","published_at":"2013-06-07T21:06:07.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.3/manifests"},{"name":"v1.4.3","sha":"96c755ed279d385f4a84d100a8c6a1ae6645dd7d","kind":"tag","published_at":"2013-06-07T21:06:07.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.3/manifests"},{"name":"1.4.2","sha":"72f24f6031b9d38553f854efd32a3acfed47b266","kind":"tag","published_at":"2013-03-21T09:08:22.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.2/manifests"},{"name":"v1.4.2","sha":"72f24f6031b9d38553f854efd32a3acfed47b266","kind":"tag","published_at":"2013-03-21T09:08:22.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.2/manifests"},{"name":"1.4.1","sha":"9567316944fd03489b93f4e8a4072a2e4932e007","kind":"tag","published_at":"2013-03-15T17:21:05.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.1/manifests"},{"name":"v1.4.1","sha":"9567316944fd03489b93f4e8a4072a2e4932e007","kind":"tag","published_at":"2013-03-15T17:21:05.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.1/manifests"},{"name":"1.4.0","sha":"db505983d946da7a372e6fb7af185f7f575d8637","kind":"tag","published_at":"2013-03-15T11:29:01.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0/manifests"},{"name":"v1.4.0","sha":"db505983d946da7a372e6fb7af185f7f575d8637","kind":"tag","published_at":"2013-03-15T11:29:01.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0/manifests"},{"name":"1.3.6","sha":"fb1136ea3e015c2ac2790bd5abf3b1510cce51d2","kind":"tag","published_at":"2013-03-15T11:24:03.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.6/manifests"},{"name":"v1.3.6","sha":"fb1136ea3e015c2ac2790bd5abf3b1510cce51d2","kind":"tag","published_at":"2013-03-15T11:24:02.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.6/manifests"},{"name":"1.2.9","sha":"e3ae005851986b2dba44e4bb6419e7b8c50c2063","kind":"tag","published_at":"2013-03-15T11:01:11.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.9","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.9/manifests"},{"name":"v1.2.9","sha":"e3ae005851986b2dba44e4bb6419e7b8c50c2063","kind":"tag","published_at":"2013-03-15T11:01:10.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.9","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.9/manifests"},{"name":"1.4.0.d","sha":"7a148600e86ccc9a70d55d858952b94f6e70ad2f","kind":"tag","published_at":"2013-03-09T17:18:07.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.0.d","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.0.d","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.d","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.d/manifests"},{"name":"v1.4.0.d","sha":"7a148600e86ccc9a70d55d858952b94f6e70ad2f","kind":"tag","published_at":"2013-03-09T17:18:07.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.0.d","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.0.d","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.d","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.d/manifests"},{"name":"1.4.0.c","sha":"b1e88f8276d081dc20af28c8539ef7916e93ce65","kind":"tag","published_at":"2013-02-26T23:19:24.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.0.c","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.0.c","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.c","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.c/manifests"},{"name":"v1.4.0.c","sha":"b1e88f8276d081dc20af28c8539ef7916e93ce65","kind":"tag","published_at":"2013-02-26T23:19:24.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.0.c","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.0.c","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.c","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.c/manifests"},{"name":"v1.4.0.b","sha":"45068f91c99acd0109d760f433374488b7118728","kind":"tag","published_at":"2013-02-26T13:58:24.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.0.b","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.0.b","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.b","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.b/manifests"},{"name":"1.4.0.b","sha":"45068f91c99acd0109d760f433374488b7118728","kind":"tag","published_at":"2013-02-26T13:58:24.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.0.b","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.0.b","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.b","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.b/manifests"},{"name":"1.4.0.a","sha":"81b102b11dae711d418a425ee6cc6cca4c315f41","kind":"tag","published_at":"2013-02-26T07:01:12.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.4.0.a","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.4.0.a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.4.0.a/manifests"},{"name":"v1.4.0.a","sha":"81b102b11dae711d418a425ee6cc6cca4c315f41","kind":"tag","published_at":"2013-02-26T07:01:12.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.4.0.a","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.4.0.a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.4.0.a/manifests"},{"name":"1.3.5","sha":"f4364d44f709b248aaa8f0661e2f883ae73ade01","kind":"tag","published_at":"2013-02-25T10:09:26.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.5/manifests"},{"name":"v1.3.5","sha":"f4364d44f709b248aaa8f0661e2f883ae73ade01","kind":"tag","published_at":"2013-02-25T10:09:25.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.5/manifests"},{"name":"1.3.4","sha":"bc21cf1b983384b20f5572da0db529bf376ff1a3","kind":"tag","published_at":"2013-01-26T22:18:45.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.4/manifests"},{"name":"v1.3.4","sha":"bc21cf1b983384b20f5572da0db529bf376ff1a3","kind":"tag","published_at":"2013-01-26T22:18:44.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.4/manifests"},{"name":"v1.3.3","sha":"77346226dbb9492993accee2d042bfe6c9ae036c","kind":"tag","published_at":"2012-08-19T12:55:02.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.3/manifests"},{"name":"1.3.3","sha":"77346226dbb9492993accee2d042bfe6c9ae036c","kind":"tag","published_at":"2012-08-19T12:55:02.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.3/manifests"},{"name":"v1.3.2","sha":"e111243e813ede1f0f4c6918d9a8cc029e776fc3","kind":"tag","published_at":"2011-12-30T12:55:49.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.2/manifests"},{"name":"1.3.2","sha":"e111243e813ede1f0f4c6918d9a8cc029e776fc3","kind":"tag","published_at":"2011-12-30T12:55:49.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.2/manifests"},{"name":"v1.2.8","sha":"ab140aeb3b40c70faf18a89382d2fd2edd7c9432","kind":"tag","published_at":"2011-12-30T12:47:52.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.8","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.8/manifests"},{"name":"1.2.8","sha":"ab140aeb3b40c70faf18a89382d2fd2edd7c9432","kind":"tag","published_at":"2011-12-30T12:47:52.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.8","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.8/manifests"},{"name":"1.3.1","sha":"ea57aaaa9671124279c3ae4690c58a1c5f05be78","kind":"tag","published_at":"2011-10-05T01:29:29.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.1/manifests"},{"name":"v1.3.1","sha":"ea57aaaa9671124279c3ae4690c58a1c5f05be78","kind":"tag","published_at":"2011-10-05T01:29:28.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.1/manifests"},{"name":"v1.2.7","sha":"a25bff1268f6db059cad9d664327b03d3ae66fd4","kind":"tag","published_at":"2011-10-01T02:32:22.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.7","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.7/manifests"},{"name":"1.2.7","sha":"a25bff1268f6db059cad9d664327b03d3ae66fd4","kind":"tag","published_at":"2011-10-01T02:32:22.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.7","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.7/manifests"},{"name":"1.3.0","sha":"244a0b8cea16790bcc10e18473b3f7a4ade13eb9","kind":"tag","published_at":"2011-10-01T02:18:05.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0/manifests"},{"name":"v1.3.0","sha":"244a0b8cea16790bcc10e18473b3f7a4ade13eb9","kind":"tag","published_at":"2011-10-01T02:18:04.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0/manifests"},{"name":"v1.3.0.g","sha":"4128fe6673ce0393f71323c90ebd96976b98bce2","kind":"tag","published_at":"2011-09-25T21:46:12.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0.g","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0.g","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.g","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.g/manifests"},{"name":"1.3.0.g","sha":"4128fe6673ce0393f71323c90ebd96976b98bce2","kind":"tag","published_at":"2011-09-25T21:46:12.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0.g","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0.g","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.g","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.g/manifests"},{"name":"1.3.0.f","sha":"d765c41b25f9f3e860c90ed15da3ae6c39a87f78","kind":"tag","published_at":"2011-09-11T17:12:58.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0.f","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0.f","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.f","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.f/manifests"},{"name":"v1.3.0.f","sha":"d765c41b25f9f3e860c90ed15da3ae6c39a87f78","kind":"tag","published_at":"2011-09-11T17:12:41.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0.f","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0.f","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.f","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.f/manifests"},{"name":"1.3.0.e","sha":"b5a310437e58a4d198216a41d76df60ef8186ac7","kind":"tag","published_at":"2011-06-09T08:40:18.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0.e","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0.e","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.e","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.e/manifests"},{"name":"v1.3.0.e","sha":"b5a310437e58a4d198216a41d76df60ef8186ac7","kind":"tag","published_at":"2011-06-09T08:40:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0.e","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0.e","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.e","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.e/manifests"},{"name":"1.2.6","sha":"56019db27f165673c2e6867497f3cf7360620bc7","kind":"tag","published_at":"2011-05-01T08:25:50.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.6/manifests"},{"name":"v1.2.6","sha":"56019db27f165673c2e6867497f3cf7360620bc7","kind":"tag","published_at":"2011-05-01T08:25:38.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.6/manifests"},{"name":"1.2.5","sha":"c56261996d2ef65d79395457f4967d0f9a53dfa4","kind":"tag","published_at":"2011-04-30T13:12:07.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.5/manifests"},{"name":"v1.2.5","sha":"c56261996d2ef65d79395457f4967d0f9a53dfa4","kind":"tag","published_at":"2011-04-30T13:12:02.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.5/manifests"},{"name":"1.3.0.d","sha":"e9e6e737f913287340a82bdfd4fbaa47591d270f","kind":"tag","published_at":"2011-04-30T09:07:48.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0.d","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0.d","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.d","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.d/manifests"},{"name":"v1.3.0.d","sha":"e9e6e737f913287340a82bdfd4fbaa47591d270f","kind":"tag","published_at":"2011-04-30T09:06:55.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0.d","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0.d","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.d","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.d/manifests"},{"name":"1.2.4","sha":"a8d5ef8e0fa5502b7db768f0d9c800c5ec77c625","kind":"tag","published_at":"2011-04-30T08:51:31.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.4/manifests"},{"name":"v1.2.4","sha":"a8d5ef8e0fa5502b7db768f0d9c800c5ec77c625","kind":"tag","published_at":"2011-04-30T08:49:14.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.4/manifests"},{"name":"1.3.0.c","sha":"7079399ce1a3623de9dea780e161208798cf93cc","kind":"tag","published_at":"2011-04-13T13:50:47.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0.c","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0.c","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.c","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.c/manifests"},{"name":"v1.3.0.c","sha":"7079399ce1a3623de9dea780e161208798cf93cc","kind":"tag","published_at":"2011-04-13T13:50:42.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0.c","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0.c","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.c","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.c/manifests"},{"name":"1.2.3","sha":"95d5205ac5a7d34c518ff5ba57072daf315e6c91","kind":"tag","published_at":"2011-04-13T13:42:16.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.3/manifests"},{"name":"v1.2.3","sha":"95d5205ac5a7d34c518ff5ba57072daf315e6c91","kind":"tag","published_at":"2011-04-13T13:42:11.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.3/manifests"},{"name":"1.1.4","sha":"3a8642361b0d11e1685d257cd200c42af1cef5d0","kind":"tag","published_at":"2011-04-13T13:36:45.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.1.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.4/manifests"},{"name":"v1.1.4","sha":"3a8642361b0d11e1685d257cd200c42af1cef5d0","kind":"tag","published_at":"2011-04-13T13:36:38.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.1.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.4/manifests"},{"name":"1.2.2","sha":"a271e8e488dc5e298dc662f44a5cbec8b116dffe","kind":"tag","published_at":"2011-04-08T17:24:41.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.2/manifests"},{"name":"v1.2.2","sha":"a271e8e488dc5e298dc662f44a5cbec8b116dffe","kind":"tag","published_at":"2011-04-08T17:24:33.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.2/manifests"},{"name":"1.3.0.b","sha":"2bc5c14a63a0099bcbacc0deb0ba94b157c80389","kind":"tag","published_at":"2011-04-08T17:14:42.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0.b","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0.b","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.b","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.b/manifests"},{"name":"v1.3.0.b","sha":"2bc5c14a63a0099bcbacc0deb0ba94b157c80389","kind":"tag","published_at":"2011-04-08T17:14:24.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0.b","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0.b","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.b","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.b/manifests"},{"name":"1.3.0.a","sha":"774299cf5ba2417fef775c95e605272ab73dd181","kind":"tag","published_at":"2011-03-22T17:27:59.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.3.0.a","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.3.0.a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.3.0.a/manifests"},{"name":"v1.3.0.a","sha":"774299cf5ba2417fef775c95e605272ab73dd181","kind":"tag","published_at":"2011-03-22T17:27:33.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.3.0.a","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.3.0.a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.3.0.a/manifests"},{"name":"1.2.1","sha":"62fa2cd7ec19bc4a9c12d3d996ddfe03ec79bbff","kind":"tag","published_at":"2011-03-17T15:42:46.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.1/manifests"},{"name":"v1.2.1","sha":"62fa2cd7ec19bc4a9c12d3d996ddfe03ec79bbff","kind":"tag","published_at":"2011-03-17T15:42:36.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.1/manifests"},{"name":"semver","sha":"c496254f2be3d27bba238bf78c1c7376976eb924","kind":"tag","published_at":"2011-03-04T13:51:50.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/semver","html_url":"https://github.com/sinatra/sinatra/releases/tag/semver","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/semver","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/semver/manifests"},{"name":"v1.2.0","sha":"7e0a84279a35315c046492a1d402f720a2409a48","kind":"tag","published_at":"2011-03-04T13:50:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.2.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.2.0/manifests"},{"name":"v1.1.3","sha":"e30639057c56a46176c3540005f379b2d7b606a9","kind":"tag","published_at":"2011-03-04T13:49:45.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.1.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.3/manifests"},{"name":"v1.1.2","sha":"99488966feecc2e1d78b0bb82f17f5203252a31e","kind":"tag","published_at":"2011-03-04T13:49:15.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.1.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.2/manifests"},{"name":"v1.1.1","sha":"af157e11c90ea81d7845a597a680596c7019c4c3","kind":"tag","published_at":"2011-03-04T13:48:50.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.1.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.1/manifests"},{"name":"v1.1.0","sha":"ad648be044e962b385ea398a8bf46a982083813d","kind":"tag","published_at":"2011-03-04T13:48:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.1.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.1.0/manifests"},{"name":"v1.0.0","sha":"c496254f2be3d27bba238bf78c1c7376976eb924","kind":"tag","published_at":"2011-03-04T13:47:17.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/v1.0.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/v1.0.0/manifests"},{"name":"1.2.0","sha":"7e0a84279a35315c046492a1d402f720a2409a48","kind":"tag","published_at":"2011-03-03T20:51:03.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0/manifests"},{"name":"1.2.0.d","sha":"78bd56cc999f92325581c8456f51d2d17e52ef43","kind":"tag","published_at":"2011-02-26T15:18:52.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.0.d","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.0.d","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.d","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.d/manifests"},{"name":"1.1.3","sha":"e30639057c56a46176c3540005f379b2d7b606a9","kind":"tag","published_at":"2011-02-20T09:15:27.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.1.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.3/manifests"},{"name":"1.2.0.c","sha":"6651f372877702e14762a7f8f53ffee600bed504","kind":"tag","published_at":"2011-02-19T21:38:03.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.0.c","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.0.c","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.c","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.c/manifests"},{"name":"1.2.0.b","sha":"6dc3cd773b459879fa09ea110ee1c82cbf131f48","kind":"tag","published_at":"2011-02-19T20:32:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.0.b","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.0.b","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.b","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.b/manifests"},{"name":"1.1.2","sha":"99488966feecc2e1d78b0bb82f17f5203252a31e","kind":"tag","published_at":"2010-12-25T22:56:21.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.1.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.2/manifests"},{"name":"1.1.1","sha":"af157e11c90ea81d7845a597a680596c7019c4c3","kind":"tag","published_at":"2010-12-25T22:40:36.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.1.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.1/manifests"},{"name":"1.2.0.a","sha":"a5c9eb672a94e66f75c4fdd2fe2bc3f4059c635b","kind":"tag","published_at":"2010-12-25T22:38:54.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.2.0.a","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.2.0.a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.2.0.a/manifests"},{"name":"1.1.0","sha":"ad648be044e962b385ea398a8bf46a982083813d","kind":"tag","published_at":"2010-10-24T14:01:24.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.1.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.0/manifests"},{"name":"1.1.b","sha":"6457ccc560ead8fb60aae29477dfbb5df6be4798","kind":"tag","published_at":"2010-10-23T08:08:41.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.1.b","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.1.b","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.b","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.b/manifests"},{"name":"1.1.a","sha":"d40e52e0c29b96c98e72f051479e22ee3ed72d81","kind":"tag","published_at":"2010-10-19T12:56:56.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.1.a","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.1.a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.1.a/manifests"},{"name":"filter_pattern","sha":"7575b96953db81b2fdffe28f7a16e3cf48c91066","kind":"tag","published_at":"2010-04-27T21:13:22.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/filter_pattern","html_url":"https://github.com/sinatra/sinatra/releases/tag/filter_pattern","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/filter_pattern","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/filter_pattern/manifests"},{"name":"1.0","sha":"c496254f2be3d27bba238bf78c1c7376976eb924","kind":"commit","published_at":"2010-03-23T21:22:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.0/manifests"},{"name":"1.0.b","sha":"b6701db3faf1fba0bb5675e8a78385b618280fb2","kind":"commit","published_at":"2010-03-07T12:18:50.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.0.b","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.0.b","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.0.b","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.0.b/manifests"},{"name":"0.9.6","sha":"28a8c9f9d12dbb08a11a74a71161a51fc0d361c8","kind":"commit","published_at":"2010-03-07T10:50:46.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.6/manifests"},{"name":"0.9.5","sha":"22962c18906060b89d04d66abf12f093b21d3489","kind":"commit","published_at":"2010-03-04T14:29:38.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.5/manifests"},{"name":"1.0.a","sha":"e2c73bf1b036adb31853b2c92909eb447876d233","kind":"commit","published_at":"2010-01-28T19:51:08.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/1.0.a","html_url":"https://github.com/sinatra/sinatra/releases/tag/1.0.a","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.0.a","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/1.0.a/manifests"},{"name":"0.9.4","sha":"e0ee682740d194e956a6936dcd89512944d891a3","kind":"commit","published_at":"2009-07-26T20:18:05.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.4/manifests"},{"name":"0.9.3","sha":"798ca32d2410477774fe6e1576ebd6b5f7d8517e","kind":"commit","published_at":"2009-06-08T07:24:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.3/manifests"},{"name":"0.9.2","sha":"f49a515ebfc72bb8af65e6cf6712f0f8279cb6ce","kind":"commit","published_at":"2009-05-18T12:17:50.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.2/manifests"},{"name":"0.9.1.1","sha":"0f02bafe86f8dd9bba9ab425468cb1067caa83ff","kind":"commit","published_at":"2009-03-09T21:57:22.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.1.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.1.1/manifests"},{"name":"0.9.0.5","sha":"72c817a5620e74d0cdd2b7589762cc010b6e5750","kind":"commit","published_at":"2009-03-09T21:53:13.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.0.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.5/manifests"},{"name":"0.9.1","sha":"01b1f4945e6e43aa670b7a68e6759fe1cb61b94a","kind":"commit","published_at":"2009-03-03T00:08:48.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.1/manifests"},{"name":"0.9.0.4","sha":"219728a964b5c9f0c7d15942f4f1c25ab6105d18","kind":"commit","published_at":"2009-01-25T09:04:58.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.0.4","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.4/manifests"},{"name":"0.9.0.3","sha":"455263a31a37df7b13f471fc30700371b2217b13","kind":"commit","published_at":"2009-01-21T22:06:10.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.0.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.3/manifests"},{"name":"0.9.0.2","sha":"5e3d80c3d1d2311741d55cdbba186484ebd7829c","kind":"commit","published_at":"2009-01-18T13:43:12.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.0.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.2/manifests"},{"name":"0.9.0.1","sha":"611442f30f221a7f3db9a2009b19192d8a351386","kind":"commit","published_at":"2009-01-18T12:04:29.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.0.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0.1/manifests"},{"name":"0.9.0","sha":"c8b3a20e8bd71cbcd831174c71331b391e964c18","kind":"commit","published_at":"2009-01-18T09:11:56.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.9.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.9.0/manifests"},{"name":"0.3.3","sha":"4aefc7d024837e4a947fa978d621b4f019aeda1d","kind":"commit","published_at":"2009-01-07T05:36:49.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.3.3","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.3/manifests"},{"name":"0.3.2","sha":"cdf1abbadd80040d4a88041b50fa8c5cf891b871","kind":"commit","published_at":"2008-11-02T13:19:17.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.3.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.2/manifests"},{"name":"0.3.1","sha":"c09025efc5c5e5aca8b26eb22d76ab0b7943ac49","kind":"commit","published_at":"2008-09-09T06:13:41.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.3.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.1/manifests"},{"name":"0.3.0","sha":"55221fc8c9737600320928387a995d65ada14710","kind":"commit","published_at":"2008-09-08T04:12:05.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.3.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.3.0/manifests"},{"name":"0.2.2","sha":"d7032a0c91ca962aee6f25dbf5d5c3228658a9f1","kind":"commit","published_at":"2008-04-16T02:42:46.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.2.2","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.2.2/manifests"},{"name":"0.2.1","sha":"886c5a413e01a9d412edb45ee26e63b7009e99f0","kind":"commit","published_at":"2008-04-16T00:51:01.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.2.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.2.1/manifests"},{"name":"0.2.0","sha":"ca9ac7b5aeb3d5adc1a4c7fb86e21b0dc688e55b","kind":"commit","published_at":"2008-04-11T23:29:36.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.2.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.2.0/manifests"},{"name":"0.1.7","sha":"64c77f55583db607cdb36c330bc445ffa7e05052","kind":"commit","published_at":"2007-10-23T22:42:00.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.1.7","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.7/manifests"},{"name":"0.1.6","sha":"c489d67d1a6540c2f80c2beee8d435b170e93a75","kind":"commit","published_at":"2007-10-15T20:56:39.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.1.6","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.6/manifests"},{"name":"0.1.5","sha":"2679e401ac408b5a1e90ea98a00a5b90bca0ae07","kind":"commit","published_at":"2007-10-08T01:36:56.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.1.5","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.5/manifests"},{"name":"0.1.0","sha":"4d8f19741ab78dfe1cf62eb929137d9544ec8a4b","kind":"commit","published_at":"2007-10-05T00:47:37.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.1.0","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.1.0/manifests"},{"name":"0.0.1","sha":"72be291da2bf7a5e2dacf8b9119a258d8db53c43","kind":"commit","published_at":"2007-09-08T23:51:24.000Z","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/0.0.1","html_url":"https://github.com/sinatra/sinatra/releases/tag/0.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags/0.0.1/manifests"}]},"repo_metadata_updated_at":"2025-06-06T01:09:59.618Z","dependent_packages_count":3239,"downloads":303945342,"downloads_period":"total","dependent_repos_count":144784,"rankings":{"downloads":0.0641161450028434,"dependent_repos_count":0.10425842709158016,"dependent_packages_count":0.017283482565983874,"stargazers_count":0.10425842709158016,"forks_count":0.1338076069624558,"docker_downloads_count":0.1310199484840713,"average":0.09245733953308578},"purl":"pkg:gem/sinatra","advisories":[{"uuid":"GSA_kwCzR0hTQS0yeDh4LWptcnAtcGh4d84AAwGK","url":"https://github.com/advisories/GHSA-2x8x-jmrp-phxw","title":"Sinatra vulnerable to Reflected File Download attack","description":"### Description\nAn issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input.\n\n### References\n* https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf\n* https://github.com/advisories/GHSA-8x94-hmjh-97hq","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-11-30T21:18:34.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/sinatra/sinatra/security/advisories/GHSA-2x8x-jmrp-phxw","https://nvd.nist.gov/vuln/detail/CVE-2022-45442","https://github.com/sinatra/sinatra/commit/ea8fc9495a350f7551b39e3025bfcd06f49f363b","https://github.com/advisories/GHSA-8x94-hmjh-97hq","https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2022-45442.yml","https://lists.debian.org/debian-lts-announce/2023/01/msg00005.html","https://github.com/advisories/GHSA-2x8x-jmrp-phxw"],"source_kind":"github","identifiers":["GHSA-2x8x-jmrp-phxw","CVE-2022-45442"],"repository_url":"https://github.com/sinatra/sinatra","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.2.3"},{"first_patched_version":"3.0.4","vulnerable_version_range":"\u003e= 3.0, \u003c 3.0.4"}],"ecosystem":"rubygems","package_name":"sinatra"}],"created_at":"2022-12-21T16:11:45.823Z","updated_at":"2023-02-03T05:01:48.000Z","epss_percentage":0.00142,"epss_percentile":0.35546},{"uuid":"GSA_kwCzR0hTQS1xcDQ5LTNwdncteDRtNc3XwA","url":"https://github.com/advisories/GHSA-qp49-3pvw-x4m5","title":"sinatra does not validate expanded path matches","description":"Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-05-03T00:00:43.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2022-29970","https://github.com/sinatra/sinatra/pull/1683/commits/462c3ca1db53ed3cfc394cf5948e9c948ad1c10e","https://github.com/skylightio/skylight-ruby/pull/294","https://lists.debian.org/debian-lts-announce/2022/10/msg00034.html","https://github.com/sinatra/sinatra/pull/1683","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2022-29970.yml","https://github.com/advisories/GHSA-qp49-3pvw-x4m5"],"source_kind":"github","identifiers":["GHSA-qp49-3pvw-x4m5","CVE-2022-29970"],"repository_url":"https://github.com/sinatra/sinatra","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.2.0","vulnerable_version_range":"\u003c 2.2.0"}],"ecosystem":"rubygems","package_name":"sinatra"}],"created_at":"2022-12-21T16:12:29.039Z","updated_at":"2023-05-04T20:02:38.000Z","epss_percentage":0.00469,"epss_percentile":0.63485},{"uuid":"GSA_kwCzR0hTQS1oeHgyLTd2Y3ctbXFyM84ABA2z","url":"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3","title":"Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision","description":"Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into this header. If used for caching purposes, such as with servers like Nginx, or as a reverse proxy, without handling the X-Forwarded-Host header, attackers can potentially exploit Cache Poisoning or Routing-based SSRF.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2024-11-01T06:30:34.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":5.3,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2024-21510","https://github.com/sinatra/sinatra/pull/2010","https://security.snyk.io/vuln/SNYK-RUBY-SINATRA-6483832","https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L319","https://github.com/sinatra/sinatra/blob/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a/lib/sinatra/base.rb#L323C1-L343C17","https://github.com/advisories/GHSA-hxx2-7vcw-mqr3","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2024-21510.yml","https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md#410--2024-11-18"],"source_kind":"github","identifiers":["GHSA-hxx2-7vcw-mqr3","CVE-2024-21510"],"repository_url":"https://github.com/sinatra/sinatra","blast_radius":27.35181902560624,"packages":[{"versions":[{"first_patched_version":"4.1.0","vulnerable_version_range":"\u003c 4.1.0"}],"ecosystem":"rubygems","package_name":"sinatra"}],"created_at":"2024-11-01T22:06:25.465Z","updated_at":"2025-05-06T01:08:40.647Z","epss_percentage":0.00068,"epss_percentile":0.21496},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1xMzUtd3F2Zi1yMjNj","url":"https://github.com/advisories/GHSA-mq35-wqvf-r23c","title":"Sinatra Cross-site Scripting vulnerability","description":"Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2018-06-05T21:32:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-11627","https://github.com/sinatra/sinatra/issues/1428","https://github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a","https://access.redhat.com/errata/RHSA-2019:0212","https://access.redhat.com/errata/RHSA-2019:0315","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2018-11627.yml","https://github.com/advisories/GHSA-mq35-wqvf-r23c"],"source_kind":"github","identifiers":["GHSA-mq35-wqvf-r23c","CVE-2018-11627"],"repository_url":"https://github.com/sinatra/sinatra","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.0.2","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.2"}],"ecosystem":"rubygems","package_name":"sinatra"}],"created_at":"2022-12-21T16:13:37.270Z","updated_at":"2023-11-04T05:05:10.000Z","epss_percentage":0.00143,"epss_percentile":0.35801},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyOWYtN2Y1Ni1qOHdo","url":"https://github.com/advisories/GHSA-h29f-7f56-j8wh","title":"Sinatra Path Traversal vulnerability","description":"An issue was discovered in `rack-protection/lib/rack/protection/path_traversal.rb` in Sinatra 2.x before 2.0.1 on Windows. Path traversal is possible via backslash characters.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2018-02-20T19:23:20.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2018-7212","https://github.com/sinatra/sinatra/pull/1379","https://github.com/sinatra/sinatra/commit/6ad721abcfe36334108dcdd05d046c361e1b7a9c","https://github.com/advisories/GHSA-h29f-7f56-j8wh"],"source_kind":"github","identifiers":["GHSA-h29f-7f56-j8wh","CVE-2018-7212"],"repository_url":"https://github.com/sinatra/sinatra","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.0.1","vulnerable_version_range":"\u003e= 2.0.0.beta1, \u003c 2.0.1"}],"ecosystem":"rubygems","package_name":"sinatra"}],"created_at":"2022-12-21T16:13:37.430Z","updated_at":"2023-01-26T20:26:11.000Z","epss_percentage":0.00278,"epss_percentile":0.50755}],"docker_usage_url":"https://docker.ecosyste.ms/usage/rubygems/sinatra","docker_dependents_count":1306,"docker_downloads_count":918805597,"usage_url":"https://repos.ecosyste.ms/usage/rubygems/sinatra","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/rubygems/sinatra/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/sinatra/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/sinatra/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/sinatra/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/sinatra/related_packages","maintainers":[{"uuid":"106152","login":"jkowens","name":null,"email":null,"url":null,"packages_count":21,"html_url":"https://rubygems.org/profiles/jkowens","role":null,"created_at":"2022-11-09T09:51:23.402Z","updated_at":"2022-11-09T09:51:23.402Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/jkowens/packages"},{"uuid":"49835","login":"namusyaka","name":null,"email":null,"url":null,"packages_count":44,"html_url":"https://rubygems.org/profiles/namusyaka","role":null,"created_at":"2022-11-09T09:51:23.466Z","updated_at":"2022-11-09T09:51:23.466Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/namusyaka/packages"},{"uuid":"45457","login":"zzak","name":null,"email":null,"url":null,"packages_count":30,"html_url":"https://rubygems.org/profiles/zzak","role":null,"created_at":"2022-11-09T09:51:23.437Z","updated_at":"2022-11-09T09:51:23.437Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/zzak/packages"},{"uuid":"50548","login":"dentarg","name":null,"email":null,"url":null,"packages_count":13,"html_url":"https://rubygems.org/profiles/dentarg","role":null,"created_at":"2023-03-14T17:16:01.744Z","updated_at":"2023-03-14T17:16:01.744Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/dentarg/packages"},{"uuid":"49962","login":"kytrinyx","name":null,"email":null,"url":null,"packages_count":25,"html_url":"https://rubygems.org/profiles/kytrinyx","role":null,"created_at":"2022-11-09T09:51:23.446Z","updated_at":"2022-11-09T09:51:23.446Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/kytrinyx/packages"},{"uuid":"43","login":"rkh","name":null,"email":null,"url":null,"packages_count":117,"html_url":"https://rubygems.org/profiles/rkh","role":null,"created_at":"2022-11-09T09:51:23.472Z","updated_at":"2022-11-09T09:51:23.472Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/rkh/packages"},{"uuid":"280","login":"bmizerany","name":null,"email":null,"url":null,"packages_count":19,"html_url":"https://rubygems.org/profiles/bmizerany","role":null,"created_at":"2022-11-09T09:51:23.419Z","updated_at":"2022-11-09T09:51:23.419Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/bmizerany/packages"}],"registry":{"name":"rubygems.org","url":"https://rubygems.org","ecosystem":"rubygems","default":true,"packages_count":198115,"maintainers_count":66429,"namespaces_count":0,"keywords_count":17799,"github":"rubygems","metadata":{"funded_packages_count":7045},"icon_url":"https://github.com/rubygems.png","created_at":"2022-04-04T15:19:23.446Z","updated_at":"2025-06-06T05:59:27.395Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/namespaces"}},"unique_repositories_count":211,"unique_repositories_count_past_30_days":2,"recent_issues":[{"uuid":"4222907401","node_id":"PR_kwDOPVgz5c7Qursv","number":248,"state":"open","title":"build(deps): bump the bundler group across 2 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","ruby","Stale"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-08T07:41:29.000Z","updated_at":"2026-04-16T05:36:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":5,"packages":[{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"rack","old_version":"3.1.15","new_version":"3.2.6"},{"name":"rack-session","old_version":"2.1.1","new_version":"2.1.2"},{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 1 update in the /src/email directory: [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 2 updates in the /src/react-native-app directory: [addressable](https://github.com/sporkmonger/addressable) and [rexml](https://github.com/ruby/rexml).\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.1.15 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.2.5...v3.2.6\"\u003ehttps://github.com/rack/rack/compare/v3.2.5...v3.2.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.6] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qfgr-crr9-7r49\"\u003eCVE-2026-32762\u003c/a\u003e Forwarded header semicolon injection enables Host and Scheme spoofing.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-g2pf-xv49-m2h5\"\u003eCVE-2026-34835\u003c/a\u003e \u003ccode\u003eRack::Request\u003c/code\u003e accepts invalid Host characters, enabling host allowlist bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v6x5-cg8r-vv6x\"\u003eCVE-2026-34827\u003c/a\u003e Multipart header parsing allows denial of service via escape-heavy quoted parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-rx22-g9mx-qrhv\"\u003eCVE-2026-26962\u003c/a\u003e Improper unfolding of folded multipart headers preserves CRLF in parsed parameter values.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e1f22fdbe99afd2126b6fbf05bb12399359574b7\"\u003e\u003ccode\u003ee1f22fd\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/31989fd7bb6f806fdb3cfa4e9aec1fe8434f47d1\"\u003e\u003ccode\u003e31989fd\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d268165e390e17b83573fec916dcdef6304a8b4b\"\u003e\u003ccode\u003ed268165\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8f425de0ee75a2f3cdfbfdd57858c1910b7645ff\"\u003e\u003ccode\u003e8f425de\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bf830426ce5b3daccb5a226b733703c86504ceba\"\u003e\u003ccode\u003ebf83042\u003c/code\u003e\u003c/a\u003e Drop EOL Rubies from external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d50c4d3dab62fa80b2a276271d0d4fb338cfa7df\"\u003e\u003ccode\u003ed50c4d3\u003c/code\u003e\u003c/a\u003e Implement OBS unfolding for multipart requests per RFC 5322 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bfb69142dbe2a1e3298ad52d12935938d1b58205\"\u003e\u003ccode\u003ebfb6914\u003c/code\u003e\u003c/a\u003e Limit the number of quoted escapes during multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b3e5945c648c5a5b6982e5072b26e51990991229\"\u003e\u003ccode\u003eb3e5945\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7a8f32696609b88e2c4c1f09d473a1d2d837ed4b\"\u003e\u003ccode\u003e7a8f326\u003c/code\u003e\u003c/a\u003e Fix root prefix bug in Rack::Static\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a57bc140247f904dc1e3302badedcb73645072c7\"\u003e\u003ccode\u003ea57bc14\u003c/code\u003e\u003c/a\u003e Only do a simple substitution on the x-accel-mapping paths\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v3.1.15...v3.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-session` from 2.1.1 to 2.1.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack-session/blob/main/releases.md\"\u003erack-session's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-33qg-7wpp-89cq\"\u003eCVE-2026-39324\u003c/a\u003e Don't fall back to unencrypted coder if encryptors are present.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/504367b59caf7ec78127785cc6351f46be14f8ca\"\u003e\u003ccode\u003e504367b\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/f43638cb3a4d15c3ecaf59e67a04b47fda08eeac\"\u003e\u003ccode\u003ef43638c\u003c/code\u003e\u003c/a\u003e Don't fall back to unencrypted coder if encryptors are present.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/dadcfe60f193e8d8540bec6b95ca75bed8e5fd7e\"\u003e\u003ccode\u003edadcfe6\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/54\"\u003e#54\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/4eb9ea83b372e319c65a8c2bcfe87e8be942cf9b\"\u003e\u003ccode\u003e4eb9ea8\u003c/code\u003e\u003c/a\u003e Add top level session spec to validate existing formats.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/8f94577c1d11b746692974f1417acff2856060cb\"\u003e\u003ccode\u003e8f94577\u003c/code\u003e\u003c/a\u003e Add rails to external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/38ea47da9937afb4f2140b3c23866e3791a46eaf\"\u003e\u003ccode\u003e38ea47d\u003c/code\u003e\u003c/a\u003e Allow the v2 encryptor to serialize messages with \u003ccode\u003eMarshal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/44\"\u003e#44\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/43f2e3a46393b51473bb90f54e61189465ae759d\"\u003e\u003ccode\u003e43f2e3a\u003c/code\u003e\u003c/a\u003e Fix compatibility with older Rubies.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/6a060b806399bff4961eaf6bf89535395c95549c\"\u003e\u003ccode\u003e6a060b8\u003c/code\u003e\u003c/a\u003e Support UTF-8 data when using the JSON serializer (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/39\"\u003e#39\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/8ce0146a7079332d9c58a43e418acb1ecf904ef6\"\u003e\u003ccode\u003e8ce0146\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eauth_tag\u003c/code\u003e retrieval on JRuby (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/32\"\u003e#32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/77271850efd977897d02903bfde8ed51e4137a68\"\u003e\u003ccode\u003e7727185\u003c/code\u003e\u003c/a\u003e Add AEAD encryption (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rack/rack-session/compare/v2.1.1...v2.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.4.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/burhanuddin-anw/opentelemetry-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/burhanuddin-anw/opentelemetry-demo/pull/248","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/burhanuddin-anw%2Fopentelemetry-demo/issues/248","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/248/packages"},{"uuid":"4201662609","node_id":"PR_kwDOOV0y7M7P2ROS","number":1,"state":"open","title":"Bump the bundler group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-03T18:15:27.000Z","updated_at":"2026-04-03T18:15:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":8,"packages":[{"name":"rake","old_version":"0.9.2.2","new_version":"12.3.3","repository_url":"https://github.com/ruby/rake"},{"name":"rack","old_version":"1.4.1","new_version":"3.2.6","repository_url":"https://github.com/rack/rack"},{"name":"sinatra","old_version":"1.3.3","new_version":"4.2.1","repository_url":"https://github.com/sinatra/sinatra"},{"name":"jekyll","old_version":"0.12.0","new_version":"0.12.1","repository_url":"https://github.com/jekyll/jekyll"},{"name":"RedCloth","old_version":"4.2.9","new_version":"4.3.3","repository_url":"https://github.com/jgarber/redcloth"},{"name":"haml","old_version":"3.1.7","new_version":"5.0.0","repository_url":"https://github.com/haml/haml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rake](https://github.com/ruby/rake) | `0.9.2.2` | `12.3.3` |\n| [rack](https://github.com/rack/rack) | `1.4.1` | `3.2.6` |\n| [sinatra](https://github.com/sinatra/sinatra) | `1.3.3` | `4.2.1` |\n| [jekyll](https://github.com/jekyll/jekyll) | `0.12.0` | `0.12.1` |\n| [RedCloth](https://github.com/jgarber/redcloth) | `4.2.9` | `4.3.3` |\n| [haml](https://github.com/haml/haml) | `3.1.7` | `5.0.0` |\n\n\nUpdates `rake` from 0.9.2.2 to 12.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/releases\"\u003erake's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003erake-10.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/blob/master/History.rdoc\"\u003erake's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e=== 12.3.3\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse the application's name in error message if a task is not found.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/303\"\u003e#303\u003c/a\u003e by tmatilai\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse File.open explicitly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.2\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test fails caused by 2.6 warnings.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/297\"\u003e#297\u003c/a\u003e by hsbt\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRdoc improvements.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/293\"\u003e#293\u003c/a\u003e by colby-swandale\u003c/li\u003e\n\u003cli\u003eImprove multitask performance.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/273\"\u003e#273\u003c/a\u003e by jsm\u003c/li\u003e\n\u003cli\u003eAdd alias \u003ccode\u003eprereqs\u003c/code\u003e.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/268\"\u003e#268\u003c/a\u003e by take-cheeze\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.1\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport did_you_mean \u0026gt;= v1.2.0 which has a breaking change on formatters.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/262\"\u003e#262\u003c/a\u003e by FUJI Goro.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't run task if it depends on already invoked but failed task.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/252\"\u003e#252\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eMake space trimming consistent for all task arguments.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/259\"\u003e#259\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRemoves duplicated inclusion of Rake::DSL in tests.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/254\"\u003e#254\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRe-raise a LoadError that didn't come from require in the test loader.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/250\"\u003e#250\u003c/a\u003e by Dylan Thacker-Smith.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.0\u003c/p\u003e\n\u003cp\u003e==== Compatibility Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003erequired_ruby_version\u003c/code\u003e to Ruby 2.0.0. Rake has already\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5c87c462b64aad674ebb92b1f5b0ff2c911406cd\"\u003e\u003ccode\u003e5c87c46\u003c/code\u003e\u003c/a\u003e Bump version to 12.3.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee\"\u003e\u003ccode\u003e5b8f8fc\u003c/code\u003e\u003c/a\u003e Use File.open explicitly.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/6497ba4d94d12c123df48cc8ab40f0a4eb7fb337\"\u003e\u003ccode\u003e6497ba4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/317\"\u003e#317\u003c/a\u003e from ruby/ignore-gitignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/be62efb6cdfc2cc00d660f8fc7d6c1c9de8014e2\"\u003e\u003ccode\u003ebe62efb\u003c/code\u003e\u003c/a\u003e Removed gitignore from gemspec files.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/1c22b490ee6cb8bd614fa8d0d6145f671466206b\"\u003e\u003ccode\u003e1c22b49\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/309\"\u003e#309\u003c/a\u003e from RDIL/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/496944a8febd51e20957e6833c7930286a0e9a25\"\u003e\u003ccode\u003e496944a\u003c/code\u003e\u003c/a\u003e Remove deprecated travis ci option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/489c7d863c666b6d287b760527acf3abe13aaf48\"\u003e\u003ccode\u003e489c7d8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/307\"\u003e#307\u003c/a\u003e from ruby/azure-pipelines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77eb6d87cb69c2cc531f72d4aa1948054e9d077f\"\u003e\u003ccode\u003e77eb6d8\u003c/code\u003e\u003c/a\u003e Only enabled macOS environment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/72ffa2ea89f96df2307158fa151825dbb2c28ddf\"\u003e\u003ccode\u003e72ffa2e\u003c/code\u003e\u003c/a\u003e use realpath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77448726bb057c8ba90a8d12ab6e20ad60dac976\"\u003e\u003ccode\u003e7744872\u003c/code\u003e\u003c/a\u003e Do not specify ruby version of macOS\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rake/compare/v0.9.2.2...v12.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 1.4.1 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.2.5...v3.2.6\"\u003ehttps://github.com/rack/rack/compare/v3.2.5...v3.2.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.9.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix content-length calcuation in Rack:Response#write \u003ca href=\"https://redirect.github.com/rack/rack/issues/2150\"\u003e#2150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.8...v3.0.9\"\u003ehttps://github.com/rack/rack/compare/v3.0.8...v3.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Fix some unused variable verbose warnings\u0026quot; by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.7...v3.0.8\"\u003ehttps://github.com/rack/rack/compare/v3.0.7...v3.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Make query parameters without = have nil values\u0026quot;. by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2060\"\u003erack/rack#2060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\"\u003ehttps://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.6.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.3...v3.0.4\"\u003ehttps://github.com/rack/rack/compare/v3.0.3...v3.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v3.0.3 by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2000\"\u003erack/rack#2000\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.6] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qfgr-crr9-7r49\"\u003eCVE-2026-32762\u003c/a\u003e Forwarded header semicolon injection enables Host and Scheme spoofing.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-g2pf-xv49-m2h5\"\u003eCVE-2026-34835\u003c/a\u003e \u003ccode\u003eRack::Request\u003c/code\u003e accepts invalid Host characters, enabling host allowlist bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v6x5-cg8r-vv6x\"\u003eCVE-2026-34827\u003c/a\u003e Multipart header parsing allows denial of service via escape-heavy quoted parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-rx22-g9mx-qrhv\"\u003eCVE-2026-26962\u003c/a\u003e Improper unfolding of folded multipart headers preserves CRLF in parsed parameter values.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e1f22fdbe99afd2126b6fbf05bb12399359574b7\"\u003e\u003ccode\u003ee1f22fd\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/31989fd7bb6f806fdb3cfa4e9aec1fe8434f47d1\"\u003e\u003ccode\u003e31989fd\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d268165e390e17b83573fec916dcdef6304a8b4b\"\u003e\u003ccode\u003ed268165\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8f425de0ee75a2f3cdfbfdd57858c1910b7645ff\"\u003e\u003ccode\u003e8f425de\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bf830426ce5b3daccb5a226b733703c86504ceba\"\u003e\u003ccode\u003ebf83042\u003c/code\u003e\u003c/a\u003e Drop EOL Rubies from external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d50c4d3dab62fa80b2a276271d0d4fb338cfa7df\"\u003e\u003ccode\u003ed50c4d3\u003c/code\u003e\u003c/a\u003e Implement OBS unfolding for multipart requests per RFC 5322 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bfb69142dbe2a1e3298ad52d12935938d1b58205\"\u003e\u003ccode\u003ebfb6914\u003c/code\u003e\u003c/a\u003e Limit the number of quoted escapes during multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b3e5945c648c5a5b6982e5072b26e51990991229\"\u003e\u003ccode\u003eb3e5945\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7a8f32696609b88e2c4c1f09d473a1d2d837ed4b\"\u003e\u003ccode\u003e7a8f326\u003c/code\u003e\u003c/a\u003e Fix root prefix bug in Rack::Static\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a57bc140247f904dc1e3302badedcb73645072c7\"\u003e\u003ccode\u003ea57bc14\u003c/code\u003e\u003c/a\u003e Only do a simple substitution on the x-accel-mapping paths\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/1.4.1...v3.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jekyll` from 0.12.0 to 0.12.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/blob/master/History.markdown\"\u003ejekyll's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.12.1 / 2013-02-19\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Kramdown version to 0.14.1 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTest Enhancements\u003c/li\u003e\n\u003cli\u003eUpdate Rake version to 10.0.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Shoulda version to 3.3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Redcarpet version to 2.2.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/95f7baf83741e9fd693f1150627c84201f0906f7\"\u003e\u003ccode\u003e95f7baf\u003c/code\u003e\u003c/a\u003e Release 0.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/399ef34c7940ed38478b405aba00463ba9bdc8bf\"\u003e\u003ccode\u003e399ef34\u003c/code\u003e\u003c/a\u003e Update date in gemspec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b90ff969448efb1c27de6e2f134f46d334766c31\"\u003e\u003ccode\u003eb90ff96\u003c/code\u003e\u003c/a\u003e Relax Kramdown requirement to 0.14 instead of 0.14.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/0dc85258b6ed988357057ce7d7700aad3095614d\"\u003e\u003ccode\u003e0dc8525\u003c/code\u003e\u003c/a\u003e Bump version in gemspec and in jekyll.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b65b29b4297a4f94409fc9bbaa14a73e56ad1fc9\"\u003e\u003ccode\u003eb65b29b\u003c/code\u003e\u003c/a\u003e Update History.txt for 0.12.1 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/e8044772783a435140df3e7d075e6483fd5d7742\"\u003e\u003ccode\u003ee804477\u003c/code\u003e\u003c/a\u003e Fix Kramdown tests: they now use numerical HTML entities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/f9cca40917858804afd8da3f52f9a48b0ba176bd\"\u003e\u003ccode\u003ef9cca40\u003c/code\u003e\u003c/a\u003e Require test/unit in test helper.rb for execution of unit tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/bc8894461c5ef4ea47cbaea53f91a84dd8b5a2bf\"\u003e\u003ccode\u003ebc88944\u003c/code\u003e\u003c/a\u003e Update dependencies: kramdown, rake, shoulda, cucumber, redcarpet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/53b894522622f9e2aec7232ba996db567c636b89\"\u003e\u003ccode\u003e53b8945\u003c/code\u003e\u003c/a\u003e Retrieving gems from rubygems via HTTPS\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jekyll/jekyll/compare/v0.12.0...v0.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jekyll` from 0.12.0 to 0.12.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/blob/master/History.markdown\"\u003ejekyll's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.12.1 / 2013-02-19\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Kramdown version to 0.14.1 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTest Enhancements\u003c/li\u003e\n\u003cli\u003eUpdate Rake version to 10.0.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Shoulda version to 3.3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Redcarpet version to 2.2.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/95f7baf83741e9fd693f1150627c84201f0906f7\"\u003e\u003ccode\u003e95f7baf\u003c/code\u003e\u003c/a\u003e Release 0.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/399ef34c7940ed38478b405aba00463ba9bdc8bf\"\u003e\u003ccode\u003e399ef34\u003c/code\u003e\u003c/a\u003e Update date in gemspec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b90ff969448efb1c27de6e2f134f46d334766c31\"\u003e\u003ccode\u003eb90ff96\u003c/code\u003e\u003c/a\u003e Relax Kramdown requirement to 0.14 instead of 0.14.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/0dc85258b6ed988357057ce7d7700aad3095614d\"\u003e\u003ccode\u003e0dc8525\u003c/code\u003e\u003c/a\u003e Bump version in gemspec and in jekyll.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b65b29b4297a4f94409fc9bbaa14a73e56ad1fc9\"\u003e\u003ccode\u003eb65b29b\u003c/code\u003e\u003c/a\u003e Update History.txt for 0.12.1 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/e8044772783a435140df3e7d075e6483fd5d7742\"\u003e\u003ccode\u003ee804477\u003c/code\u003e\u003c/a\u003e Fix Kramdown tests: they now use numerical HTML entities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/f9cca40917858804afd8da3f52f9a48b0ba176bd\"\u003e\u003ccode\u003ef9cca40\u003c/code\u003e\u003c/a\u003e Require test/unit in test helper.rb for execution of unit tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/bc8894461c5ef4ea47cbaea53f91a84dd8b5a2bf\"\u003e\u003ccode\u003ebc88944\u003c/code\u003e\u003c/a\u003e Update dependencies: kramdown, rake, shoulda, cucumber, redcarpet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/53b894522622f9e2aec7232ba996db567c636b89\"\u003e\u003ccode\u003e53b8945\u003c/code\u003e\u003c/a\u003e Retrieving gems from rubygems via HTTPS\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jekyll/jekyll/compare/v0.12.0...v0.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `RedCloth` from 4.2.9 to 4.3.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jgarber/redcloth/blob/master/CHANGELOG\"\u003eRedCloth's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e== 4.3.3 / Nov 2nd, 2023\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tests for CVE-2023-31606 [Helio Cola]\u003c/li\u003e\n\u003cli\u003eFix rake compile [Helio Cola and Faria Education Group]\u003c/li\u003e\n\u003cli\u003eFix CVE-2023-31606 (ReDOS possible in the sanitize_html function) [Kornelius Kalnbach and Merbin Russel]\u003c/li\u003e\n\u003cli\u003eImmutable strings [Matijs van Zuijlen]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.2 / May 23rd, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.1 / May 17th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.0 / April 29th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove JRuby and Windows cross compilation and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ruby 2.2.3 testing and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003einclude CVE-2012-6684 fix [Tomas Pospisek]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix by [Antonio Terceiro]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\"\u003ehttp://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003evulnerability reported by [Kousuke Ebihara]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://co3k.org/blog/redcloth-unfixed-xss-en\"\u003ehttp://co3k.org/blog/redcloth-unfixed-xss-en\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.2.9.1 / February 24, 2015\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLazy-load latex_entities.yml [Charlie Somerville]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8297da8aa071b3bf1584738229f277833bd20c49\"\u003e\u003ccode\u003e8297da8\u003c/code\u003e\u003c/a\u003e 4.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/2600d93ff164a5244cec86a3047619ae8b4e4b04\"\u003e\u003ccode\u003e2600d93\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/80\"\u003e#80\u003c/a\u003e from jgarber/tests/CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ac10b687041e12cb49a196acf79687d6f596114e\"\u003e\u003ccode\u003eac10b68\u003c/code\u003e\u003c/a\u003e Add tests for CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4e85481aca18e50fcd17ad432234e0af8245b080\"\u003e\u003ccode\u003e4e85481\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/78\"\u003e#78\u003c/a\u003e from jgarber/fix/build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ccdd54dd68810f8ccd0c9b11c301d883240fcd22\"\u003e\u003ccode\u003eccdd54d\u003c/code\u003e\u003c/a\u003e Fix rake compile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8b1327688fef8e6617792054ef299d7bc74c0a1e\"\u003e\u003ccode\u003e8b13276\u003c/code\u003e\u003c/a\u003e Fix CVE-2023-31606 (ReDOS possible in the sanitize_html function) (\u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/dd7ee6caaa6c899f4d5389c1b2fe4a17f1e5f326\"\u003e\u003ccode\u003edd7ee6c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/47\"\u003e#47\u003c/a\u003e from greggawatt/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/5c9b35c3f8af989cf2a8d22f1bb9d8140641cd5b\"\u003e\u003ccode\u003e5c9b35c\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/c34fa195ca540b2bea84d9cfe1813e070e4ed154\"\u003e\u003ccode\u003ec34fa19\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4808b36d7063a7cfade89378d879a9134cd30a3e\"\u003e\u003ccode\u003e4808b36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/38\"\u003e#38\u003c/a\u003e from mvz/immutable-strings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jgarber/redcloth/compare/v4.2.9...v4.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haml` from 3.1.7 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haml/haml/blob/main/CHANGELOG.md\"\u003ehaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eReleased on April 26, 2017\n(\u003ca href=\"https://github.com/haml/haml/compare/4.0.7...v5.0.0\"\u003ediff\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eBreaking Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHaml now requires Ruby 2.0.0 or above.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRails 3 is no longer supported, matching the official\n\u003ca href=\"http://weblog.rubyonrails.org/2013/2/24/maintenance-policy-for-ruby-on-rails/\"\u003eMaintenance Policy for Ruby on Rails\u003c/a\u003e.\nUse Haml 4 if you want to use Rails 3.\n(Tee Parham)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003e:ugly\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/haml/haml/pull/894\"\u003e#894\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003ehaml\u003c/code\u003e command's debug option (\u003ccode\u003e-d\u003c/code\u003e) no longer executes the Haml code, but\nrather checks the generated Ruby syntax for errors.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop parser/compiler accessor from \u003ccode\u003eHaml::Engine\u003c/code\u003e. Modify \u003ccode\u003eHaml::Engine#initialize\u003c/code\u003e options\nor \u003ccode\u003eHaml::Template.options\u003c/code\u003e instead. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop dynamic quotes support and always escape \u003ccode\u003e'\u003c/code\u003e for \u003ccode\u003eescape_html\u003c/code\u003e/\u003ccode\u003eescape_attrs\u003c/code\u003e instead.\nAlso, escaped results are slightly changed and always unified to the same characters. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't preserve newlines in attributes. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTML escape interpolated code in filters.\n\u003ca href=\"https://redirect.github.com/haml/haml/pull/770\"\u003e#770\u003c/a\u003e\n(Matt Wildig)\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e  :javascript\n    #{JSON.generate(foo: \u0026quot;bar\u0026quot;)}\n  Haml 4 output: {\u0026quot;foo\u0026quot;:\u0026quot;bar\u0026quot;}\n  Haml 5 output: {\u0026amp;quot;foo\u0026amp;quot;:\u0026amp;quot;bar\u0026amp;quot;}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAdded\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a tracing option. When enabled, Haml will output a data-trace attribute on each tag showing the path\nto the source Haml file from which it was generated. Thanks \u003ca href=\"https://github.com/ababkin\"\u003eAlex Babkin\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehaml_tag_if\u003c/code\u003e to render a block, conditionally wrapped in another element (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eSupport Rails 5.1 Erubi template handler.\u003c/li\u003e\n\u003cli\u003eSupport Sprockets 3. Thanks \u003ca href=\"https://github.com/samphilipd\"\u003eSam Davies\u003c/a\u003e and \u003ca href=\"https://github.com/jvenezia\"\u003eJeremy Venezia\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eGeneral performance and memory usage improvements. (Akira Matsuda)\u003c/li\u003e\n\u003cli\u003eAnalyze attribute values by Ripper and render static attributes beforehand. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eOptimize attribute rendering about 3x faster. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eAdd temple gem as dependency and create \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e class.\nSome methods in \u003ccode\u003eHaml::Compiler\u003c/code\u003e are migrated to \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e. (Takashi Kokubun)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixed\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for attribute merging. When an attribute method (or literal nested hash)\nwas used in an old style attribute hash and there is also a (non-static) new\nstyle hash there is an error. The fix can result in different behavior in\nsome circumstances. See the \u003ca href=\"https://github.com/haml/haml/tree/e475b015d3171fb4c4f140db304f7970c787d6e3\"\u003ecommit message\u003c/a\u003e\nfor detailed info. (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eMake escape_once respect hexadecimal references. (Matt Wildig)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/78e2a09d3b8c6f7cdb3bb87ff84dce8fad5598ac\"\u003e\u003ccode\u003e78e2a09\u003c/code\u003e\u003c/a\u003e Version 5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/e5d6409bad6da77c697efc924c36ad2c5405b680\"\u003e\u003ccode\u003ee5d6409\u003c/code\u003e\u003c/a\u003e Note about \u003ca href=\"https://redirect.github.com/haml/haml/issues/770\"\u003e#770\u003c/a\u003e in Haml 5 changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/1bac6f902fe7683317b46ddcf0fdbbab6ffcd0da\"\u003e\u003ccode\u003e1bac6f9\u003c/code\u003e\u003c/a\u003e Remove JRuby from allow_failures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/d45c2d44b6b993ae7d54634948d69c2951d6dda3\"\u003e\u003ccode\u003ed45c2d4\u003c/code\u003e\u003c/a\u003e Add backslash for @ to support JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/8f207073c2e0e2bc296f18424b3fec3dfe659674\"\u003e\u003ccode\u003e8f20707\u003c/code\u003e\u003c/a\u003e Enable frozen_string_literal pragma if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/a6bb25529a5df92b355f8e4b2a712c2aa3ff1b26\"\u003e\u003ccode\u003ea6bb255\u003c/code\u003e\u003c/a\u003e Oops, this was not intentional...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/aa4c397410312ab3c3ee6191110f5e595e5eea00\"\u003e\u003ccode\u003eaa4c397\u003c/code\u003e\u003c/a\u003e Fix spec in \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e for pretty mode removal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/11af7954f3e9ba5e21924c11c49773cacc18eeb2\"\u003e\u003ccode\u003e11af795\u003c/code\u003e\u003c/a\u003e Fallback to default value of preserve option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/bbbeb7ea8ade64fec20de4e0254040a229bdda0e\"\u003e\u003ccode\u003ebbbeb7e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG to include \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/ed7f24f1dc63c38f3d143289262266cbf59a9f1f\"\u003e\u003ccode\u003eed7f24f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e from redoPop/atful-css\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haml/haml/compare/3.1.7...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kramdown` from 0.13.8 to 0.14.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gettalong/kramdown/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-protection` from 1.3.2 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003erack-protection's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/7b50a1bbb5324838908dfaa00ec53ad322673a29\"\u003e\u003ccode\u003e7b50a1b\u003c/code\u003e\u003c/a\u003e 4.1.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2068\"\u003e#2068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/73f3291d114b5b211e067263eeb9c0e197fe8500\"\u003e\u003ccode\u003e73f3291\u003c/code\u003e\u003c/a\u003e 4.1.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2063\"\u003e#2063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cd3e00de20ddaff34ea30f7a74a7b9dad189d1d8\"\u003e\u003ccode\u003ecd3e00d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eHostAuthorization\u003c/code\u003e rack-protection middleware (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2053\"\u003e#2053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a55850\u003c/code\u003e\u003c/a\u003e Remove WEBrick\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/319af3a298cb8278670f285b6c02df0fd084615d\"\u003e\u003ccode\u003e319af3a\u003c/code\u003e\u003c/a\u003e Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/8d0095fc8c37f39d41caf74637da72c1ac952299\"\u003e\u003ccode\u003e8d0095f\u003c/code\u003e\u003c/a\u003e Adjust \u003ccode\u003eCookieTossing\u003c/code\u003e spec for Rack 3.1+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5640495babcb4cfd69ba650b293660b7446402da\"\u003e\u003ccode\u003e5640495\u003c/code\u003e\u003c/a\u003e Fix typos in changelog, readme and code comments (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.2...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AKJUS/octopress/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AKJUS/octopress/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKJUS%2Foctopress/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4196586484","node_id":"PR_kwDOISjhyM7Pp2TV","number":27,"state":"closed","title":"build(deps): bump the bundler group across 10 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-08T01:31:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-02T19:37:09.000Z","updated_at":"2026-04-08T01:31:32.000Z","time_to_close":453261,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":10,"packages":[{"name":"rack","old_version":"2.0.7","new_version":"2.2.23","repository_url":"https://github.com/rack/rack"},{"name":"sinatra","old_version":"2.0.5","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"git","old_version":"1.3.0","new_version":"1.13.0","repository_url":"https://github.com/ruby-git/ruby-git"},{"name":"git","old_version":"1.9.1","new_version":"1.13.0","repository_url":"https://github.com/ruby-git/ruby-git"},{"name":"faraday","old_version":"1.7.0","new_version":"1.10.5","repository_url":"https://github.com/lostisland/faraday"},{"name":"httparty","old_version":"0.18.1","new_version":"0.24.0","repository_url":"https://github.com/jnunemaker/httparty"},{"name":"rexml","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 2 updates in the /pkgs/applications/office/ledger-web directory: [rack](https://github.com/rack/rack) and [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 1 update in the /pkgs/applications/version-management/bitbucket-server-cli directory: [git](https://github.com/ruby-git/ruby-git).\nBumps the bundler group with 4 updates in the /pkgs/applications/version-management/danger-gitlab directory: [git](https://github.com/ruby-git/ruby-git), [faraday](https://github.com/lostisland/faraday), [httparty](https://github.com/jnunemaker/httparty) and [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 2 updates in the /pkgs/applications/version-management/git-fame directory: [rexml](https://github.com/ruby/rexml) and [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 2 updates in the /pkgs/by-name/ba/bashly directory: [rexml](https://github.com/ruby/rexml) and [cgi](https://github.com/ruby/cgi).\nBumps the bundler group with 2 updates in the /pkgs/by-name/cf/cfn-nag directory: [rexml](https://github.com/ruby/rexml) and [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby).\nBumps the bundler group with 1 update in the /pkgs/by-name/co/coltrane directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 1 update in the /pkgs/by-name/ev/evil-winrm directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/by-name/fu/fusuma directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 4 updates in the /pkgs/by-name/go/gollum directory: [rack](https://github.com/rack/rack), [sinatra](https://github.com/sinatra/sinatra), [rexml](https://github.com/ruby/rexml) and [nokogiri](https://github.com/sparklemotion/nokogiri).\n\nUpdates `rack` from 2.0.7 to 2.2.23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.8.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.2.8...v2.2.8.1\"\u003ehttps://github.com/rack/rack/compare/v2.2.8...v2.2.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eLimit file extension length of multipart tempfiles (2.2 backport) by \u003ca href=\"https://github.com/dentarg\"\u003e\u003ccode\u003e@​dentarg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2075\"\u003erack/rack#2075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCHANGELOG: Add missing 2.2.7 by \u003ca href=\"https://github.com/tisba\"\u003e\u003ccode\u003e@​tisba\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2081\"\u003erack/rack#2081\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate cookie.rb by \u003ca href=\"https://github.com/dchandekstark\"\u003e\u003ccode\u003e@​dchandekstark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2092\"\u003erack/rack#2092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer ubuntu-latest for testing. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2095\"\u003erack/rack#2095\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inefficient assert pattern in Rack::Lint [2-2-stable] by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2101\"\u003erack/rack#2101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegenerate SPEC [2-2-stable] by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2102\"\u003erack/rack#2102\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tisba\"\u003e\u003ccode\u003e@​tisba\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2081\"\u003erack/rack#2081\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dchandekstark\"\u003e\u003ccode\u003e@​dchandekstark\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2092\"\u003erack/rack#2092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.2.7...v2.2.8\"\u003ehttps://github.com/rack/rack/compare/v2.2.7...v2.2.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the year number in the changelog by \u003ca href=\"https://github.com/kimulab\"\u003e\u003ccode\u003e@​kimulab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2015\"\u003erack/rack#2015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport underscore in host names for Rack 2.2 (Fixes \u003ca href=\"https://redirect.github.com/rack/rack/issues/2070\"\u003e#2070\u003c/a\u003e) by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2071\"\u003erack/rack#2071\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kimulab\"\u003e\u003ccode\u003e@​kimulab\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2015\"\u003erack/rack#2015\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.2.6.4...v2.2.7\"\u003ehttps://github.com/rack/rack/compare/v2.2.6.4...v2.2.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.6.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.4.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.1.4.3...v2.1.4.4\"\u003ehttps://github.com/rack/rack/compare/v2.1.4.3...v2.1.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.9.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.0.9.3...v2.0.9.4\"\u003ehttps://github.com/rack/rack/compare/v2.0.9.3...v2.0.9.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.2.23] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.22] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.21] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.20] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.19] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.18] - 2025-09-25\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-625h-95r8-8xpm\"\u003eCVE-2025-59830\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion via semicolon-separated parameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.17] - 2025-06-03\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/f2af0c8f869193fa7bb7d20b619b3003418e1055\"\u003e\u003ccode\u003ef2af0c8\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/345b74428e278540bb6c68484e60e01b7542fd49\"\u003e\u003ccode\u003e345b744\u003c/code\u003e\u003c/a\u003e Fix tests for old Rubies.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e2d8e309680f2b9820ab5de13a43f76778bd2c6d\"\u003e\u003ccode\u003ee2d8e30\u003c/code\u003e\u003c/a\u003e Add version guard around non-default gems.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/add1a80fa7a3772605cae8a45e29af6b1d425057\"\u003e\u003ccode\u003eadd1a80\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/54261eccf12bb01952f7cbc8203fe68a0e5a1ee3\"\u003e\u003ccode\u003e54261ec\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a36f48bbda4835aa00c3c2f2dbddc5a734dcdfcd\"\u003e\u003ccode\u003ea36f48b\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eostruct\u003c/code\u003e to Gemfile.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8883f0da7bf9606d0973f7915a30c3edfc0d3038\"\u003e\u003ccode\u003e8883f0d\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/2287a3babec2e80d47329e7e75b5f15c406a07ab\"\u003e\u003ccode\u003e2287a3b\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003elogger\u003c/code\u003e to gemfile.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e6540e5f11e75c9fb4335934de54b6de05bcf626\"\u003e\u003ccode\u003ee6540e5\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/c42e357995065aa0c144eba0215a689d8105e4de\"\u003e\u003ccode\u003ec42e357\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/2.0.7...v2.2.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 2.0.5 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.0.5...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git` from 1.3.0 to 1.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/releases\"\u003egit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eca8ff35 Release v1.13.0 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/603\"\u003e#603\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.12.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.11.0...v1.12.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eea79dad Release v1.12.0\u003c/li\u003e\n\u003cli\u003ee58cd29 Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e609ab8b Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4a96679 Fix windows build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/591\"\u003e#591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f2b3fd Support the --all option for git fetch (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e1b13ec1 Workaround to get JRuby build working (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/582\"\u003e#582\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e5f0adec Update README.md (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e45b467c Make the directory param to Git.clone optional (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eb92130c Make Git::URL.clone_to handle cloning to bare and mirror repos (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/577\"\u003e#577\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e13471d7 Add Git::URL #parse and #clone_to methods (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0a43d8b Use the head version of yard (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.11.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.2...HEAD\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.1...v1.10.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e57f941c Release v1.10.2\u003c/li\u003e\n\u003cli\u003ec987a74 Add create-release, setup, and console dev scripts (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e12e3d03 Store tempfile objects to prevent deletion during tests (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.0...v1.10.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ec7b12af Release v1.10.1\u003c/li\u003e\n\u003cli\u003eea28118 Properly escape double quotes in shell commands on Windows (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/552\"\u003e#552\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edb060fc Properly unescape diff paths (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/504\"\u003e#504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eea47044 Add Ruby 3.0 to CI build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/547\"\u003e#547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/blob/main/CHANGELOG.md\"\u003egit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0 (2022-12-10)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.12.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ca8ff350a63172630b8e9e919e02a0ce8e7a7a6d\"\u003e\u003ccode\u003eca8ff35\u003c/code\u003e\u003c/a\u003e Release v1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/83492243ef3779bd30f23b41541927f6e50e744f\"\u003e\u003ccode\u003e8349224\u003c/code\u003e\u003c/a\u003e Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/4fe8738e8348567255ab4be25867684b5d0d282d\"\u003e\u003ccode\u003e4fe8738\u003c/code\u003e\u003c/a\u003e In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/74b8e11af1a181d90f769129a0810bbc7f2f8a56\"\u003e\u003ccode\u003e74b8e11\u003c/code\u003e\u003c/a\u003e Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ff6dcf47ea1c14e5f12a8ff51eeb4ee10b7b2487\"\u003e\u003ccode\u003eff6dcf4\u003c/code\u003e\u003c/a\u003e Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/827929819c9e607c2ca0ef3f4c9aff57130c682a\"\u003e\u003ccode\u003e8279298\u003c/code\u003e\u003c/a\u003e Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ea79dadf07e65896a08487af011e60336e86d3e3\"\u003e\u003ccode\u003eea79dad\u003c/code\u003e\u003c/a\u003e Release v1.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/e58cd2997670561e41df22db236e06e41daea3da\"\u003e\u003ccode\u003ee58cd29\u003c/code\u003e\u003c/a\u003e Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/323383be03358c96523f60e361ad8ec21857f52e\"\u003e\u003ccode\u003e323383b\u003c/code\u003e\u003c/a\u003e Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/609ab8be2656c2362f126863dc2c98255fb5f68a\"\u003e\u003ccode\u003e609ab8b\u003c/code\u003e\u003c/a\u003e Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.3.0...v1.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git` from 1.9.1 to 1.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/releases\"\u003egit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eca8ff35 Release v1.13.0 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/603\"\u003e#603\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.12.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.11.0...v1.12.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eea79dad Release v1.12.0\u003c/li\u003e\n\u003cli\u003ee58cd29 Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e609ab8b Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4a96679 Fix windows build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/591\"\u003e#591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f2b3fd Support the --all option for git fetch (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e1b13ec1 Workaround to get JRuby build working (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/582\"\u003e#582\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e5f0adec Update README.md (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e45b467c Make the directory param to Git.clone optional (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eb92130c Make Git::URL.clone_to handle cloning to bare and mirror repos (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/577\"\u003e#577\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e13471d7 Add Git::URL #parse and #clone_to methods (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0a43d8b Use the head version of yard (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.11.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.2...HEAD\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.1...v1.10.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e57f941c Release v1.10.2\u003c/li\u003e\n\u003cli\u003ec987a74 Add create-release, setup, and console dev scripts (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e12e3d03 Store tempfile objects to prevent deletion during tests (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.0...v1.10.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ec7b12af Release v1.10.1\u003c/li\u003e\n\u003cli\u003eea28118 Properly escape double quotes in shell commands on Windows (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/552\"\u003e#552\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edb060fc Properly unescape diff paths (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/504\"\u003e#504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eea47044 Add Ruby 3.0 to CI build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/547\"\u003e#547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/blob/main/CHANGELOG.md\"\u003egit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0 (2022-12-10)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.12.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ca8ff350a63172630b8e9e919e02a0ce8e7a7a6d\"\u003e\u003ccode\u003eca8ff35\u003c/code\u003e\u003c/a\u003e Release v1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/83492243ef3779bd30f23b41541927f6e50e744f\"\u003e\u003ccode\u003e8349224\u003c/code\u003e\u003c/a\u003e Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/4fe8738e8348567255ab4be25867684b5d0d282d\"\u003e\u003ccode\u003e4fe8738\u003c/code\u003e\u003c/a\u003e In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/74b8e11af1a181d90f769129a0810bbc7f2f8a56\"\u003e\u003ccode\u003e74b8e11\u003c/code\u003e\u003c/a\u003e Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ff6dcf47ea1c14e5f12a8ff51eeb4ee10b7b2487\"\u003e\u003ccode\u003eff6dcf4\u003c/code\u003e\u003c/a\u003e Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/827929819c9e607c2ca0ef3f4c9aff57130c682a\"\u003e\u003ccode\u003e8279298\u003c/code\u003e\u003c/a\u003e Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ea79dadf07e65896a08487af011e60336e86d3e3\"\u003e\u003ccode\u003eea79dad\u003c/code\u003e\u003c/a\u003e Release v1.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/e58cd2997670561e41df22db236e06e41daea3da\"\u003e\u003ccode\u003ee58cd29\u003c/code\u003e\u003c/a\u003e Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/323383be03358c96523f60e361ad8ec21857f52e\"\u003e\u003ccode\u003e323383b\u003c/code\u003e\u003c/a\u003e Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/609ab8be2656c2362f126863dc2c98255fb5f68a\"\u003e\u003ccode\u003e609ab8b\u003c/code\u003e\u003c/a\u003e Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.3.0...v1.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 1.7.0 to 1.10.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.10.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport CVE-2026-25765 by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1665\"\u003elostisland/faraday#1665\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are correctly autoloaded by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1595\"\u003elostisland/faraday#1595\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Ruby 3.2.0 in Faraday v1.x by \u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate three methods for version 2.0 by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1446\"\u003elostisland/faraday#1446\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eFaraday#Deprecate\u003c/code\u003e to \u003ccode\u003e1.x\u003c/code\u003e by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JSON middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1400\"\u003elostisland/faraday#1400\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add support for Ruby 2.4+ by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1371\"\u003elostisland/faraday#1371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/blob/main/CHANGELOG.md\"\u003efaraday's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eFaraday Changelog\u003c/h1\u003e\n\u003ch2\u003eThe changelog has moved!\u003c/h2\u003e\n\u003cp\u003eThis file is not being updated anymore. Instead, please check the \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003eReleases\u003c/a\u003e page.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.1.0...v2.2.0\"\u003e2.2.0\u003c/a\u003e (2022-02-03)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduce the possibility to register middleware with symbols, strings or procs in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1391\"\u003e#1391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.1...v2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-01-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix test adapter thread safety by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1380\"\u003e#1380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd default adapter options by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1382\"\u003e#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Add Ruby 3.1 to matrix by \u003ca href=\"https://github.com/petergoldstein\"\u003e\u003ccode\u003e@​petergoldstein\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1374\"\u003e#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix regex pattern in logger.md examples by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1378\"\u003e#1378\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2022-01-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add \u003ccode\u003efaraday-net_http\u003c/code\u003e as default adapter by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1366\"\u003e#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated sample format in UPGRADING.md by \u003ca href=\"https://github.com/vimutter\"\u003e\u003ccode\u003e@​vimutter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1361\"\u003e#1361\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make UPGRADING examples more copyable by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1363\"\u003e#1363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v1.8.0...v2.0.0\"\u003e2.0.0\u003c/a\u003e (2022-01-04)\u003c/h2\u003e\n\u003cp\u003eThe next major release is here, and it comes almost 2 years after the release of v1.0!\u003c/p\u003e\n\u003cp\u003eThis release changes the way you use Faraday and embraces a new paradigm of Faraday as an ecosystem, rather than a library.\u003c/p\u003e\n\u003cp\u003eWhat does that mean? It means that Faraday is less of a bundled tool and more of a framework for the community to build on top of.\u003c/p\u003e\n\u003cp\u003eAs a result, all adapters and some middleware have moved out and are now shipped as standalone gems 🙌!\u003c/p\u003e\n\u003cp\u003eBut this doesn't mean that upgrading from Faraday 1.x to Faraday 2.0 should be hard, in fact we've listed everything you need to do in the \u003ca href=\"https://github.com/lostisland/faraday/blob/main/UPGRADING.md\"\u003eUPGRADING.md\u003c/a\u003e doc.\u003c/p\u003e\n\u003cp\u003eMoreover, we've setup a new \u003ca href=\"https://github.com/lostisland/awesome-faraday\"\u003eawesome-faraday\u003c/a\u003e repository that will showcase a curated list of adapters and middleware 😎.\u003c/p\u003e\n\u003cp\u003eThis release was the result of the efforts of the core team and all the contributors, new and old, that have helped achieve this milestone 👏.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutoloading, dependency loading and middleware registry cleanup by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1301\"\u003e#1301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove JSON middleware (request and response) from faraday_middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1300\"\u003e#1300\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::Request#method\u003c/code\u003e by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1303\"\u003e#1303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::UploadIO\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[1.x] Deprecate Authorization helpers in \u003ccode\u003eFaraday::Connection\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1306\"\u003e#1306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop deprecated auth helpers from Connection and refactor auth middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Faraday 1.x examples in authentication.md docs by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1320\"\u003e#1320\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix passing a URL with embedded basic auth by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1324\"\u003e#1324\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister JSON middleware by \u003ca href=\"https://github.com/mollerhoj\"\u003e\u003ccode\u003e@​mollerhoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1331\"\u003e#1331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/5c1d68aae6020c7a5398147356e5a42ca205bf80\"\u003e\u003ccode\u003e5c1d68a\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/ea02c0ecbcd7ecc5553767f0cd97ec94eae6142b\"\u003e\u003ccode\u003eea02c0e\u003c/code\u003e\u003c/a\u003e Update rubocop complexity thresholds for security fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/d0fc049beb0b0e4e3bd4a52711189130bba7c5f4\"\u003e\u003ccode\u003ed0fc049\u003c/code\u003e\u003c/a\u003e Backport security fix for CVE-2026-25765 to 1.x branch (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1665\"\u003e#1665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/41c990ee1f82f74270c084cca8f398b186f09262\"\u003e\u003ccode\u003e41c990e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/435888d46cb0236eef9c8d6b02ef37a45681207f\"\u003e\u003ccode\u003e435888d\u003c/code\u003e\u003c/a\u003e Make sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are cor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/82086930f947d037f0ec14ce740c0485a3b4d5a0\"\u003e\u003ccode\u003e8208693\u003c/code\u003e\u003c/a\u003e Use ruby/setup-ruby in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/eeec3677d769258ec97450c678ef4d8f924fac9a\"\u003e\u003ccode\u003eeeec367\u003c/code\u003e\u003c/a\u003e Fix ruby version in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/92c038bcbf24b171abeecd608a195245f5431e98\"\u003e\u003ccode\u003e92c038b\u003c/code\u003e\u003c/a\u003e Update publish.yml to use Ruby 2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/7a382b5abb19b9278c2bf055da54876ce612cff9\"\u003e\u003ccode\u003e7a382b5\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/16506ee918bd8813d0e241aa1c4996fa2157303c\"\u003e\u003ccode\u003e16506ee\u003c/code\u003e\u003c/a\u003e Add support for Ruby 3.2.0 in Faraday v1.x (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1483\"\u003e#1483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.7.0...v1.10.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `httparty` from 0.18.1 to 0.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003ehttparty's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForce binary encoding throughout by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/823\"\u003ejnunemaker/httparty#823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eset Content-Type for Hash body in requests by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/828\"\u003ejnunemaker/httparty#828\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: stream multipart file uploads to reduce memory usage by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/829\"\u003ejnunemaker/httparty#829\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent SSRF via absolute URL bypassing base_uri by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/830\"\u003ejnunemaker/httparty#830\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.23.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changelog_uri metadata to gemspec by \u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix multipart with files in binary mode and fields including non-ASCII characters by \u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd foul option to class level \u003ca href=\"https://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\"\u003ehttps://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: foul mode to rescue all common network errors:  \u003ca href=\"https://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\"\u003ehttps://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace master branch to main for better view by \u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashishra0\"\u003e\u003ccode\u003e@​ashishra0\u003c/code\u003e\u003c/a\u003e made their first contribution with foul mode\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix typo in example name by \u003ca href=\"https://github.com/xymbol\"\u003e\u003ccode\u003e@​xymbol\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/780\"\u003ejnunemaker/httparty#780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtract request building method by \u003ca href=\"https://github.com/aliismayilov\"\u003e\u003ccode\u003e@​aliismayilov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/786\"\u003ejnunemaker/httparty#786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Tell dependabot to update GH Actions by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/791\"\u003ejnunemaker/httparty#791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd CSV gem as a dependency for Ruby 3.4 by \u003ca href=\"https://github.com/ngan\"\u003e\u003ccode\u003e@​ngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/796\"\u003ejnunemaker/httparty#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear body when redirecting to a GET  by \u003ca href=\"https://github.com/rhett-inbox\"\u003e\u003ccode\u003e@​rhett-inbox\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/783\"\u003ejnunemaker/httparty#783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI against Ruby 3.3 by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/798\"\u003ejnunemaker/httparty#798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/792\"\u003ejnunemaker/httparty#792\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/blob/main/Changelog.md\"\u003ehttparty's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003echanges since 0.22 are documented in GitHub Releases\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e0.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/cdb45a678c43e44570b4e73f84b1abeb5ec22b8e\"\u003eescape filename in the multipart/form-data Content-Disposition header\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/767\"\u003eFix request marshaling\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/769\"\u003eReplace \u003ccode\u003emime-types\u003c/code\u003e with \u003ccode\u003emini_mime\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.20.0\u003c/h2\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Ruby \u0026gt;= 2.3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/714\"\u003e\u003ccode\u003eMarshal.dump\u003c/code\u003e fails on response objects when request option \u003ccode\u003e:logger\u003c/code\u003e is set or \u003ccode\u003e:parser\u003c/code\u003e is a proc\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/720\"\u003eSwitch \u003ccode\u003e:pem\u003c/code\u003e option to to \u003ccode\u003eOpenSSL::PKey.read\u003c/code\u003e to support other algorithms\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/4416141d37fd71bdba4f37589ec265f55aa446ce\"\u003eRemove use of unary + method for creating non-frozen string to increase compatibility with older versions of ruby\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/709\"\u003eMultipart/Form-Data: rewind files after read\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/711\"\u003eadd frozen_string_literal pragma to all files\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Better handling of Accept-Encoding / Content-Encoding decompression (fixes \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/562\"\u003e#562\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/729\"\u003ejnunemaker/httparty#729\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/55ec76e8d1df7903eab3f7c2367991400d3cf65e\"\u003e\u003ccode\u003e55ec76e\u003c/code\u003e\u003c/a\u003e Release 0.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/ddfbc8ddfca03d4f4026b01763ee906071ca558b\"\u003e\u003ccode\u003eddfbc8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/830\"\u003e#830\u003c/a\u003e from jnunemaker/fix-ssrf-base-uri-bypass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/0529bcd6309c9fd9bfdd50ae211843b10054c240\"\u003e\u003ccode\u003e0529bcd\u003c/code\u003e\u003c/a\u003e fix: prevent SSRF via absolute URL bypassing base_uri (GHSA-hm5p-x4rq-38w4)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/05f38fd35d8088b9770513c2eaecce671f0940ec\"\u003e\u003ccode\u003e05f38fd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/829\"\u003e#829\u003c/a\u003e from jnunemaker/memory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/8901c238c00d0aca8920271314c4c5d7dd2701fb\"\u003e\u003ccode\u003e8901c23\u003c/code\u003e\u003c/a\u003e feat: stream multipart file uploads to reduce memory usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/091bd6aa909e38822b72f8ce2383385cf8eeb302\"\u003e\u003ccode\u003e091bd6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/828\"\u003e#828\u003c/a\u003e from jnunemaker/issue-826\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/59c0ac5f3d906fb6be2133c1b89d75329755af8f\"\u003e\u003ccode\u003e59c0ac5\u003c/code\u003e\u003c/a\u003e feat: set Content-Type for Hash body in requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/5c8b45e6297d181d99a56f5297dade3e358cc6f9\"\u003e\u003ccode\u003e5c8b45e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/823\"\u003e#823\u003c/a\u003e from jnunemaker/mixed-encodings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/6419cb307dd435572963e4ab40cd96b41389efcf\"\u003e\u003ccode\u003e6419cb3\u003c/code\u003e\u003c/a\u003e Force binary encoding throughout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/c74571f7925c8e142d02c2b7d6ebeedf923b1dd1\"\u003e\u003ccode\u003ec74571f\u003c/code\u003e\u003c/a\u003e Release 0.23.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.18.1...v0.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.2.5 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.g...\n\n_Description has been truncated_","html_url":"https://github.com/danwdart/nixpkgs/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danwdart%2Fnixpkgs/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"},{"uuid":"4124705928","node_id":"PR_kwDOPVgz5c7M26yh","number":217,"state":"closed","title":"build(deps): bump the bundler group across 2 directories with 3 updates","user":"dependabot[bot]","labels":["dependencies","ruby","Stale"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-08T05:19:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T01:50:05.000Z","updated_at":"2026-04-08T05:20:06.000Z","time_to_close":1308593,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":3,"packages":[{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"rack","old_version":"3.1.15","new_version":"3.2.5"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 1 update in the /src/email directory: [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 1 update in the /src/react-native-app directory: [rexml](https://github.com/ruby/rexml).\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.1.15 to 3.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bb5f3555bd12b9065112353e829298b3b5623ceb\"\u003e\u003ccode\u003ebb5f355\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/f9bde3bc2dde2771185ac1a7b7602a4d9fa0a0d8\"\u003e\u003ccode\u003ef9bde3b\u003c/code\u003e\u003c/a\u003e Prevent directory traversal via root prefix bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/93a68f58aa82aa48f09b751501f19f5e760dd406\"\u003e\u003ccode\u003e93a68f5\u003c/code\u003e\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3b8b0d22d68a7fb30fdea40f838d0f95a05c134d\"\u003e\u003ccode\u003e3b8b0d2\u003c/code\u003e\u003c/a\u003e Fix MockResponse#body when the body is a Proc (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2420\"\u003e#2420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c24539777db8833d78f881680cd245878cfba31\"\u003e\u003ccode\u003e4c24539\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3ba5e4f22f55abac21037bb137e56e5c8e36b673\"\u003e\u003ccode\u003e3ba5e4f\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/32bf8887d00bd86494f0ce08c46cda59a65d332f\"\u003e\u003ccode\u003e32bf888\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f\"\u003e\u003ccode\u003ee179614\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784\"\u003e\u003ccode\u003e57277b7\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/403b74b2441d666845177ce769036e294f663712\"\u003e\u003ccode\u003e403b74b\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v3.1.15...v3.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.4.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/burhanuddin-anw/opentelemetry-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/burhanuddin-anw/opentelemetry-demo/pull/217","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/burhanuddin-anw%2Fopentelemetry-demo/issues/217","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/217/packages"},{"uuid":"4064313464","node_id":"PR_kwDOALFUpc7KBJxs","number":510,"state":"closed","title":"Update sinatra requirement from ~\u003e 3 to ~\u003e 4 in /gemfiles/sequel-4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-17T01:05:41.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-12T12:26:27.000Z","updated_at":"2026-04-17T01:05:51.000Z","time_to_close":3069554,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"sinatra","old_version":"~\u003e 3","new_version":"~\u003e 4","repository_url":"https://github.com/sinatra/sinatra"}],"path":"/gemfiles/sequel-4","ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/skylightio/skylight-ruby/pull/510","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/skylightio%2Fskylight-ruby/issues/510","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/510/packages"},{"uuid":"4064306856","node_id":"PR_kwDOALFUpc7KBIWR","number":497,"state":"open","title":"Update sinatra requirement from ~\u003e 3 to ~\u003e 4 in /gemfiles/sequel-5","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-12T12:25:28.000Z","updated_at":"2026-03-12T12:25:32.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"sinatra","old_version":"~\u003e 3","new_version":"~\u003e 4","repository_url":"https://github.com/sinatra/sinatra"}],"path":"/gemfiles/sequel-5","ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/skylightio/skylight-ruby/pull/497","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/skylightio%2Fskylight-ruby/issues/497","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/497/packages"},{"uuid":"3970161386","node_id":"PR_kwDOAAcQ4s7FP-ya","number":708,"state":"open","title":"Update sinatra requirement from ~\u003e 2.0 to \u003e= 2, \u003c 5","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-20T20:03:39.000Z","updated_at":"2026-02-21T22:02:54.461Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"sinatra","old_version":"~\u003e 2.0","new_version":"\u003e= 2, \u003c 5","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/geminabox/geminabox/pull/708","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/geminabox%2Fgeminabox/issues/708","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/708/packages"},{"uuid":"3965692795","node_id":"PR_kwDOOPxAk87FBLry","number":6,"state":"closed","title":"build(deps): bump the bundler group across 15 directories with 14 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-24T01:30:29.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-19T23:42:07.000Z","updated_at":"2026-03-24T01:30:31.000Z","time_to_close":2771302,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":14,"packages":[{"name":"rack","old_version":"3.1.8","new_version":"3.1.20","repository_url":"https://github.com/rack/rack"},{"name":"rack-session","old_version":"2.1.0","new_version":"2.1.1","repository_url":"https://github.com/rack/rack-session"},{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"nokogiri","old_version":"1.18.1","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 4 updates in the /pkgs/applications/office/ledger-web directory: [activerecord](https://github.com/rails/rails), [rack](https://github.com/rack/rack), [rack-session](https://github.com/rack/rack-session) and [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 3 updates in the /pkgs/applications/version-management/danger-gitlab directory: [faraday](https://github.com/lostisland/faraday), [httparty](https://github.com/jnunemaker/httparty) and [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/applications/version-management/git-fame directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 1 update in the /pkgs/by-name/ba/bashly directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 2 updates in the /pkgs/by-name/ce/cewl directory: [rexml](https://github.com/ruby/rexml) and [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 2 updates in the /pkgs/by-name/cf/cfn-nag directory: [rexml](https://github.com/ruby/rexml) and [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby).\nBumps the bundler group with 1 update in the /pkgs/by-name/co/coltrane directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 1 update in the /pkgs/by-name/do/doing directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/by-name/ev/evil-winrm directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/by-name/fu/fusuma directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 5 updates in the /pkgs/by-name/go/gollum directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rack](https://github.com/rack/rack) | `3.1.8` | `3.1.20` |\n| [rack-session](https://github.com/rack/rack-session) | `2.1.0` | `2.1.1` |\n| [sinatra](https://github.com/sinatra/sinatra) | `4.1.1` | `4.2.0` |\n| [rexml](https://github.com/ruby/rexml) | `3.4.0` | `3.4.2` |\n| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.18.1` | `1.19.1` |\n\nBumps the bundler group with 3 updates in the /pkgs/by-name/li/licensed directory: [rack](https://github.com/rack/rack), [faraday](https://github.com/lostisland/faraday) and [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 1 update in the /pkgs/by-name/mp/mpdcron directory: [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 1 update in the /pkgs/by-name/ov/overcommit directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 5 updates in the /pkgs/by-name/pg/pghero directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rack](https://github.com/rack/rack) | `2.2.10` | `2.2.22` |\n| [faraday](https://github.com/lostisland/faraday) | `1.10.4` | `1.10.5` |\n| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.16.7` | `1.19.1` |\n| [net-imap](https://github.com/ruby/net-imap) | `0.5.0` | `0.5.7` |\n| [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) | `1.6.0` | `1.6.1` |\n\n\nUpdates `activerecord` from 8.0.2 to 8.0.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCall inspect on ids in RecordNotFound error\u003c/p\u003e\n\u003cp\u003e[CVE-2025-55193]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGannon McGibbon\u003c/em\u003e, \u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Storage\u003c/h2\u003e\n\u003cpre\u003e\u003ccode\u003eRemove dangerous transformations\n\u003cp\u003e[CVE-2025-24293]\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b0c813bc7b61c71dd21ee3a6c6210f6d14030f71\"\u003e\u003ccode\u003eb0c813b\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a6d50aeaaa98613c42133f22308d7ddaf0e5556e\"\u003e\u003ccode\u003ea6d50ae\u003c/code\u003e\u003c/a\u003e Update CHANGELOGs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b\"\u003e\u003ccode\u003e568c0bc\u003c/code\u003e\u003c/a\u003e Call inspect on ids in RecordNotFound error\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.1.12 to 3.1.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/65044344e4780d80b409f9ba27df41b6307b5ff5\"\u003e\u003ccode\u003e6504434\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/48e90303ea09cdcf5091104c1ffc94a2f74e2c5b\"\u003e\u003ccode\u003e48e9030\u003c/code\u003e\u003c/a\u003e Prevent directory traversal via root prefix bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed0f455074f9d6aade9793bd8a3dc4aeaecaacd6\"\u003e\u003ccode\u003eed0f455\u003c/code\u003e\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b29df3156208326916cf60482eaec42574b65ff0\"\u003e\u003ccode\u003eb29df31\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/72719a8a7447186234379d9bff889273ec3cd35d\"\u003e\u003ccode\u003e72719a8\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/96cf07879a084e4488d705ed093395e86bb554f5\"\u003e\u003ccode\u003e96cf078\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db\"\u003e\u003ccode\u003ecbd541e\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7e69f65eefe9cd2868df9f9f3b0977b86f93523a\"\u003e\u003ccode\u003e7e69f65\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/db6bc0f64f24a3aa1aa83223da112e25333b049a\"\u003e\u003ccode\u003edb6bc0f\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ad81f80d4bc2db6e3ba15c5b1d3b23205f7c5810\"\u003e\u003ccode\u003ead81f80\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v3.1.12...v3.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-session` from 2.1.0 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack-session/releases\"\u003erack-session's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack-session/compare/v2.1.0...v2.1.1\"\u003ehttps://github.com/rack/rack-session/compare/v2.1.0...v2.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack-session/blob/main/releases.md\"\u003erack-session's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent \u003ccode\u003eRack::Session::Pool\u003c/code\u003e from recreating deleted sessions \u003ca href=\"https://github.com/rack/rack-session/security/advisories/GHSA-9j94-67jr-4cqj\"\u003eCVE-2025-46336\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/96663ece1596a3462704c30f98b85cd7e0337d6e\"\u003e\u003ccode\u003e96663ec\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/c58ad7952cc7d0649f0ea9c78d55049739c49e5a\"\u003e\u003ccode\u003ec58ad79\u003c/code\u003e\u003c/a\u003e Don't allow session to be recreated accidentally.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rack/rack-session/compare/v2.1.0...v2.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uri` from 1.0.3 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/uri/releases\"\u003euri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-allow consecutive, leading and trailing dots in EMAIL_REGEXP by \u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/ruby/uri/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to use the latest version of setup-ruby and bump up to Ruby 3.4 by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/158\"\u003eruby/uri#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the mention to removed \u003ccode\u003eURI.escape/URI::Escape\u003c/code\u003e by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse a fully qualified name in warning messages by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/150\"\u003eruby/uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eRactor#value\u003c/code\u003e by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/163\"\u003eruby/uri#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unnecessary workaround  by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/164\"\u003eruby/uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape reserved characters in scheme name by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/148\"\u003eruby/uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[DOC] State that uri library is needed to call Kernel#URI by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/167\"\u003eruby/uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer dedicated assertion methods by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/169\"\u003eruby/uri#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the message for unexpected argument by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/171\"\u003eruby/uri#171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake URI::regexp schemes case sensitive (\u003ca href=\"https://redirect.github.com/ruby/uri/issues/38\"\u003e#38\u003c/a\u003e) by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/170\"\u003eruby/uri#170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe local part should not contain leading or trailing dots in the EMAIL_REGEXP by \u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMore checks in \u003ccode\u003eEMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/172\"\u003eruby/uri#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not allow empty host names, as they are not allowed by RFC 3986 by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/116\"\u003eruby/uri#116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove performance of \u003ccode\u003eURI::MailTo::EMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/173\"\u003eruby/uri#173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance test stability by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/174\"\u003eruby/uri#174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documents that used \u003ccode\u003eURI::Parser\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/175\"\u003eruby/uri#175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a workflow to sync commits to ruby/ruby by \u003ca href=\"https://github.com/k0kubun\"\u003e\u003ccode\u003e@​k0kubun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/183\"\u003eruby/uri#183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eirb\u003c/code\u003e to the Gemfile to fix the warning by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/182\"\u003eruby/uri#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace reference to the obsolete URI.escape with URI::RFC2396_PARSER.escape by \u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch a parsing behavior completely when switching a parser by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/161\"\u003eruby/uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimprove error message by \u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse generic version number to VERSION by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/187\"\u003eruby/uri#187\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.4...v1.1.0\"\u003ehttps://github.com/ruby/uri/compare/v1.0.4...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.4\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/\"\u003eCVE-2025-61594\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/f1b05c89ab38667e7564896f994d4d6cfbc67149\"\u003e\u003ccode\u003ef1b05c8\u003c/code\u003e\u003c/a\u003e v1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/8557e8d470ad7b969ba11d210e33b9570919661d\"\u003e\u003ccode\u003e8557e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/189\"\u003e#189\u003c/a\u003e from osyoyu/restore-whatwg-email-regexp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c551d7020bba3cf452e696d55c451ae951d0f24b\"\u003e\u003ccode\u003ec551d70\u003c/code\u003e\u003c/a\u003e Re-allow consecutive, leading and trailing dots in EMAIL_REGEXP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c41903b3e4df8ba2ceba16a80d3156a97a81e038\"\u003e\u003ccode\u003ec41903b\u003c/code\u003e\u003c/a\u003e v1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/b433f3499202b2abc27c5211554195243d083f88\"\u003e\u003ccode\u003eb433f34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/187\"\u003e#187\u003c/a\u003e from ruby/switch-version-code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/1fc4f0496a2d44f4af317d8f786a50e9f6918656\"\u003e\u003ccode\u003e1fc4f04\u003c/code\u003e\u003c/a\u003e Use generic version number to VERSION and generate VERSION_CODE from that\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/e8306800d9b58f37f3847e8d598599cb1ef36f3c\"\u003e\u003ccode\u003ee830680\u003c/code\u003e\u003c/a\u003e Exclude dependabot updates from release note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/70d245fa46786b9aa4970c4b815cfe8b1b823bf6\"\u003e\u003ccode\u003e70d245f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/130\"\u003e#130\u003c/a\u003e from soda92/improve-error-message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/d629c8c1541330e4fc50879fbafc0701728e447f\"\u003e\u003ccode\u003ed629c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/161\"\u003e#161\u003c/a\u003e from y-yagi/fix_changing_parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/fec6733919edb140bbdc429ed4b0492776ebc4a2\"\u003e\u003ccode\u003efec6733\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/166\"\u003e#166\u003c/a\u003e from vivshaw/vivshaw/correct-obsolete-parse\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 1.7.0 to 1.10.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.10.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport CVE-2026-25765 by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1665\"\u003elostisland/faraday#1665\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are correctly autoloaded by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1595\"\u003elostisland/faraday#1595\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Ruby 3.2.0 in Faraday v1.x by \u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate three methods for version 2.0 by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1446\"\u003elostisland/faraday#1446\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eFaraday#Deprecate\u003c/code\u003e to \u003ccode\u003e1.x\u003c/code\u003e by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JSON middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1400\"\u003elostisland/faraday#1400\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add support for Ruby 2.4+ by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1371\"\u003elostisland/faraday#1371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/blob/main/CHANGELOG.md\"\u003efaraday's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eFaraday Changelog\u003c/h1\u003e\n\u003ch2\u003eThe changelog has moved!\u003c/h2\u003e\n\u003cp\u003eThis file is not being updated anymore. Instead, please check the \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003eReleases\u003c/a\u003e page.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.1.0...v2.2.0\"\u003e2.2.0\u003c/a\u003e (2022-02-03)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduce the possibility to register middleware with symbols, strings or procs in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1391\"\u003e#1391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.1...v2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-01-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix test adapter thread safety by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1380\"\u003e#1380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd default adapter options by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1382\"\u003e#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Add Ruby 3.1 to matrix by \u003ca href=\"https://github.com/petergoldstein\"\u003e\u003ccode\u003e@​petergoldstein\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1374\"\u003e#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix regex pattern in logger.md examples by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1378\"\u003e#1378\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2022-01-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add \u003ccode\u003efaraday-net_http\u003c/code\u003e as default adapter by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1366\"\u003e#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated sample format in UPGRADING.md by \u003ca href=\"https://github.com/vimutter\"\u003e\u003ccode\u003e@​vimutter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1361\"\u003e#1361\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make UPGRADING examples more copyable by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1363\"\u003e#1363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v1.8.0...v2.0.0\"\u003e2.0.0\u003c/a\u003e (2022-01-04)\u003c/h2\u003e\n\u003cp\u003eThe next major release is here, and it comes almost 2 years after the release of v1.0!\u003c/p\u003e\n\u003cp\u003eThis release changes the way you use Faraday and embraces a new paradigm of Faraday as an ecosystem, rather than a library.\u003c/p\u003e\n\u003cp\u003eWhat does that mean? It means that Faraday is less of a bundled tool and more of a framework for the community to build on top of.\u003c/p\u003e\n\u003cp\u003eAs a result, all adapters and some middleware have moved out and are now shipped as standalone gems 🙌!\u003c/p\u003e\n\u003cp\u003eBut this doesn't mean that upgrading from Faraday 1.x to Faraday 2.0 should be hard, in fact we've listed everything you need to do in the \u003ca href=\"https://github.com/lostisland/faraday/blob/main/UPGRADING.md\"\u003eUPGRADING.md\u003c/a\u003e doc.\u003c/p\u003e\n\u003cp\u003eMoreover, we've setup a new \u003ca href=\"https://github.com/lostisland/awesome-faraday\"\u003eawesome-faraday\u003c/a\u003e repository that will showcase a curated list of adapters and middleware 😎.\u003c/p\u003e\n\u003cp\u003eThis release was the result of the efforts of the core team and all the contributors, new and old, that have helped achieve this milestone 👏.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutoloading, dependency loading and middleware registry cleanup by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1301\"\u003e#1301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove JSON middleware (request and response) from faraday_middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1300\"\u003e#1300\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::Request#method\u003c/code\u003e by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1303\"\u003e#1303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::UploadIO\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[1.x] Deprecate Authorization helpers in \u003ccode\u003eFaraday::Connection\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1306\"\u003e#1306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop deprecated auth helpers from Connection and refactor auth middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Faraday 1.x examples in authentication.md docs by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1320\"\u003e#1320\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix passing a URL with embedded basic auth by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1324\"\u003e#1324\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister JSON middleware by \u003ca href=\"https://github.com/mollerhoj\"\u003e\u003ccode\u003e@​mollerhoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1331\"\u003e#1331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/5c1d68aae6020c7a5398147356e5a42ca205bf80\"\u003e\u003ccode\u003e5c1d68a\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/ea02c0ecbcd7ecc5553767f0cd97ec94eae6142b\"\u003e\u003ccode\u003eea02c0e\u003c/code\u003e\u003c/a\u003e Update rubocop complexity thresholds for security fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/d0fc049beb0b0e4e3bd4a52711189130bba7c5f4\"\u003e\u003ccode\u003ed0fc049\u003c/code\u003e\u003c/a\u003e Backport security fix for CVE-2026-25765 to 1.x branch (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1665\"\u003e#1665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/41c990ee1f82f74270c084cca8f398b186f09262\"\u003e\u003ccode\u003e41c990e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/435888d46cb0236eef9c8d6b02ef37a45681207f\"\u003e\u003ccode\u003e435888d\u003c/code\u003e\u003c/a\u003e Make sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are cor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/82086930f947d037f0ec14ce740c0485a3b4d5a0\"\u003e\u003ccode\u003e8208693\u003c/code\u003e\u003c/a\u003e Use ruby/setup-ruby in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/eeec3677d769258ec97450c678ef4d8f924fac9a\"\u003e\u003ccode\u003eeeec367\u003c/code\u003e\u003c/a\u003e Fix ruby version in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/92c038bcbf24b171abeecd608a195245f5431e98\"\u003e\u003ccode\u003e92c038b\u003c/code\u003e\u003c/a\u003e Update publish.yml to use Ruby 2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/7a382b5abb19b9278c2bf055da54876ce612cff9\"\u003e\u003ccode\u003e7a382b5\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/16506ee918bd8813d0e241aa1c4996fa2157303c\"\u003e\u003ccode\u003e16506ee\u003c/code\u003e\u003c/a\u003e Add support for Ruby 3.2.0 in Faraday v1.x (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1483\"\u003e#1483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.7.0...v1.10.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `httparty` from 0.18.1 to 0.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003ehttparty's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForce binary encoding throughout by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/823\"\u003ejnunemaker/httparty#823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eset Content-Type for Hash body in requests by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/828\"\u003ejnunemaker/httparty#828\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: stream multipart file uploads to reduce memory usage by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/829\"\u003ejnunemaker/httparty#829\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent SSRF via absolute URL bypassing base_uri by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/830\"\u003ejnunemaker/httparty#830\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.23.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changelog_uri metadata to gemspec by \u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix multipart with files in binary mode and fields including non-ASCII characters by \u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd foul option to class level \u003ca href=\"https://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\"\u003ehttps://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: foul mode to rescue all common network errors:  \u003ca href=\"https://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\"\u003ehttps://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace master branch to main for better view by \u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashishra0\"\u003e\u003ccode\u003e@​ashishra0\u003c/code\u003e\u003c/a\u003e made their first contribution with foul mode\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix typo in example name by \u003ca href=\"https://github.com/xymbol\"\u003e\u003ccode\u003e@​xymbol\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/780\"\u003ejnunemaker/httparty#780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtract request building method by \u003ca href=\"https://github.com/aliismayilov\"\u003e\u003ccode\u003e@​aliismayilov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/786\"\u003ejnunemaker/httparty#786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Tell dependabot to update GH Actions by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/791\"\u003ejnunemaker/httparty#791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd CSV gem as a dependency for Ruby 3.4 by \u003ca href=\"https://github.com/ngan\"\u003e\u003ccode\u003e@​ngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/796\"\u003ejnunemaker/httparty#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear body when redirecting to a GET  by \u003ca href=\"https://github.com/rhett-inbox\"\u003e\u003ccode\u003e@​rhett-inbox\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/783\"\u003ejnunemaker/httparty#783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI against Ruby 3.3 by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/798\"\u003ejnunemaker/httparty#798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/792\"\u003ejnunemaker/httparty#792\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/blob/main/Changelog.md\"\u003ehttparty's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003echanges since 0.22 are documented in GitHub Releases\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e0.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/cdb45a678c43e44570b4e73f84b1abeb5ec22b8e\"\u003eescape filename in the multipart/form-data Content-Disposition header\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/767\"\u003eFix request marshaling\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/769\"\u003eReplace \u003ccode\u003emime-types\u003c/code\u003e with \u003ccode\u003emini_mime\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.20.0\u003c/h2\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Ruby \u0026gt;= 2.3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/714\"\u003e\u003ccode\u003eMarshal.dump\u003c/code\u003e fails on response objects when request option \u003ccode\u003e:logger\u003c/code\u003e is set or \u003ccode\u003e:parser\u003c/code\u003e is a proc\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/720\"\u003eSwitch \u003ccode\u003e:pem\u003c/code\u003e option to to \u003ccode\u003eOpenSSL::PKey.read\u003c/code\u003e to support other algorithms\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/4416141d37fd71bdba4f37589ec265f55aa446ce\"\u003eRemove use of unary + method for creating non-frozen string to increase compatibility with older versions of ruby\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/709\"\u003eMultipart/Form-Data: rewind files after read\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/711\"\u003eadd frozen_string_literal pragma to all files\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Better handling of Accept-Encoding / Content-Encoding decompression (fixes \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/562\"\u003e#562\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/729\"\u003ejnunemaker/httparty#729\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/55ec76e8d1df7903eab3f7c2367991400d3cf65e\"\u003e\u003ccode\u003e55ec76e\u003c/code\u003e\u003c/a\u003e Release 0.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/ddfbc8ddfca03d4f4026b01763ee906071ca558b\"\u003e\u003ccode\u003eddfbc8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/830\"\u003e#830\u003c/a\u003e from jnunemaker/fix-ssrf-base-uri-bypass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/0529bcd6309c9fd9bfdd50ae211843b10054c240\"\u003e\u003ccode\u003e0529bcd\u003c/code\u003e\u003c/a\u003e fix: prevent SSRF via absolute URL bypassing base_uri (GHSA-hm5p-x4rq-38w4)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/05f38fd35d8088b9770513c2eaecce671f0940ec\"\u003e\u003ccode\u003e05f38fd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/829\"\u003e#829\u003c/a\u003e from jnunemaker/memory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/8901c238c00d0aca8920271314c4c5d7dd2701fb\"\u003e\u003ccode\u003e8901c23\u003c/code\u003e\u003c/a\u003e feat: stream multipart file uploads to reduce memory usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/091bd6aa909e38822b72f8ce2383385cf8eeb302\"\u003e\u003ccode\u003e091bd6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/828\"\u003e#828\u003c/a\u003e from jnunemaker/issue-826\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/59c0ac5f3d906fb6be2133c1b89d75329755af8f\"\u003e\u003ccode\u003e59c0ac5\u003c/code\u003e\u003c/a\u003e feat: set Content-Type for Hash body in requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/5c8b45e6297d181d99a56f5297dade3e358cc6f9\"\u003e\u003ccode\u003e5c8b45e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/823\"\u003e#823\u003c/a\u003e from jnunemaker/mixed-encodings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/6419cb307dd435572963e4ab40cd96b41389efcf\"\u003e\u003ccode\u003e6419cb3\u003c/code\u003e\u003c/a\u003e Force binary encoding throughout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/c74571f7925c8e142d02c2b7d6ebeedf923b1dd1\"\u003e\u003ccode\u003ec74571f\u003c/code\u003e\u003c/a\u003e Release 0.23.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.18.1...v0.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.2.5 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.2.5...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 7.0.6 to 7.0.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.0.7.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUse a temporary file for storing unencrypted files while editing\u003c/p\u003e\n\u003cp\u003e[CVE-2023-38037]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c92caefc2bdf856845a72b8608d5603b330e8c3e\"\u003e\u003ccode\u003ec92caef\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/936587d49b3d490462c794b30fb672cef43e1bd0\"\u003e\u003ccode\u003e936587d\u003c/code\u003e\u003c/a\u003e updating version / changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a21d6edf35a60383dfa6c4da49e4b1aef5f00731\"\u003e\u003ccode\u003ea21d6ed\u003c/code\u003e\u003c/a\u003e Use a temporary file for storing unencrypted files while editing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/522c86f35ccc80453ed9fb6ca8b394db321f9a69\"\u003e\u003ccode\u003e522c86f\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5610cbacc5630d775a1a7be78ccb17e561908cba\"\u003e\u003ccode\u003e5610cba\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG with the changes in the repository\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7e9ffc2e137b649c6fd2ca1c580cdfffc9845b55\"\u003e\u003ccode\u003e7e9ffc2\u003c/code\u003e\u003c/a\u003e Fix to_s not using :default format with no args\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a8e88e2e4f157e47050d4ba17ea936902f6a2994\"\u003e\u003ccode\u003ea8e88e2\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eCache::NullStore\u003c/code\u003e with local caching for repeated reads\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b18b9df65eb7d4e5dfa9a6982a8709c0c94b0b97\"\u003e\u003ccode\u003eb18b9df\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/48800\"\u003e#48800\u003c/a\u003e from robinjam/fix-humanize-nil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b12fe80d17b2c7a2cc083d0c83ae3ed95765e6bd\"\u003e\u003ccode\u003eb12fe80\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eEnumerable#sum\u003c/code\u003e for \u003ccode\u003eEnumerator#lazy\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e3f80f625945c689b5edc473c5132037c0c14952\"\u003e\u003ccode\u003ee3f80f6\u003c/code\u003e\u003c/a\u003e Add lower bound to Listen gem requirement\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.0.6...v7.0.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a...\n\n_Description has been truncated_","html_url":"https://github.com/dataheld/nixpkgs/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dataheld%2Fnixpkgs/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"3965618937","node_id":"PR_kwDOL2Yris7FA8hO","number":5,"state":"closed","title":"build(deps): bump the bundler group across 8 directories with 11 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-08T03:26:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-19T23:14:36.000Z","updated_at":"2026-04-08T03:26:13.000Z","time_to_close":4075895,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":11,"packages":[{"name":"nokogiri","old_version":"1.16.3","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.9","new_version":"2.2.22","repository_url":"https://github.com/rack/rack"},{"name":"rexml","old_version":"3.2.6","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"sinatra","old_version":"2.2.4","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"webrick","old_version":"1.8.1","new_version":"1.8.2","repository_url":"https://github.com/ruby/webrick"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 1 update in the /pkgs/applications/misc/coltrane directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 5 updates in the /pkgs/applications/misc/gollum directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.16.3` | `1.19.1` |\n| [rack](https://github.com/rack/rack) | `2.2.9` | `2.2.22` |\n| [rexml](https://github.com/ruby/rexml) | `3.2.6` | `3.4.2` |\n| [sinatra](https://github.com/sinatra/sinatra) | `2.2.4` | `4.2.0` |\n| [webrick](https://github.com/ruby/webrick) | `1.8.1` | `1.8.2` |\n\nBumps the bundler group with 1 update in the /pkgs/applications/misc/pt directory: [addressable](https://github.com/sporkmonger/addressable).\nBumps the bundler group with 2 updates in the /pkgs/applications/misc/taskjuggler directory: [webrick](https://github.com/ruby/webrick) and [net-imap](https://github.com/ruby/net-imap).\nBumps the bundler group with 2 updates in the /pkgs/applications/office/ledger-web directory: [rack](https://github.com/rack/rack) and [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 2 updates in the /pkgs/applications/version-management/bitbucket-server-cli directory: [addressable](https://github.com/sporkmonger/addressable) and [git](https://github.com/ruby-git/ruby-git).\nBumps the bundler group with 4 updates in the /pkgs/applications/version-management/danger-gitlab directory: [rexml](https://github.com/ruby/rexml), [faraday](https://github.com/lostisland/faraday), [git](https://github.com/ruby-git/ruby-git) and [httparty](https://github.com/jnunemaker/httparty).\nBumps the bundler group with 1 update in the /pkgs/by-name/ba/bashly directory: [rexml](https://github.com/ruby/rexml).\n\nUpdates `activesupport` from 7.0.4.2 to 7.0.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.0.7.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUse a temporary file for storing unencrypted files while editing\u003c/p\u003e\n\u003cp\u003e[CVE-2023-38037]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c92caefc2bdf856845a72b8608d5603b330e8c3e\"\u003e\u003ccode\u003ec92caef\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/936587d49b3d490462c794b30fb672cef43e1bd0\"\u003e\u003ccode\u003e936587d\u003c/code\u003e\u003c/a\u003e updating version / changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a21d6edf35a60383dfa6c4da49e4b1aef5f00731\"\u003e\u003ccode\u003ea21d6ed\u003c/code\u003e\u003c/a\u003e Use a temporary file for storing unencrypted files while editing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/522c86f35ccc80453ed9fb6ca8b394db321f9a69\"\u003e\u003ccode\u003e522c86f\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5610cbacc5630d775a1a7be78ccb17e561908cba\"\u003e\u003ccode\u003e5610cba\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG with the changes in the repository\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7e9ffc2e137b649c6fd2ca1c580cdfffc9845b55\"\u003e\u003ccode\u003e7e9ffc2\u003c/code\u003e\u003c/a\u003e Fix to_s not using :default format with no args\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a8e88e2e4f157e47050d4ba17ea936902f6a2994\"\u003e\u003ccode\u003ea8e88e2\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eCache::NullStore\u003c/code\u003e with local caching for repeated reads\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b18b9df65eb7d4e5dfa9a6982a8709c0c94b0b97\"\u003e\u003ccode\u003eb18b9df\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/48800\"\u003e#48800\u003c/a\u003e from robinjam/fix-humanize-nil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b12fe80d17b2c7a2cc083d0c83ae3ed95765e6bd\"\u003e\u003ccode\u003eb12fe80\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eEnumerable#sum\u003c/code\u003e for \u003ccode\u003eEnumerator#lazy\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e3f80f625945c689b5edc473c5132037c0c14952\"\u003e\u003ccode\u003ee3f80f6\u003c/code\u003e\u003c/a\u003e Add lower bound to Listen gem requirement\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.0.4.2...v7.0.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.16.3 to 1.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.3...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.9 to 2.2.22\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/0cc2e00b22dffc33955ef912569f01e515a406e1\"\u003e\u003ccode\u003e0cc2e00\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a5725c031b2717758851f1eadd9b9dfe7555745a\"\u003e\u003ccode\u003ea5725c0\u003c/code\u003e\u003c/a\u003e Prevent directory traversal via root prefix bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/175e7d206b8ff2bce4d98d7ba429adf73c674bfb\"\u003e\u003ccode\u003e175e7d2\u003c/code\u003e\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3472037aacef99319a62c9e9109b81efc5ba1294\"\u003e\u003ccode\u003e3472037\u003c/code\u003e\u003c/a\u003e Fix changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/851dc02672eca361a48e5a097818aa3cec1d3206\"\u003e\u003ccode\u003e851dc02\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/1e6aeda3d08a5cefd9cf3be4bbef304c2b75aa9c\"\u003e\u003ccode\u003e1e6aeda\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/6ef591522bb44f80654ad1a80654ba46cafdc7c1\"\u003e\u003ccode\u003e6ef5915\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881\"\u003e\u003ccode\u003e4e2c903\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85\"\u003e\u003ccode\u003efba2c8b\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed3d8340d1a7955332b51e74c1075ef3547c09dd\"\u003e\u003ccode\u003eed3d834\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.9...v2.2.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.2.6 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.2.6...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 2.2.4 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.2.4...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webrick` from 1.8.1 to 1.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/webrick/releases\"\u003ewebrick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop commented-out line by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/108\"\u003eruby/webrick#108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Ruby 3.1 \u0026amp; 3.2 to CI matrix by \u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix/redos by \u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/120\"\u003eruby/webrick#120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/121\"\u003eruby/webrick#121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CI by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/123\"\u003eruby/webrick#123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix WEBrick::TestFileHandler#test_short_filename test not working on mswin by \u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug chunk extension detection by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/125\"\u003eruby/webrick#125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix CI. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/131\"\u003eruby/webrick#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge multiple cookie headers, preserving semantic correctness. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/130\"\u003eruby/webrick#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest on macos-latest by \u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRequire CRLF line endings in request line and headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/138\"\u003eruby/webrick#138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer squigly heredocs. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/143\"\u003eruby/webrick#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly strip space and horizontal tab in headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/141\"\u003eruby/webrick#141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat missing CRLF separator after headers as an EOFError by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/142\"\u003eruby/webrick#142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn 400 response for chunked requests with unexpected data after chunk by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/136\"\u003eruby/webrick#136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reference to URI::REGEXP::PATTERN::HOST by \u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent request smuggling by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/146\"\u003eruby/webrick#146\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ehttps://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0fb9de6788a3ba5fe903e63d778a0fb8c1dce786\"\u003e\u003ccode\u003e0fb9de6\u003c/code\u003e\u003c/a\u003e Bump up v1.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/b9a4c81ea94dec02a750c6b34092c55234519bf1\"\u003e\u003ccode\u003eb9a4c81\u003c/code\u003e\u003c/a\u003e Removed trailing spaces\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/f5faca9222541591e1a7c3c97552ebb0c92733c7\"\u003e\u003ccode\u003ef5faca9\u003c/code\u003e\u003c/a\u003e Prevent request smuggling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0c600e169bd4ae267cb5eeb6197277c848323bbe\"\u003e\u003ccode\u003e0c600e1\u003c/code\u003e\u003c/a\u003e Fix reference to URI::REGEXP::PATTERN::HOST\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/15a93914782789520837c334e0c302702aec34e2\"\u003e\u003ccode\u003e15a9391\u003c/code\u003e\u003c/a\u003e Return 400 response for chunked requests with unexpected data after chunk\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/2b38d5614e876d313fe981e87c4e35b91556d226\"\u003e\u003ccode\u003e2b38d56\u003c/code\u003e\u003c/a\u003e Treat missing CRLF separator after headers as an EOFError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e4efb4a2300540f14f93c09c06bf0357ac1597dc\"\u003e\u003ccode\u003ee4efb4a\u003c/code\u003e\u003c/a\u003e Remove unnecessary gsub calls in test_httprequest.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/426e214532bb0be5e4ab8b3c9cef328432012d0d\"\u003e\u003ccode\u003e426e214\u003c/code\u003e\u003c/a\u003e Only strip space and horizontal tab in headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e72cb697836e2ff201a4a74c108fdca9d3d2d0ed\"\u003e\u003ccode\u003ee72cb69\u003c/code\u003e\u003c/a\u003e Prefer squigly heredocs. (\u003ca href=\"https://redirect.github.com/ruby/webrick/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/ee60354bcb84ec33b9245e1d1aa6e1f7e8132101\"\u003e\u003ccode\u003eee60354\u003c/code\u003e\u003c/a\u003e Require CRLF line endings in request line and headers\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `addressable` from 2.6.0 to 2.8.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.8.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003cli\u003eno longer replaces \u003ccode\u003e+\u003c/code\u003e with spaces in queries for non-http(s) schemes\u003c/li\u003e\n\u003cli\u003efixed encoding ipv6 literals\u003c/li\u003e\n\u003cli\u003ethe \u003ccode\u003e:compacted\u003c/code\u003e flag for \u003ccode\u003enormalized_query\u003c/code\u003e now dedupes parameters\u003c/li\u003e\n\u003cli\u003efix broken \u003ccode\u003eescape_component\u003c/code\u003e alias\u003c/li\u003e\n\u003cli\u003edropping support for Ruby 2.0 and 2.1\u003c/li\u003e\n\u003cli\u003eadding Ruby 3.0 compatibility for development tasks\u003c/li\u003e\n\u003cli\u003edrop support for \u003ccode\u003erack-mount\u003c/code\u003e and remove Addressable::Template#generate\u003c/li\u003e\n\u003cli\u003eperformance improvements\u003c/li\u003e\n\u003cli\u003eswitch CI/CD to GitHub Actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.7.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadded \u003ccode\u003e:compacted\u003c/code\u003e flag to \u003ccode\u003enormalized_query\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eheuristic_parse\u003c/code\u003e handles \u003ccode\u003emailto:\u003c/code\u003e more intuitively\u003c/li\u003e\n\u003cli\u003edropped explicit support for JRuby 9.0.5.0\u003c/li\u003e\n\u003cli\u003ecompatibility w/ public_suffix 4.x\u003c/li\u003e\n\u003cli\u003eperformance improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/6469a232c0f1892809ff66737370c765d574e16c\"\u003e\u003ccode\u003e6469a23\u003c/code\u003e\u003c/a\u003e Updating gemspec again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/24336385de0261571b3adaad0431459edb420c79\"\u003e\u003ccode\u003e2433638\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:sporkmonger/addressable into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e9c76b889789c75d7073c17b0ab557635d3f6704\"\u003e\u003ccode\u003ee9c76b8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/378\"\u003e#378\u003c/a\u003e from ashmaroli/flat-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/56c5cf7ece9223ff4240e07078cc26d3adbbbd30\"\u003e\u003ccode\u003e56c5cf7\u003c/code\u003e\u003c/a\u003e Update the gemspec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c1fed1ca0a44c448e74d761fd44ed94869199807\"\u003e\u003ccode\u003ec1fed1c\u003c/code\u003e\u003c/a\u003e Require a non-vulnerable rake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d8a3127e35886ce9284810a7f2438bff6b43cbc\"\u003e\u003ccode\u003e0d8a312\u003c/code\u003e\u003c/a\u003e Adding note about ReDoS vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/89c76130ce255c601f642a018cb5fb5a80e679a7\"\u003e\u003ccode\u003e89c7613\u003c/code\u003e\u003c/a\u003e Merge branch 'template-regexp' into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/cf8884f815c96b646c796f707bf768cf6eb65543\"\u003e\u003ccode\u003ecf8884f\u003c/code\u003e\u003c/a\u003e Note about alias fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/bb03f7112e8e478240a0f96e1cc7428159b41586\"\u003e\u003ccode\u003ebb03f71\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/371\"\u003e#371\u003c/a\u003e from charleystran/add_missing_encode_component_doc_entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/6d1d8094a66cbf932ecf69db6850bc9edaf86de0\"\u003e\u003ccode\u003e6d1d809\u003c/code\u003e\u003c/a\u003e Adding note about :compacted normalization\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.6.0...addressable-2.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webrick` from 1.8.1 to 1.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/webrick/releases\"\u003ewebrick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop commented-out line by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/108\"\u003eruby/webrick#108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Ruby 3.1 \u0026amp; 3.2 to CI matrix by \u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix/redos by \u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/120\"\u003eruby/webrick#120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/121\"\u003eruby/webrick#121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CI by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/123\"\u003eruby/webrick#123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix WEBrick::TestFileHandler#test_short_filename test not working on mswin by \u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug chunk extension detection by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/125\"\u003eruby/webrick#125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix CI. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/131\"\u003eruby/webrick#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge multiple cookie headers, preserving semantic correctness. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/130\"\u003eruby/webrick#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest on macos-latest by \u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRequire CRLF line endings in request line and headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/138\"\u003eruby/webrick#138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer squigly heredocs. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/143\"\u003eruby/webrick#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly strip space and horizontal tab in headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/141\"\u003eruby/webrick#141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat missing CRLF separator after headers as an EOFError by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/142\"\u003eruby/webrick#142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn 400 response for chunked requests with unexpected data after chunk by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/136\"\u003eruby/webrick#136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reference to URI::REGEXP::PATTERN::HOST by \u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent request smuggling by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/146\"\u003eruby/webrick#146\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ehttps://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0fb9de6788a3ba5fe903e63d778a0fb8c1dce786\"\u003e\u003ccode\u003e0fb9de6\u003c/code\u003e\u003c/a\u003e Bump up v1.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/b9a4c81ea94dec02a750c6b34092c55234519bf1\"\u003e\u003ccode\u003eb9a4c81\u003c/code\u003e\u003c/a\u003e Removed trailing spaces\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/f5faca9222541591e1a7c3c97552ebb0c92733c7\"\u003e\u003ccode\u003ef5faca9\u003c/code\u003e\u003c/a\u003e Prevent request smuggling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0c600e169bd4ae267cb5eeb6197277c848323bbe\"\u003e\u003ccode\u003e0c600e1\u003c/code\u003e\u003c/a\u003e Fix reference to URI::REGEXP::PATTERN::HOST\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/15a93914782789520837c334e0c302702aec34e2\"\u003e\u003ccode\u003e15a9391\u003c/code\u003e\u003c/a\u003e Return 400 response for chunked requests with unexpected data after chunk\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/2b38d5614e876d313fe981e87c4e35b91556d226\"\u003e\u003ccode\u003e2b38d56\u003c/code\u003e\u003c/a\u003e Treat missing CRLF separator after headers as an EOFError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e4efb4a2300540f14f93c09c06bf0357ac1597dc\"\u003e\u003ccode\u003ee4efb4a\u003c/code\u003e\u003c/a\u003e Remove unnecessary gsub calls in test_httprequest.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/426e214532bb0be5e4ab8b3c9cef328432012d0d\"\u003e\u003ccode\u003e426e214\u003c/code\u003e\u003c/a\u003e Only strip space and horizontal tab in headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e72cb697836e2ff201a4a74c108fdca9d3d2d0ed\"\u003e\u003ccode\u003ee72cb69\u003c/code\u003e\u003c/a\u003e Prefer squigly heredocs. (\u003ca href=\"https://redirect.github.com/ruby/webrick/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/ee60354bcb84ec33b9245e1d1aa6e1f7e8132101\"\u003e\u003ccode\u003eee60354\u003c/code\u003e\u003c/a\u003e Require CRLF line endings in request line and headers\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `net-imap` from 0.3.4 to 0.3.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/net-imap/releases\"\u003enet-imap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.3.9\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cem\u003eThe \u003ccode\u003e0.3.x\u003c/code\u003e release branch only receives security fixes, and will be unsupported when ruby 3.2 is EOL.\nPlease upgrade to a newer version.\u003c/em\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security\u003c/h3\u003e\n\u003cp\u003eThis release backports two features to prevent unbounded memory use: the \u003ccode\u003eresponse_handlers\u003c/code\u003e keyword argument to \u003ccode\u003eNet::IMAP.new\u003c/code\u003e so response handlers can be added before the server can send any responses (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/438\"\u003eruby/net-imap#438\u003c/a\u003e), and the \u003ccode\u003emax_response_size\u003c/code\u003e config attribute (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/446\"\u003eruby/net-imap#446\u003c/a\u003e, GHSA-j3g3-5qv5-52mj, CVE-2025-43857, reported by \u003ca href=\"https://github.com/Masamuneee\"\u003e\u003ccode\u003e@​Masamuneee\u003c/code\u003e\u003c/a\u003e).\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThe default \u003ccode\u003emax_response_size\u003c/code\u003e is \u003ccode\u003enil\u003c/code\u003e (unlimited), to avoid backward compatibility issues with secure connections to trusted servers that are well-behaved. It can be configured more conservatively to guard against untrusted servers (for example, connecting to user-provided hostnames). \u003cem\u003eIt is the responsibility of \u003ccode\u003enet-imap\u003c/code\u003e users to configure their client appropriately for the server they are connecting to.\u003c/em\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Backport \u003ccode\u003eresponse_handlers\u003c/code\u003eoption to \u003ccode\u003enew\u003c/code\u003e  by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/438\"\u003eruby/net-imap#438\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/419\"\u003e#419\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/427\"\u003e#427\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e✨ Limit max_response_size by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/446\"\u003eruby/net-imap#446\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/444\"\u003e#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🐛 Use \u003ccode\u003eRange#size\u003c/code\u003e vs \u003ccode\u003eRange#count\u003c/code\u003e for \u003ccode\u003euid-set\u003c/code\u003e limit by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/411\"\u003eruby/net-imap#411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📚 Docs: receiver thread, server responses, connection state by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/437\"\u003eruby/net-imap#437\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/418\"\u003e#418\u003c/a\u003e, and only the documentation from \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/416\"\u003e#416\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Backport \u003ccode\u003eResponseReader\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/439\"\u003eruby/net-imap#439\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/422\"\u003e#422\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/433\"\u003e#433\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/434\"\u003e#434\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/435\"\u003e#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.3.8...v0.3.9\"\u003ehttps://github.com/ruby/net-imap/compare/v0.3.8...v0.3.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security Fix\u003c/h3\u003e\n\u003cp\u003eMitigates CVE-2025-25186 (GHSA-7fc5-f82f-cx69): A malicious server can exhaust client memory by sending \u003ccode\u003eAPPENDUID\u003c/code\u003e or \u003ccode\u003eCOPYUID\u003c/code\u003e responses with very large \u003ccode\u003euid-set\u003c/code\u003e ranges. \u003ccode\u003eNet::IMAP::UIDPlusData\u003c/code\u003e expands these ranges into arrays of integers.\u003c/p\u003e\n\u003ch4\u003eFix with minor API changes\u003c/h4\u003e\n\u003cp\u003eFor v0.3.8, this option is not available.  Upgrade to v0.4.19, v0.5.6, or higher to replace \u003ccode\u003eUIDPlusData\u003c/code\u003e with \u003ccode\u003eAppendUIDData\u003c/code\u003e and \u003ccode\u003eCopyUIDData\u003c/code\u003e.  These classes store their UIDs as \u003ccode\u003eNet::IMAP::SequenceSet\u003c/code\u003e objects (\u003cem\u003enot\u003c/em\u003e expanded into arrays of integers).\u003c/p\u003e\n\u003ch4\u003eMitigate with backward compatible API\u003c/h4\u003e\n\u003cp\u003eThis release mitigates the attack by crashing if a server tries to send a \u003ccode\u003euid-set\u003c/code\u003e that represents more than 10,000 numbers.  This should be larger than almost all legitimate \u003ccode\u003eCOPYUID\u003c/code\u003e or \u003ccode\u003eAPPENDUID\u003c/code\u003e responses and would limit the array to only 80KB (on a 64 bit system).\u003c/p\u003e\n\u003cp\u003eFor v0.3.8, this option is not configurable.  Upgrade to v0.4.19, v0.5.6, or higher to configure this limit.\u003c/p\u003e\n\u003ch4\u003ePlease Note: unhandled responses\u003c/h4\u003e\n\u003cp\u003eIf the client does not add response handlers to prune unhandled responses, a malicious server can still eventually exhaust all client memory, by repeatedly sending malicious responses.  However, \u003ccode\u003enet-imap\u003c/code\u003e has always retained unhandled responses, and it has always been necessary for long-lived connections to prune these responses.  This is not significantly different from connecting to a trusted server with a long-lived connection.  To limit the maximum number of retained responses, a simple handler might look something like the following:\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/d86186dee3bc0304c3d1e7d7f1ff1fd54d144d03\"\u003e\u003ccode\u003ed86186d\u003c/code\u003e\u003c/a\u003e 🔖 Bump version to v0.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/2aadab9f5338f46b64d4da9042ac721f0fd8281d\"\u003e\u003ccode\u003e2aadab9\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/446\"\u003e#446\u003c/a\u003e from ruby/backport/v0.3-max_response_size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/e0059251e854cb03d5209c682ba3484fcb6953cd\"\u003e\u003ccode\u003ee005925\u003c/code\u003e\u003c/a\u003e ✅ Fix backport to not-imap 0.3 and ruby 2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/ae0fa010bb5e3c95b9beee31af607d4dba619d63\"\u003e\u003ccode\u003eae0fa01\u003c/code\u003e\u003c/a\u003e ✅ Fix backport compatibility with ruby 2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/158cfdff54f3961b0ec628136444e3b0b0bb1736\"\u003e\u003ccode\u003e158cfdf\u003c/code\u003e\u003c/a\u003e ✨ Make max_response_size configurable [🚧 partial]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/53ceba1e97cbc3ac4d141077732178cc8bc79476\"\u003e\u003ccode\u003e53ceba1\u003c/code\u003e\u003c/a\u003e ✨ Limit max response size to 512MiB (hard-coded)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/4d1206e168b51887481f951d86f66122a069191a\"\u003e\u003ccode\u003e4d1206e\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/439\"\u003e#439\u003c/a\u003e from ruby/backport/v0.3-response_reader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/19495b807371a279098a13a51e2b68d2d7c7c532\"\u003e\u003ccode\u003e19495b8\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/438\"\u003e#438\u003c/a\u003e from ruby/backport/v0.3-response_handlers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/945df803de4a20f5b9759c98266cb79fd18aa95b\"\u003e\u003ccode\u003e945df80\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/437\"\u003e#437\u003c/a\u003e from ruby/backport/v0.3-document-response-limits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b0a6039e8edf83c3871397cd11acb01236336d8c\"\u003e\u003ccode\u003eb0a6039\u003c/code\u003e\u003c/a\u003e ✅ Fix backport compatibility with ruby 2.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.3.4...v0.3.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.0.7 to 2.2.22\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-...\n\n_Description has been truncated_","html_url":"https://github.com/mpusch88/nixpkgs/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mpusch88%2Fnixpkgs/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"3946391863","node_id":"PR_kwDORRTfbc7EBx2R","number":1,"state":"open","title":"Bump sinatra from 1.4.5 to 1.4.8","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-16T07:52:52.000Z","updated_at":"2026-02-16T07:53:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"sinatra","old_version":"1.4.5","new_version":"1.4.8","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 1.4.5 to 1.4.8.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.8 / 2017-01-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix the deprecation warning from Ruby about Fixnum. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e by Akira Matsuda\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.7 / 2016-01-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ashley Williams, Trevor Bramble, and Kashyap Kondamudi to team Sinatra.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCorrectly handle encoded colons in routes. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRename CHANGES to CHANGELOG.md and update Rakefile. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1043\"\u003e#1043\u003c/a\u003e (Eliza Sorensen)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove documentation. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/941\"\u003e#941\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1069\"\u003e#1069\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1075\"\u003e#1075\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1025\"\u003e#1025\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1052\"\u003e#1052\u003c/a\u003e (Many great folks)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIntroduce \u003ccode\u003eSinatra::Ext\u003c/code\u003e to workaround Rack 1.6 bug to fix Ruby 1.8.7\nsupport. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1080\"\u003e#1080\u003c/a\u003e (Zachary Scott)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd CONTRIBUTING guide. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/987\"\u003e#987\u003c/a\u003e (Katrina Owen)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.6 / 2015-03-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprove tests and documentation. (Darío Hereñú, Seiichi Yonezawa, kyoendo,\nJohn Voloski, Ferenc-, Renaud Martinet, Christian Haase, marocchino,\nhuoxito, Damir Svrtan, Amaury Medeiros, Jeremy Evans, Kashyap, shenqihui,\nAusmarton Fernandes, kami, Vipul A M, Lei Wu, 7stud, Taylor Shuler,\nnamusyaka, burningTyger, Cornelius Bock, detomastah, hakeda, John Hope,\nRuben Gonzalez, Andrey Deryabin, attilaolah, Anton Davydov, Nikita Penzin,\nDyego Costa)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove duplicate require of sinatra/base. (Alexey Muranov)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEscape HTML in 404 error page. (Andy Brody)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor to method call in \u003ccode\u003eStream#close\u003c/code\u003e and \u003ccode\u003e#callback\u003c/code\u003e. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDepend on latest version of Slim. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with Tilt version 2. (Yegor Timoschenko)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility issue with Rack \u003ccode\u003epretty\u003c/code\u003e method from ShowExceptions.\n(Kashyap)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eShow date in local time in exception messages. (tayler1)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix logo on error pages when using Ruby 1.8. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade test suite to Minitest version 5 and fix Ruby 2.2 compatibility.\n(Vipul A M)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/1f4444df234a81df582d3171131f8c5e8dd3e6ea\"\u003e\u003ccode\u003e1f4444d\u003c/code\u003e\u003c/a\u003e Bump stable to 1.4.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/0f64edc7db6adbb9cf3658d0e0f3b2f5f3b346fb\"\u003e\u003ccode\u003e0f64edc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e from sinatra/fix-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c01339466befe5d31284b2b71fd2e7505072b730\"\u003e\u003ccode\u003ec013394\u003c/code\u003e\u003c/a\u003e Break this up into 2 statements so jruby doesn't get pegged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/dcc25cec3b8bf984d4c40afccc6f1f27f1bbcda5\"\u003e\u003ccode\u003edcc25ce\u003c/code\u003e\u003c/a\u003e I must have been tired\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/78d732b926b94e87f5e314289c01432f97006b9b\"\u003e\u003ccode\u003e78d732b\u003c/code\u003e\u003c/a\u003e This is too hard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/9638de847034af142cd6408d147b7fadecc0de64\"\u003e\u003ccode\u003e9638de8\u003c/code\u003e\u003c/a\u003e Pick versions of nokogiri, activesupport, and i18n that work everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3944e1a30557a3b5a67c18f52ed23bb825e53edd\"\u003e\u003ccode\u003e3944e1a\u003c/code\u003e\u003c/a\u003e Pick a version of json which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c4f01337deeb4a036bcbed74ed769bef17848b05\"\u003e\u003ccode\u003ec4f0133\u003c/code\u003e\u003c/a\u003e Pick a version of liquid which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5dc6d6d0ede6cc2c0367bb23df9391893ddbad4f\"\u003e\u003ccode\u003e5dc6d6d\u003c/code\u003e\u003c/a\u003e Pin rake to a version that works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/864281878ac76b6db1b8713989420ea558e65d65\"\u003e\u003ccode\u003e8642818\u003c/code\u003e\u003c/a\u003e Update build for supported Ruby versions and remove HEAD testing of tilt/rack\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v1.4.5...v1.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=1.4.5\u0026new-version=1.4.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Codename-shaShank/Skin-skeleton/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Codename-shaShank%2FSkin-skeleton/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"3935482433","node_id":"PR_kwDORPPTA87DeBde","number":3,"state":"open","title":"Bump sinatra from 1.4.5 to 1.4.8","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-13T05:44:40.000Z","updated_at":"2026-02-13T05:44:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"sinatra","old_version":"1.4.5","new_version":"1.4.8","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 1.4.5 to 1.4.8.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.8 / 2017-01-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix the deprecation warning from Ruby about Fixnum. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e by Akira Matsuda\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.7 / 2016-01-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ashley Williams, Trevor Bramble, and Kashyap Kondamudi to team Sinatra.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCorrectly handle encoded colons in routes. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRename CHANGES to CHANGELOG.md and update Rakefile. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1043\"\u003e#1043\u003c/a\u003e (Eliza Sorensen)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove documentation. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/941\"\u003e#941\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1069\"\u003e#1069\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1075\"\u003e#1075\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1025\"\u003e#1025\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1052\"\u003e#1052\u003c/a\u003e (Many great folks)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIntroduce \u003ccode\u003eSinatra::Ext\u003c/code\u003e to workaround Rack 1.6 bug to fix Ruby 1.8.7\nsupport. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1080\"\u003e#1080\u003c/a\u003e (Zachary Scott)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd CONTRIBUTING guide. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/987\"\u003e#987\u003c/a\u003e (Katrina Owen)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.6 / 2015-03-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprove tests and documentation. (Darío Hereñú, Seiichi Yonezawa, kyoendo,\nJohn Voloski, Ferenc-, Renaud Martinet, Christian Haase, marocchino,\nhuoxito, Damir Svrtan, Amaury Medeiros, Jeremy Evans, Kashyap, shenqihui,\nAusmarton Fernandes, kami, Vipul A M, Lei Wu, 7stud, Taylor Shuler,\nnamusyaka, burningTyger, Cornelius Bock, detomastah, hakeda, John Hope,\nRuben Gonzalez, Andrey Deryabin, attilaolah, Anton Davydov, Nikita Penzin,\nDyego Costa)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove duplicate require of sinatra/base. (Alexey Muranov)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEscape HTML in 404 error page. (Andy Brody)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor to method call in \u003ccode\u003eStream#close\u003c/code\u003e and \u003ccode\u003e#callback\u003c/code\u003e. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDepend on latest version of Slim. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with Tilt version 2. (Yegor Timoschenko)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility issue with Rack \u003ccode\u003epretty\u003c/code\u003e method from ShowExceptions.\n(Kashyap)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eShow date in local time in exception messages. (tayler1)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix logo on error pages when using Ruby 1.8. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade test suite to Minitest version 5 and fix Ruby 2.2 compatibility.\n(Vipul A M)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/1f4444df234a81df582d3171131f8c5e8dd3e6ea\"\u003e\u003ccode\u003e1f4444d\u003c/code\u003e\u003c/a\u003e Bump stable to 1.4.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/0f64edc7db6adbb9cf3658d0e0f3b2f5f3b346fb\"\u003e\u003ccode\u003e0f64edc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e from sinatra/fix-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c01339466befe5d31284b2b71fd2e7505072b730\"\u003e\u003ccode\u003ec013394\u003c/code\u003e\u003c/a\u003e Break this up into 2 statements so jruby doesn't get pegged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/dcc25cec3b8bf984d4c40afccc6f1f27f1bbcda5\"\u003e\u003ccode\u003edcc25ce\u003c/code\u003e\u003c/a\u003e I must have been tired\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/78d732b926b94e87f5e314289c01432f97006b9b\"\u003e\u003ccode\u003e78d732b\u003c/code\u003e\u003c/a\u003e This is too hard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/9638de847034af142cd6408d147b7fadecc0de64\"\u003e\u003ccode\u003e9638de8\u003c/code\u003e\u003c/a\u003e Pick versions of nokogiri, activesupport, and i18n that work everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3944e1a30557a3b5a67c18f52ed23bb825e53edd\"\u003e\u003ccode\u003e3944e1a\u003c/code\u003e\u003c/a\u003e Pick a version of json which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c4f01337deeb4a036bcbed74ed769bef17848b05\"\u003e\u003ccode\u003ec4f0133\u003c/code\u003e\u003c/a\u003e Pick a version of liquid which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5dc6d6d0ede6cc2c0367bb23df9391893ddbad4f\"\u003e\u003ccode\u003e5dc6d6d\u003c/code\u003e\u003c/a\u003e Pin rake to a version that works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/864281878ac76b6db1b8713989420ea558e65d65\"\u003e\u003ccode\u003e8642818\u003c/code\u003e\u003c/a\u003e Update build for supported Ruby versions and remove HEAD testing of tilt/rack\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v1.4.5...v1.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=1.4.5\u0026new-version=1.4.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Codename-shaShank/Skeleton/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Codename-shaShank%2FSkeleton/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"3922291927","node_id":"PR_kwDORNI2687CyQYA","number":14,"state":"closed","title":"chore(deps): update sinatra requirement from ~\u003e 3.0 to ~\u003e 4.2 in /prebuilt-checkout-page/server/ruby","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-10T23:31:37.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-10T16:04:16.000Z","updated_at":"2026-02-10T23:31:45.000Z","time_to_close":26841,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): update","packages":[{"name":"sinatra","old_version":"~\u003e 3.0","new_version":"~\u003e 4.2","repository_url":"https://github.com/sinatra/sinatra"}],"path":"/prebuilt-checkout-page/server/ruby","ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/renjeff1014/accept-a-payment/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/renjeff1014%2Faccept-a-payment/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"3869851417","node_id":"PR_kwDOQ-Pg0s7AFnbC","number":9,"state":"closed","title":"chore(deps): bump sinatra from 2.1.0 to 3.2.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-02-01T04:22:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-29T10:09:52.000Z","updated_at":"2026-02-01T04:22:44.000Z","time_to_close":238364,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"sinatra","old_version":"2.1.0","new_version":"3.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 2.1.0 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.2.0 / 2023-12-29\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add \u003ccode\u003e#except\u003c/code\u003e method to \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1940\"\u003e#1940\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Use \u003ccode\u003eException#detailed_message\u003c/code\u003e to show backtrace (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1952\"\u003e#1952\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add \u003ccode\u003eSinatra::HamlHelpers\u003c/code\u003e to sinatra-contrib (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1960\"\u003e#1960\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Add \u003ccode\u003ebase64\u003c/code\u003e to rack-protection runtime dependencies (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1946\"\u003e#1946\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Avoid open-ended dependencies for sinatra-contrib and rack-protection (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1949\"\u003e#1949\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Helpful message when \u003ccode\u003eSinatra::Runner\u003c/code\u003e times out (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1975\"\u003e#1975\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Ruby 3.3 + Bundler 2.5 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1975\"\u003e#1975\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1940\"\u003e#1940\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1940\"\u003esinatra/sinatra#1940\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1946\"\u003e#1946\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1946\"\u003esinatra/sinatra#1946\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1949\"\u003e#1949\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1949\"\u003esinatra/sinatra#1949\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1952\"\u003e#1952\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1952\"\u003esinatra/sinatra#1952\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1960\"\u003e#1960\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1960\"\u003esinatra/sinatra#1960\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1975\"\u003e#1975\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1975\"\u003esinatra/sinatra#1975\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.1.0 / 2023-08-07\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add sass support via sass-embedded \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1911\"\u003e#1911\u003c/a\u003e by なつき\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add start and stop callbacks \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1913\"\u003e#1913\u003c/a\u003e by Jevin Sew\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Warn on dropping sessions \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1900\"\u003e#1900\u003c/a\u003e by Jonathan del Strother\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Make Puma the default server \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1924\"\u003e#1924\u003c/a\u003e by Patrik Ragnarsson\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Remove use of Tilt::Cache \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1922\"\u003e#1922\u003c/a\u003e by Jeremy Evans (allows use of Tilt 2.2.0 without deprecation warning)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: rack-protection: specify rack version requirement \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1932\"\u003e#1932\u003c/a\u003e by Patrik Ragnarsson\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1911\"\u003e#1911\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1911\"\u003esinatra/sinatra#1911\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1913\"\u003e#1913\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1913\"\u003esinatra/sinatra#1913\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1900\"\u003e#1900\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1900\"\u003esinatra/sinatra#1900\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1924\"\u003e#1924\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1924\"\u003esinatra/sinatra#1924\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1922\"\u003e#1922\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1922\"\u003esinatra/sinatra#1922\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1932\"\u003e#1932\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1932\"\u003esinatra/sinatra#1932\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.0.6 / 2023-04-11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Add support to keep open streaming connections with Puma \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1858\"\u003e#1858\u003c/a\u003e by Jordan Owens\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Avoid crash in \u003ccode\u003euri\u003c/code\u003e helper on Integer input \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1890\"\u003e#1890\u003c/a\u003e by Patrik Ragnarsson\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/4e8fdb5172a81c1c237388f264e5684a4a15ed4f\"\u003e\u003ccode\u003e4e8fdb5\u003c/code\u003e\u003c/a\u003e 3.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1977\"\u003e#1977\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3b756578fe189261ce21cf3941124834c7736bc4\"\u003e\u003ccode\u003e3b75657\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Shorter \u003ccode\u003eSinatra::Runner\u003c/code\u003e timeout\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1976\"\u003e#1976\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/1551ef7ffc9f937f8ae02d7adb23b250cfac109b\"\u003e\u003ccode\u003e1551ef7\u003c/code\u003e\u003c/a\u003e Ruby 3.3 + Bundler 2.5 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ca6b71c2e48f90ae0fe3b9cd54c4d2459c1bde7c\"\u003e\u003ccode\u003eca6b71c\u003c/code\u003e\u003c/a\u003e Helpful message when \u003ccode\u003eSinatra::Runner\u003c/code\u003e times out\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/0e43702c3feeeed3495aa4590c0cecd04204d4d7\"\u003e\u003ccode\u003e0e43702\u003c/code\u003e\u003c/a\u003e Shorter \u003ccode\u003eSinatra::Runner\u003c/code\u003e timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cadbeddf001680a5dfc336cb8b2834c949f754cd\"\u003e\u003ccode\u003ecadbedd\u003c/code\u003e\u003c/a\u003e CI: move rack-protection to its own job (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1974\"\u003e#1974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5d844eecdc349d32c5c7de72fe68b5ebaafdbee5\"\u003e\u003ccode\u003e5d844ee\u003c/code\u003e\u003c/a\u003e Add workflow for Trusted Publishing to RubyGems (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1970\"\u003e#1970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/11119a8b5c92965a418ab201d5a55877282f2885\"\u003e\u003ccode\u003e11119a8\u003c/code\u003e\u003c/a\u003e CI: use latest rack-test release, not trunk (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1969\"\u003e#1969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2b8965974c9ffcc84773e5d15db4e827194ec42c\"\u003e\u003ccode\u003e2b89659\u003c/code\u003e\u003c/a\u003e CI: avoid rdiscount \u0026gt;= 2.2.7.2 on truffleruby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/dcdebe981074f0a79a0d8384d149c3d2db831a76\"\u003e\u003ccode\u003edcdebe9\u003c/code\u003e\u003c/a\u003e CI: remove sinatra from rack-protection bundle\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.1.0...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=2.1.0\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Codename-shaShank/Sample-ruby-app/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Codename-shaShank%2FSample-ruby-app/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"3844252026","node_id":"PR_kwDOAApxXs6-xBj2","number":24533,"state":"open","title":"build(deps): bump the bundler group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-22T18:44:38.000Z","updated_at":"2026-02-17T16:02:37.640Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":4,"packages":[{"name":"nokogiri","old_version":"1.16.5","new_version":"1.18.9","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.8.1","new_version":"2.2.20","repository_url":"https://github.com/rack/rack"},{"name":"rexml","old_version":"3.3.9","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"sinatra","old_version":"3.1.0","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 4 updates in the /record-and-playback/core directory: [nokogiri](https://github.com/sparklemotion/nokogiri), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml) and [sinatra](https://github.com/sinatra/sinatra).\n\nUpdates `nokogiri` from 1.16.5 to 1.18.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e5bcfdf7aa8d1056a7ad5e52e1adffc64ef53d12d0724fbc6f458a3af1a4b9e32  nokogiri-1.18.9-aarch64-linux-gnu.gem\n55e9e6ca46c4ad1715e313f407d8481d15be1e3b65d9f8e52ba1c124d01676a7  nokogiri-1.18.9-aarch64-linux-musl.gem\neea3f1f06463ff6309d3ff5b88033c4948d0da1ab3cc0a3a24f63c4d4a763979  nokogiri-1.18.9-arm64-darwin.gem\nfe611ae65880e445a9c0f650d52327db239f3488626df4173c05beafd161d46e  nokogiri-1.18.9-arm-linux-gnu.gem\n935605e14c0ba17da18d203922440bf6c0676c602659278d855d4622d756a324  nokogiri-1.18.9-arm-linux-musl.gem\nac5a7d93fd0e3cef388800b037407890882413feccca79eb0272a2715a82fa33  nokogiri-1.18.9.gem\n1fe5b7aa4a054eda689a969bb4e03999960a6ea806582d327207d687168bceb5  nokogiri-1.18.9-java.gem\n6b4fc1523aa0370c78653e38c94cb50e7f3ab786425de66ba7ad24222c1164a3  nokogiri-1.18.9-x64-mingw-ucrt.gem\ne0d2deb03d3d7af8016e8c9df5ff4a7d692159cefb135cbb6a4109f265652348  nokogiri-1.18.9-x86_64-darwin.gem\nb52f5defedc53d14f71eeaaf990da66b077e1918a2e13088b6a96d0230f44360  nokogiri-1.18.9-x86_64-linux-gnu.gem\ne69359d6240c17e64cc9f43970d54f13bfc7b8cc516b819228f687e953425e69  nokogiri-1.18.9-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e36badd2eb281fca6214a5188e24a34399b15d89730639a068d12931e2adc210e  nokogiri-1.18.8-aarch64-linux-gnu.gem\n664e0f9a77a7122a66d6c03abba7641ca610769a4728db55ee1706a0838b78a2  nokogiri-1.18.8-aarch64-linux-musl.gem\n483b5b9fb33653f6f05cbe00d09ea315f268f0e707cfc809aa39b62993008212  nokogiri-1.18.8-arm64-darwin.gem\n17de01ca3adf9f8e187883ed73c672344d3dbb3c260f88ffa1008e8dc255a28e  nokogiri-1.18.8-arm-linux-gnu.gem\n6e6d7e71fc39572bd613a82d528cf54392c3de1ba5ce974f05c832b8187a040b  nokogiri-1.18.8-arm-linux-musl.gem\n8c7464875d9ca7f71080c24c0db7bcaa3940e8be3c6fc4bcebccf8b9a0016365  nokogiri-1.18.8.gem\n41002596960ff854198a20aaeb34cff0d445406d5ad85ba7ca9c3fd0c8f03de0  nokogiri-1.18.8-java.gem\n11ab0f76772c5f2d718fb253fca5b74c6ef7628b72bbf8deba6ab1ffc93344cf  nokogiri-1.18.8-x64-mingw-ucrt.gem\n024cdfe7d9ae3466bba6c06f348fb2a8395d9426b66a3c82f1961b907945cc0c  nokogiri-1.18.8-x86_64-darwin.gem\n4a747875db873d18a2985ee2c320a6070c4a414ad629da625fbc58d1a20e5ecc  nokogiri-1.18.8-x86_64-linux-gnu.gem\nddd735fba49475a395b9ea793bb6474e3a3125b89960339604d08a5397de1165  nokogiri-1.18.8-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] In HTML documents, \u003ccode\u003eNode#attribute\u003c/code\u003e now returns the correct attribute. This has been broken, and returning \u003ccode\u003enil\u003c/code\u003e, since v1.17.0. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3487\"\u003e#3487\u003c/a\u003e) \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.5 / 2025-03-19\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Update JRuby's XML serialization so it outputs namespaces exactly like CRuby. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3455\"\u003e#3455\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3456\"\u003e#3456\u003c/a\u003e) \u003ca href=\"https://github.com/johnnyshields\"\u003e\u003ccode\u003e@​johnnyshields\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.4 / 2025-03-14\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxslt is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.43\"\u003ev1.1.43\u003c/a\u003e to address CVE-2025-24855 and CVE-2024-55549. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-mrxw-mxhj-p664\"\u003eGHSA-mrxw-mxhj-p664\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.3 / 2025-02-18\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6\"\u003ev2.13.6\u003c/a\u003e to address CVE-2025-24928 and CVE-2024-56171. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vvfq-8hwr-qm4m\"\u003eGHSA-vvfq-8hwr-qm4m\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.2 / 2024-01-19\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1dcd8ce30365ebd4620a3b823bf806b127eeefc3\"\u003e\u003ccode\u003e1dcd8ce\u003c/code\u003e\u003c/a\u003e version bump to v1.18.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/a05d2b44b930072af70dad12bddbac67f36c6f90\"\u003e\u003ccode\u003ea05d2b4\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3526\"\u003e#3526\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/947a55e87edff3c6d76ffd81f07da728e67c9b82\"\u003e\u003ccode\u003e947a55e\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/9187f4af0dc3cc7ea439bd4957a2fbfab18f6665\"\u003e\u003ccode\u003e9187f4a\u003c/code\u003e\u003c/a\u003e version bump to v1.18.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1deea041e3f359ccef67abadf19f0d634bf473dd\"\u003e\u003ccode\u003e1deea04\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8 (branch \u003ccode\u003ev1.18.x\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3509\"\u003e#3509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/6457fe639359edda9f8817994bc4935abae3e81e\"\u003e\u003ccode\u003e6457fe6\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/13e8aa4ef52f39d1273d2435bd6bfa98982471ef\"\u003e\u003ccode\u003e13e8aa4\u003c/code\u003e\u003c/a\u003e version bump to v1.18.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/605699d271ee5d7f58ab29c4550fad42b9cc3d69\"\u003e\u003ccode\u003e605699d\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7 (v1.18.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/804e59038c4318ebe7ba0dc08105cff2030df415\"\u003e\u003ccode\u003e804e590\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/52bf15b62d4e576292e21ac948030783333f9e0b\"\u003e\u003ccode\u003e52bf15b\u003c/code\u003e\u003c/a\u003e dep(dev): drop Rubocop from JRuby deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.5...v1.18.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.8.1 to 2.2.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.2.20] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.19] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.18] - 2025-09-25\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-625h-95r8-8xpm\"\u003eCVE-2025-59830\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion via semicolon-separated parameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.17] - 2025-06-03\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003eRack::MediaType#params\u003c/code\u003e now handles parameters without values. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2263\"\u003e#2263\u003c/a\u003e, \u003ca href=\"https://github.com/AllyMarthaJ\"\u003e\u003ccode\u003e@​AllyMarthaJ\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.16] - 2025-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect backport of optional \u003ccode\u003eCGI::Cookie\u003c/code\u003e support. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2335\"\u003e#2335\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.15] - 2025-05-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptional support for \u003ccode\u003eCGI::Cookie\u003c/code\u003e if not available. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2327\"\u003e#2327\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2333\"\u003e#2333\u003c/a\u003e, [\u003ca href=\"https://github.com/earlopain\"\u003e\u003ccode\u003e@​earlopain\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.14] - 2025-05-06\u003c/h2\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eThis release includes a security fix that may cause certain routes in previously working applications to fail if query parameters exceed 4,096 in count or 4 MB in total size. See \u003ca href=\"https://github.com/rack/rack/discussions/2356\"\u003ehttps://github.com/rack/rack/discussions/2356\u003c/a\u003e for more details.\u003c/strong\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-gjh7-p2fx-99vx\"\u003eCVE-2025-46727\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.13] - 2025-03-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7wqh-767x-r66v\"\u003eCVE-2025-27610\u003c/a\u003e Local file inclusion in \u003ccode\u003eRack::Static\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.12] - 2025-03-04\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/6ef591522bb44f80654ad1a80654ba46cafdc7c1\"\u003e\u003ccode\u003e6ef5915\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881\"\u003e\u003ccode\u003e4e2c903\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85\"\u003e\u003ccode\u003efba2c8b\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed3d8340d1a7955332b51e74c1075ef3547c09dd\"\u003e\u003ccode\u003eed3d834\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c4ea296fdfd115377912aa7dbcb55b83bf2888e\"\u003e\u003ccode\u003e4c4ea29\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/c370dcd9405a6799763b70a83f06ae2d1aaa0e87\"\u003e\u003ccode\u003ec370dcd\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e\"\u003e\u003ccode\u003ed869fed\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/0f76d43c0d5624bd0d325df4f0a63f5e1faa7254\"\u003e\u003ccode\u003e0f76d43\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/493a4119ea010a7ac3dbc0ff579fc8af42e24ba4\"\u003e\u003ccode\u003e493a411\u003c/code\u003e\u003c/a\u003e Fix thin integration.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71\"\u003e\u003ccode\u003e54e4ffd\u003c/code\u003e\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.8.1...v2.2.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.3.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.3.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 3.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.1.0...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bigbluebutton/bigbluebutton/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bigbluebutton/bigbluebutton/pull/24533","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bigbluebutton%2Fbigbluebutton/issues/24533","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24533/packages"},{"uuid":"3843283353","node_id":"PR_kwDOAApxXs6-tyLk","number":24526,"state":"open","title":"build(deps): bump the bundler group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-22T14:47:58.000Z","updated_at":"2026-01-22T17:00:14.335Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":4,"packages":[{"name":"nokogiri","old_version":"1.16.5","new_version":"1.18.9","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.8.1","new_version":"2.2.20","repository_url":"https://github.com/rack/rack"},{"name":"rexml","old_version":"3.3.9","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"sinatra","old_version":"3.1.0","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 4 updates in the /record-and-playback/core directory: [nokogiri](https://github.com/sparklemotion/nokogiri), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml) and [sinatra](https://github.com/sinatra/sinatra).\n\nUpdates `nokogiri` from 1.16.5 to 1.18.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e5bcfdf7aa8d1056a7ad5e52e1adffc64ef53d12d0724fbc6f458a3af1a4b9e32  nokogiri-1.18.9-aarch64-linux-gnu.gem\n55e9e6ca46c4ad1715e313f407d8481d15be1e3b65d9f8e52ba1c124d01676a7  nokogiri-1.18.9-aarch64-linux-musl.gem\neea3f1f06463ff6309d3ff5b88033c4948d0da1ab3cc0a3a24f63c4d4a763979  nokogiri-1.18.9-arm64-darwin.gem\nfe611ae65880e445a9c0f650d52327db239f3488626df4173c05beafd161d46e  nokogiri-1.18.9-arm-linux-gnu.gem\n935605e14c0ba17da18d203922440bf6c0676c602659278d855d4622d756a324  nokogiri-1.18.9-arm-linux-musl.gem\nac5a7d93fd0e3cef388800b037407890882413feccca79eb0272a2715a82fa33  nokogiri-1.18.9.gem\n1fe5b7aa4a054eda689a969bb4e03999960a6ea806582d327207d687168bceb5  nokogiri-1.18.9-java.gem\n6b4fc1523aa0370c78653e38c94cb50e7f3ab786425de66ba7ad24222c1164a3  nokogiri-1.18.9-x64-mingw-ucrt.gem\ne0d2deb03d3d7af8016e8c9df5ff4a7d692159cefb135cbb6a4109f265652348  nokogiri-1.18.9-x86_64-darwin.gem\nb52f5defedc53d14f71eeaaf990da66b077e1918a2e13088b6a96d0230f44360  nokogiri-1.18.9-x86_64-linux-gnu.gem\ne69359d6240c17e64cc9f43970d54f13bfc7b8cc516b819228f687e953425e69  nokogiri-1.18.9-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e36badd2eb281fca6214a5188e24a34399b15d89730639a068d12931e2adc210e  nokogiri-1.18.8-aarch64-linux-gnu.gem\n664e0f9a77a7122a66d6c03abba7641ca610769a4728db55ee1706a0838b78a2  nokogiri-1.18.8-aarch64-linux-musl.gem\n483b5b9fb33653f6f05cbe00d09ea315f268f0e707cfc809aa39b62993008212  nokogiri-1.18.8-arm64-darwin.gem\n17de01ca3adf9f8e187883ed73c672344d3dbb3c260f88ffa1008e8dc255a28e  nokogiri-1.18.8-arm-linux-gnu.gem\n6e6d7e71fc39572bd613a82d528cf54392c3de1ba5ce974f05c832b8187a040b  nokogiri-1.18.8-arm-linux-musl.gem\n8c7464875d9ca7f71080c24c0db7bcaa3940e8be3c6fc4bcebccf8b9a0016365  nokogiri-1.18.8.gem\n41002596960ff854198a20aaeb34cff0d445406d5ad85ba7ca9c3fd0c8f03de0  nokogiri-1.18.8-java.gem\n11ab0f76772c5f2d718fb253fca5b74c6ef7628b72bbf8deba6ab1ffc93344cf  nokogiri-1.18.8-x64-mingw-ucrt.gem\n024cdfe7d9ae3466bba6c06f348fb2a8395d9426b66a3c82f1961b907945cc0c  nokogiri-1.18.8-x86_64-darwin.gem\n4a747875db873d18a2985ee2c320a6070c4a414ad629da625fbc58d1a20e5ecc  nokogiri-1.18.8-x86_64-linux-gnu.gem\nddd735fba49475a395b9ea793bb6474e3a3125b89960339604d08a5397de1165  nokogiri-1.18.8-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] In HTML documents, \u003ccode\u003eNode#attribute\u003c/code\u003e now returns the correct attribute. This has been broken, and returning \u003ccode\u003enil\u003c/code\u003e, since v1.17.0. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3487\"\u003e#3487\u003c/a\u003e) \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.5 / 2025-03-19\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Update JRuby's XML serialization so it outputs namespaces exactly like CRuby. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3455\"\u003e#3455\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3456\"\u003e#3456\u003c/a\u003e) \u003ca href=\"https://github.com/johnnyshields\"\u003e\u003ccode\u003e@​johnnyshields\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.4 / 2025-03-14\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxslt is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.43\"\u003ev1.1.43\u003c/a\u003e to address CVE-2025-24855 and CVE-2024-55549. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-mrxw-mxhj-p664\"\u003eGHSA-mrxw-mxhj-p664\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.3 / 2025-02-18\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6\"\u003ev2.13.6\u003c/a\u003e to address CVE-2025-24928 and CVE-2024-56171. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vvfq-8hwr-qm4m\"\u003eGHSA-vvfq-8hwr-qm4m\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.2 / 2024-01-19\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1dcd8ce30365ebd4620a3b823bf806b127eeefc3\"\u003e\u003ccode\u003e1dcd8ce\u003c/code\u003e\u003c/a\u003e version bump to v1.18.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/a05d2b44b930072af70dad12bddbac67f36c6f90\"\u003e\u003ccode\u003ea05d2b4\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3526\"\u003e#3526\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/947a55e87edff3c6d76ffd81f07da728e67c9b82\"\u003e\u003ccode\u003e947a55e\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/9187f4af0dc3cc7ea439bd4957a2fbfab18f6665\"\u003e\u003ccode\u003e9187f4a\u003c/code\u003e\u003c/a\u003e version bump to v1.18.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1deea041e3f359ccef67abadf19f0d634bf473dd\"\u003e\u003ccode\u003e1deea04\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8 (branch \u003ccode\u003ev1.18.x\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3509\"\u003e#3509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/6457fe639359edda9f8817994bc4935abae3e81e\"\u003e\u003ccode\u003e6457fe6\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/13e8aa4ef52f39d1273d2435bd6bfa98982471ef\"\u003e\u003ccode\u003e13e8aa4\u003c/code\u003e\u003c/a\u003e version bump to v1.18.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/605699d271ee5d7f58ab29c4550fad42b9cc3d69\"\u003e\u003ccode\u003e605699d\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7 (v1.18.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/804e59038c4318ebe7ba0dc08105cff2030df415\"\u003e\u003ccode\u003e804e590\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/52bf15b62d4e576292e21ac948030783333f9e0b\"\u003e\u003ccode\u003e52bf15b\u003c/code\u003e\u003c/a\u003e dep(dev): drop Rubocop from JRuby deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.5...v1.18.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.8.1 to 2.2.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.2.20] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.19] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.18] - 2025-09-25\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-625h-95r8-8xpm\"\u003eCVE-2025-59830\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion via semicolon-separated parameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.17] - 2025-06-03\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003eRack::MediaType#params\u003c/code\u003e now handles parameters without values. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2263\"\u003e#2263\u003c/a\u003e, \u003ca href=\"https://github.com/AllyMarthaJ\"\u003e\u003ccode\u003e@​AllyMarthaJ\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.16] - 2025-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect backport of optional \u003ccode\u003eCGI::Cookie\u003c/code\u003e support. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2335\"\u003e#2335\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.15] - 2025-05-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptional support for \u003ccode\u003eCGI::Cookie\u003c/code\u003e if not available. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2327\"\u003e#2327\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2333\"\u003e#2333\u003c/a\u003e, [\u003ca href=\"https://github.com/earlopain\"\u003e\u003ccode\u003e@​earlopain\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.14] - 2025-05-06\u003c/h2\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eThis release includes a security fix that may cause certain routes in previously working applications to fail if query parameters exceed 4,096 in count or 4 MB in total size. See \u003ca href=\"https://github.com/rack/rack/discussions/2356\"\u003ehttps://github.com/rack/rack/discussions/2356\u003c/a\u003e for more details.\u003c/strong\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-gjh7-p2fx-99vx\"\u003eCVE-2025-46727\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.13] - 2025-03-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7wqh-767x-r66v\"\u003eCVE-2025-27610\u003c/a\u003e Local file inclusion in \u003ccode\u003eRack::Static\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.12] - 2025-03-04\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/6ef591522bb44f80654ad1a80654ba46cafdc7c1\"\u003e\u003ccode\u003e6ef5915\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881\"\u003e\u003ccode\u003e4e2c903\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85\"\u003e\u003ccode\u003efba2c8b\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed3d8340d1a7955332b51e74c1075ef3547c09dd\"\u003e\u003ccode\u003eed3d834\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c4ea296fdfd115377912aa7dbcb55b83bf2888e\"\u003e\u003ccode\u003e4c4ea29\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/c370dcd9405a6799763b70a83f06ae2d1aaa0e87\"\u003e\u003ccode\u003ec370dcd\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e\"\u003e\u003ccode\u003ed869fed\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/0f76d43c0d5624bd0d325df4f0a63f5e1faa7254\"\u003e\u003ccode\u003e0f76d43\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/493a4119ea010a7ac3dbc0ff579fc8af42e24ba4\"\u003e\u003ccode\u003e493a411\u003c/code\u003e\u003c/a\u003e Fix thin integration.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71\"\u003e\u003ccode\u003e54e4ffd\u003c/code\u003e\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.8.1...v2.2.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.3.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.3.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 3.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.1.0...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bigbluebutton/bigbluebutton/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bigbluebutton/bigbluebutton/pull/24526","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bigbluebutton%2Fbigbluebutton/issues/24526","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24526/packages"},{"uuid":"3842573988","node_id":"PR_kwDOQ4e3VM6-ra5W","number":6,"state":"open","title":"Bump sinatra from 4.1.1 to 4.2.0","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-22T11:48:58.000Z","updated_at":"2026-01-22T11:49:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 4.1.1 to 4.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=4.1.1\u0026new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/etchteam/firepit/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/etchteam/firepit/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/etchteam%2Ffirepit/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"3826778741","node_id":"PR_kwDOAINMDs693EeX","number":1,"state":"closed","title":"Bump the bundler group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-20T01:19:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-18T13:21:39.000Z","updated_at":"2026-02-20T01:19:38.000Z","time_to_close":2807877,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":8,"packages":[{"name":"rake","old_version":"0.9.2.2","new_version":"12.3.3","repository_url":"https://github.com/ruby/rake"},{"name":"rack","old_version":"1.4.1","new_version":"3.2.4","repository_url":"https://github.com/rack/rack"},{"name":"sinatra","old_version":"1.3.3","new_version":"4.2.1","repository_url":"https://github.com/sinatra/sinatra"},{"name":"jekyll","old_version":"0.11.2","new_version":"4.4.1","repository_url":"https://github.com/jekyll/jekyll"},{"name":"RedCloth","old_version":"4.2.9","new_version":"4.3.3","repository_url":"https://github.com/jgarber/redcloth"},{"name":"haml","old_version":"3.1.7","new_version":"5.0.0","repository_url":"https://github.com/haml/haml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 6 updates in the /spec/test-site directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rake](https://github.com/ruby/rake) | `0.9.2.2` | `12.3.3` |\n| [rack](https://github.com/rack/rack) | `1.4.1` | `3.2.4` |\n| [sinatra](https://github.com/sinatra/sinatra) | `1.3.3` | `4.2.1` |\n| [jekyll](https://github.com/jekyll/jekyll) | `0.11.2` | `4.4.1` |\n| [RedCloth](https://github.com/jgarber/redcloth) | `4.2.9` | `4.3.3` |\n| [haml](https://github.com/haml/haml) | `3.1.7` | `5.0.0` |\n\n\nUpdates `rake` from 0.9.2.2 to 12.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/releases\"\u003erake's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003erake-10.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/blob/master/History.rdoc\"\u003erake's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e=== 12.3.3\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse the application's name in error message if a task is not found.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/303\"\u003e#303\u003c/a\u003e by tmatilai\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse File.open explicitly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.2\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test fails caused by 2.6 warnings.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/297\"\u003e#297\u003c/a\u003e by hsbt\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRdoc improvements.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/293\"\u003e#293\u003c/a\u003e by colby-swandale\u003c/li\u003e\n\u003cli\u003eImprove multitask performance.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/273\"\u003e#273\u003c/a\u003e by jsm\u003c/li\u003e\n\u003cli\u003eAdd alias \u003ccode\u003eprereqs\u003c/code\u003e.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/268\"\u003e#268\u003c/a\u003e by take-cheeze\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.1\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport did_you_mean \u0026gt;= v1.2.0 which has a breaking change on formatters.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/262\"\u003e#262\u003c/a\u003e by FUJI Goro.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't run task if it depends on already invoked but failed task.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/252\"\u003e#252\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eMake space trimming consistent for all task arguments.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/259\"\u003e#259\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRemoves duplicated inclusion of Rake::DSL in tests.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/254\"\u003e#254\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRe-raise a LoadError that didn't come from require in the test loader.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/250\"\u003e#250\u003c/a\u003e by Dylan Thacker-Smith.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.0\u003c/p\u003e\n\u003cp\u003e==== Compatibility Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003erequired_ruby_version\u003c/code\u003e to Ruby 2.0.0. Rake has already\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5c87c462b64aad674ebb92b1f5b0ff2c911406cd\"\u003e\u003ccode\u003e5c87c46\u003c/code\u003e\u003c/a\u003e Bump version to 12.3.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee\"\u003e\u003ccode\u003e5b8f8fc\u003c/code\u003e\u003c/a\u003e Use File.open explicitly.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/6497ba4d94d12c123df48cc8ab40f0a4eb7fb337\"\u003e\u003ccode\u003e6497ba4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/317\"\u003e#317\u003c/a\u003e from ruby/ignore-gitignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/be62efb6cdfc2cc00d660f8fc7d6c1c9de8014e2\"\u003e\u003ccode\u003ebe62efb\u003c/code\u003e\u003c/a\u003e Removed gitignore from gemspec files.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/1c22b490ee6cb8bd614fa8d0d6145f671466206b\"\u003e\u003ccode\u003e1c22b49\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/309\"\u003e#309\u003c/a\u003e from RDIL/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/496944a8febd51e20957e6833c7930286a0e9a25\"\u003e\u003ccode\u003e496944a\u003c/code\u003e\u003c/a\u003e Remove deprecated travis ci option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/489c7d863c666b6d287b760527acf3abe13aaf48\"\u003e\u003ccode\u003e489c7d8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/307\"\u003e#307\u003c/a\u003e from ruby/azure-pipelines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77eb6d87cb69c2cc531f72d4aa1948054e9d077f\"\u003e\u003ccode\u003e77eb6d8\u003c/code\u003e\u003c/a\u003e Only enabled macOS environment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/72ffa2ea89f96df2307158fa151825dbb2c28ddf\"\u003e\u003ccode\u003e72ffa2e\u003c/code\u003e\u003c/a\u003e use realpath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77448726bb057c8ba90a8d12ab6e20ad60dac976\"\u003e\u003ccode\u003e7744872\u003c/code\u003e\u003c/a\u003e Do not specify ruby version of macOS\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rake/compare/v0.9.2.2...v12.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 1.4.1 to 3.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.9.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix content-length calcuation in Rack:Response#write \u003ca href=\"https://redirect.github.com/rack/rack/issues/2150\"\u003e#2150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.8...v3.0.9\"\u003ehttps://github.com/rack/rack/compare/v3.0.8...v3.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Fix some unused variable verbose warnings\u0026quot; by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.7...v3.0.8\"\u003ehttps://github.com/rack/rack/compare/v3.0.7...v3.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Make query parameters without = have nil values\u0026quot;. by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2060\"\u003erack/rack#2060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\"\u003ehttps://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.6.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.3...v3.0.4\"\u003ehttps://github.com/rack/rack/compare/v3.0.3...v3.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v3.0.3 by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2000\"\u003erack/rack#2000\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.2...v3.0.3\"\u003ehttps://github.com/rack/rack/compare/v3.0.2...v3.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.1] -- 2025-09-02\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix an issue where a \u003ccode\u003eNoMethodError\u003c/code\u003e would be raised when using \u003ccode\u003eRack::Events\u003c/code\u003e with streaming bodies. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.0] - 2025-07-31\u003c/h2\u003e\n\u003cp\u003eThis release continues Rack's evolution toward a cleaner, more efficient foundation while maintaining backward compatibility for most applications. The breaking changes primarily affect deprecated functionality, so most users should experience a smooth upgrade with improved performance and standards compliance.\u003c/p\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequest environment keys must now be strings. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2310\"\u003e#2310\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003enil\u003c/code\u003e as a valid return from a Response \u003ccode\u003ebody.to_path\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2318\"\u003e#2318\u003c/a\u003e, [\u003ca href=\"https://github.com/MSP-Greg\"\u003e\u003ccode\u003e@​MSP-Greg\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRack::Lint#check_header_value\u003c/code\u003e is relaxed, only disallowing CR/LF/NUL characters. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2354\"\u003e#2354\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eRack::VERSION\u003c/code\u003e constant. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2199\"\u003e#2199\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eISO-2022-JP\u003c/code\u003e encoded parts within MIME Multipart sections of an HTTP request body will now be converted to \u003ccode\u003eUTF-8\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2245\"\u003e#2245\u003c/a\u003e, \u003ca href=\"https://github.com/nappa\"\u003e\u003ccode\u003e@​nappa\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#query_parser=\u003c/code\u003e to allow setting the query parser to use. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2349\"\u003e#2349\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#form_pairs\u003c/code\u003e to access form data as raw key-value pairs, preserving duplicate keys. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2351\"\u003e#2351\u003c/a\u003e, [\u003ca href=\"https://github.com/matthewd\"\u003e\u003ccode\u003e@​matthewd\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c24539777db8833d78f881680cd245878cfba31\"\u003e\u003ccode\u003e4c24539\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3ba5e4f22f55abac21037bb137e56e5c8e36b673\"\u003e\u003ccode\u003e3ba5e4f\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/32bf8887d00bd86494f0ce08c46cda59a65d332f\"\u003e\u003ccode\u003e32bf888\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f\"\u003e\u003ccode\u003ee179614\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784\"\u003e\u003ccode\u003e57277b7\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/403b74b2441d666845177ce769036e294f663712\"\u003e\u003ccode\u003e403b74b\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fb395bb48925bba30d090938380c4090f5ae53de\"\u003e\u003ccode\u003efb395bb\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bce149b11154e851c437b5ece1c026c943f4b571\"\u003e\u003ccode\u003ebce149b\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3beacfcd494ec5600c9022d561cfa2f556a524d1\"\u003e\u003ccode\u003e3beacfc\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e\"\u003e\u003ccode\u003e589127f\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/1.4.1...v3.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jekyll` from 0.11.2 to 4.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/releases\"\u003ejekyll's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore globbed path behavior in front matter defaults (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9762\"\u003e#9762\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow marking specific highlighted lines via Liquid (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9138\"\u003e#9138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ecsv\u003c/code\u003e to runtime dependency list (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9522\"\u003e#9522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the minimum ruby version to 2.7 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9525\"\u003e#9525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAcknowledge \u003ccode\u003elivereload_port\u003c/code\u003e from site config too (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9606\"\u003e#9606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ebase64\u003c/code\u003e as runtime dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9740\"\u003e#9740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ejson\u003c/code\u003e as runtime_dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9671\"\u003e#9671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unnecessary constraint on gem \u003ccode\u003emercenary\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize default front matter using \u003ccode\u003eFile.fnmatch?\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9185\"\u003e#9185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove totals in profile table properly (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9186\"\u003e#9186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize \u003ccode\u003eSite#each_site_file\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9187\"\u003e#9187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename sass partial created for new blank site (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9257\"\u003e#9257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ejekyll serve --detach\u003c/code\u003e with jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9304\"\u003e#9304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle TypeError from \u003ccode\u003ewhere\u003c/code\u003e filter gracefully (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9292\"\u003e#9292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for upcoming logger 1.4.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9392\"\u003e#9392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typo in devcontainer.json (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9364\"\u003e#9364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect rubocop lint errors (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9600\"\u003e#9600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inexistent layout warning for the default 404 page (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9589\"\u003e#9589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRelax version constraint on \u003ccode\u003ewdm\u003c/code\u003e in new Gemfile (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9662\"\u003e#9662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e--livereload-ignore\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9570\"\u003e#9570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRender theme-gem root only in development (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9680\"\u003e#9680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDevelopment Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup highlight tag (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9177\"\u003e#9177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRun tests in utc (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9168\"\u003e#9168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLock Ruby in CI to v3.1.2 and bump JRuby to v9.4.0.0 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9196\"\u003e#9196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate sass related tests for jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9223\"\u003e#9223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSplit \u003ccode\u003etest/test_tags.rb\u003c/code\u003e into multiple files (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9230\"\u003e#9230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etest: use hash explicitly for Struct initializer for ruby 3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9237\"\u003e#9237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003escript/default-site: accept flags for \u003ccode\u003ejekyll new\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9259\"\u003e#9259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump check-spelling/check-spelling from 0.0.20 to 0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9205\"\u003e#9205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse check-spelling/check-spelling@v0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9199\"\u003e#9199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump RuboCop to v1.45.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9305\"\u003e#9305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump Rubocop to version 1.48.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9326\"\u003e#9326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump versions of ruby \u0026amp; nodejs in devcontainer (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9360\"\u003e#9360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump rubocop version to 1.52.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9361\"\u003e#9361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade RuboCop to 1.54 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9401\"\u003e#9401\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd CodeQL workflow (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9397\"\u003e#9397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9442\"\u003e#9442\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/blob/master/History.markdown\"\u003ejekyll's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.4.1 / 2025-01-29\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore globbed path behavior in front matter defaults (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9762\"\u003e#9762\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.4.0 / 2025-01-27\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow marking specific highlighted lines via Liquid (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9138\"\u003e#9138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ecsv\u003c/code\u003e to runtime dependency list (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9522\"\u003e#9522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the minimum ruby version to 2.7 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9525\"\u003e#9525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAcknowledge \u003ccode\u003elivereload_port\u003c/code\u003e from site config too (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9606\"\u003e#9606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ebase64\u003c/code\u003e as runtime dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9740\"\u003e#9740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ejson\u003c/code\u003e as runtime_dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9671\"\u003e#9671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unnecessary constraint on gem \u003ccode\u003emercenary\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize default front matter using \u003ccode\u003eFile.fnmatch?\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9185\"\u003e#9185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove totals in profile table properly (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9186\"\u003e#9186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize \u003ccode\u003eSite#each_site_file\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9187\"\u003e#9187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename sass partial created for new blank site (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9257\"\u003e#9257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ejekyll serve --detach\u003c/code\u003e with jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9304\"\u003e#9304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle TypeError from \u003ccode\u003ewhere\u003c/code\u003e filter gracefully (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9292\"\u003e#9292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for upcoming logger 1.4.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9392\"\u003e#9392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typo in devcontainer.json (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9364\"\u003e#9364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect rubocop lint errors (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9600\"\u003e#9600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inexistent layout warning for the default 404 page (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9589\"\u003e#9589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRelax version constraint on \u003ccode\u003ewdm\u003c/code\u003e in new Gemfile (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9662\"\u003e#9662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e--livereload-ignore\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9570\"\u003e#9570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRender theme-gem root only in development (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9680\"\u003e#9680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDevelopment Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup highlight tag (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9177\"\u003e#9177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRun tests in utc (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9168\"\u003e#9168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLock Ruby in CI to v3.1.2 and bump JRuby to v9.4.0.0 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9196\"\u003e#9196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate sass related tests for jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9223\"\u003e#9223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSplit \u003ccode\u003etest/test_tags.rb\u003c/code\u003e into multiple files (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9230\"\u003e#9230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etest: use hash explicitly for Struct initializer for ruby 3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9237\"\u003e#9237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003escript/default-site: accept flags for \u003ccode\u003ejekyll new\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9259\"\u003e#9259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump check-spelling/check-spelling from 0.0.20 to 0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9205\"\u003e#9205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse check-spelling/check-spelling@v0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9199\"\u003e#9199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump RuboCop to v1.45.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9305\"\u003e#9305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump Rubocop to version 1.48.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9326\"\u003e#9326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump versions of ruby \u0026amp; nodejs in devcontainer (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9360\"\u003e#9360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump rubocop version to 1.52.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9361\"\u003e#9361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade RuboCop to 1.54 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9401\"\u003e#9401\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/1f319fb273b6cdf876bc6edd38d7477935cdda8c\"\u003e\u003ccode\u003e1f319fb\u003c/code\u003e\u003c/a\u003e Release :gem: v4.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/c5cd1fb04f071137631302cb69139db5196d4010\"\u003e\u003ccode\u003ec5cd1fb\u003c/code\u003e\u003c/a\u003e Restore globbed path behavior in front matter defaults  (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9762\"\u003e#9762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/33e8a84a0033bf150754a48c4da1ec5eaff89a03\"\u003e\u003ccode\u003e33e8a84\u003c/code\u003e\u003c/a\u003e Add unrecognized words to expected spelling data [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/cda8c3a402841c6b442b24b191be1c7d6849003c\"\u003e\u003ccode\u003ecda8c3a\u003c/code\u003e\u003c/a\u003e Release :gem: v4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/5431c0945b527a188dd592c99ffb1d6a85f6ce65\"\u003e\u003ccode\u003e5431c09\u003c/code\u003e\u003c/a\u003e Update history to reflect merge of \u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9759\"\u003e#9759\u003c/a\u003e [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/e68b3e3e16b4a1e5dbb40db32e1fe90fdf274fd8\"\u003e\u003ccode\u003ee68b3e3\u003c/code\u003e\u003c/a\u003e Add release post for v4.4.0 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9759\"\u003e#9759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/0cc09f93caa53bf42e01ade0e22307f05e798294\"\u003e\u003ccode\u003e0cc09f9\u003c/code\u003e\u003c/a\u003e Update history to reflect merge of \u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/448b8b55402c7c82fece08387552f8ce68be6c25\"\u003e\u003ccode\u003e448b8b5\u003c/code\u003e\u003c/a\u003e Remove unnecessary constraint on gem \u003ccode\u003emercenary\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/2cf2665d314407e2d1628539b331f46b2dc5a6fb\"\u003e\u003ccode\u003e2cf2665\u003c/code\u003e\u003c/a\u003e Update history to reflect merge of \u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9756\"\u003e#9756\u003c/a\u003e [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/efc2a7433c7f7770e3e8bfaa37675988b24f74c0\"\u003e\u003ccode\u003eefc2a74\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003echeck-spelling/check-spelling\u003c/code\u003e action (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9756\"\u003e#9756\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jekyll/jekyll/compare/v0.11.2...v4.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `RedCloth` from 4.2.9 to 4.3.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jgarber/redcloth/blob/master/CHANGELOG\"\u003eRedCloth's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e== 4.3.3 / Nov 2nd, 2023\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tests for CVE-2023-31606 [Helio Cola]\u003c/li\u003e\n\u003cli\u003eFix rake compile [Helio Cola and Faria Education Group]\u003c/li\u003e\n\u003cli\u003eFix CVE-2023-31606 (ReDOS possible in the sanitize_html function) [Kornelius Kalnbach and Merbin Russel]\u003c/li\u003e\n\u003cli\u003eImmutable strings [Matijs van Zuijlen]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.2 / May 23rd, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.1 / May 17th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.0 / April 29th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove JRuby and Windows cross compilation and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ruby 2.2.3 testing and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003einclude CVE-2012-6684 fix [Tomas Pospisek]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix by [Antonio Terceiro]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\"\u003ehttp://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003evulnerability reported by [Kousuke Ebihara]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://co3k.org/blog/redcloth-unfixed-xss-en\"\u003ehttp://co3k.org/blog/redcloth-unfixed-xss-en\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.2.9.1 / February 24, 2015\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLazy-load latex_entities.yml [Charlie Somerville]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8297da8aa071b3bf1584738229f277833bd20c49\"\u003e\u003ccode\u003e8297da8\u003c/code\u003e\u003c/a\u003e 4.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/2600d93ff164a5244cec86a3047619ae8b4e4b04\"\u003e\u003ccode\u003e2600d93\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/80\"\u003e#80\u003c/a\u003e from jgarber/tests/CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ac10b687041e12cb49a196acf79687d6f596114e\"\u003e\u003ccode\u003eac10b68\u003c/code\u003e\u003c/a\u003e Add tests for CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4e85481aca18e50fcd17ad432234e0af8245b080\"\u003e\u003ccode\u003e4e85481\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/78\"\u003e#78\u003c/a\u003e from jgarber/fix/build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ccdd54dd68810f8ccd0c9b11c301d883240fcd22\"\u003e\u003ccode\u003eccdd54d\u003c/code\u003e\u003c/a\u003e Fix rake compile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8b1327688fef8e6617792054ef299d7bc74c0a1e\"\u003e\u003ccode\u003e8b13276\u003c/code\u003e\u003c/a\u003e Fix CVE-2023-31606 (ReDOS possible in the sanitize_html function) (\u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/dd7ee6caaa6c899f4d5389c1b2fe4a17f1e5f326\"\u003e\u003ccode\u003edd7ee6c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/47\"\u003e#47\u003c/a\u003e from greggawatt/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/5c9b35c3f8af989cf2a8d22f1bb9d8140641cd5b\"\u003e\u003ccode\u003e5c9b35c\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/c34fa195ca540b2bea84d9cfe1813e070e4ed154\"\u003e\u003ccode\u003ec34fa19\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4808b36d7063a7cfade89378d879a9134cd30a3e\"\u003e\u003ccode\u003e4808b36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/38\"\u003e#38\u003c/a\u003e from mvz/immutable-strings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jgarber/redcloth/compare/v4.2.9...v4.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haml` from 3.1.7 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haml/haml/blob/main/CHANGELOG.md\"\u003ehaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eReleased on April 26, 2017\n(\u003ca href=\"https://github.com/haml/haml/compare/4.0.7...v5.0.0\"\u003ediff\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eBreaking Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHaml now requires Ruby 2.0.0 or above.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRails 3 is no longer supported, matching the official\n\u003ca href=\"http://weblog.rubyonrails.org/2013/2/24/maintenance-policy-for-ruby-on-rails/\"\u003eMaintenance Policy for Ruby on Rails\u003c/a\u003e.\nUse Haml 4 if you want to use Rails 3.\n(Tee Parham)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003e:ugly\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/haml/haml/pull/894\"\u003e#894\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003ehaml\u003c/code\u003e command's debug option (\u003ccode\u003e-d\u003c/code\u003e) no longer executes the Haml code, but\nrather checks the generated Ruby syntax for errors.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop parser/compiler accessor from \u003ccode\u003eHaml::Engine\u003c/code\u003e. Modify \u003ccode\u003eHaml::Engine#initialize\u003c/code\u003e options\nor \u003ccode\u003eHaml::Template.options\u003c/code\u003e instead. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop dynamic quotes support and always escape \u003ccode\u003e'\u003c/code\u003e for \u003ccode\u003eescape_html\u003c/code\u003e/\u003ccode\u003eescape_attrs\u003c/code\u003e instead.\nAlso, escaped results are slightly changed and always unified to the same characters. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't preserve newlines in attributes. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTML escape interpolated code in filters.\n\u003ca href=\"https://redirect.github.com/haml/haml/pull/770\"\u003e#770\u003c/a\u003e\n(Matt Wildig)\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e  :javascript\n    #{JSON.generate(foo: \u0026quot;bar\u0026quot;)}\n  Haml 4 output: {\u0026quot;foo\u0026quot;:\u0026quot;bar\u0026quot;}\n  Haml 5 output: {\u0026amp;quot;foo\u0026amp;quot;:\u0026amp;quot;bar\u0026amp;quot;}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAdded\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a tracing option. When enabled, Haml will output a data-trace attribute on each tag showing the path\nto the source Haml file from which it was generated. Thanks \u003ca href=\"https://github.com/ababkin\"\u003eAlex Babkin\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehaml_tag_if\u003c/code\u003e to render a block, conditionally wrapped in another element (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eSupport Rails 5.1 Erubi template handler.\u003c/li\u003e\n\u003cli\u003eSupport Sprockets 3. Thanks \u003ca href=\"https://github.com/samphilipd\"\u003eSam Davies\u003c/a\u003e and \u003ca href=\"https://github.com/jvenezia\"\u003eJeremy Venezia\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eGeneral performance and memory usage improvements. (Akira Matsuda)\u003c/li\u003e\n\u003cli\u003eAnalyze attribute values by Ripper and render static attributes beforehand. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eOptimize attribute rendering about 3x faster. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eAdd temple gem as dependency and create \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e class.\nSome methods in \u003ccode\u003eHaml::Compiler\u003c/code\u003e are migrated to \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e. (Takashi Kokubun)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixed\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for attribute merging. When an attribute method (or literal nested hash)\nwas used in an old style attribute hash and there is also a (non-static) new\nstyle hash there is an error. The fix can result in different behavior in\nsome circumstances. See the \u003ca href=\"https://github.com/haml/haml/tree/e475b015d3171fb4c4f140db304f7970c787d6e3\"\u003ecommit message\u003c/a\u003e\nfor detailed info. (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eMake escape_once respect hexadecimal references. (Matt Wildig)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/78e2a09d3b8c6f7cdb3bb87ff84dce8fad5598ac\"\u003e\u003ccode\u003e78e2a09\u003c/code\u003e\u003c/a\u003e Version 5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/e5d6409bad6da77c697efc924c36ad2c5405b680\"\u003e\u003ccode\u003ee5d6409\u003c/code\u003e\u003c/a\u003e Note about \u003ca href=\"https://redirect.github.com/haml/haml/issues/770\"\u003e#770\u003c/a\u003e in Haml 5 changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/1bac6f902fe7683317b46ddcf0fdbbab6ffcd0da\"\u003e\u003ccode\u003e1bac6f9\u003c/code\u003e\u003c/a\u003e Remove JRuby from allow_failures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/d45c2d44b6b993ae7d54634948d69c2951d6dda3\"\u003e\u003ccode\u003ed45c2d4\u003c/code\u003e\u003c/a\u003e Add backslash for @ to support JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/8f207073c2e0e2bc296f18424b3fec3dfe659674\"\u003e\u003ccode\u003e8f20707\u003c/code\u003e\u003c/a\u003e Enable frozen_string_literal pragma if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/a6bb25529a5df92b355f8e4b2a712c2aa3ff1b26\"\u003e\u003ccode\u003ea6bb255\u003c/code\u003e\u003c/a\u003e Oops, this was not intentional...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/aa4c397410312ab3c3ee6191110f5e595e5eea00\"\u003e\u003ccode\u003eaa4c397\u003c/code\u003e\u003c/a\u003e Fix spec in \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e for pretty mode removal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/11af7954f3e9ba5e21924c11c49773cacc18eeb2\"\u003e\u003ccode\u003e11af795\u003c/code\u003e\u003c/a\u003e Fallback to default value of preserve option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/bbbeb7ea8ade64fec20de4e0254040a229bdda0e\"\u003e\u003ccode\u003ebbbeb7e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG to include \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/ed7f24f1dc63c38f3d143289262266cbf59a9f1f\"\u003e\u003ccode\u003eed7f24f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e from redoPop/atful-css\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haml/haml/compare/3.1.7...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kramdown` from 0.14.0 to 2.5.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gettalong/kramdown/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-protection` from 1.2.0 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003erack-protection's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/7b50a1bbb5324838908dfaa00ec53ad322673a29\"\u003e\u003ccode\u003e7b50a1b\u003c/code\u003e\u003c/a\u003e 4.1.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2068\"\u003e#2068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/73f3291d114b5b211e067263eeb9c0e197fe8500\"\u003e\u003ccode\u003e73f3291\u003c/code\u003e\u003c/a\u003e 4.1.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2063\"\u003e#2063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cd3e00de20ddaff34ea30f7a74a7b9dad189d1d8\"\u003e\u003ccode\u003ecd3e00d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eHostAuthorization\u003c/code\u003e rack-protection middleware (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2053\"\u003e#2053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a55850\u003c/code\u003e\u003c/a\u003e Remove WEBrick\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/319af3a298cb8278670f285b6c02df0fd084615d\"\u003e\u003ccode\u003e319af3a\u003c/code\u003e\u003c/a\u003e Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/8d0095fc8c37f39d41caf74637da72c1ac952299\"\u003e\u003ccode\u003e8d0095f\u003c/code\u003e\u003c/a\u003e Adjust \u003ccode\u003eCookieTossing\u003c/code\u003e spec for Rack 3.1+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5640495babcb4cfd69ba650b293660b7446402da\"\u003e\u003ccode\u003e5640495\u003c/code\u003e\u003c/a\u003e Fix typos in changelog, readme and code comments (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.2.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lilith/link-checker/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/lilith/link-checker/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lilith%2Flink-checker/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"3787187600","node_id":"PR_kwDODLuhc86707-p","number":1031,"state":"closed","title":"Bump the bundler group across 1 directory with 70 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-14T03:09:07.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-07T03:07:59.000Z","updated_at":"2026-01-14T03:09:09.000Z","time_to_close":604868,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":70,"packages":[{"name":"rails","old_version":"8.0.3","new_version":"8.1.1","repository_url":"https://github.com/rails/rails"},{"name":"pg","old_version":"1.6.2","new_version":"1.6.3","repository_url":"https://github.com/ged/ruby-pg"},{"name":"puma","old_version":"7.0.4","new_version":"7.1.0","repository_url":"https://github.com/puma/puma"},{"name":"bootsnap","old_version":"1.18.6","new_version":"1.20.1","repository_url":"https://github.com/rails/bootsnap"},{"name":"faker","old_version":"3.5.2","new_version":"3.5.3","repository_url":"https://github.com/faker-ruby/faker"},{"name":"faraday","old_version":"2.13.4","new_version":"2.14.0","repository_url":"https://github.com/lostisland/faraday"},{"name":"oauth2","old_version":"2.0.17","new_version":"2.0.18","repository_url":"https://github.com/ruby-oauth/oauth2"},{"name":"dotenv-rails","old_version":"3.1.8","new_version":"3.2.0","repository_url":"https://github.com/bkeepers/dotenv"},{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.1","repository_url":"https://github.com/sinatra/sinatra"},{"name":"vcr","old_version":"6.3.1","new_version":"6.4.0","repository_url":"https://github.com/vcr/vcr"},{"name":"webmock","old_version":"3.25.1","new_version":"3.26.1","repository_url":"https://github.com/bblimke/webmock"},{"name":"brakeman","old_version":"7.1.0","new_version":"7.1.2","repository_url":"https://github.com/presidentbeef/brakeman"},{"name":"shoulda-matchers","old_version":"6.5.0","new_version":"7.0.1","repository_url":"https://github.com/thoughtbot/shoulda-matchers"},{"name":"dry-core","old_version":"1.1.0","new_version":"1.2.0","repository_url":"https://github.com/dry-rb/dry-core"},{"name":"factory_bot","old_version":"6.5.5","new_version":"6.5.6","repository_url":"https://github.com/thoughtbot/factory_bot"},{"name":"ffi","old_version":"1.17.2","new_version":"1.17.3","repository_url":"https://github.com/ffi/ffi"},{"name":"parser","old_version":"3.3.9.0","new_version":"3.3.10.0","repository_url":"https://github.com/whitequark/parser"},{"name":"rspec","old_version":"3.13.1","new_version":"3.13.2","repository_url":"https://github.com/rspec/rspec"},{"name":"unicode-emoji","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/janlelis/unicode-emoji"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rails](https://github.com/rails/rails) | `8.0.3` | `8.1.1` |\n| [pg](https://github.com/ged/ruby-pg) | `1.6.2` | `1.6.3` |\n| [puma](https://github.com/puma/puma) | `7.0.4` | `7.1.0` |\n| [bootsnap](https://github.com/rails/bootsnap) | `1.18.6` | `1.20.1` |\n| [faker](https://github.com/faker-ruby/faker) | `3.5.2` | `3.5.3` |\n| [faraday](https://github.com/lostisland/faraday) | `2.13.4` | `2.14.0` |\n| [oauth2](https://github.com/ruby-oauth/oauth2) | `2.0.17` | `2.0.18` |\n| [dotenv-rails](https://github.com/bkeepers/dotenv) | `3.1.8` | `3.2.0` |\n| [sinatra](https://github.com/sinatra/sinatra) | `4.1.1` | `4.2.1` |\n| [vcr](https://github.com/vcr/vcr) | `6.3.1` | `6.4.0` |\n| [webmock](https://github.com/bblimke/webmock) | `3.25.1` | `3.26.1` |\n| [brakeman](https://github.com/presidentbeef/brakeman) | `7.1.0` | `7.1.2` |\n| [shoulda-matchers](https://github.com/thoughtbot/shoulda-matchers) | `6.5.0` | `7.0.1` |\n| [dry-core](https://github.com/dry-rb/dry-core) | `1.1.0` | `1.2.0` |\n| [factory_bot](https://github.com/thoughtbot/factory_bot) | `6.5.5` | `6.5.6` |\n| [ffi](https://github.com/ffi/ffi) | `1.17.2` | `1.17.3` |\n| [parser](https://github.com/whitequark/parser) | `3.3.9.0` | `3.3.10.0` |\n| [rspec](https://github.com/rspec/rspec) | `3.13.1` | `3.13.2` |\n| [unicode-emoji](https://github.com/janlelis/unicode-emoji) | `4.1.0` | `4.2.0` |\n\n\nUpdates `rails` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003erails's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ce0ce1ca2da1d36cdc149a72a777a956ea45dc7\"\u003e\u003ccode\u003e0ce0ce1\u003c/code\u003e\u003c/a\u003e Upgrade sigstore gem to 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/271acd57d1430be8c92fbd8f19a2069e62425803\"\u003e\u003ccode\u003e271acd5\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7574698226c364ab98e69188539e2cf27517ef1f\"\u003e\u003ccode\u003e7574698\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56020\"\u003e#56020\u003c/a\u003e from harsh183/hd/getting_started/fix_line_num_typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/89cb7bff192ce71267ae76f38942ca8f306ce273\"\u003e\u003ccode\u003e89cb7bf\u003c/code\u003e\u003c/a\u003e Fix railties/CHANGELOG.md offense at 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7919bdab44688f1e7f121bc36a76169787cdfe60\"\u003e\u003ccode\u003e7919bda\u003c/code\u003e\u003c/a\u003e Restore header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f007f9ca53448379246a1901b213bd57955af26c\"\u003e\u003ccode\u003ef007f9c\u003c/code\u003e\u003c/a\u003e Disable SSL default config for out of the box Kamal deployments (\u003ca href=\"https://redirect.github.com/rails/rails/issues/56010\"\u003e#56010\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/234b56973bb453bb50850a1be07a2fcad7331592\"\u003e\u003ccode\u003e234b569\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56008\"\u003e#56008\u003c/a\u003e from chaadow/fix_nesting_loop_rails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/21a8742bb6bb5720f0e67d67fe26874598d1afbe\"\u003e\u003ccode\u003e21a8742\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55992\"\u003e#55992\u003c/a\u003e from jsharpify/jsharpify-reduce-deprecation-warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a7ba88b04e935d2a9cbc205382d6cd7c514f425c\"\u003e\u003ccode\u003ea7ba88b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56001\"\u003e#56001\u003c/a\u003e from hachi8833/update_wishlists\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pg` from 1.6.2 to 1.6.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ged/ruby-pg/blob/master/CHANGELOG.md\"\u003epg's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.3 [2025-12-29] Lars Kanis \u003ca href=\"mailto:lars@greiz-reinsdorf.de\"\u003elars@greiz-reinsdorf.de\u003c/a\u003e\u003c/h2\u003e\n\u003cp\u003eAdded:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd binary gems for ruby-4.0, now providing ruby-3.0 to 4.0. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/682\"\u003e#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate fat binary gem to OpenSSL-3.6.0 and PostgreSQL-18.1.\u003c/li\u003e\n\u003cli\u003eImprove documentation of PG::Result and README. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/676\"\u003e#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate errorcodes to PostgreSQL-18.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003erb_hash_new_capa\u003c/code\u003e on Ruby-3.2+ . \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/674\"\u003e#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeny any server communication on a frozen PG::Connection . \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/677\"\u003e#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix possible race condition in PG::Result in Ractor context. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/674\"\u003e#674\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop binary gem support for platform \u003ccode\u003ex86-mingw32\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/682\"\u003e#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop binary gems for ruby-2.7.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/d4539c25dcc89d47088e1423f8d1915c041920f5\"\u003e\u003ccode\u003ed4539c2\u003c/code\u003e\u003c/a\u003e Bump VERSION to pg-1.6.3 and add release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/720900dbb9d16aa855793146f15c3772e14f627a\"\u003e\u003ccode\u003e720900d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/682\"\u003e#682\u003c/a\u003e from larskanis/ruby-4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/f605b5937093884089109c8baa5fe268fc513eaf\"\u003e\u003ccode\u003ef605b59\u003c/code\u003e\u003c/a\u003e Remove x86-mingw32 from binary builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/5c690006ba158da70d73d939a233cf75ecdd30ef\"\u003e\u003ccode\u003e5c69000\u003c/code\u003e\u003c/a\u003e Update to ruby-4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/2acaf3d0f76334e056229efe260e1f558a8c6b42\"\u003e\u003ccode\u003e2acaf3d\u003c/code\u003e\u003c/a\u003e CI: workaround missing ruby-4.0 on Window\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/b500ded81127963603e1f724e82bed649c9ca8a1\"\u003e\u003ccode\u003eb500ded\u003c/code\u003e\u003c/a\u003e fix comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/bc3f2f8b1110e9bcb225d65554e1a7fc842d0506\"\u003e\u003ccode\u003ebc3f2f8\u003c/code\u003e\u003c/a\u003e CI: Macos-13 on Intel is deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/77667eb4313bd7b79356f402b0fa7fba409483b8\"\u003e\u003ccode\u003e77667eb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/678\"\u003e#678\u003c/a\u003e from larskanis/ci-update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/6e52ce504d05c5359d55f45d9580672103263b54\"\u003e\u003ccode\u003e6e52ce5\u003c/code\u003e\u003c/a\u003e CI: Update PostgreSQL on Macos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/6d40f50e51a037022495fe6d98181435652464ff\"\u003e\u003ccode\u003e6d40f50\u003c/code\u003e\u003c/a\u003e CI: Print mkmf.log on failure on Macos\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ged/ruby-pg/compare/v1.6.2...v1.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `puma` from 7.0.4 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/puma/puma/releases\"\u003epuma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003e7.1.0 / 2025-10-16 - Neon Witch\u003c/h2\u003e\n\u003cp\u003e\u003cimg src=\"https://github.com/user-attachments/assets/6f013211-35fb-46ce-84d8-00794e020294\" alt=\"neon_witch\" /\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eafter_worker_shutdown\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3707\"\u003e#3707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReintroduce keepalive \u0026quot;fast inline\u0026quot; behavior. Provides faster (8x on JRuby \u0026amp; 1.4x on Ruby) pipeline processing  (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3794\"\u003e#3794\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSkip reading zero bytes when request body is buffered (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3795\"\u003e#3795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e logging twice with prune_bundler enabled (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3778\"\u003e#3778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix prune_bundler not showing in \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e output (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3779\"\u003e#3779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGuard ThreadPool method call, which may be nil during shutdown (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3791\"\u003e#3791\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/puma/puma/issues/3790\"\u003e#3790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eThread.current.puma_server\u003c/code\u003e in Thread init code, not every request (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3774\"\u003e#3774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix race condition while deleting pidfile (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3657\"\u003e#3657\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nerdrew\"\u003e\u003ccode\u003e@​nerdrew\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3707\"\u003epuma/puma#3707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mopp\"\u003e\u003ccode\u003e@​mopp\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3783\"\u003epuma/puma#3783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marksmith\"\u003e\u003ccode\u003e@​marksmith\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3657\"\u003epuma/puma#3657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Nymuxyzo\"\u003e\u003ccode\u003e@​Nymuxyzo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3762\"\u003epuma/puma#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/puma/puma/compare/v7.0.4...v7.1.0\"\u003ehttps://github.com/puma/puma/compare/v7.0.4...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/puma/puma/blob/main/History.md\"\u003epuma's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.1.0 / 2025-10-16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eafter_worker_shutdown\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3707\"\u003e#3707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReintroduce keepalive \u0026quot;fast inline\u0026quot; behavior. Provides faster (8x on JRuby \u0026amp; 1.4x on Ruby) pipeline processing  (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3794\"\u003e#3794\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSkip reading zero bytes when request body is buffered (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3795\"\u003e#3795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e logging twice with prune_bundler enabled (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3778\"\u003e#3778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix prune_bundler not showing in \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e output (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3779\"\u003e#3779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGuard ThreadPool method call, which may be nil during shutdown (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3791\"\u003e#3791\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/puma/puma/issues/3790\"\u003e#3790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eThread.current.puma_server\u003c/code\u003e in Thread init code, not every request (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3774\"\u003e#3774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix race condition while deleting pidfile (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3657\"\u003e#3657\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/fb2a0733e938c8786e033f22dc5bf66727dddb3a\"\u003e\u003ccode\u003efb2a073\u003c/code\u003e\u003c/a\u003e v7.1.0 (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3797\"\u003e#3797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/4edb9e9b16835aa24bd037a88dad4d34a76952e4\"\u003e\u003ccode\u003e4edb9e9\u003c/code\u003e\u003c/a\u003e \u003ccode\u003eclient.rb\u003c/code\u003e - \u003ccode\u003eread_body\u003c/code\u003e - cleanup last lines of method (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3798\"\u003e#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/84a568ab1c4d0c5cd0d29a167f5facba9699a35c\"\u003e\u003ccode\u003e84a568a\u003c/code\u003e\u003c/a\u003e Update wait_for_less_busy_worker docs (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/e59a6049c3fc08ac2bd906a10d199bdf3949eb04\"\u003e\u003ccode\u003ee59a604\u003c/code\u003e\u003c/a\u003e Initialize only essential \u003ccode\u003eLauncher\u003c/code\u003e state before \u003ccode\u003eprune_bundler\u003c/code\u003e restart (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/6844de7c4f2503751bad5e9c141de2bdb067f452\"\u003e\u003ccode\u003e6844de7\u003c/code\u003e\u003c/a\u003e client.rb - Skip reading zero bytes when request body is buffered (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3795\"\u003e#3795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/1d3d6b792cdc870171d27cafbd0b7ceaf5e2dfb7\"\u003e\u003ccode\u003e1d3d6b7\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003eThread.current.puma_server\u003c/code\u003e in Thread init code, not every request (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3774\"\u003e#3774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/9b34cde2c5ddf7fd65bfd5f8aea811659226662e\"\u003e\u003ccode\u003e9b34cde\u003c/code\u003e\u003c/a\u003e Adding syntax highlighting in k8s docs (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3782\"\u003e#3782\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/a2bd2f63476a719faa02eacac94b274d0cee1f6d\"\u003e\u003ccode\u003ea2bd2f6\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eprune_bundler\u003c/code\u003e to \u003ccode\u003eConfiguration::DEFAULTS\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3779\"\u003e#3779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/d7a0854a39bbb3f06f12c4a180e42ee6d36f7985\"\u003e\u003ccode\u003ed7a0854\u003c/code\u003e\u003c/a\u003e ci: Update hey benchmark files, minor fixes and formatting (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3796\"\u003e#3796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/ff08099b1fc702093261a90e92da09feb577c683\"\u003e\u003ccode\u003eff08099\u003c/code\u003e\u003c/a\u003e ci: Update Update test/rackup/sleep_fibonacci.ru, add test script (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3793\"\u003e#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/puma/puma/compare/v7.0.4...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionpack` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/actionpack/CHANGELOG.md\"\u003eactionpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSubmit test requests using \u003ccode\u003eas: :html\u003c/code\u003e with \u003ccode\u003eContent-Type: x-www-form-urlencoded\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSean Doyle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd link-local IP ranges to \u003ccode\u003eActionDispatch::RemoteIp\u003c/code\u003e default proxies.\u003c/p\u003e\n\u003cp\u003eLink-local addresses (\u003ccode\u003e169.254.0.0/16\u003c/code\u003e for IPv4 and \u003ccode\u003efe80::/10\u003c/code\u003e for IPv6)\nare now included in the default trusted proxy list, similar to private IP ranges.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAdam Daniels\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eremote_ip\u003c/code\u003e will no longer ignore IPs in X-Forwarded-For headers if they\nare accompanied by port information.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDuncan Brown\u003c/em\u003e, \u003cem\u003ePrevenios Marinos\u003c/em\u003e, \u003cem\u003eMasafumi Koba\u003c/em\u003e, \u003cem\u003eAdam Daniels\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eaction_dispatch.verbose_redirect_logs\u003c/code\u003e setting that logs where redirects were called from.\u003c/p\u003e\n\u003cp\u003eSimilar to \u003ccode\u003eactive_record.verbose_query_logs\u003c/code\u003e and \u003ccode\u003eactive_job.verbose_enqueue_logs\u003c/code\u003e, this adds a line in your logs that shows where a redirect was called from.\u003c/p\u003e\n\u003cp\u003eExample:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eRedirected to http://localhost:3000/posts/1\n↳ app/controllers/posts_controller.rb:32:in `block (2 levels) in create'\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eDennis Paagman\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd engine route filtering and better formatting in \u003ccode\u003ebin/rails routes\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAllow engine routes to be filterable in the routing inspector, and\nimprove formatting of engine routing output.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/271acd57d1430be8c92fbd8f19a2069e62425803\"\u003e\u003ccode\u003e271acd5\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/df9f43214c637c54773581c85c910b356b16fa44\"\u003e\u003ccode\u003edf9f432\u003c/code\u003e\u003c/a\u003e Allow methods starting with underscore to be action methods.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/62a109a53f1471274a150a267239441d0592f389\"\u003e\u003ccode\u003e62a109a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55947\"\u003e#55947\u003c/a\u003e from c0nspiracy/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0777f23945aa498c280279b16091789b402daa64\"\u003e\u003ccode\u003e0777f23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55921\"\u003e#55921\u003c/a\u003e from skipkayhil/hm-ykpyzlmxovpttksv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4663af7e5c5263fa7b5ec5cdd529fc0c357ae037\"\u003e\u003ccode\u003e4663af7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55922\"\u003e#55922\u003c/a\u003e from Shopify/event_subscriber_additionss\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ca45ef19a745b1283ba3bf6b1076c998a3e559e4\"\u003e\u003ccode\u003eca45ef1\u003c/code\u003e\u003c/a\u003e Remove mention of raise_on_open_redirects from doc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe BEGIN template annotation/comment was previously printed on the same line as the following element. We now insert a newline inside the comment so it spans two lines without adding visible whitespace to the HTML output to enhance readability.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;!-- BEGIN /Users/siaw23/Desktop/rails/actionview/test/fixtures/actionpack/test/greeting.html.erb --\u0026gt;\u0026lt;p\u0026gt;This is grand!\u0026lt;/p\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;!-- BEGIN /Users/siaw23/Desktop/rails/actionview/test/fixtures/actionpack/test/greeting.html.erb\n--\u0026gt;\u0026lt;p\u0026gt;This is grand!\u0026lt;/p\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eEmmanuel Hayford\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd structured events for Action View:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_template\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_partial\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_layout\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_collection\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_start\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eGannon McGibbon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix label with \u003ccode\u003efor\u003c/code\u003e option not getting prefixed by form \u003ccode\u003enamespace\u003c/code\u003e value\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAbeid Ahmed\u003c/em\u003e, \u003cem\u003eHartley McGuire\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003efetchpriority\u003c/code\u003e to Link headers to match HTML generated by \u003ccode\u003epreload_link_tag\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGuillermo Iguaran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd CSP \u003ccode\u003enonce\u003c/code\u003e to Link headers generated by \u003ccode\u003epreload_link_tag\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAlexander Gitter\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ecurrent_page?\u003c/code\u003e to match against specific HTTP method(s) with a \u003ccode\u003emethod:\u003c/code\u003e option.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eBen Sheldon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eautocomplete=\u0026quot;off\u0026quot;\u003c/code\u003e on hidden inputs generated by the following\ntags:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/271acd57d1430be8c92fbd8f19a2069e62425803\"\u003e\u003ccode\u003e271acd5\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ae6c5a23948f0a5c02a19ce625048b4579eace7d\"\u003e\u003ccode\u003eae6c5a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55989\"\u003e#55989\u003c/a\u003e from rails/rm-fix-remove_hidden_field_autocomplete\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1ace68361ed9e87fecbf32604c087d096f7b7f8a\"\u003e\u003ccode\u003e1ace683\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.rc1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d6f9f62d49750fee6a45f3672e2227d5c4198a62\"\u003e\u003ccode\u003ed6f9f62\u003c/code\u003e\u003c/a\u003e Make the Structured Event Subscriber emit events in format that are useful fo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4ae5bfc3a04db36d0f274b272eb68d6136ffb63b\"\u003e\u003ccode\u003e4ae5bfc\u003c/code\u003e\u003c/a\u003e Place template annotation on a separate line\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7d12071e9fe94bd5c01a488ef61718fe88de65b4\"\u003e\u003ccode\u003e7d12071\u003c/code\u003e\u003c/a\u003e Micro optimize ActiveRecord::RuntimeRegistry\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activemodel` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivemodel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/activemodel/CHANGELOG.md\"\u003eactivemodel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003ereset_token: { expires_in: ... }\u003c/code\u003e option to \u003ccode\u003ehas_secure_password\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAllows configuring the expiry duration of password reset tokens (default remains 15 minutes for backwards compatibility).\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003ehas_secure_password reset_token: { expires_in: 1.hour }\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJevin Sew\u003c/em\u003e, \u003cem\u003eAbeid Ahmed\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eexcept_on:\u003c/code\u003e option for validation callbacks.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eBen Sheldon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBackport \u003ccode\u003eActiveRecord::Normalization\u003c/code\u003e to \u003ccode\u003eActiveModel::Attributes::Normalization\u003c/code\u003e\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eclass User\n  include ActiveModel::Attributes\n  include ActiveModel::Attributes::Normalization\n\u003cp\u003eattribute :email, :string\u003c/p\u003e\n\u003cp\u003enormalizes :email, with: -\u0026gt; email { email.strip.downcase }\u003cbr /\u003e\nend\u003c/p\u003e\n\u003cp\u003euser = User.new\u003cbr /\u003e\nuser.email =    \u0026quot; \u003ca href=\"mailto:CRUISE-CONTROL@EXAMPLE.COM\"\u003eCRUISE-CONTROL@EXAMPLE.COM\u003c/a\u003e\\n\u0026quot;\u003cbr /\u003e\nuser.email # =\u0026gt; \u0026quot;\u003ca href=\"mailto:cruise-control@example.com\"\u003ecruise-control@example.com\u003c/a\u003e\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSean Doyle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease check \u003ca href=\"https://github.com/rails/rails/blob/8-0-stable/activemodel/CHANGELOG.md\"\u003e8-0-stable\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1ace68361ed9e87fecbf32604c087d096f7b7f8a\"\u003e\u003ccode\u003e1ace683\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.rc1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b182bc607041b640f1e5f51e678f3ca4ab077920\"\u003e\u003ccode\u003eb182bc6\u003c/code\u003e\u003c/a\u003e Give credit to the first author of this feature\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d0486d0aefc8a487a20a582868df7e0662fd3520\"\u003e\u003ccode\u003ed0486d0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55574\"\u003e#55574\u003c/a\u003e from jevin/feature/reset-password-token-duration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee29930f58bf125763aeecedaa5048d95f3f1d4b\"\u003e\u003ccode\u003eee29930\u003c/code\u003e\u003c/a\u003e ActiveModel::SecurePassword: configurable reset token expiry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2446a70b0eee6424c90e5a262600c337006096ad\"\u003e\u003ccode\u003e2446a70\u003c/code\u003e\u003c/a\u003e Removing the string option for validations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/80827ca7ff33ca3026f2c74fe8249ccc6f513318\"\u003e\u003ccode\u003e80827ca\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.beta1 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activerecord` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/activerecord/CHANGELOG.md\"\u003eactiverecord's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix SQLite3 data loss during table alterations with CASCADE foreign keys.\u003c/p\u003e\n\u003cp\u003eWhen altering a table in SQLite3 that is referenced by child tables with\n\u003ccode\u003eON DELETE CASCADE\u003c/code\u003e foreign keys, ActiveRecord would silently delete all\ndata from the child tables. This occurred because SQLite requires table\nrecreation for schema changes, and during this process the original table\nis temporarily dropped, triggering CASCADE deletes on child tables.\u003c/p\u003e\n\u003cp\u003eThe root cause was incorrect ordering of operations. The original code\nwrapped \u003ccode\u003edisable_referential_integrity\u003c/code\u003e inside a transaction, but\n\u003ccode\u003ePRAGMA foreign_keys\u003c/code\u003e cannot be modified inside a transaction in SQLite -\nattempting to do so simply has no effect. This meant foreign keys remained\nenabled during table recreation, causing CASCADE deletes to fire.\u003c/p\u003e\n\u003cp\u003eThe fix reverses the order to follow the official SQLite 12-step ALTER TABLE\nprocedure: \u003ccode\u003edisable_referential_integrity\u003c/code\u003e now wraps the transaction instead\nof being wrapped by it. This ensures foreign keys are properly disabled\nbefore the transaction starts and re-enabled after it commits, preventing\nCASCADE deletes while maintaining data integrity through atomic transactions.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRuy Rocha\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd replicas to test database parallelization setup.\u003c/p\u003e\n\u003cp\u003eSetup and configuration of databases for parallel testing now includes replicas.\u003c/p\u003e\n\u003cp\u003eThis fixes an issue when using a replica database, database selector middleware,\nand non-transactional tests, where integration tests running in parallel would select\nthe base test database, i.e. \u003ccode\u003edb_test\u003c/code\u003e, instead of the numbered parallel worker database,\ni.e. \u003ccode\u003edb_test_{n}\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAdam Maas\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport virtual (not persisted) generated columns on PostgreSQL 18+\u003c/p\u003e\n\u003cp\u003ePostgreSQL 18 introduces virtual (not persisted) generated columns,\nwhich are now the default unless the \u003ccode\u003estored: true\u003c/code\u003e option is explicitly specified on PostgreSQL 18+.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003ecreate_table :users do |t|\n  t.string :name\n  t.virtual :lower_name,  type: :string,  as: \u0026quot;LOWER(name)\u0026quot;, stored: false\n  t.virtual :name_length, type: :integer, as: \u0026quot;LENGTH(name)\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fe609bf5ac0e61f445de9bea40f89a058b465ead\"\u003e\u003ccode\u003efe609bf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/50598\"\u003e#50598\u003c/a\u003e from lucasmazza/lm/upsert_all-skip\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/334ed8f172d6e77516e9832567626af9965d435d\"\u003e\u003ccode\u003e334ed8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55969\"\u003e#55969\u003c/a\u003e from rails/fix-explain-tests-mysql-9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bffa22d59214a125add8385e12ec691ed623aff7\"\u003e\u003ccode\u003ebffa22d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55949\"\u003e#55949\u003c/a\u003e from ima1zumi/revert-53969-and-add-test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/be5e9fc703ee86a6ba12bbd7256c43142a3d07dc\"\u003e\u003ccode\u003ebe5e9fc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55945\"\u003e#55945\u003c/a\u003e from claudiob/create_enum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/04c6f1497eb3cd0f21449113747f2b72862a0937\"\u003e\u003ccode\u003e04c6f14\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55938\"\u003e#55938\u003c/a\u003e from aidanharan/truthy-condition-mssql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d4fb183ac2d8f6a3fad83e160c435ef4dbe9c149\"\u003e\u003ccode\u003ed4fb183\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55925\"\u003e#55925\u003c/a\u003e from flavorjones/flavorjones/shard-swap-prohibition...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/activesupport/CHANGELOG.md\"\u003eactivesupport's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated passing a Time object to \u003ccode\u003eTime#since\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eBenchmark.ms\u003c/code\u003e method. It is now defined in the \u003ccode\u003ebenchmark\u003c/code\u003e gem.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated addition for \u003ccode\u003eTime\u003c/code\u003e instances with \u003ccode\u003eActiveSupport::TimeWithZone\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated support for \u003ccode\u003eto_time\u003c/code\u003e to preserve the system local time. It will now always preserve the receiver\ntimezone.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003econfig.active_support.to_time_preserves_timezone\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStandardize event name formatting in \u003ccode\u003eassert_event_reported\u003c/code\u003e error messages.\u003c/p\u003e\n\u003cp\u003eThe event name in failure messages now uses \u003ccode\u003e.inspect\u003c/code\u003e (e.g., \u003ccode\u003ename: \u0026quot;user.created\u0026quot;\u003c/code\u003e)\nto match \u003ccode\u003eassert_events_reported\u003c/code\u003e and provide type clarity between strings and symbols.\nThis only affects tests that assert on the failure message format itself.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGeorge Ma\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eEnumerable#sole\u003c/code\u003e to return the full tuple instead of just the first element of the tuple.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eOlivier Bellone\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix parallel tests hanging when worker processes die abruptly.\u003c/p\u003e\n\u003cp\u003ePreviously, if a worker process was killed (e.g., OOM killed, \u003ccode\u003ekill -9\u003c/code\u003e) during parallel\ntest execution, the test suite would hang forever waiting for the dead worker.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoshua Young\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003econfig.active_support.escape_js_separators_in_json\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIntroduce a new framework default to skip escaping LINE SEPARATOR (U+2028) and PARAGRAPH SEPARATOR (U+2029) in JSON.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/234b56973bb453bb50850a1be07a2fcad7331592\"\u003e\u003ccode\u003e234b569\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56008\"\u003e#56008\u003c/a\u003e from chaadow/fix_nesting_loop_rails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/cd53d57fe363eef44dd4a58dbe69c77cad041550\"\u003e\u003ccode\u003ecd53d57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55962\"\u003e#55962\u003c/a\u003e from coderhs/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/096f1c7c77cf857a1ca12116678599faac2f0522\"\u003e\u003ccode\u003e096f1c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55943\"\u003e#55943\u003c/a\u003e from skipkayhil/hm-oyxvtrxvupxqzprn\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1ace68361ed9e87fecbf32604c087d096f7b7f8a\"\u003e\u003ccode\u003e1ace683\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.rc1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d156ee00602eab9044bc23ac8de8f245379d6af5\"\u003e\u003ccode\u003ed156ee0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55871\"\u003e#55871\u003c/a\u003e from Shopify/refresh_event_reporter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/48ca2f8b91f69ae7c08cc16426481a5e17fd2209\"\u003e\u003ccode\u003e48ca2f8\u003c/code\u003e\u003c/a\u003e Load core extensions with require_relative\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `railties` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003erailties's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/railties/CHANGELOG.md\"\u003erailties's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDo not assume and force SSL in production by default when using Kamal, to allow for out of the box Kamal deployments.\u003c/p\u003e\n\u003cp\u003eIt is still recommended to assume and force SSL in production as soon as you can.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJerome Dalbert\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSuggest \u003ccode\u003ebin/rails action_text:install\u003c/code\u003e from Action Dispatch error page\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSean Doyle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eSTATS_DIRECTORIES\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003ebin/rake stats\u003c/code\u003e command.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003erails/console/methods.rb\u003c/code\u003e file.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't generate system tests by default.\u003c/p\u003e\n\u003cp\u003eRails scaffold generator will no longer generate system tests by default. To enable this pass \u003ccode\u003e--system-tests=true\u003c/code\u003e or generate them with \u003ccode\u003ebin/rails generate system_test name_of_test\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eEileen M. Uchitelle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOptionally skip bundler-audit.\u003c/p\u003e\n\u003cp\u003eSkips adding the \u003ccode\u003ebin/bundler-audit\u003c/code\u003e \u0026amp; \u003ccode\u003econfig/bundler-audit.yml\u003c/code\u003e if the gem is not installed when \u003ccode\u003ebin/rails app:update\u003c/code\u003e runs.\u003c/p\u003e\n\u003cp\u003ePasses an option to \u003ccode\u003e--skip-bundler-audit\u003c/code\u003e when new apps are generated \u0026amp; adds that same option to the \u003ccode\u003e--minimal\u003c/code\u003e generator flag.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJill Klang\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eShow engine routes in \u003ccode\u003e/rails/info/routes\u003c/code\u003e as well.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePetrik de Heus\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExclude \u003ccode\u003easset_path\u003c/code\u003e configuration from Kamal \u003ccode\u003edeploy.yml\u003c/code\u003e for API applications.\u003c/p\u003e\n\u003cp\u003eAPI applications don't serve assets, so the \u003ccode\u003easset_path\u003c/code\u003e configuration in \u003ccode\u003edeploy.yml\u003c/code\u003e\nis not needed and can cause 404 errors on in-flight requests. The asset_path is now\nonly included for regular Rails applications that serve assets.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/89cb7bff192ce71267ae76f38942ca8f306ce273\"\u003e\u003ccode\u003e89cb7bf\u003c/code\u003e\u003c/a\u003e Fix railties/CHANGELOG.md offense at 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7919bdab44688f1e7f121bc36a76169787cdfe60\"\u003e\u003ccode\u003e7919bda\u003c/code\u003e\u003c/a\u003e Restore header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f007f9ca53448379246a1901b213bd57955af26c\"\u003e\u003ccode\u003ef007f9c\u003c/code\u003e\u003c/a\u003e Disable SSL default config for out of the box Kamal deployments (\u003ca href=\"https://redirect.github.com/rails/rails/issues/56010\"\u003e#56010\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29606f8c7b3aea3991343ee2c1aa5dd1860df283\"\u003e\u003ccode\u003e29606f8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55964\"\u003e#55964\u003c/a\u003e from viralpraxis/skip-ci-rb-tests-if-tests-are-skipped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5e231ae6548f1c5686f75e61832638937b134961\"\u003e\u003ccode\u003e5e231ae\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/54914\"\u003e#54914\u003c/a\u003e from chaadow/fix_autoloaded_content_helper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1a8109e0fe8f10fa38a8f6c7fb11daf8a09394d5\"\u003e\u003ccode\u003e1a8109e\u003c/code\u003e\u003c/a\u003e Actually turn this off by default too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/25af9250bf072ac24df2ea058c12284da5a99948\"\u003e\u003ccode\u003e25af925\u003c/code\u003e\u003c/a\u003e Kamal localhost registry (\u003ca href=\"https://redirect.github.com/rails/rails/issues/55934\"\u003e#55934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f58a75a5cf35a94cbf8a45fa64b95a0ea9055e64\"\u003e\u003ccode\u003ef58a75a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55940\"\u003e#55940\u003c/a\u003e from jeromedalbert/fix-ci-yml-whitespace\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bootsnap` from 1.18.6 to 1.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/bootsnap/releases\"\u003ebootsnap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle broken symlinks in load path scanning code.\nShould fix \u003ccode\u003eErrno::ENOENT fstatat\u003c/code\u003e issues some users have encountered after upgrading to 1.20.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rails/bootsnap/compare/v1.20.0...v1.20.1\"\u003ehttps://github.com/rails/bootsnap/compare/v1.20.0...v1.20.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptimized load path scanning with a C extension. Should be about 2x faster on supported platforms.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rails/bootsnap/compare/v1.19.0...v1.20.0\"\u003ehttps://github.com/rails/bootsnap/compare/v1.19.0...v1.20.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/bootsnap/blob/main/CHANGELOG.md\"\u003ebootsnap's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandle broken symlinks in load path scanning code.\nShould fix \u003ccode\u003eErrno::ENOENT fstatat\u003c/code\u003e issues some users have encountered after upgrading to 1.20.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOptimized load path scanning with a C extension. Should be about 2x faster on supported platforms.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.19.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove JSON parsing cache. Recent versions of the \u003ccode\u003ejson\u003c/code\u003e gem are as fast as \u003ccode\u003emsgpack\u003c/code\u003e if not faster.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/ba59bb8e012ddbe592b0de85d06304afed65688c\"\u003e\u003ccode\u003eba59bb8\u003c/code\u003e\u003c/a\u003e Release 1.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/302b7dbbc31c917456369fe136b86c1ffc591a64\"\u003e\u003ccode\u003e302b7db\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/bootsnap/issues/514\"\u003e#514\u003c/a\u003e from byroot/handle-broken-symlink\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/fd1ddc33aa8a247e204c152ec700167b285188b2\"\u003e\u003ccode\u003efd1ddc3\u003c/code\u003e\u003c/a\u003e Handle broken symlinks in load path\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/fac34b899341134389dd8067678230d95e409939\"\u003e\u003ccode\u003efac34b8\u003c/code\u003e\u003c/a\u003e Release 1.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/71311d4c599a2d4eebec29652889577ff430499c\"\u003e\u003ccode\u003e71311d4\u003c/code\u003e\u003c/a\u003e Include Bootsnap::VERSION in LoadPathCache version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/f5c43ac14b11e9771155d5a5a402c6a8ef0f8ef6\"\u003e\u003ccode\u003ef5c43ac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/bootsnap/issues/512\"\u003e#512\u003c/a\u003e from byroot/prune-load-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/f94f668c545122c26462d31cec647095282b68a1\"\u003e\u003ccode\u003ef94f668\u003c/code\u003e\u003c/a\u003e Stop caching directories in LoadPathCache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/e3b5292b2f00012130b2529ec01ac42bdddbe0b2\"\u003e\u003ccode\u003ee3b5292\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/bootsnap/issues/511\"\u003e#511\u003c/a\u003e from byroot/c-ext-load-path-scan\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/e91dd2158b014d7f233028475942b9fbe2c9ed2c\"\u003e\u003ccode\u003ee91dd21\u003c/code\u003e\u003c/a\u003e Implement PathScanner in C to avoid N+1 \u003ccode\u003estat(2)\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/c77d5ccfec3188c8feb259963eaad5debc955bcf\"\u003e\u003ccode\u003ec77d5cc\u003c/code\u003e\u003c/a\u003e Cleanup the c extension\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/bootsnap/compare/v1.18.6...v1.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faker` from 3.5.2 to 3.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/faker-ruby/faker/releases\"\u003efaker's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/faker-ruby/faker/tree/v3.5.3\"\u003ev3.5.3\u003c/a\u003e (2025-12-02)\u003c/h2\u003e\n\u003cp\u003eWishing you a cozy and calm Holiday season ☃️\u003c/p\u003e\n\u003cp\u003eThis version adds and improves some locales, fixes some bugs, and deprecates some generators.\u003c/p\u003e\n\u003cp\u003eThanks to all contributors!\u003c/p\u003e\n\u003ch2\u003eDeprecated generators\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: move \u003ccode\u003eFaker::BossaNova\u003c/code\u003e under \u003ccode\u003eFaker::Music::BossaNova\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3140\"\u003efaker-ruby/faker#3140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eFaker::Twitter\u003c/code\u003e in favor of \u003ccode\u003eFaker::X\u003c/code\u003e and update attributes by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3138\"\u003efaker-ruby/faker#3138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eImprovements \u0026amp; Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate entry \u003ccode\u003eamateur radio\u003c/code\u003e from \u003ccode\u003elocales/en/hobby.yml\u003c/code\u003e by \u003ca href=\"https://github.com/Leenday\"\u003e\u003ccode\u003e@​Leenday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3099\"\u003efaker-ruby/faker#3099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/faker-ruby/faker/issues/3114\"\u003e#3114\u003c/a\u003e: prevent scientific notation when generating bank account number by \u003ca href=\"https://github.com/AhmedHisham552\"\u003e\u003ccode\u003e@​AhmedHisham552\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3118\"\u003efaker-ruby/faker#3118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: typos in locales for \u003ccode\u003eoverwatch.yml\u003c/code\u003e, \u003ccode\u003erajnikanth.yml\u003c/code\u003e and \u003ccode\u003estreet_fighter.ym\u003c/code\u003e by \u003ca href=\"https://github.com/smorttey\"\u003e\u003ccode\u003e@​smorttey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3106\"\u003efaker-ruby/faker#3106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eArtist\u003c/code\u003e translations for the japanese locale by \u003ca href=\"https://github.com/neco-nico\"\u003e\u003ccode\u003e@​neco-nico\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3110\"\u003efaker-ruby/faker#3110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecountry_code\u003c/code\u003e to Estonia locale (\u003ccode\u003elocales/ee.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/HassanAkbar\"\u003e\u003ccode\u003e@​HassanAkbar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3111\"\u003efaker-ruby/faker#3111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReformat Arabic locale (\u003ccode\u003elocales/ar.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/ramzieus\"\u003e\u003ccode\u003e@​ramzieus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3130\"\u003efaker-ruby/faker#3130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: Improve UK Phone number false failure hit-rate by \u003ca href=\"https://github.com/luke-hill\"\u003e\u003ccode\u003e@​luke-hill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3136\"\u003efaker-ruby/faker#3136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprovements and fixes for Elder Scrolls locale (\u003ccode\u003eelder_scrolls.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3129\"\u003efaker-ruby/faker#3129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd en-GB ID Numbers (aka National Insurance Numbers) by \u003ca href=\"https://github.com/stefanjcollier\"\u003e\u003ccode\u003e@​stefanjcollier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3032\"\u003efaker-ruby/faker#3032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate ukrainian city locales to the modern ones by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3127\"\u003efaker-ruby/faker#3127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevamp the docs to make them easier to find by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3151\"\u003efaker-ruby/faker#3151\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etest: fix flaky test on \u003ccode\u003eFaker::IdNumber\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3126\"\u003efaker-ruby/faker#3126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove minitest dependency on i18n reload test by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3149\"\u003efaker-ruby/faker#3149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused release workflow by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3133\"\u003efaker-ruby/faker#3133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eUpdate local dependencies\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump benchmark from 0.4.1 to 0.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3122\"\u003efaker-ruby/faker#3122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump rake from 13.3.0 to 13.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3124\"\u003efaker-ruby/faker#3124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump test-unit from 3.7.0 to 3.7.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3128\"\u003efaker-ruby/faker#3128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump rubocop-minitest from 0.38.1 to 0.38.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3116\"\u003efaker-ruby/faker#3116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump dependencies by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3141\"\u003efaker-ruby/faker#3141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump Minitest version to \u003ccode\u003ev5.26.1\u003c/code\u003e and fix issues by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3144\"\u003efaker-ruby/faker#3144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump rubocop version to \u003ccode\u003ev1.81.7\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3143\"\u003efaker-ruby/faker#3143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Leenday\"\u003e\u003ccode\u003e@​Leenday\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3099\"\u003efaker-ruby/faker#3099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/AhmedHisham552\"\u003e\u003ccode\u003e@​AhmedHisham552\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3118\"\u003efaker-ruby/faker#3118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/smorttey\"\u003e\u003ccode\u003e@​smorttey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3106\"\u003efaker-ruby/faker#3106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/neco-nico\"\u003e\u003ccode\u003e@​neco-nico\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3110\"\u003efaker-ruby/faker#3110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HassanAkbar\"\u003e\u003ccode\u003e@​HassanAkbar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3111\"\u003efaker-ruby/faker#3111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ramzieus\"\u003e\u003ccode\u003e@​ramzieus\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3130\"\u003efaker-ruby/faker#3130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luke-hill\"\u003e\u003ccode\u003e@​luke-hill\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3136\"\u003efaker-ruby/faker#3136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3129\"\u003efaker-ruby/faker#3129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stefanjcollier\"\u003e\u003ccode\u003e@​stefanjcollier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3032\"\u003efaker-ruby/faker#3032\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md\"\u003efaker's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/faker-ruby/faker/tree/v3.5.3\"\u003ev3.5.3\u003c/a\u003e (2025-12-02)\u003c/h2\u003e\n\u003cp\u003eWishing you a cozy and calm Holiday season ☃️\u003c/p\u003e\n\u003cp\u003eThis version adds and improves some locales, fixes some bugs, and deprecates some generators.\u003c/p\u003e\n\u003cp\u003eThanks to all contributors!\u003c/p\u003e\n\u003ch3\u003eDeprecated generators\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: move \u003ccode\u003eFaker::BossaNova\u003c/code\u003e under \u003ccode\u003eFaker::Music::BossaNova\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3140\"\u003efaker-ruby/faker#3140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eFaker::Twitter\u003c/code\u003e in favor of \u003ccode\u003eFaker::X\u003c/code\u003e and update attributes by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3138\"\u003efaker-ruby/faker#3138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements \u0026amp; Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate entry \u003ccode\u003eamateur radio\u003c/code\u003e from \u003ccode\u003elocales/en/hobby.yml\u003c/code\u003e by \u003ca href=\"https://github.com/Leenday\"\u003e\u003ccode\u003e@​Leenday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3099\"\u003efaker-ruby/faker#3099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/faker-ruby/faker/issues/3114\"\u003e#3114\u003c/a\u003e: prevent scientific notation when generating bank account number by \u003ca href=\"https://github.com/AhmedHisham552\"\u003e\u003ccode\u003e@​AhmedHisham552\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3118\"\u003efaker-ruby/faker#3118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: typos in locales for \u003ccode\u003eoverwatch.yml\u003c/code\u003e, \u003ccode\u003erajnikanth.yml\u003c/code\u003e and \u003ccode\u003estreet_fighter.ym\u003c/code\u003e by \u003ca href=\"https://github.com/smorttey\"\u003e\u003ccode\u003e@​smorttey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3106\"\u003efaker-ruby/faker#3106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eArtist\u003c/code\u003e translations for the japanese locale by \u003ca href=\"https://github.com/neco-nico\"\u003e\u003ccode\u003e@​neco-nico\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3110\"\u003efaker-ruby/faker#3110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecountry_code\u003c/code\u003e to Estonia locale (\u003ccode\u003elocales/ee.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/HassanAkbar\"\u003e\u003ccode\u003e@​HassanAkbar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3111\"\u003efaker-ruby/faker#3111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReformat Arabic locale (\u003ccode\u003elocales/ar.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/ramzieus\"\u003e\u003ccode\u003e@​ramzieus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3130\"\u003efaker-ruby/faker#3130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: Improve UK Phone number false failure hit-rate by \u003ca href=\"https://github.com/luke-hill\"\u003e\u003ccode\u003e@​luke-hill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3136\"\u003efaker-ruby/faker#3136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprovements and fixes for Elder Scrolls locale (\u003ccode\u003eelder_scrolls.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3129\"\u003efaker-ruby/faker#3129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd en-GB ID Numbers (aka National Insurance Numbers) by \u003ca href=\"https://github.com/stefanjcollier\"\u003e\u003ccode\u003e@​stefanjcollier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3032\"\u003efaker-ruby/faker#3032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate ukrainian city locales to the modern ones by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3127\"\u003efaker-ruby/faker#3127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevamp the docs to make them easier to find by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3151\"\u003efaker-ruby/faker#3151\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest: fix flaky test on \u003ccode\u003eFaker::IdNumber\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3126\"\u003efaker-ruby/faker#3126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove minitest dependency on i18n reload test by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3149\"\u003efaker-ruby/faker#3149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused release workflow by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3133\"\u003efaker-ruby/faker#3133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUpdate local dependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump benchmark from 0.4.1 to 0.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca ...\n\n_Description has been truncated_","html_url":"https://github.com/ministryofjustice/hmcts-common-platform-mock-api/pull/1031","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ministryofjustice%2Fhmcts-common-platform-mock-api/issues/1031","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1031/packages"},{"uuid":"3776136857","node_id":"PR_kwDOPoFa3c67Ri1i","number":137,"state":"open","title":"chore(deps): bump sinatra and sinatra-contrib in /new_app_ruby","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-02T11:04:14.000Z","updated_at":"2026-01-02T11:04:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"sinatra","repository_url":"https://github.com/sinatra/sinatra","old_version":"3.2.0","new_version":"4.2.1"},{"name":"sinatra-contrib","repository_url":"https://github.com/sinatra/sinatra","old_version":"3.2.0","new_version":"4.2.1"}],"path":"/new_app_ruby","ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) and [sinatra-contrib](https://github.com/sinatra/sinatra). These dependencies needed to be updated together.\nUpdates `sinatra` from 3.2.0 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.2.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra-contrib` from 3.2.0 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra-contrib's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/7b50a1bbb5324838908dfaa00ec53ad322673a29\"\u003e\u003ccode\u003e7b50a1b\u003c/code\u003e\u003c/a\u003e 4.1.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2068\"\u003e#2068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/73f3291d114b5b211e067263eeb9c0e197fe8500\"\u003e\u003ccode\u003e73f3291\u003c/code\u003e\u003c/a\u003e 4.1.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2063\"\u003e#2063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ef00c6a0db0ef31143e529e7e6edddf2d5c99653\"\u003e\u003ccode\u003eef00c6a\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSinatra::HamlHelpers\u003c/code\u003e docs (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2046\"\u003e#2046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/973c936319af9132d7ab2f60985e359d0c75c93e\"\u003e\u003ccode\u003e973c936\u003c/code\u003e\u003c/a\u003e Fix compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5640495babcb4cfd69ba650b293660b7446402da\"\u003e\u003ccode\u003e5640495\u003c/code\u003e\u003c/a\u003e Fix typos in changelog, readme and code comments (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a\"\u003e\u003ccode\u003eb626e2d\u003c/code\u003e\u003c/a\u003e 4.0.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1996\"\u003e#1996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/e56f657bed6c3b1cb5492e7a8cf995013c4388b5\"\u003e\u003ccode\u003ee56f657\u003c/code\u003e\u003c/a\u003e Require Ruby 2.7.8 as minimum Ruby version (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1993\"\u003e#1993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/8a17d4bbe09e22350b6277f665d6552d4160dde7\"\u003e\u003ccode\u003e8a17d4b\u003c/code\u003e\u003c/a\u003e Add support for Rack 3, drop support for Rack 2 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1857\"\u003e#1857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.2.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DevOps-Valgfag/WhoKnows/pull/137","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DevOps-Valgfag%2FWhoKnows/issues/137","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/137/packages"},{"uuid":"3771316161","node_id":"PR_kwDOQrIdTs67B44r","number":1,"state":"closed","title":"Bump the bundler group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-11T00:48:20.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-30T21:18:17.000Z","updated_at":"2026-03-11T00:48:22.000Z","time_to_close":6060603,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":6,"packages":[{"name":"uri","old_version":"1.0.3","new_version":"1.0.4","repository_url":"https://github.com/ruby/uri"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"rack","old_version":"3.2.1","new_version":"3.2.4","repository_url":"https://github.com/rack/rack"},{"name":"aws-sdk-s3","old_version":"1.197.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"net-imap","old_version":"0.5.5","new_version":"0.5.7","repository_url":"https://github.com/ruby/net-imap"},{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uri](https://github.com/ruby/uri) | `1.0.3` | `1.0.4` |\n| [rexml](https://github.com/ruby/rexml) | `3.4.0` | `3.4.2` |\n| [rack](https://github.com/rack/rack) | `3.2.1` | `3.2.4` |\n| [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) | `1.197.0` | `1.208.0` |\n| [net-imap](https://github.com/ruby/net-imap) | `0.5.5` | `0.5.7` |\n| [sinatra](https://github.com/sinatra/sinatra) | `4.1.1` | `4.2.0` |\n\n\nUpdates `uri` from 1.0.3 to 1.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/uri/releases\"\u003euri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.4\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/\"\u003eCVE-2025-61594\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.0.4\"\u003ehttps://github.com/ruby/uri/compare/v1.0.3...v1.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/e5074739c3f28e03a26f6a1daa2a051fdbc3e774\"\u003e\u003ccode\u003ee507473\u003c/code\u003e\u003c/a\u003e Bump up to v1.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/d3116ca66a3b1c97dc7577f9d2d6e353f391cd6a\"\u003e\u003ccode\u003ed3116ca\u003c/code\u003e\u003c/a\u003e Merge branch 'CVE-2025-61594-3-4' into HEAD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/6c6449e15ffae7027bfe83134f0419f682e0b1ad\"\u003e\u003ccode\u003e6c6449e\u003c/code\u003e\u003c/a\u003e Add authority accessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/5cec76b9e8777764344fd4aee140e309ad207b68\"\u003e\u003ccode\u003e5cec76b\u003c/code\u003e\u003c/a\u003e Clear user info totally at setting any of authority info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.4.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.2.1 to 3.2.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c24539777db8833d78f881680cd245878cfba31\"\u003e\u003ccode\u003e4c24539\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3ba5e4f22f55abac21037bb137e56e5c8e36b673\"\u003e\u003ccode\u003e3ba5e4f\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/32bf8887d00bd86494f0ce08c46cda59a65d332f\"\u003e\u003ccode\u003e32bf888\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f\"\u003e\u003ccode\u003ee179614\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784\"\u003e\u003ccode\u003e57277b7\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/403b74b2441d666845177ce769036e294f663712\"\u003e\u003ccode\u003e403b74b\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fb395bb48925bba30d090938380c4090f5ae53de\"\u003e\u003ccode\u003efb395bb\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bce149b11154e851c437b5ece1c026c943f4b571\"\u003e\u003ccode\u003ebce149b\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3beacfcd494ec5600c9022d561cfa2f556a524d1\"\u003e\u003ccode\u003e3beacfc\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e\"\u003e\u003ccode\u003e589127f\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rack/rack/compare/v3.2.1...v3.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.197.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `net-imap` from 0.5.5 to 0.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/net-imap/releases\"\u003enet-imap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security\u003c/h3\u003e\n\u003cp\u003eThis release adds two features to prevent unbounded memory use: the \u003ccode\u003eresponse_handlers\u003c/code\u003e keyword argument to \u003ca href=\"https://ruby.github.io/net-imap/Net/IMAP.html#method-c-new\"\u003e\u003ccode\u003eNet::IMAP.new\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/419\"\u003eruby/net-imap#419\u003c/a\u003e) so response handlers can be added before the server can send any responses, and the \u003ca href=\"https://ruby.github.io/net-imap/Net/IMAP/Config.html#attribute-i-max_response_size\"\u003e\u003ccode\u003emax_response_size\u003c/code\u003e\u003c/a\u003e config attribute (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/444\"\u003eruby/net-imap#444\u003c/a\u003e, GHSA-j3g3-5qv5-52mj, CVE-2025-43857, reported by \u003ca href=\"https://github.com/Masamuneee\"\u003e\u003ccode\u003e@​Masamuneee\u003c/code\u003e\u003c/a\u003e).\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThe default \u003ca href=\"https://ruby.github.io/net-imap/Net/IMAP/Config.html#attribute-i-max_response_size\"\u003e\u003ccode\u003emax_response_size\u003c/code\u003e\u003c/a\u003e is extremely high, to avoid issues with secure connections to trusted servers that are well-behaved.  It can be configured more conservatively to guard against untrusted servers (for example, connecting to user-provided hostnames).  \u003cem\u003eIt is the responsibility of \u003ccode\u003enet-imap\u003c/code\u003e users to configure their client appropriately for the server they are connecting to.\u003c/em\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Track IMAP connection state by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/416\"\u003eruby/net-imap#416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Add \u003ccode\u003eresponse_handlers\u003c/code\u003e kwarg to \u003ccode\u003eNet::IMAP.new\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/419\"\u003eruby/net-imap#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Customize SequenceSet YAML serialization by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/432\"\u003eruby/net-imap#432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Limit \u003ccode\u003emax_response_size\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/444\"\u003eruby/net-imap#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📚 Improve docs for unbounded memory use and thread safety by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/418\"\u003eruby/net-imap#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e📚 Impove SequenceSet docs by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/420\"\u003eruby/net-imap#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e📚 Doc improvements for open_timeout, etc by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/424\"\u003eruby/net-imap#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Reorganize \u003ccode\u003eConfig.version_defaults\u003c/code\u003e creation by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/412\"\u003eruby/net-imap#412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Refactor Config attr type coercion by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/417\"\u003eruby/net-imap#417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️  Refactor \u003ccode\u003eNet::IMAP#get_response\u003c/code\u003e (internal) by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/422\"\u003eruby/net-imap#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Rational config versions by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/429\"\u003eruby/net-imap#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Extract ResponseReader from \u003ccode\u003eget_response\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/433\"\u003eruby/net-imap#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Refactor ResponseReader by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/435\"\u003eruby/net-imap#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump step-security/harden-runner from 2.10.4 to 2.11.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/409\"\u003eruby/net-imap#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✅ Make FakeServer more robust against disconnect by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/414\"\u003eruby/net-imap#414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✅ Improvements to FakeServer (tests only) by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/415\"\u003eruby/net-imap#415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✅ Ignore more IO errors in some FakeServer tests by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/421\"\u003eruby/net-imap#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e⬆️ Bump step-security/harden-runner from 2.11.0 to 2.11.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/423\"\u003eruby/net-imap#423\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.5.6...v0.5.7\"\u003ehttps://github.com/ruby/net-imap/compare/v0.5.6...v0.5.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security Fix\u003c/h3\u003e\n\u003cp\u003eFixes CVE-2025-25186 (GHSA-7fc5-f82f-cx69): A malicious server can exhaust client memory by sending \u003ccode\u003eAPPENDUID\u003c/code\u003e or \u003ccode\u003eCOPYUID\u003c/code\u003e responses with very large \u003ccode\u003euid-set\u003c/code\u003e ranges. \u003ccode\u003eNet::IMAP::UIDPlusData\u003c/code\u003e expands these ranges into arrays of integers.\u003c/p\u003e\n\u003ch4\u003eFix with minor API changes\u003c/h4\u003e\n\u003cp\u003eSet \u003ccode\u003econfig.parser_use_deprecated_uidplus_data\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e to replace \u003ccode\u003eUIDPlusData\u003c/code\u003e with \u003ccode\u003eAppendUIDData\u003c/code\u003e and \u003ccode\u003eCopyUIDData\u003c/code\u003e.  These classes store their UIDs as \u003ccode\u003eNet::IMAP::SequenceSet\u003c/code\u003e objects (\u003cem\u003enot\u003c/em\u003e expanded into arrays of integers).  Code that does not handle \u003ccode\u003eAPPENDUID\u003c/code\u003e or \u003ccode\u003eCOPYUID\u003c/code\u003e responses should not see any difference.  Code that does handle these responses \u003cem\u003emay\u003c/em\u003e need to be updated.\u003c/p\u003e\n\u003cp\u003eFor v0.3.8, this option is not available\nFor v0.4.19, the default value is \u003ccode\u003etrue\u003c/code\u003e.\nFor v0.5.6, the default value is \u003ccode\u003e:up_to_max_size\u003c/code\u003e.\nFor v0.6.0, the only allowed value will be \u003ccode\u003efalse\u003c/code\u003e  \u003cem\u003e(\u003ccode\u003eUIDPlusData\u003c/code\u003e will be removed from v0.6)\u003c/em\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/364869b4e674e6c2dd240835b0f3b1e5436fff82\"\u003e\u003ccode\u003e364869b\u003c/code\u003e\u003c/a\u003e 🔖 Bump version to v0.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/10137ba91dbfe6abc3c53d7229e1b368f899ed9c\"\u003e\u003ccode\u003e10137ba\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/444\"\u003e#444\u003c/a\u003e from ruby/limit-response-size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b6bdee27a5cd38dd386042f43fec160840fe7562\"\u003e\u003ccode\u003eb6bdee2\u003c/code\u003e\u003c/a\u003e ✨ Make max_response_size configurable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/0ae8576c1a90bcd9573f81bdad4b4b824642d105\"\u003e\u003ccode\u003e0ae8576\u003c/code\u003e\u003c/a\u003e ✨ Limit max response size to 512MiB (hard-coded)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b32b6751af061b4f0d50c818512b5b41d8fbe951\"\u003e\u003ccode\u003eb32b675\u003c/code\u003e\u003c/a\u003e ♻️ Save ResponseReader ivars: \u003ca href=\"https://github.com/buff\"\u003e\u003ccode\u003e@​buff\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/literal\"\u003e\u003ccode\u003e@​literal\u003c/code\u003e\u003c/a\u003e_size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/d28879eb11f80c4866173436d51ce309b4462a74\"\u003e\u003ccode\u003ed28879e\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/433\"\u003e#433\u003c/a\u003e from ruby/response_reader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/18bc62150df697596510c6f47a765155e4d6c0f9\"\u003e\u003ccode\u003e18bc621\u003c/code\u003e\u003c/a\u003e ♻️ Extract ResponseReader from get_response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b1413c65b585bac8f21ba3c2eb9459fe065348b3\"\u003e\u003ccode\u003eb1413c6\u003c/code\u003e\u003c/a\u003e ✨ Customize SequenceSet YAML serialization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/d83926889c99e77c5c241c52f87c0d3e605933f4\"\u003e\u003ccode\u003ed839268\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/429\"\u003e#429\u003c/a\u003e from ruby/rational-config-versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/c7732e65c55ca3fda6a1115b64390a10e63e9aaf\"\u003e\u003ccode\u003ec7732e6\u003c/code\u003e\u003c/a\u003e ♻️ Add default_proc to Config.version_defaults\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.5.5...v0.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/cezary13k/rails/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/cezary13k/rails/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cezary13k%2Frails/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}],"issue_packages":[{"old_version":"4.1.1","new_version":"4.2.0","update_type":"minor","path":null,"pr_created_at":"2026-04-08T07:41:29.000Z","version_change":"4.1.1 → 4.2.0","issue":{"uuid":"4222907401","node_id":"PR_kwDOPVgz5c7Qursv","number":248,"state":"open","title":"build(deps): bump the bundler group across 2 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","ruby","Stale"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-08T07:41:29.000Z","updated_at":"2026-04-16T05:36:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":5,"packages":[{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"rack","old_version":"3.1.15","new_version":"3.2.6"},{"name":"rack-session","old_version":"2.1.1","new_version":"2.1.2"},{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 1 update in the /src/email directory: [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 2 updates in the /src/react-native-app directory: [addressable](https://github.com/sporkmonger/addressable) and [rexml](https://github.com/ruby/rexml).\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.1.15 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.2.5...v3.2.6\"\u003ehttps://github.com/rack/rack/compare/v3.2.5...v3.2.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.6] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qfgr-crr9-7r49\"\u003eCVE-2026-32762\u003c/a\u003e Forwarded header semicolon injection enables Host and Scheme spoofing.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-g2pf-xv49-m2h5\"\u003eCVE-2026-34835\u003c/a\u003e \u003ccode\u003eRack::Request\u003c/code\u003e accepts invalid Host characters, enabling host allowlist bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v6x5-cg8r-vv6x\"\u003eCVE-2026-34827\u003c/a\u003e Multipart header parsing allows denial of service via escape-heavy quoted parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-rx22-g9mx-qrhv\"\u003eCVE-2026-26962\u003c/a\u003e Improper unfolding of folded multipart headers preserves CRLF in parsed parameter values.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e1f22fdbe99afd2126b6fbf05bb12399359574b7\"\u003e\u003ccode\u003ee1f22fd\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/31989fd7bb6f806fdb3cfa4e9aec1fe8434f47d1\"\u003e\u003ccode\u003e31989fd\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d268165e390e17b83573fec916dcdef6304a8b4b\"\u003e\u003ccode\u003ed268165\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8f425de0ee75a2f3cdfbfdd57858c1910b7645ff\"\u003e\u003ccode\u003e8f425de\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bf830426ce5b3daccb5a226b733703c86504ceba\"\u003e\u003ccode\u003ebf83042\u003c/code\u003e\u003c/a\u003e Drop EOL Rubies from external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d50c4d3dab62fa80b2a276271d0d4fb338cfa7df\"\u003e\u003ccode\u003ed50c4d3\u003c/code\u003e\u003c/a\u003e Implement OBS unfolding for multipart requests per RFC 5322 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bfb69142dbe2a1e3298ad52d12935938d1b58205\"\u003e\u003ccode\u003ebfb6914\u003c/code\u003e\u003c/a\u003e Limit the number of quoted escapes during multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b3e5945c648c5a5b6982e5072b26e51990991229\"\u003e\u003ccode\u003eb3e5945\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7a8f32696609b88e2c4c1f09d473a1d2d837ed4b\"\u003e\u003ccode\u003e7a8f326\u003c/code\u003e\u003c/a\u003e Fix root prefix bug in Rack::Static\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a57bc140247f904dc1e3302badedcb73645072c7\"\u003e\u003ccode\u003ea57bc14\u003c/code\u003e\u003c/a\u003e Only do a simple substitution on the x-accel-mapping paths\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v3.1.15...v3.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-session` from 2.1.1 to 2.1.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack-session/blob/main/releases.md\"\u003erack-session's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-33qg-7wpp-89cq\"\u003eCVE-2026-39324\u003c/a\u003e Don't fall back to unencrypted coder if encryptors are present.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/504367b59caf7ec78127785cc6351f46be14f8ca\"\u003e\u003ccode\u003e504367b\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/f43638cb3a4d15c3ecaf59e67a04b47fda08eeac\"\u003e\u003ccode\u003ef43638c\u003c/code\u003e\u003c/a\u003e Don't fall back to unencrypted coder if encryptors are present.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/dadcfe60f193e8d8540bec6b95ca75bed8e5fd7e\"\u003e\u003ccode\u003edadcfe6\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/54\"\u003e#54\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/4eb9ea83b372e319c65a8c2bcfe87e8be942cf9b\"\u003e\u003ccode\u003e4eb9ea8\u003c/code\u003e\u003c/a\u003e Add top level session spec to validate existing formats.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/8f94577c1d11b746692974f1417acff2856060cb\"\u003e\u003ccode\u003e8f94577\u003c/code\u003e\u003c/a\u003e Add rails to external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/38ea47da9937afb4f2140b3c23866e3791a46eaf\"\u003e\u003ccode\u003e38ea47d\u003c/code\u003e\u003c/a\u003e Allow the v2 encryptor to serialize messages with \u003ccode\u003eMarshal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/44\"\u003e#44\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/43f2e3a46393b51473bb90f54e61189465ae759d\"\u003e\u003ccode\u003e43f2e3a\u003c/code\u003e\u003c/a\u003e Fix compatibility with older Rubies.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/6a060b806399bff4961eaf6bf89535395c95549c\"\u003e\u003ccode\u003e6a060b8\u003c/code\u003e\u003c/a\u003e Support UTF-8 data when using the JSON serializer (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/39\"\u003e#39\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/8ce0146a7079332d9c58a43e418acb1ecf904ef6\"\u003e\u003ccode\u003e8ce0146\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eauth_tag\u003c/code\u003e retrieval on JRuby (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/32\"\u003e#32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/77271850efd977897d02903bfde8ed51e4137a68\"\u003e\u003ccode\u003e7727185\u003c/code\u003e\u003c/a\u003e Add AEAD encryption (\u003ca href=\"https://redirect.github.com/rack/rack-session/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rack/rack-session/compare/v2.1.1...v2.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.4.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/burhanuddin-anw/opentelemetry-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/burhanuddin-anw/opentelemetry-demo/pull/248","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/burhanuddin-anw%2Fopentelemetry-demo/issues/248","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/248/packages"}},{"old_version":"1.3.3","new_version":"4.2.1","update_type":"major","path":null,"pr_created_at":"2026-04-03T18:15:27.000Z","version_change":"1.3.3 → 4.2.1","issue":{"uuid":"4201662609","node_id":"PR_kwDOOV0y7M7P2ROS","number":1,"state":"open","title":"Bump the bundler group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-03T18:15:27.000Z","updated_at":"2026-04-03T18:15:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":8,"packages":[{"name":"rake","old_version":"0.9.2.2","new_version":"12.3.3","repository_url":"https://github.com/ruby/rake"},{"name":"rack","old_version":"1.4.1","new_version":"3.2.6","repository_url":"https://github.com/rack/rack"},{"name":"sinatra","old_version":"1.3.3","new_version":"4.2.1","repository_url":"https://github.com/sinatra/sinatra"},{"name":"jekyll","old_version":"0.12.0","new_version":"0.12.1","repository_url":"https://github.com/jekyll/jekyll"},{"name":"RedCloth","old_version":"4.2.9","new_version":"4.3.3","repository_url":"https://github.com/jgarber/redcloth"},{"name":"haml","old_version":"3.1.7","new_version":"5.0.0","repository_url":"https://github.com/haml/haml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rake](https://github.com/ruby/rake) | `0.9.2.2` | `12.3.3` |\n| [rack](https://github.com/rack/rack) | `1.4.1` | `3.2.6` |\n| [sinatra](https://github.com/sinatra/sinatra) | `1.3.3` | `4.2.1` |\n| [jekyll](https://github.com/jekyll/jekyll) | `0.12.0` | `0.12.1` |\n| [RedCloth](https://github.com/jgarber/redcloth) | `4.2.9` | `4.3.3` |\n| [haml](https://github.com/haml/haml) | `3.1.7` | `5.0.0` |\n\n\nUpdates `rake` from 0.9.2.2 to 12.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/releases\"\u003erake's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003erake-10.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/blob/master/History.rdoc\"\u003erake's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e=== 12.3.3\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse the application's name in error message if a task is not found.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/303\"\u003e#303\u003c/a\u003e by tmatilai\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse File.open explicitly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.2\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test fails caused by 2.6 warnings.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/297\"\u003e#297\u003c/a\u003e by hsbt\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRdoc improvements.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/293\"\u003e#293\u003c/a\u003e by colby-swandale\u003c/li\u003e\n\u003cli\u003eImprove multitask performance.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/273\"\u003e#273\u003c/a\u003e by jsm\u003c/li\u003e\n\u003cli\u003eAdd alias \u003ccode\u003eprereqs\u003c/code\u003e.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/268\"\u003e#268\u003c/a\u003e by take-cheeze\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.1\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport did_you_mean \u0026gt;= v1.2.0 which has a breaking change on formatters.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/262\"\u003e#262\u003c/a\u003e by FUJI Goro.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't run task if it depends on already invoked but failed task.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/252\"\u003e#252\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eMake space trimming consistent for all task arguments.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/259\"\u003e#259\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRemoves duplicated inclusion of Rake::DSL in tests.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/254\"\u003e#254\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRe-raise a LoadError that didn't come from require in the test loader.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/250\"\u003e#250\u003c/a\u003e by Dylan Thacker-Smith.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.0\u003c/p\u003e\n\u003cp\u003e==== Compatibility Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003erequired_ruby_version\u003c/code\u003e to Ruby 2.0.0. Rake has already\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5c87c462b64aad674ebb92b1f5b0ff2c911406cd\"\u003e\u003ccode\u003e5c87c46\u003c/code\u003e\u003c/a\u003e Bump version to 12.3.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee\"\u003e\u003ccode\u003e5b8f8fc\u003c/code\u003e\u003c/a\u003e Use File.open explicitly.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/6497ba4d94d12c123df48cc8ab40f0a4eb7fb337\"\u003e\u003ccode\u003e6497ba4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/317\"\u003e#317\u003c/a\u003e from ruby/ignore-gitignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/be62efb6cdfc2cc00d660f8fc7d6c1c9de8014e2\"\u003e\u003ccode\u003ebe62efb\u003c/code\u003e\u003c/a\u003e Removed gitignore from gemspec files.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/1c22b490ee6cb8bd614fa8d0d6145f671466206b\"\u003e\u003ccode\u003e1c22b49\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/309\"\u003e#309\u003c/a\u003e from RDIL/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/496944a8febd51e20957e6833c7930286a0e9a25\"\u003e\u003ccode\u003e496944a\u003c/code\u003e\u003c/a\u003e Remove deprecated travis ci option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/489c7d863c666b6d287b760527acf3abe13aaf48\"\u003e\u003ccode\u003e489c7d8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/307\"\u003e#307\u003c/a\u003e from ruby/azure-pipelines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77eb6d87cb69c2cc531f72d4aa1948054e9d077f\"\u003e\u003ccode\u003e77eb6d8\u003c/code\u003e\u003c/a\u003e Only enabled macOS environment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/72ffa2ea89f96df2307158fa151825dbb2c28ddf\"\u003e\u003ccode\u003e72ffa2e\u003c/code\u003e\u003c/a\u003e use realpath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77448726bb057c8ba90a8d12ab6e20ad60dac976\"\u003e\u003ccode\u003e7744872\u003c/code\u003e\u003c/a\u003e Do not specify ruby version of macOS\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rake/compare/v0.9.2.2...v12.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 1.4.1 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.2.5...v3.2.6\"\u003ehttps://github.com/rack/rack/compare/v3.2.5...v3.2.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.9.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix content-length calcuation in Rack:Response#write \u003ca href=\"https://redirect.github.com/rack/rack/issues/2150\"\u003e#2150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.8...v3.0.9\"\u003ehttps://github.com/rack/rack/compare/v3.0.8...v3.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Fix some unused variable verbose warnings\u0026quot; by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.7...v3.0.8\"\u003ehttps://github.com/rack/rack/compare/v3.0.7...v3.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Make query parameters without = have nil values\u0026quot;. by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2060\"\u003erack/rack#2060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\"\u003ehttps://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.6.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.3...v3.0.4\"\u003ehttps://github.com/rack/rack/compare/v3.0.3...v3.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v3.0.3 by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2000\"\u003erack/rack#2000\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.6] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qfgr-crr9-7r49\"\u003eCVE-2026-32762\u003c/a\u003e Forwarded header semicolon injection enables Host and Scheme spoofing.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-g2pf-xv49-m2h5\"\u003eCVE-2026-34835\u003c/a\u003e \u003ccode\u003eRack::Request\u003c/code\u003e accepts invalid Host characters, enabling host allowlist bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v6x5-cg8r-vv6x\"\u003eCVE-2026-34827\u003c/a\u003e Multipart header parsing allows denial of service via escape-heavy quoted parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-rx22-g9mx-qrhv\"\u003eCVE-2026-26962\u003c/a\u003e Improper unfolding of folded multipart headers preserves CRLF in parsed parameter values.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e1f22fdbe99afd2126b6fbf05bb12399359574b7\"\u003e\u003ccode\u003ee1f22fd\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/31989fd7bb6f806fdb3cfa4e9aec1fe8434f47d1\"\u003e\u003ccode\u003e31989fd\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d268165e390e17b83573fec916dcdef6304a8b4b\"\u003e\u003ccode\u003ed268165\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8f425de0ee75a2f3cdfbfdd57858c1910b7645ff\"\u003e\u003ccode\u003e8f425de\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bf830426ce5b3daccb5a226b733703c86504ceba\"\u003e\u003ccode\u003ebf83042\u003c/code\u003e\u003c/a\u003e Drop EOL Rubies from external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d50c4d3dab62fa80b2a276271d0d4fb338cfa7df\"\u003e\u003ccode\u003ed50c4d3\u003c/code\u003e\u003c/a\u003e Implement OBS unfolding for multipart requests per RFC 5322 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bfb69142dbe2a1e3298ad52d12935938d1b58205\"\u003e\u003ccode\u003ebfb6914\u003c/code\u003e\u003c/a\u003e Limit the number of quoted escapes during multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b3e5945c648c5a5b6982e5072b26e51990991229\"\u003e\u003ccode\u003eb3e5945\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7a8f32696609b88e2c4c1f09d473a1d2d837ed4b\"\u003e\u003ccode\u003e7a8f326\u003c/code\u003e\u003c/a\u003e Fix root prefix bug in Rack::Static\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a57bc140247f904dc1e3302badedcb73645072c7\"\u003e\u003ccode\u003ea57bc14\u003c/code\u003e\u003c/a\u003e Only do a simple substitution on the x-accel-mapping paths\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/1.4.1...v3.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jekyll` from 0.12.0 to 0.12.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/blob/master/History.markdown\"\u003ejekyll's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.12.1 / 2013-02-19\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Kramdown version to 0.14.1 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTest Enhancements\u003c/li\u003e\n\u003cli\u003eUpdate Rake version to 10.0.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Shoulda version to 3.3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Redcarpet version to 2.2.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/95f7baf83741e9fd693f1150627c84201f0906f7\"\u003e\u003ccode\u003e95f7baf\u003c/code\u003e\u003c/a\u003e Release 0.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/399ef34c7940ed38478b405aba00463ba9bdc8bf\"\u003e\u003ccode\u003e399ef34\u003c/code\u003e\u003c/a\u003e Update date in gemspec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b90ff969448efb1c27de6e2f134f46d334766c31\"\u003e\u003ccode\u003eb90ff96\u003c/code\u003e\u003c/a\u003e Relax Kramdown requirement to 0.14 instead of 0.14.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/0dc85258b6ed988357057ce7d7700aad3095614d\"\u003e\u003ccode\u003e0dc8525\u003c/code\u003e\u003c/a\u003e Bump version in gemspec and in jekyll.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b65b29b4297a4f94409fc9bbaa14a73e56ad1fc9\"\u003e\u003ccode\u003eb65b29b\u003c/code\u003e\u003c/a\u003e Update History.txt for 0.12.1 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/e8044772783a435140df3e7d075e6483fd5d7742\"\u003e\u003ccode\u003ee804477\u003c/code\u003e\u003c/a\u003e Fix Kramdown tests: they now use numerical HTML entities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/f9cca40917858804afd8da3f52f9a48b0ba176bd\"\u003e\u003ccode\u003ef9cca40\u003c/code\u003e\u003c/a\u003e Require test/unit in test helper.rb for execution of unit tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/bc8894461c5ef4ea47cbaea53f91a84dd8b5a2bf\"\u003e\u003ccode\u003ebc88944\u003c/code\u003e\u003c/a\u003e Update dependencies: kramdown, rake, shoulda, cucumber, redcarpet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/53b894522622f9e2aec7232ba996db567c636b89\"\u003e\u003ccode\u003e53b8945\u003c/code\u003e\u003c/a\u003e Retrieving gems from rubygems via HTTPS\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jekyll/jekyll/compare/v0.12.0...v0.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jekyll` from 0.12.0 to 0.12.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/blob/master/History.markdown\"\u003ejekyll's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.12.1 / 2013-02-19\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Kramdown version to 0.14.1 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTest Enhancements\u003c/li\u003e\n\u003cli\u003eUpdate Rake version to 10.0.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Shoulda version to 3.3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate Redcarpet version to 2.2.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/95f7baf83741e9fd693f1150627c84201f0906f7\"\u003e\u003ccode\u003e95f7baf\u003c/code\u003e\u003c/a\u003e Release 0.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/399ef34c7940ed38478b405aba00463ba9bdc8bf\"\u003e\u003ccode\u003e399ef34\u003c/code\u003e\u003c/a\u003e Update date in gemspec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b90ff969448efb1c27de6e2f134f46d334766c31\"\u003e\u003ccode\u003eb90ff96\u003c/code\u003e\u003c/a\u003e Relax Kramdown requirement to 0.14 instead of 0.14.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/0dc85258b6ed988357057ce7d7700aad3095614d\"\u003e\u003ccode\u003e0dc8525\u003c/code\u003e\u003c/a\u003e Bump version in gemspec and in jekyll.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/b65b29b4297a4f94409fc9bbaa14a73e56ad1fc9\"\u003e\u003ccode\u003eb65b29b\u003c/code\u003e\u003c/a\u003e Update History.txt for 0.12.1 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/e8044772783a435140df3e7d075e6483fd5d7742\"\u003e\u003ccode\u003ee804477\u003c/code\u003e\u003c/a\u003e Fix Kramdown tests: they now use numerical HTML entities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/f9cca40917858804afd8da3f52f9a48b0ba176bd\"\u003e\u003ccode\u003ef9cca40\u003c/code\u003e\u003c/a\u003e Require test/unit in test helper.rb for execution of unit tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/bc8894461c5ef4ea47cbaea53f91a84dd8b5a2bf\"\u003e\u003ccode\u003ebc88944\u003c/code\u003e\u003c/a\u003e Update dependencies: kramdown, rake, shoulda, cucumber, redcarpet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/53b894522622f9e2aec7232ba996db567c636b89\"\u003e\u003ccode\u003e53b8945\u003c/code\u003e\u003c/a\u003e Retrieving gems from rubygems via HTTPS\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jekyll/jekyll/compare/v0.12.0...v0.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `RedCloth` from 4.2.9 to 4.3.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jgarber/redcloth/blob/master/CHANGELOG\"\u003eRedCloth's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e== 4.3.3 / Nov 2nd, 2023\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tests for CVE-2023-31606 [Helio Cola]\u003c/li\u003e\n\u003cli\u003eFix rake compile [Helio Cola and Faria Education Group]\u003c/li\u003e\n\u003cli\u003eFix CVE-2023-31606 (ReDOS possible in the sanitize_html function) [Kornelius Kalnbach and Merbin Russel]\u003c/li\u003e\n\u003cli\u003eImmutable strings [Matijs van Zuijlen]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.2 / May 23rd, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.1 / May 17th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.0 / April 29th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove JRuby and Windows cross compilation and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ruby 2.2.3 testing and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003einclude CVE-2012-6684 fix [Tomas Pospisek]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix by [Antonio Terceiro]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\"\u003ehttp://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003evulnerability reported by [Kousuke Ebihara]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://co3k.org/blog/redcloth-unfixed-xss-en\"\u003ehttp://co3k.org/blog/redcloth-unfixed-xss-en\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.2.9.1 / February 24, 2015\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLazy-load latex_entities.yml [Charlie Somerville]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8297da8aa071b3bf1584738229f277833bd20c49\"\u003e\u003ccode\u003e8297da8\u003c/code\u003e\u003c/a\u003e 4.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/2600d93ff164a5244cec86a3047619ae8b4e4b04\"\u003e\u003ccode\u003e2600d93\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/80\"\u003e#80\u003c/a\u003e from jgarber/tests/CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ac10b687041e12cb49a196acf79687d6f596114e\"\u003e\u003ccode\u003eac10b68\u003c/code\u003e\u003c/a\u003e Add tests for CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4e85481aca18e50fcd17ad432234e0af8245b080\"\u003e\u003ccode\u003e4e85481\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/78\"\u003e#78\u003c/a\u003e from jgarber/fix/build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ccdd54dd68810f8ccd0c9b11c301d883240fcd22\"\u003e\u003ccode\u003eccdd54d\u003c/code\u003e\u003c/a\u003e Fix rake compile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8b1327688fef8e6617792054ef299d7bc74c0a1e\"\u003e\u003ccode\u003e8b13276\u003c/code\u003e\u003c/a\u003e Fix CVE-2023-31606 (ReDOS possible in the sanitize_html function) (\u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/dd7ee6caaa6c899f4d5389c1b2fe4a17f1e5f326\"\u003e\u003ccode\u003edd7ee6c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/47\"\u003e#47\u003c/a\u003e from greggawatt/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/5c9b35c3f8af989cf2a8d22f1bb9d8140641cd5b\"\u003e\u003ccode\u003e5c9b35c\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/c34fa195ca540b2bea84d9cfe1813e070e4ed154\"\u003e\u003ccode\u003ec34fa19\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4808b36d7063a7cfade89378d879a9134cd30a3e\"\u003e\u003ccode\u003e4808b36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/38\"\u003e#38\u003c/a\u003e from mvz/immutable-strings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jgarber/redcloth/compare/v4.2.9...v4.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haml` from 3.1.7 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haml/haml/blob/main/CHANGELOG.md\"\u003ehaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eReleased on April 26, 2017\n(\u003ca href=\"https://github.com/haml/haml/compare/4.0.7...v5.0.0\"\u003ediff\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eBreaking Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHaml now requires Ruby 2.0.0 or above.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRails 3 is no longer supported, matching the official\n\u003ca href=\"http://weblog.rubyonrails.org/2013/2/24/maintenance-policy-for-ruby-on-rails/\"\u003eMaintenance Policy for Ruby on Rails\u003c/a\u003e.\nUse Haml 4 if you want to use Rails 3.\n(Tee Parham)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003e:ugly\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/haml/haml/pull/894\"\u003e#894\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003ehaml\u003c/code\u003e command's debug option (\u003ccode\u003e-d\u003c/code\u003e) no longer executes the Haml code, but\nrather checks the generated Ruby syntax for errors.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop parser/compiler accessor from \u003ccode\u003eHaml::Engine\u003c/code\u003e. Modify \u003ccode\u003eHaml::Engine#initialize\u003c/code\u003e options\nor \u003ccode\u003eHaml::Template.options\u003c/code\u003e instead. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop dynamic quotes support and always escape \u003ccode\u003e'\u003c/code\u003e for \u003ccode\u003eescape_html\u003c/code\u003e/\u003ccode\u003eescape_attrs\u003c/code\u003e instead.\nAlso, escaped results are slightly changed and always unified to the same characters. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't preserve newlines in attributes. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTML escape interpolated code in filters.\n\u003ca href=\"https://redirect.github.com/haml/haml/pull/770\"\u003e#770\u003c/a\u003e\n(Matt Wildig)\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e  :javascript\n    #{JSON.generate(foo: \u0026quot;bar\u0026quot;)}\n  Haml 4 output: {\u0026quot;foo\u0026quot;:\u0026quot;bar\u0026quot;}\n  Haml 5 output: {\u0026amp;quot;foo\u0026amp;quot;:\u0026amp;quot;bar\u0026amp;quot;}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAdded\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a tracing option. When enabled, Haml will output a data-trace attribute on each tag showing the path\nto the source Haml file from which it was generated. Thanks \u003ca href=\"https://github.com/ababkin\"\u003eAlex Babkin\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehaml_tag_if\u003c/code\u003e to render a block, conditionally wrapped in another element (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eSupport Rails 5.1 Erubi template handler.\u003c/li\u003e\n\u003cli\u003eSupport Sprockets 3. Thanks \u003ca href=\"https://github.com/samphilipd\"\u003eSam Davies\u003c/a\u003e and \u003ca href=\"https://github.com/jvenezia\"\u003eJeremy Venezia\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eGeneral performance and memory usage improvements. (Akira Matsuda)\u003c/li\u003e\n\u003cli\u003eAnalyze attribute values by Ripper and render static attributes beforehand. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eOptimize attribute rendering about 3x faster. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eAdd temple gem as dependency and create \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e class.\nSome methods in \u003ccode\u003eHaml::Compiler\u003c/code\u003e are migrated to \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e. (Takashi Kokubun)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixed\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for attribute merging. When an attribute method (or literal nested hash)\nwas used in an old style attribute hash and there is also a (non-static) new\nstyle hash there is an error. The fix can result in different behavior in\nsome circumstances. See the \u003ca href=\"https://github.com/haml/haml/tree/e475b015d3171fb4c4f140db304f7970c787d6e3\"\u003ecommit message\u003c/a\u003e\nfor detailed info. (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eMake escape_once respect hexadecimal references. (Matt Wildig)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/78e2a09d3b8c6f7cdb3bb87ff84dce8fad5598ac\"\u003e\u003ccode\u003e78e2a09\u003c/code\u003e\u003c/a\u003e Version 5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/e5d6409bad6da77c697efc924c36ad2c5405b680\"\u003e\u003ccode\u003ee5d6409\u003c/code\u003e\u003c/a\u003e Note about \u003ca href=\"https://redirect.github.com/haml/haml/issues/770\"\u003e#770\u003c/a\u003e in Haml 5 changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/1bac6f902fe7683317b46ddcf0fdbbab6ffcd0da\"\u003e\u003ccode\u003e1bac6f9\u003c/code\u003e\u003c/a\u003e Remove JRuby from allow_failures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/d45c2d44b6b993ae7d54634948d69c2951d6dda3\"\u003e\u003ccode\u003ed45c2d4\u003c/code\u003e\u003c/a\u003e Add backslash for @ to support JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/8f207073c2e0e2bc296f18424b3fec3dfe659674\"\u003e\u003ccode\u003e8f20707\u003c/code\u003e\u003c/a\u003e Enable frozen_string_literal pragma if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/a6bb25529a5df92b355f8e4b2a712c2aa3ff1b26\"\u003e\u003ccode\u003ea6bb255\u003c/code\u003e\u003c/a\u003e Oops, this was not intentional...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/aa4c397410312ab3c3ee6191110f5e595e5eea00\"\u003e\u003ccode\u003eaa4c397\u003c/code\u003e\u003c/a\u003e Fix spec in \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e for pretty mode removal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/11af7954f3e9ba5e21924c11c49773cacc18eeb2\"\u003e\u003ccode\u003e11af795\u003c/code\u003e\u003c/a\u003e Fallback to default value of preserve option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/bbbeb7ea8ade64fec20de4e0254040a229bdda0e\"\u003e\u003ccode\u003ebbbeb7e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG to include \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/ed7f24f1dc63c38f3d143289262266cbf59a9f1f\"\u003e\u003ccode\u003eed7f24f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e from redoPop/atful-css\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haml/haml/compare/3.1.7...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kramdown` from 0.13.8 to 0.14.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gettalong/kramdown/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-protection` from 1.3.2 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003erack-protection's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/7b50a1bbb5324838908dfaa00ec53ad322673a29\"\u003e\u003ccode\u003e7b50a1b\u003c/code\u003e\u003c/a\u003e 4.1.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2068\"\u003e#2068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/73f3291d114b5b211e067263eeb9c0e197fe8500\"\u003e\u003ccode\u003e73f3291\u003c/code\u003e\u003c/a\u003e 4.1.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2063\"\u003e#2063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cd3e00de20ddaff34ea30f7a74a7b9dad189d1d8\"\u003e\u003ccode\u003ecd3e00d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eHostAuthorization\u003c/code\u003e rack-protection middleware (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2053\"\u003e#2053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a55850\u003c/code\u003e\u003c/a\u003e Remove WEBrick\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/319af3a298cb8278670f285b6c02df0fd084615d\"\u003e\u003ccode\u003e319af3a\u003c/code\u003e\u003c/a\u003e Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/8d0095fc8c37f39d41caf74637da72c1ac952299\"\u003e\u003ccode\u003e8d0095f\u003c/code\u003e\u003c/a\u003e Adjust \u003ccode\u003eCookieTossing\u003c/code\u003e spec for Rack 3.1+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5640495babcb4cfd69ba650b293660b7446402da\"\u003e\u003ccode\u003e5640495\u003c/code\u003e\u003c/a\u003e Fix typos in changelog, readme and code comments (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.2...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AKJUS/octopress/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AKJUS/octopress/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKJUS%2Foctopress/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.0.5","new_version":"4.2.0","update_type":"major","path":null,"pr_created_at":"2026-04-02T19:37:09.000Z","version_change":"2.0.5 → 4.2.0","issue":{"uuid":"4196586484","node_id":"PR_kwDOISjhyM7Pp2TV","number":27,"state":"closed","title":"build(deps): bump the bundler group across 10 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-08T01:31:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-02T19:37:09.000Z","updated_at":"2026-04-08T01:31:32.000Z","time_to_close":453261,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":10,"packages":[{"name":"rack","old_version":"2.0.7","new_version":"2.2.23","repository_url":"https://github.com/rack/rack"},{"name":"sinatra","old_version":"2.0.5","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"git","old_version":"1.3.0","new_version":"1.13.0","repository_url":"https://github.com/ruby-git/ruby-git"},{"name":"git","old_version":"1.9.1","new_version":"1.13.0","repository_url":"https://github.com/ruby-git/ruby-git"},{"name":"faraday","old_version":"1.7.0","new_version":"1.10.5","repository_url":"https://github.com/lostisland/faraday"},{"name":"httparty","old_version":"0.18.1","new_version":"0.24.0","repository_url":"https://github.com/jnunemaker/httparty"},{"name":"rexml","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 2 updates in the /pkgs/applications/office/ledger-web directory: [rack](https://github.com/rack/rack) and [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 1 update in the /pkgs/applications/version-management/bitbucket-server-cli directory: [git](https://github.com/ruby-git/ruby-git).\nBumps the bundler group with 4 updates in the /pkgs/applications/version-management/danger-gitlab directory: [git](https://github.com/ruby-git/ruby-git), [faraday](https://github.com/lostisland/faraday), [httparty](https://github.com/jnunemaker/httparty) and [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 2 updates in the /pkgs/applications/version-management/git-fame directory: [rexml](https://github.com/ruby/rexml) and [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 2 updates in the /pkgs/by-name/ba/bashly directory: [rexml](https://github.com/ruby/rexml) and [cgi](https://github.com/ruby/cgi).\nBumps the bundler group with 2 updates in the /pkgs/by-name/cf/cfn-nag directory: [rexml](https://github.com/ruby/rexml) and [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby).\nBumps the bundler group with 1 update in the /pkgs/by-name/co/coltrane directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 1 update in the /pkgs/by-name/ev/evil-winrm directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/by-name/fu/fusuma directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 4 updates in the /pkgs/by-name/go/gollum directory: [rack](https://github.com/rack/rack), [sinatra](https://github.com/sinatra/sinatra), [rexml](https://github.com/ruby/rexml) and [nokogiri](https://github.com/sparklemotion/nokogiri).\n\nUpdates `rack` from 2.0.7 to 2.2.23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.8.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.2.8...v2.2.8.1\"\u003ehttps://github.com/rack/rack/compare/v2.2.8...v2.2.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eLimit file extension length of multipart tempfiles (2.2 backport) by \u003ca href=\"https://github.com/dentarg\"\u003e\u003ccode\u003e@​dentarg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2075\"\u003erack/rack#2075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCHANGELOG: Add missing 2.2.7 by \u003ca href=\"https://github.com/tisba\"\u003e\u003ccode\u003e@​tisba\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2081\"\u003erack/rack#2081\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate cookie.rb by \u003ca href=\"https://github.com/dchandekstark\"\u003e\u003ccode\u003e@​dchandekstark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2092\"\u003erack/rack#2092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer ubuntu-latest for testing. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2095\"\u003erack/rack#2095\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inefficient assert pattern in Rack::Lint [2-2-stable] by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2101\"\u003erack/rack#2101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegenerate SPEC [2-2-stable] by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2102\"\u003erack/rack#2102\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tisba\"\u003e\u003ccode\u003e@​tisba\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2081\"\u003erack/rack#2081\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dchandekstark\"\u003e\u003ccode\u003e@​dchandekstark\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2092\"\u003erack/rack#2092\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.2.7...v2.2.8\"\u003ehttps://github.com/rack/rack/compare/v2.2.7...v2.2.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect the year number in the changelog by \u003ca href=\"https://github.com/kimulab\"\u003e\u003ccode\u003e@​kimulab\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2015\"\u003erack/rack#2015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport underscore in host names for Rack 2.2 (Fixes \u003ca href=\"https://redirect.github.com/rack/rack/issues/2070\"\u003e#2070\u003c/a\u003e) by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2071\"\u003erack/rack#2071\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kimulab\"\u003e\u003ccode\u003e@​kimulab\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2015\"\u003erack/rack#2015\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.2.6.4...v2.2.7\"\u003ehttps://github.com/rack/rack/compare/v2.2.6.4...v2.2.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.6.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev2.1.4.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.1.4.3...v2.1.4.4\"\u003ehttps://github.com/rack/rack/compare/v2.1.4.3...v2.1.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.9.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v2.0.9.3...v2.0.9.4\"\u003ehttps://github.com/rack/rack/compare/v2.0.9.3...v2.0.9.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.2.23] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.22] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.21] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.20] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.19] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.18] - 2025-09-25\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-625h-95r8-8xpm\"\u003eCVE-2025-59830\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion via semicolon-separated parameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.17] - 2025-06-03\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/f2af0c8f869193fa7bb7d20b619b3003418e1055\"\u003e\u003ccode\u003ef2af0c8\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/345b74428e278540bb6c68484e60e01b7542fd49\"\u003e\u003ccode\u003e345b744\u003c/code\u003e\u003c/a\u003e Fix tests for old Rubies.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e2d8e309680f2b9820ab5de13a43f76778bd2c6d\"\u003e\u003ccode\u003ee2d8e30\u003c/code\u003e\u003c/a\u003e Add version guard around non-default gems.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/add1a80fa7a3772605cae8a45e29af6b1d425057\"\u003e\u003ccode\u003eadd1a80\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/54261eccf12bb01952f7cbc8203fe68a0e5a1ee3\"\u003e\u003ccode\u003e54261ec\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a36f48bbda4835aa00c3c2f2dbddc5a734dcdfcd\"\u003e\u003ccode\u003ea36f48b\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eostruct\u003c/code\u003e to Gemfile.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8883f0da7bf9606d0973f7915a30c3edfc0d3038\"\u003e\u003ccode\u003e8883f0d\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/2287a3babec2e80d47329e7e75b5f15c406a07ab\"\u003e\u003ccode\u003e2287a3b\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003elogger\u003c/code\u003e to gemfile.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e6540e5f11e75c9fb4335934de54b6de05bcf626\"\u003e\u003ccode\u003ee6540e5\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/c42e357995065aa0c144eba0215a689d8105e4de\"\u003e\u003ccode\u003ec42e357\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/2.0.7...v2.2.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 2.0.5 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.0.5...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git` from 1.3.0 to 1.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/releases\"\u003egit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eca8ff35 Release v1.13.0 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/603\"\u003e#603\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.12.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.11.0...v1.12.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eea79dad Release v1.12.0\u003c/li\u003e\n\u003cli\u003ee58cd29 Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e609ab8b Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4a96679 Fix windows build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/591\"\u003e#591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f2b3fd Support the --all option for git fetch (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e1b13ec1 Workaround to get JRuby build working (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/582\"\u003e#582\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e5f0adec Update README.md (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e45b467c Make the directory param to Git.clone optional (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eb92130c Make Git::URL.clone_to handle cloning to bare and mirror repos (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/577\"\u003e#577\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e13471d7 Add Git::URL #parse and #clone_to methods (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0a43d8b Use the head version of yard (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.11.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.2...HEAD\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.1...v1.10.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e57f941c Release v1.10.2\u003c/li\u003e\n\u003cli\u003ec987a74 Add create-release, setup, and console dev scripts (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e12e3d03 Store tempfile objects to prevent deletion during tests (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.0...v1.10.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ec7b12af Release v1.10.1\u003c/li\u003e\n\u003cli\u003eea28118 Properly escape double quotes in shell commands on Windows (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/552\"\u003e#552\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edb060fc Properly unescape diff paths (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/504\"\u003e#504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eea47044 Add Ruby 3.0 to CI build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/547\"\u003e#547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/blob/main/CHANGELOG.md\"\u003egit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0 (2022-12-10)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.12.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ca8ff350a63172630b8e9e919e02a0ce8e7a7a6d\"\u003e\u003ccode\u003eca8ff35\u003c/code\u003e\u003c/a\u003e Release v1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/83492243ef3779bd30f23b41541927f6e50e744f\"\u003e\u003ccode\u003e8349224\u003c/code\u003e\u003c/a\u003e Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/4fe8738e8348567255ab4be25867684b5d0d282d\"\u003e\u003ccode\u003e4fe8738\u003c/code\u003e\u003c/a\u003e In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/74b8e11af1a181d90f769129a0810bbc7f2f8a56\"\u003e\u003ccode\u003e74b8e11\u003c/code\u003e\u003c/a\u003e Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ff6dcf47ea1c14e5f12a8ff51eeb4ee10b7b2487\"\u003e\u003ccode\u003eff6dcf4\u003c/code\u003e\u003c/a\u003e Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/827929819c9e607c2ca0ef3f4c9aff57130c682a\"\u003e\u003ccode\u003e8279298\u003c/code\u003e\u003c/a\u003e Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ea79dadf07e65896a08487af011e60336e86d3e3\"\u003e\u003ccode\u003eea79dad\u003c/code\u003e\u003c/a\u003e Release v1.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/e58cd2997670561e41df22db236e06e41daea3da\"\u003e\u003ccode\u003ee58cd29\u003c/code\u003e\u003c/a\u003e Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/323383be03358c96523f60e361ad8ec21857f52e\"\u003e\u003ccode\u003e323383b\u003c/code\u003e\u003c/a\u003e Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/609ab8be2656c2362f126863dc2c98255fb5f68a\"\u003e\u003ccode\u003e609ab8b\u003c/code\u003e\u003c/a\u003e Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.3.0...v1.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git` from 1.9.1 to 1.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/releases\"\u003egit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eca8ff35 Release v1.13.0 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/603\"\u003e#603\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.12.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.11.0...v1.12.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eea79dad Release v1.12.0\u003c/li\u003e\n\u003cli\u003ee58cd29 Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e609ab8b Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4a96679 Fix windows build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/591\"\u003e#591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e6f2b3fd Support the --all option for git fetch (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e1b13ec1 Workaround to get JRuby build working (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/582\"\u003e#582\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e5f0adec Update README.md (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e45b467c Make the directory param to Git.clone optional (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eb92130c Make Git::URL.clone_to handle cloning to bare and mirror repos (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/577\"\u003e#577\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e13471d7 Add Git::URL #parse and #clone_to methods (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e0a43d8b Use the head version of yard (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.11.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.2...HEAD\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.1...v1.10.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e57f941c Release v1.10.2\u003c/li\u003e\n\u003cli\u003ec987a74 Add create-release, setup, and console dev scripts (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e12e3d03 Store tempfile objects to prevent deletion during tests (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.10.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.10.0...v1.10.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ec7b12af Release v1.10.1\u003c/li\u003e\n\u003cli\u003eea28118 Properly escape double quotes in shell commands on Windows (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/552\"\u003e#552\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edb060fc Properly unescape diff paths (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/504\"\u003e#504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eea47044 Add Ruby 3.0 to CI build (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/547\"\u003e#547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby-git/ruby-git/blob/main/CHANGELOG.md\"\u003egit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.0 (2022-12-10)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.12.0...v1.13.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e8349224 Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4fe8738 In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e74b8e11 Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eff6dcf4 Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e8279298 Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.12.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e292087e Supress unneeded test output (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e19dfe5e Add support for fetch options \u0026quot;--force/-f\u0026quot; and \u0026quot;--prune-tags/-P\u0026quot;. (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e018d919 Fix bug when grepping lines that contain numbers surrounded by colons (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec04d16e remove from maintainer (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/567\"\u003e#567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e291ca09 Address command line injection in Git::Lib#fetch\u003c/li\u003e\n\u003cli\u003e521b8e7 Release v1.10.2 (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.10.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\"\u003ehttps://github.com/ruby-git/ruby-git/releases/tag/v1.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ca8ff350a63172630b8e9e919e02a0ce8e7a7a6d\"\u003e\u003ccode\u003eca8ff35\u003c/code\u003e\u003c/a\u003e Release v1.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/83492243ef3779bd30f23b41541927f6e50e744f\"\u003e\u003ccode\u003e8349224\u003c/code\u003e\u003c/a\u003e Update list of maintainers (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/4fe8738e8348567255ab4be25867684b5d0d282d\"\u003e\u003ccode\u003e4fe8738\u003c/code\u003e\u003c/a\u003e In ls-files do not unescape file paths with eval (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/74b8e11af1a181d90f769129a0810bbc7f2f8a56\"\u003e\u003ccode\u003e74b8e11\u003c/code\u003e\u003c/a\u003e Add start_point option for checkout command (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ff6dcf47ea1c14e5f12a8ff51eeb4ee10b7b2487\"\u003e\u003ccode\u003eff6dcf4\u003c/code\u003e\u003c/a\u003e Do not assume the default branch is 'master' in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/827929819c9e607c2ca0ef3f4c9aff57130c682a\"\u003e\u003ccode\u003e8279298\u003c/code\u003e\u003c/a\u003e Fix exception when Git is autoloaded (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/594\"\u003e#594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/ea79dadf07e65896a08487af011e60336e86d3e3\"\u003e\u003ccode\u003eea79dad\u003c/code\u003e\u003c/a\u003e Release v1.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/e58cd2997670561e41df22db236e06e41daea3da\"\u003e\u003ccode\u003ee58cd29\u003c/code\u003e\u003c/a\u003e Support the commit --no-gpg-sign flag (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/323383be03358c96523f60e361ad8ec21857f52e\"\u003e\u003ccode\u003e323383b\u003c/code\u003e\u003c/a\u003e Use yard gem version 0.9.8 or later instead of HEAD from GitHub (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/592\"\u003e#592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby-git/ruby-git/commit/609ab8be2656c2362f126863dc2c98255fb5f68a\"\u003e\u003ccode\u003e609ab8b\u003c/code\u003e\u003c/a\u003e Allow the CI build to be run manually using the GitHub interface (\u003ca href=\"https://redirect.github.com/ruby-git/ruby-git/issues/590\"\u003e#590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby-git/ruby-git/compare/v1.3.0...v1.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 1.7.0 to 1.10.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.10.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport CVE-2026-25765 by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1665\"\u003elostisland/faraday#1665\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are correctly autoloaded by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1595\"\u003elostisland/faraday#1595\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Ruby 3.2.0 in Faraday v1.x by \u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate three methods for version 2.0 by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1446\"\u003elostisland/faraday#1446\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eFaraday#Deprecate\u003c/code\u003e to \u003ccode\u003e1.x\u003c/code\u003e by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JSON middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1400\"\u003elostisland/faraday#1400\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add support for Ruby 2.4+ by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1371\"\u003elostisland/faraday#1371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/blob/main/CHANGELOG.md\"\u003efaraday's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eFaraday Changelog\u003c/h1\u003e\n\u003ch2\u003eThe changelog has moved!\u003c/h2\u003e\n\u003cp\u003eThis file is not being updated anymore. Instead, please check the \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003eReleases\u003c/a\u003e page.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.1.0...v2.2.0\"\u003e2.2.0\u003c/a\u003e (2022-02-03)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduce the possibility to register middleware with symbols, strings or procs in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1391\"\u003e#1391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.1...v2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-01-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix test adapter thread safety by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1380\"\u003e#1380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd default adapter options by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1382\"\u003e#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Add Ruby 3.1 to matrix by \u003ca href=\"https://github.com/petergoldstein\"\u003e\u003ccode\u003e@​petergoldstein\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1374\"\u003e#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix regex pattern in logger.md examples by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1378\"\u003e#1378\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2022-01-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add \u003ccode\u003efaraday-net_http\u003c/code\u003e as default adapter by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1366\"\u003e#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated sample format in UPGRADING.md by \u003ca href=\"https://github.com/vimutter\"\u003e\u003ccode\u003e@​vimutter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1361\"\u003e#1361\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make UPGRADING examples more copyable by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1363\"\u003e#1363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v1.8.0...v2.0.0\"\u003e2.0.0\u003c/a\u003e (2022-01-04)\u003c/h2\u003e\n\u003cp\u003eThe next major release is here, and it comes almost 2 years after the release of v1.0!\u003c/p\u003e\n\u003cp\u003eThis release changes the way you use Faraday and embraces a new paradigm of Faraday as an ecosystem, rather than a library.\u003c/p\u003e\n\u003cp\u003eWhat does that mean? It means that Faraday is less of a bundled tool and more of a framework for the community to build on top of.\u003c/p\u003e\n\u003cp\u003eAs a result, all adapters and some middleware have moved out and are now shipped as standalone gems 🙌!\u003c/p\u003e\n\u003cp\u003eBut this doesn't mean that upgrading from Faraday 1.x to Faraday 2.0 should be hard, in fact we've listed everything you need to do in the \u003ca href=\"https://github.com/lostisland/faraday/blob/main/UPGRADING.md\"\u003eUPGRADING.md\u003c/a\u003e doc.\u003c/p\u003e\n\u003cp\u003eMoreover, we've setup a new \u003ca href=\"https://github.com/lostisland/awesome-faraday\"\u003eawesome-faraday\u003c/a\u003e repository that will showcase a curated list of adapters and middleware 😎.\u003c/p\u003e\n\u003cp\u003eThis release was the result of the efforts of the core team and all the contributors, new and old, that have helped achieve this milestone 👏.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutoloading, dependency loading and middleware registry cleanup by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1301\"\u003e#1301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove JSON middleware (request and response) from faraday_middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1300\"\u003e#1300\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::Request#method\u003c/code\u003e by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1303\"\u003e#1303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::UploadIO\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[1.x] Deprecate Authorization helpers in \u003ccode\u003eFaraday::Connection\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1306\"\u003e#1306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop deprecated auth helpers from Connection and refactor auth middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Faraday 1.x examples in authentication.md docs by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1320\"\u003e#1320\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix passing a URL with embedded basic auth by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1324\"\u003e#1324\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister JSON middleware by \u003ca href=\"https://github.com/mollerhoj\"\u003e\u003ccode\u003e@​mollerhoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1331\"\u003e#1331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/5c1d68aae6020c7a5398147356e5a42ca205bf80\"\u003e\u003ccode\u003e5c1d68a\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/ea02c0ecbcd7ecc5553767f0cd97ec94eae6142b\"\u003e\u003ccode\u003eea02c0e\u003c/code\u003e\u003c/a\u003e Update rubocop complexity thresholds for security fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/d0fc049beb0b0e4e3bd4a52711189130bba7c5f4\"\u003e\u003ccode\u003ed0fc049\u003c/code\u003e\u003c/a\u003e Backport security fix for CVE-2026-25765 to 1.x branch (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1665\"\u003e#1665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/41c990ee1f82f74270c084cca8f398b186f09262\"\u003e\u003ccode\u003e41c990e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/435888d46cb0236eef9c8d6b02ef37a45681207f\"\u003e\u003ccode\u003e435888d\u003c/code\u003e\u003c/a\u003e Make sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are cor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/82086930f947d037f0ec14ce740c0485a3b4d5a0\"\u003e\u003ccode\u003e8208693\u003c/code\u003e\u003c/a\u003e Use ruby/setup-ruby in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/eeec3677d769258ec97450c678ef4d8f924fac9a\"\u003e\u003ccode\u003eeeec367\u003c/code\u003e\u003c/a\u003e Fix ruby version in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/92c038bcbf24b171abeecd608a195245f5431e98\"\u003e\u003ccode\u003e92c038b\u003c/code\u003e\u003c/a\u003e Update publish.yml to use Ruby 2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/7a382b5abb19b9278c2bf055da54876ce612cff9\"\u003e\u003ccode\u003e7a382b5\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/16506ee918bd8813d0e241aa1c4996fa2157303c\"\u003e\u003ccode\u003e16506ee\u003c/code\u003e\u003c/a\u003e Add support for Ruby 3.2.0 in Faraday v1.x (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1483\"\u003e#1483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.7.0...v1.10.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `httparty` from 0.18.1 to 0.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003ehttparty's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForce binary encoding throughout by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/823\"\u003ejnunemaker/httparty#823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eset Content-Type for Hash body in requests by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/828\"\u003ejnunemaker/httparty#828\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: stream multipart file uploads to reduce memory usage by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/829\"\u003ejnunemaker/httparty#829\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent SSRF via absolute URL bypassing base_uri by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/830\"\u003ejnunemaker/httparty#830\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.23.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changelog_uri metadata to gemspec by \u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix multipart with files in binary mode and fields including non-ASCII characters by \u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd foul option to class level \u003ca href=\"https://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\"\u003ehttps://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: foul mode to rescue all common network errors:  \u003ca href=\"https://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\"\u003ehttps://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace master branch to main for better view by \u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashishra0\"\u003e\u003ccode\u003e@​ashishra0\u003c/code\u003e\u003c/a\u003e made their first contribution with foul mode\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix typo in example name by \u003ca href=\"https://github.com/xymbol\"\u003e\u003ccode\u003e@​xymbol\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/780\"\u003ejnunemaker/httparty#780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtract request building method by \u003ca href=\"https://github.com/aliismayilov\"\u003e\u003ccode\u003e@​aliismayilov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/786\"\u003ejnunemaker/httparty#786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Tell dependabot to update GH Actions by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/791\"\u003ejnunemaker/httparty#791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd CSV gem as a dependency for Ruby 3.4 by \u003ca href=\"https://github.com/ngan\"\u003e\u003ccode\u003e@​ngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/796\"\u003ejnunemaker/httparty#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear body when redirecting to a GET  by \u003ca href=\"https://github.com/rhett-inbox\"\u003e\u003ccode\u003e@​rhett-inbox\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/783\"\u003ejnunemaker/httparty#783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI against Ruby 3.3 by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/798\"\u003ejnunemaker/httparty#798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/792\"\u003ejnunemaker/httparty#792\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/blob/main/Changelog.md\"\u003ehttparty's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003echanges since 0.22 are documented in GitHub Releases\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e0.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/cdb45a678c43e44570b4e73f84b1abeb5ec22b8e\"\u003eescape filename in the multipart/form-data Content-Disposition header\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/767\"\u003eFix request marshaling\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/769\"\u003eReplace \u003ccode\u003emime-types\u003c/code\u003e with \u003ccode\u003emini_mime\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.20.0\u003c/h2\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Ruby \u0026gt;= 2.3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/714\"\u003e\u003ccode\u003eMarshal.dump\u003c/code\u003e fails on response objects when request option \u003ccode\u003e:logger\u003c/code\u003e is set or \u003ccode\u003e:parser\u003c/code\u003e is a proc\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/720\"\u003eSwitch \u003ccode\u003e:pem\u003c/code\u003e option to to \u003ccode\u003eOpenSSL::PKey.read\u003c/code\u003e to support other algorithms\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/4416141d37fd71bdba4f37589ec265f55aa446ce\"\u003eRemove use of unary + method for creating non-frozen string to increase compatibility with older versions of ruby\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/709\"\u003eMultipart/Form-Data: rewind files after read\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/711\"\u003eadd frozen_string_literal pragma to all files\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Better handling of Accept-Encoding / Content-Encoding decompression (fixes \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/562\"\u003e#562\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/729\"\u003ejnunemaker/httparty#729\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/55ec76e8d1df7903eab3f7c2367991400d3cf65e\"\u003e\u003ccode\u003e55ec76e\u003c/code\u003e\u003c/a\u003e Release 0.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/ddfbc8ddfca03d4f4026b01763ee906071ca558b\"\u003e\u003ccode\u003eddfbc8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/830\"\u003e#830\u003c/a\u003e from jnunemaker/fix-ssrf-base-uri-bypass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/0529bcd6309c9fd9bfdd50ae211843b10054c240\"\u003e\u003ccode\u003e0529bcd\u003c/code\u003e\u003c/a\u003e fix: prevent SSRF via absolute URL bypassing base_uri (GHSA-hm5p-x4rq-38w4)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/05f38fd35d8088b9770513c2eaecce671f0940ec\"\u003e\u003ccode\u003e05f38fd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/829\"\u003e#829\u003c/a\u003e from jnunemaker/memory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/8901c238c00d0aca8920271314c4c5d7dd2701fb\"\u003e\u003ccode\u003e8901c23\u003c/code\u003e\u003c/a\u003e feat: stream multipart file uploads to reduce memory usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/091bd6aa909e38822b72f8ce2383385cf8eeb302\"\u003e\u003ccode\u003e091bd6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/828\"\u003e#828\u003c/a\u003e from jnunemaker/issue-826\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/59c0ac5f3d906fb6be2133c1b89d75329755af8f\"\u003e\u003ccode\u003e59c0ac5\u003c/code\u003e\u003c/a\u003e feat: set Content-Type for Hash body in requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/5c8b45e6297d181d99a56f5297dade3e358cc6f9\"\u003e\u003ccode\u003e5c8b45e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/823\"\u003e#823\u003c/a\u003e from jnunemaker/mixed-encodings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/6419cb307dd435572963e4ab40cd96b41389efcf\"\u003e\u003ccode\u003e6419cb3\u003c/code\u003e\u003c/a\u003e Force binary encoding throughout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/c74571f7925c8e142d02c2b7d6ebeedf923b1dd1\"\u003e\u003ccode\u003ec74571f\u003c/code\u003e\u003c/a\u003e Release 0.23.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.18.1...v0.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.2.5 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.g...\n\n_Description has been truncated_","html_url":"https://github.com/danwdart/nixpkgs/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danwdart%2Fnixpkgs/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"}},{"old_version":"4.1.1","new_version":"4.2.0","update_type":"minor","path":null,"pr_created_at":"2026-03-24T01:50:05.000Z","version_change":"4.1.1 → 4.2.0","issue":{"uuid":"4124705928","node_id":"PR_kwDOPVgz5c7M26yh","number":217,"state":"closed","title":"build(deps): bump the bundler group across 2 directories with 3 updates","user":"dependabot[bot]","labels":["dependencies","ruby","Stale"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-08T05:19:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T01:50:05.000Z","updated_at":"2026-04-08T05:20:06.000Z","time_to_close":1308593,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":3,"packages":[{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"rack","old_version":"3.1.15","new_version":"3.2.5"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 1 update in the /src/email directory: [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 1 update in the /src/react-native-app directory: [rexml](https://github.com/ruby/rexml).\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.1.15 to 3.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bb5f3555bd12b9065112353e829298b3b5623ceb\"\u003e\u003ccode\u003ebb5f355\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/f9bde3bc2dde2771185ac1a7b7602a4d9fa0a0d8\"\u003e\u003ccode\u003ef9bde3b\u003c/code\u003e\u003c/a\u003e Prevent directory traversal via root prefix bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/93a68f58aa82aa48f09b751501f19f5e760dd406\"\u003e\u003ccode\u003e93a68f5\u003c/code\u003e\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3b8b0d22d68a7fb30fdea40f838d0f95a05c134d\"\u003e\u003ccode\u003e3b8b0d2\u003c/code\u003e\u003c/a\u003e Fix MockResponse#body when the body is a Proc (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2420\"\u003e#2420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c24539777db8833d78f881680cd245878cfba31\"\u003e\u003ccode\u003e4c24539\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3ba5e4f22f55abac21037bb137e56e5c8e36b673\"\u003e\u003ccode\u003e3ba5e4f\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/32bf8887d00bd86494f0ce08c46cda59a65d332f\"\u003e\u003ccode\u003e32bf888\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f\"\u003e\u003ccode\u003ee179614\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784\"\u003e\u003ccode\u003e57277b7\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/403b74b2441d666845177ce769036e294f663712\"\u003e\u003ccode\u003e403b74b\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v3.1.15...v3.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.4.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/burhanuddin-anw/opentelemetry-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/burhanuddin-anw/opentelemetry-demo/pull/217","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/burhanuddin-anw%2Fopentelemetry-demo/issues/217","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/217/packages"}},{"old_version":"~\u003e 3","new_version":"~\u003e 4","update_type":null,"path":"/gemfiles/sequel-4","pr_created_at":"2026-03-12T12:26:27.000Z","version_change":"~\u003e 3 → ~\u003e 4","issue":{"uuid":"4064313464","node_id":"PR_kwDOALFUpc7KBJxs","number":510,"state":"closed","title":"Update sinatra requirement from ~\u003e 3 to ~\u003e 4 in /gemfiles/sequel-4","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-17T01:05:41.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-12T12:26:27.000Z","updated_at":"2026-04-17T01:05:51.000Z","time_to_close":3069554,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"sinatra","old_version":"~\u003e 3","new_version":"~\u003e 4","repository_url":"https://github.com/sinatra/sinatra"}],"path":"/gemfiles/sequel-4","ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/skylightio/skylight-ruby/pull/510","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/skylightio%2Fskylight-ruby/issues/510","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/510/packages"}},{"old_version":"~\u003e 3","new_version":"~\u003e 4","update_type":null,"path":"/gemfiles/sequel-5","pr_created_at":"2026-03-12T12:25:28.000Z","version_change":"~\u003e 3 → ~\u003e 4","issue":{"uuid":"4064306856","node_id":"PR_kwDOALFUpc7KBIWR","number":497,"state":"open","title":"Update sinatra requirement from ~\u003e 3 to ~\u003e 4 in /gemfiles/sequel-5","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-12T12:25:28.000Z","updated_at":"2026-03-12T12:25:32.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"sinatra","old_version":"~\u003e 3","new_version":"~\u003e 4","repository_url":"https://github.com/sinatra/sinatra"}],"path":"/gemfiles/sequel-5","ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/skylightio/skylight-ruby/pull/497","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/skylightio%2Fskylight-ruby/issues/497","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/497/packages"}},{"old_version":"~\u003e 2.0","new_version":"\u003e= 2, \u003c 5","update_type":null,"path":null,"pr_created_at":"2026-02-20T20:03:39.000Z","version_change":"~\u003e 2.0 → \u003e= 2, \u003c 5","issue":{"uuid":"3970161386","node_id":"PR_kwDOAAcQ4s7FP-ya","number":708,"state":"open","title":"Update sinatra requirement from ~\u003e 2.0 to \u003e= 2, \u003c 5","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-20T20:03:39.000Z","updated_at":"2026-02-21T22:02:54.461Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"sinatra","old_version":"~\u003e 2.0","new_version":"\u003e= 2, \u003c 5","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/geminabox/geminabox/pull/708","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/geminabox%2Fgeminabox/issues/708","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/708/packages"}},{"old_version":"4.1.1","new_version":"4.2.0","update_type":"minor","path":null,"pr_created_at":"2026-02-19T23:42:07.000Z","version_change":"4.1.1 → 4.2.0","issue":{"uuid":"3965692795","node_id":"PR_kwDOOPxAk87FBLry","number":6,"state":"closed","title":"build(deps): bump the bundler group across 15 directories with 14 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-24T01:30:29.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-19T23:42:07.000Z","updated_at":"2026-03-24T01:30:31.000Z","time_to_close":2771302,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":14,"packages":[{"name":"rack","old_version":"3.1.8","new_version":"3.1.20","repository_url":"https://github.com/rack/rack"},{"name":"rack-session","old_version":"2.1.0","new_version":"2.1.1","repository_url":"https://github.com/rack/rack-session"},{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"nokogiri","old_version":"1.18.1","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 4 updates in the /pkgs/applications/office/ledger-web directory: [activerecord](https://github.com/rails/rails), [rack](https://github.com/rack/rack), [rack-session](https://github.com/rack/rack-session) and [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 3 updates in the /pkgs/applications/version-management/danger-gitlab directory: [faraday](https://github.com/lostisland/faraday), [httparty](https://github.com/jnunemaker/httparty) and [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/applications/version-management/git-fame directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 1 update in the /pkgs/by-name/ba/bashly directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 2 updates in the /pkgs/by-name/ce/cewl directory: [rexml](https://github.com/ruby/rexml) and [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 2 updates in the /pkgs/by-name/cf/cfn-nag directory: [rexml](https://github.com/ruby/rexml) and [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby).\nBumps the bundler group with 1 update in the /pkgs/by-name/co/coltrane directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 1 update in the /pkgs/by-name/do/doing directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/by-name/ev/evil-winrm directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 1 update in the /pkgs/by-name/fu/fusuma directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 5 updates in the /pkgs/by-name/go/gollum directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rack](https://github.com/rack/rack) | `3.1.8` | `3.1.20` |\n| [rack-session](https://github.com/rack/rack-session) | `2.1.0` | `2.1.1` |\n| [sinatra](https://github.com/sinatra/sinatra) | `4.1.1` | `4.2.0` |\n| [rexml](https://github.com/ruby/rexml) | `3.4.0` | `3.4.2` |\n| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.18.1` | `1.19.1` |\n\nBumps the bundler group with 3 updates in the /pkgs/by-name/li/licensed directory: [rack](https://github.com/rack/rack), [faraday](https://github.com/lostisland/faraday) and [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 1 update in the /pkgs/by-name/mp/mpdcron directory: [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 1 update in the /pkgs/by-name/ov/overcommit directory: [rexml](https://github.com/ruby/rexml).\nBumps the bundler group with 5 updates in the /pkgs/by-name/pg/pghero directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rack](https://github.com/rack/rack) | `2.2.10` | `2.2.22` |\n| [faraday](https://github.com/lostisland/faraday) | `1.10.4` | `1.10.5` |\n| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.16.7` | `1.19.1` |\n| [net-imap](https://github.com/ruby/net-imap) | `0.5.0` | `0.5.7` |\n| [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) | `1.6.0` | `1.6.1` |\n\n\nUpdates `activerecord` from 8.0.2 to 8.0.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCall inspect on ids in RecordNotFound error\u003c/p\u003e\n\u003cp\u003e[CVE-2025-55193]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGannon McGibbon\u003c/em\u003e, \u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Storage\u003c/h2\u003e\n\u003cpre\u003e\u003ccode\u003eRemove dangerous transformations\n\u003cp\u003e[CVE-2025-24293]\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b0c813bc7b61c71dd21ee3a6c6210f6d14030f71\"\u003e\u003ccode\u003eb0c813b\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a6d50aeaaa98613c42133f22308d7ddaf0e5556e\"\u003e\u003ccode\u003ea6d50ae\u003c/code\u003e\u003c/a\u003e Update CHANGELOGs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/568c0bc2f1e74c65d150a84b89a080949bf9eb9b\"\u003e\u003ccode\u003e568c0bc\u003c/code\u003e\u003c/a\u003e Call inspect on ids in RecordNotFound error\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.1.12 to 3.1.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/65044344e4780d80b409f9ba27df41b6307b5ff5\"\u003e\u003ccode\u003e6504434\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/48e90303ea09cdcf5091104c1ffc94a2f74e2c5b\"\u003e\u003ccode\u003e48e9030\u003c/code\u003e\u003c/a\u003e Prevent directory traversal via root prefix bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed0f455074f9d6aade9793bd8a3dc4aeaecaacd6\"\u003e\u003ccode\u003eed0f455\u003c/code\u003e\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b29df3156208326916cf60482eaec42574b65ff0\"\u003e\u003ccode\u003eb29df31\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/72719a8a7447186234379d9bff889273ec3cd35d\"\u003e\u003ccode\u003e72719a8\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/96cf07879a084e4488d705ed093395e86bb554f5\"\u003e\u003ccode\u003e96cf078\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db\"\u003e\u003ccode\u003ecbd541e\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7e69f65eefe9cd2868df9f9f3b0977b86f93523a\"\u003e\u003ccode\u003e7e69f65\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/db6bc0f64f24a3aa1aa83223da112e25333b049a\"\u003e\u003ccode\u003edb6bc0f\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ad81f80d4bc2db6e3ba15c5b1d3b23205f7c5810\"\u003e\u003ccode\u003ead81f80\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v3.1.12...v3.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-session` from 2.1.0 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack-session/releases\"\u003erack-session's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack-session/compare/v2.1.0...v2.1.1\"\u003ehttps://github.com/rack/rack-session/compare/v2.1.0...v2.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack-session/blob/main/releases.md\"\u003erack-session's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent \u003ccode\u003eRack::Session::Pool\u003c/code\u003e from recreating deleted sessions \u003ca href=\"https://github.com/rack/rack-session/security/advisories/GHSA-9j94-67jr-4cqj\"\u003eCVE-2025-46336\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/96663ece1596a3462704c30f98b85cd7e0337d6e\"\u003e\u003ccode\u003e96663ec\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack-session/commit/c58ad7952cc7d0649f0ea9c78d55049739c49e5a\"\u003e\u003ccode\u003ec58ad79\u003c/code\u003e\u003c/a\u003e Don't allow session to be recreated accidentally.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rack/rack-session/compare/v2.1.0...v2.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uri` from 1.0.3 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/uri/releases\"\u003euri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-allow consecutive, leading and trailing dots in EMAIL_REGEXP by \u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/ruby/uri/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to use the latest version of setup-ruby and bump up to Ruby 3.4 by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/158\"\u003eruby/uri#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the mention to removed \u003ccode\u003eURI.escape/URI::Escape\u003c/code\u003e by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse a fully qualified name in warning messages by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/150\"\u003eruby/uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eRactor#value\u003c/code\u003e by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/163\"\u003eruby/uri#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unnecessary workaround  by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/164\"\u003eruby/uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape reserved characters in scheme name by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/148\"\u003eruby/uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[DOC] State that uri library is needed to call Kernel#URI by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/167\"\u003eruby/uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer dedicated assertion methods by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/169\"\u003eruby/uri#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the message for unexpected argument by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/171\"\u003eruby/uri#171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake URI::regexp schemes case sensitive (\u003ca href=\"https://redirect.github.com/ruby/uri/issues/38\"\u003e#38\u003c/a\u003e) by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/170\"\u003eruby/uri#170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe local part should not contain leading or trailing dots in the EMAIL_REGEXP by \u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMore checks in \u003ccode\u003eEMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/172\"\u003eruby/uri#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not allow empty host names, as they are not allowed by RFC 3986 by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/116\"\u003eruby/uri#116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove performance of \u003ccode\u003eURI::MailTo::EMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/173\"\u003eruby/uri#173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance test stability by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/174\"\u003eruby/uri#174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documents that used \u003ccode\u003eURI::Parser\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/175\"\u003eruby/uri#175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a workflow to sync commits to ruby/ruby by \u003ca href=\"https://github.com/k0kubun\"\u003e\u003ccode\u003e@​k0kubun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/183\"\u003eruby/uri#183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eirb\u003c/code\u003e to the Gemfile to fix the warning by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/182\"\u003eruby/uri#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace reference to the obsolete URI.escape with URI::RFC2396_PARSER.escape by \u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch a parsing behavior completely when switching a parser by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/161\"\u003eruby/uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimprove error message by \u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse generic version number to VERSION by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/187\"\u003eruby/uri#187\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.4...v1.1.0\"\u003ehttps://github.com/ruby/uri/compare/v1.0.4...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.4\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/\"\u003eCVE-2025-61594\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/f1b05c89ab38667e7564896f994d4d6cfbc67149\"\u003e\u003ccode\u003ef1b05c8\u003c/code\u003e\u003c/a\u003e v1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/8557e8d470ad7b969ba11d210e33b9570919661d\"\u003e\u003ccode\u003e8557e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/189\"\u003e#189\u003c/a\u003e from osyoyu/restore-whatwg-email-regexp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c551d7020bba3cf452e696d55c451ae951d0f24b\"\u003e\u003ccode\u003ec551d70\u003c/code\u003e\u003c/a\u003e Re-allow consecutive, leading and trailing dots in EMAIL_REGEXP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c41903b3e4df8ba2ceba16a80d3156a97a81e038\"\u003e\u003ccode\u003ec41903b\u003c/code\u003e\u003c/a\u003e v1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/b433f3499202b2abc27c5211554195243d083f88\"\u003e\u003ccode\u003eb433f34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/187\"\u003e#187\u003c/a\u003e from ruby/switch-version-code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/1fc4f0496a2d44f4af317d8f786a50e9f6918656\"\u003e\u003ccode\u003e1fc4f04\u003c/code\u003e\u003c/a\u003e Use generic version number to VERSION and generate VERSION_CODE from that\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/e8306800d9b58f37f3847e8d598599cb1ef36f3c\"\u003e\u003ccode\u003ee830680\u003c/code\u003e\u003c/a\u003e Exclude dependabot updates from release note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/70d245fa46786b9aa4970c4b815cfe8b1b823bf6\"\u003e\u003ccode\u003e70d245f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/130\"\u003e#130\u003c/a\u003e from soda92/improve-error-message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/d629c8c1541330e4fc50879fbafc0701728e447f\"\u003e\u003ccode\u003ed629c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/161\"\u003e#161\u003c/a\u003e from y-yagi/fix_changing_parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/fec6733919edb140bbdc429ed4b0492776ebc4a2\"\u003e\u003ccode\u003efec6733\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/166\"\u003e#166\u003c/a\u003e from vivshaw/vivshaw/correct-obsolete-parse\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 1.7.0 to 1.10.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.10.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport CVE-2026-25765 by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1665\"\u003elostisland/faraday#1665\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.4...v1.10.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are correctly autoloaded by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1595\"\u003elostisland/faraday#1595\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.3...v1.10.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Ruby 3.2.0 in Faraday v1.x by \u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timrogers\"\u003e\u003ccode\u003e@​timrogers\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1483\"\u003elostisland/faraday#1483\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.2...v1.10.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate three methods for version 2.0 by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1446\"\u003elostisland/faraday#1446\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.1...v1.10.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eFaraday#Deprecate\u003c/code\u003e to \u003ccode\u003e1.x\u003c/code\u003e by \u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hyuraku\"\u003e\u003ccode\u003e@​hyuraku\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1438\"\u003elostisland/faraday#1438\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\"\u003ehttps://github.com/lostisland/faraday/compare/v1.10.0...v1.10.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JSON middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1400\"\u003elostisland/faraday#1400\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.3...v1.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.9.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add support for Ruby 2.4+ by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1371\"\u003elostisland/faraday#1371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\"\u003ehttps://github.com/lostisland/faraday/compare/v1.9.2...v1.9.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/blob/main/CHANGELOG.md\"\u003efaraday's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eFaraday Changelog\u003c/h1\u003e\n\u003ch2\u003eThe changelog has moved!\u003c/h2\u003e\n\u003cp\u003eThis file is not being updated anymore. Instead, please check the \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003eReleases\u003c/a\u003e page.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.1.0...v2.2.0\"\u003e2.2.0\u003c/a\u003e (2022-02-03)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduce the possibility to register middleware with symbols, strings or procs in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1391\"\u003e#1391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.1...v2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-01-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix test adapter thread safety by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1380\"\u003e#1380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd default adapter options by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1382\"\u003e#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Add Ruby 3.1 to matrix by \u003ca href=\"https://github.com/petergoldstein\"\u003e\u003ccode\u003e@​petergoldstein\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1374\"\u003e#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix regex pattern in logger.md examples by \u003ca href=\"https://github.com/hirasawayuki\"\u003e\u003ccode\u003e@​hirasawayuki\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1378\"\u003e#1378\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2022-01-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-add \u003ccode\u003efaraday-net_http\u003c/code\u003e as default adapter by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1366\"\u003e#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated sample format in UPGRADING.md by \u003ca href=\"https://github.com/vimutter\"\u003e\u003ccode\u003e@​vimutter\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1361\"\u003e#1361\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make UPGRADING examples more copyable by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1363\"\u003e#1363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/lostisland/faraday/compare/v1.8.0...v2.0.0\"\u003e2.0.0\u003c/a\u003e (2022-01-04)\u003c/h2\u003e\n\u003cp\u003eThe next major release is here, and it comes almost 2 years after the release of v1.0!\u003c/p\u003e\n\u003cp\u003eThis release changes the way you use Faraday and embraces a new paradigm of Faraday as an ecosystem, rather than a library.\u003c/p\u003e\n\u003cp\u003eWhat does that mean? It means that Faraday is less of a bundled tool and more of a framework for the community to build on top of.\u003c/p\u003e\n\u003cp\u003eAs a result, all adapters and some middleware have moved out and are now shipped as standalone gems 🙌!\u003c/p\u003e\n\u003cp\u003eBut this doesn't mean that upgrading from Faraday 1.x to Faraday 2.0 should be hard, in fact we've listed everything you need to do in the \u003ca href=\"https://github.com/lostisland/faraday/blob/main/UPGRADING.md\"\u003eUPGRADING.md\u003c/a\u003e doc.\u003c/p\u003e\n\u003cp\u003eMoreover, we've setup a new \u003ca href=\"https://github.com/lostisland/awesome-faraday\"\u003eawesome-faraday\u003c/a\u003e repository that will showcase a curated list of adapters and middleware 😎.\u003c/p\u003e\n\u003cp\u003eThis release was the result of the efforts of the core team and all the contributors, new and old, that have helped achieve this milestone 👏.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutoloading, dependency loading and middleware registry cleanup by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1301\"\u003e#1301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove JSON middleware (request and response) from faraday_middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1300\"\u003e#1300\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::Request#method\u003c/code\u003e by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1303\"\u003e#1303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eFaraday::UploadIO\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[1.x] Deprecate Authorization helpers in \u003ccode\u003eFaraday::Connection\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1306\"\u003e#1306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop deprecated auth helpers from Connection and refactor auth middleware by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Faraday 1.x examples in authentication.md docs by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1320\"\u003e#1320\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix passing a URL with embedded basic auth by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1324\"\u003e#1324\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister JSON middleware by \u003ca href=\"https://github.com/mollerhoj\"\u003e\u003ccode\u003e@​mollerhoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1331\"\u003e#1331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/5c1d68aae6020c7a5398147356e5a42ca205bf80\"\u003e\u003ccode\u003e5c1d68a\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/ea02c0ecbcd7ecc5553767f0cd97ec94eae6142b\"\u003e\u003ccode\u003eea02c0e\u003c/code\u003e\u003c/a\u003e Update rubocop complexity thresholds for security fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/d0fc049beb0b0e4e3bd4a52711189130bba7c5f4\"\u003e\u003ccode\u003ed0fc049\u003c/code\u003e\u003c/a\u003e Backport security fix for CVE-2026-25765 to 1.x branch (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1665\"\u003e#1665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/41c990ee1f82f74270c084cca8f398b186f09262\"\u003e\u003ccode\u003e41c990e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/435888d46cb0236eef9c8d6b02ef37a45681207f\"\u003e\u003ccode\u003e435888d\u003c/code\u003e\u003c/a\u003e Make sure that \u003ccode\u003eFaraday::Request::Json\u003c/code\u003e and \u003ccode\u003eFaraday::Response::Json\u003c/code\u003e are cor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/82086930f947d037f0ec14ce740c0485a3b4d5a0\"\u003e\u003ccode\u003e8208693\u003c/code\u003e\u003c/a\u003e Use ruby/setup-ruby in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/eeec3677d769258ec97450c678ef4d8f924fac9a\"\u003e\u003ccode\u003eeeec367\u003c/code\u003e\u003c/a\u003e Fix ruby version in publish.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/92c038bcbf24b171abeecd608a195245f5431e98\"\u003e\u003ccode\u003e92c038b\u003c/code\u003e\u003c/a\u003e Update publish.yml to use Ruby 2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/7a382b5abb19b9278c2bf055da54876ce612cff9\"\u003e\u003ccode\u003e7a382b5\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/16506ee918bd8813d0e241aa1c4996fa2157303c\"\u003e\u003ccode\u003e16506ee\u003c/code\u003e\u003c/a\u003e Add support for Ruby 3.2.0 in Faraday v1.x (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1483\"\u003e#1483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lostisland/faraday/compare/v1.7.0...v1.10.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `httparty` from 0.18.1 to 0.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003ehttparty's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.24.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eForce binary encoding throughout by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/823\"\u003ejnunemaker/httparty#823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eset Content-Type for Hash body in requests by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/828\"\u003ejnunemaker/httparty#828\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: stream multipart file uploads to reduce memory usage by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/829\"\u003ejnunemaker/httparty#829\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent SSRF via absolute URL bypassing base_uri by \u003ca href=\"https://github.com/jnunemaker\"\u003e\u003ccode\u003e@​jnunemaker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/830\"\u003ejnunemaker/httparty#830\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.2...v0.24.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.23.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changelog_uri metadata to gemspec by \u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix multipart with files in binary mode and fields including non-ASCII characters by \u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/baraidrissa\"\u003e\u003ccode\u003e@​baraidrissa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/817\"\u003ejnunemaker/httparty#817\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rdimartino\"\u003e\u003ccode\u003e@​rdimartino\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/822\"\u003ejnunemaker/httparty#822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.1...v0.23.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd foul option to class level \u003ca href=\"https://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\"\u003ehttps://github.com/jnunemaker/httparty/commit/d2683879c902b278a0776620dd7510c99a9db670\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.23.0...v0.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: foul mode to rescue all common network errors:  \u003ca href=\"https://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\"\u003ehttps://github.com/jnunemaker/httparty/blob/891a4a8093afd4cacecab2719223e3170d07f1c0/examples/party_foul_mode.rb\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace master branch to main for better view by \u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashishra0\"\u003e\u003ccode\u003e@​ashishra0\u003c/code\u003e\u003c/a\u003e made their first contribution with foul mode\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bestony\"\u003e\u003ccode\u003e@​bestony\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/803\"\u003ejnunemaker/httparty#803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tradesmanhelix\"\u003e\u003ccode\u003e@​tradesmanhelix\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/811\"\u003ejnunemaker/httparty#811\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\"\u003ehttps://github.com/jnunemaker/httparty/compare/v0.22.0...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.22.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix typo in example name by \u003ca href=\"https://github.com/xymbol\"\u003e\u003ccode\u003e@​xymbol\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/780\"\u003ejnunemaker/httparty#780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtract request building method by \u003ca href=\"https://github.com/aliismayilov\"\u003e\u003ccode\u003e@​aliismayilov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/786\"\u003ejnunemaker/httparty#786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI: Tell dependabot to update GH Actions by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/791\"\u003ejnunemaker/httparty#791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd CSV gem as a dependency for Ruby 3.4 by \u003ca href=\"https://github.com/ngan\"\u003e\u003ccode\u003e@​ngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/796\"\u003ejnunemaker/httparty#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear body when redirecting to a GET  by \u003ca href=\"https://github.com/rhett-inbox\"\u003e\u003ccode\u003e@​rhett-inbox\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/783\"\u003ejnunemaker/httparty#783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCI against Ruby 3.3 by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/798\"\u003ejnunemaker/httparty#798\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/792\"\u003ejnunemaker/httparty#792\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jnunemaker/httparty/blob/main/Changelog.md\"\u003ehttparty's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable \u003ca href=\"https://github.com/jnunemaker/httparty/releases\"\u003echanges since 0.22 are documented in GitHub Releases\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e0.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/cdb45a678c43e44570b4e73f84b1abeb5ec22b8e\"\u003eescape filename in the multipart/form-data Content-Disposition header\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/767\"\u003eFix request marshaling\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/769\"\u003eReplace \u003ccode\u003emime-types\u003c/code\u003e with \u003ccode\u003emini_mime\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.20.0\u003c/h2\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Ruby \u0026gt;= 2.3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/714\"\u003e\u003ccode\u003eMarshal.dump\u003c/code\u003e fails on response objects when request option \u003ccode\u003e:logger\u003c/code\u003e is set or \u003ccode\u003e:parser\u003c/code\u003e is a proc\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/720\"\u003eSwitch \u003ccode\u003e:pem\u003c/code\u003e option to to \u003ccode\u003eOpenSSL::PKey.read\u003c/code\u003e to support other algorithms\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/4416141d37fd71bdba4f37589ec265f55aa446ce\"\u003eRemove use of unary + method for creating non-frozen string to increase compatibility with older versions of ruby\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/709\"\u003eMultipart/Form-Data: rewind files after read\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/711\"\u003eadd frozen_string_literal pragma to all files\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Better handling of Accept-Encoding / Content-Encoding decompression (fixes \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/562\"\u003e#562\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/jnunemaker/httparty/pull/729\"\u003ejnunemaker/httparty#729\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/55ec76e8d1df7903eab3f7c2367991400d3cf65e\"\u003e\u003ccode\u003e55ec76e\u003c/code\u003e\u003c/a\u003e Release 0.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/ddfbc8ddfca03d4f4026b01763ee906071ca558b\"\u003e\u003ccode\u003eddfbc8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/830\"\u003e#830\u003c/a\u003e from jnunemaker/fix-ssrf-base-uri-bypass\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/0529bcd6309c9fd9bfdd50ae211843b10054c240\"\u003e\u003ccode\u003e0529bcd\u003c/code\u003e\u003c/a\u003e fix: prevent SSRF via absolute URL bypassing base_uri (GHSA-hm5p-x4rq-38w4)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/05f38fd35d8088b9770513c2eaecce671f0940ec\"\u003e\u003ccode\u003e05f38fd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/829\"\u003e#829\u003c/a\u003e from jnunemaker/memory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/8901c238c00d0aca8920271314c4c5d7dd2701fb\"\u003e\u003ccode\u003e8901c23\u003c/code\u003e\u003c/a\u003e feat: stream multipart file uploads to reduce memory usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/091bd6aa909e38822b72f8ce2383385cf8eeb302\"\u003e\u003ccode\u003e091bd6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/828\"\u003e#828\u003c/a\u003e from jnunemaker/issue-826\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/59c0ac5f3d906fb6be2133c1b89d75329755af8f\"\u003e\u003ccode\u003e59c0ac5\u003c/code\u003e\u003c/a\u003e feat: set Content-Type for Hash body in requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/5c8b45e6297d181d99a56f5297dade3e358cc6f9\"\u003e\u003ccode\u003e5c8b45e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jnunemaker/httparty/issues/823\"\u003e#823\u003c/a\u003e from jnunemaker/mixed-encodings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/6419cb307dd435572963e4ab40cd96b41389efcf\"\u003e\u003ccode\u003e6419cb3\u003c/code\u003e\u003c/a\u003e Force binary encoding throughout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnunemaker/httparty/commit/c74571f7925c8e142d02c2b7d6ebeedf923b1dd1\"\u003e\u003ccode\u003ec74571f\u003c/code\u003e\u003c/a\u003e Release 0.23.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jnunemaker/httparty/compare/v0.18.1...v0.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.2.5 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.2.5...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 7.0.6 to 7.0.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.0.7.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUse a temporary file for storing unencrypted files while editing\u003c/p\u003e\n\u003cp\u003e[CVE-2023-38037]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c92caefc2bdf856845a72b8608d5603b330e8c3e\"\u003e\u003ccode\u003ec92caef\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/936587d49b3d490462c794b30fb672cef43e1bd0\"\u003e\u003ccode\u003e936587d\u003c/code\u003e\u003c/a\u003e updating version / changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a21d6edf35a60383dfa6c4da49e4b1aef5f00731\"\u003e\u003ccode\u003ea21d6ed\u003c/code\u003e\u003c/a\u003e Use a temporary file for storing unencrypted files while editing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/522c86f35ccc80453ed9fb6ca8b394db321f9a69\"\u003e\u003ccode\u003e522c86f\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5610cbacc5630d775a1a7be78ccb17e561908cba\"\u003e\u003ccode\u003e5610cba\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG with the changes in the repository\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7e9ffc2e137b649c6fd2ca1c580cdfffc9845b55\"\u003e\u003ccode\u003e7e9ffc2\u003c/code\u003e\u003c/a\u003e Fix to_s not using :default format with no args\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a8e88e2e4f157e47050d4ba17ea936902f6a2994\"\u003e\u003ccode\u003ea8e88e2\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eCache::NullStore\u003c/code\u003e with local caching for repeated reads\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b18b9df65eb7d4e5dfa9a6982a8709c0c94b0b97\"\u003e\u003ccode\u003eb18b9df\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/48800\"\u003e#48800\u003c/a\u003e from robinjam/fix-humanize-nil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b12fe80d17b2c7a2cc083d0c83ae3ed95765e6bd\"\u003e\u003ccode\u003eb12fe80\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eEnumerable#sum\u003c/code\u003e for \u003ccode\u003eEnumerator#lazy\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e3f80f625945c689b5edc473c5132037c0c14952\"\u003e\u003ccode\u003ee3f80f6\u003c/code\u003e\u003c/a\u003e Add lower bound to Listen gem requirement\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.0.6...v7.0.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a...\n\n_Description has been truncated_","html_url":"https://github.com/dataheld/nixpkgs/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dataheld%2Fnixpkgs/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"2.2.4","new_version":"4.2.0","update_type":"major","path":null,"pr_created_at":"2026-02-19T23:14:36.000Z","version_change":"2.2.4 → 4.2.0","issue":{"uuid":"3965618937","node_id":"PR_kwDOL2Yris7FA8hO","number":5,"state":"closed","title":"build(deps): bump the bundler group across 8 directories with 11 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-08T03:26:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-19T23:14:36.000Z","updated_at":"2026-04-08T03:26:13.000Z","time_to_close":4075895,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":11,"packages":[{"name":"nokogiri","old_version":"1.16.3","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.9","new_version":"2.2.22","repository_url":"https://github.com/rack/rack"},{"name":"rexml","old_version":"3.2.6","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"sinatra","old_version":"2.2.4","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"},{"name":"webrick","old_version":"1.8.1","new_version":"1.8.2","repository_url":"https://github.com/ruby/webrick"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 1 update in the /pkgs/applications/misc/coltrane directory: [activesupport](https://github.com/rails/rails).\nBumps the bundler group with 5 updates in the /pkgs/applications/misc/gollum directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.16.3` | `1.19.1` |\n| [rack](https://github.com/rack/rack) | `2.2.9` | `2.2.22` |\n| [rexml](https://github.com/ruby/rexml) | `3.2.6` | `3.4.2` |\n| [sinatra](https://github.com/sinatra/sinatra) | `2.2.4` | `4.2.0` |\n| [webrick](https://github.com/ruby/webrick) | `1.8.1` | `1.8.2` |\n\nBumps the bundler group with 1 update in the /pkgs/applications/misc/pt directory: [addressable](https://github.com/sporkmonger/addressable).\nBumps the bundler group with 2 updates in the /pkgs/applications/misc/taskjuggler directory: [webrick](https://github.com/ruby/webrick) and [net-imap](https://github.com/ruby/net-imap).\nBumps the bundler group with 2 updates in the /pkgs/applications/office/ledger-web directory: [rack](https://github.com/rack/rack) and [sinatra](https://github.com/sinatra/sinatra).\nBumps the bundler group with 2 updates in the /pkgs/applications/version-management/bitbucket-server-cli directory: [addressable](https://github.com/sporkmonger/addressable) and [git](https://github.com/ruby-git/ruby-git).\nBumps the bundler group with 4 updates in the /pkgs/applications/version-management/danger-gitlab directory: [rexml](https://github.com/ruby/rexml), [faraday](https://github.com/lostisland/faraday), [git](https://github.com/ruby-git/ruby-git) and [httparty](https://github.com/jnunemaker/httparty).\nBumps the bundler group with 1 update in the /pkgs/by-name/ba/bashly directory: [rexml](https://github.com/ruby/rexml).\n\nUpdates `activesupport` from 7.0.4.2 to 7.0.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.0.7.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUse a temporary file for storing unencrypted files while editing\u003c/p\u003e\n\u003cp\u003e[CVE-2023-38037]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c92caefc2bdf856845a72b8608d5603b330e8c3e\"\u003e\u003ccode\u003ec92caef\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/936587d49b3d490462c794b30fb672cef43e1bd0\"\u003e\u003ccode\u003e936587d\u003c/code\u003e\u003c/a\u003e updating version / changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a21d6edf35a60383dfa6c4da49e4b1aef5f00731\"\u003e\u003ccode\u003ea21d6ed\u003c/code\u003e\u003c/a\u003e Use a temporary file for storing unencrypted files while editing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/522c86f35ccc80453ed9fb6ca8b394db321f9a69\"\u003e\u003ccode\u003e522c86f\u003c/code\u003e\u003c/a\u003e Preparing for 7.0.7 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5610cbacc5630d775a1a7be78ccb17e561908cba\"\u003e\u003ccode\u003e5610cba\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG with the changes in the repository\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7e9ffc2e137b649c6fd2ca1c580cdfffc9845b55\"\u003e\u003ccode\u003e7e9ffc2\u003c/code\u003e\u003c/a\u003e Fix to_s not using :default format with no args\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a8e88e2e4f157e47050d4ba17ea936902f6a2994\"\u003e\u003ccode\u003ea8e88e2\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eCache::NullStore\u003c/code\u003e with local caching for repeated reads\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b18b9df65eb7d4e5dfa9a6982a8709c0c94b0b97\"\u003e\u003ccode\u003eb18b9df\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/48800\"\u003e#48800\u003c/a\u003e from robinjam/fix-humanize-nil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b12fe80d17b2c7a2cc083d0c83ae3ed95765e6bd\"\u003e\u003ccode\u003eb12fe80\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eEnumerable#sum\u003c/code\u003e for \u003ccode\u003eEnumerator#lazy\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e3f80f625945c689b5edc473c5132037c0c14952\"\u003e\u003ccode\u003ee3f80f6\u003c/code\u003e\u003c/a\u003e Add lower bound to Listen gem requirement\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.0.4.2...v7.0.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.16.3 to 1.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.3...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.9 to 2.2.22\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/0cc2e00b22dffc33955ef912569f01e515a406e1\"\u003e\u003ccode\u003e0cc2e00\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a5725c031b2717758851f1eadd9b9dfe7555745a\"\u003e\u003ccode\u003ea5725c0\u003c/code\u003e\u003c/a\u003e Prevent directory traversal via root prefix bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/175e7d206b8ff2bce4d98d7ba429adf73c674bfb\"\u003e\u003ccode\u003e175e7d2\u003c/code\u003e\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3472037aacef99319a62c9e9109b81efc5ba1294\"\u003e\u003ccode\u003e3472037\u003c/code\u003e\u003c/a\u003e Fix changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/851dc02672eca361a48e5a097818aa3cec1d3206\"\u003e\u003ccode\u003e851dc02\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/1e6aeda3d08a5cefd9cf3be4bbef304c2b75aa9c\"\u003e\u003ccode\u003e1e6aeda\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/6ef591522bb44f80654ad1a80654ba46cafdc7c1\"\u003e\u003ccode\u003e6ef5915\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881\"\u003e\u003ccode\u003e4e2c903\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85\"\u003e\u003ccode\u003efba2c8b\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed3d8340d1a7955332b51e74c1075ef3547c09dd\"\u003e\u003ccode\u003eed3d834\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.9...v2.2.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.2.6 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.2.6...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 2.2.4 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.2.4...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webrick` from 1.8.1 to 1.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/webrick/releases\"\u003ewebrick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop commented-out line by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/108\"\u003eruby/webrick#108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Ruby 3.1 \u0026amp; 3.2 to CI matrix by \u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix/redos by \u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/120\"\u003eruby/webrick#120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/121\"\u003eruby/webrick#121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CI by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/123\"\u003eruby/webrick#123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix WEBrick::TestFileHandler#test_short_filename test not working on mswin by \u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug chunk extension detection by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/125\"\u003eruby/webrick#125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix CI. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/131\"\u003eruby/webrick#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge multiple cookie headers, preserving semantic correctness. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/130\"\u003eruby/webrick#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest on macos-latest by \u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRequire CRLF line endings in request line and headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/138\"\u003eruby/webrick#138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer squigly heredocs. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/143\"\u003eruby/webrick#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly strip space and horizontal tab in headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/141\"\u003eruby/webrick#141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat missing CRLF separator after headers as an EOFError by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/142\"\u003eruby/webrick#142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn 400 response for chunked requests with unexpected data after chunk by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/136\"\u003eruby/webrick#136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reference to URI::REGEXP::PATTERN::HOST by \u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent request smuggling by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/146\"\u003eruby/webrick#146\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ehttps://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0fb9de6788a3ba5fe903e63d778a0fb8c1dce786\"\u003e\u003ccode\u003e0fb9de6\u003c/code\u003e\u003c/a\u003e Bump up v1.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/b9a4c81ea94dec02a750c6b34092c55234519bf1\"\u003e\u003ccode\u003eb9a4c81\u003c/code\u003e\u003c/a\u003e Removed trailing spaces\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/f5faca9222541591e1a7c3c97552ebb0c92733c7\"\u003e\u003ccode\u003ef5faca9\u003c/code\u003e\u003c/a\u003e Prevent request smuggling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0c600e169bd4ae267cb5eeb6197277c848323bbe\"\u003e\u003ccode\u003e0c600e1\u003c/code\u003e\u003c/a\u003e Fix reference to URI::REGEXP::PATTERN::HOST\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/15a93914782789520837c334e0c302702aec34e2\"\u003e\u003ccode\u003e15a9391\u003c/code\u003e\u003c/a\u003e Return 400 response for chunked requests with unexpected data after chunk\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/2b38d5614e876d313fe981e87c4e35b91556d226\"\u003e\u003ccode\u003e2b38d56\u003c/code\u003e\u003c/a\u003e Treat missing CRLF separator after headers as an EOFError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e4efb4a2300540f14f93c09c06bf0357ac1597dc\"\u003e\u003ccode\u003ee4efb4a\u003c/code\u003e\u003c/a\u003e Remove unnecessary gsub calls in test_httprequest.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/426e214532bb0be5e4ab8b3c9cef328432012d0d\"\u003e\u003ccode\u003e426e214\u003c/code\u003e\u003c/a\u003e Only strip space and horizontal tab in headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e72cb697836e2ff201a4a74c108fdca9d3d2d0ed\"\u003e\u003ccode\u003ee72cb69\u003c/code\u003e\u003c/a\u003e Prefer squigly heredocs. (\u003ca href=\"https://redirect.github.com/ruby/webrick/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/ee60354bcb84ec33b9245e1d1aa6e1f7e8132101\"\u003e\u003ccode\u003eee60354\u003c/code\u003e\u003c/a\u003e Require CRLF line endings in request line and headers\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `addressable` from 2.6.0 to 2.8.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.8.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003cli\u003eno longer replaces \u003ccode\u003e+\u003c/code\u003e with spaces in queries for non-http(s) schemes\u003c/li\u003e\n\u003cli\u003efixed encoding ipv6 literals\u003c/li\u003e\n\u003cli\u003ethe \u003ccode\u003e:compacted\u003c/code\u003e flag for \u003ccode\u003enormalized_query\u003c/code\u003e now dedupes parameters\u003c/li\u003e\n\u003cli\u003efix broken \u003ccode\u003eescape_component\u003c/code\u003e alias\u003c/li\u003e\n\u003cli\u003edropping support for Ruby 2.0 and 2.1\u003c/li\u003e\n\u003cli\u003eadding Ruby 3.0 compatibility for development tasks\u003c/li\u003e\n\u003cli\u003edrop support for \u003ccode\u003erack-mount\u003c/code\u003e and remove Addressable::Template#generate\u003c/li\u003e\n\u003cli\u003eperformance improvements\u003c/li\u003e\n\u003cli\u003eswitch CI/CD to GitHub Actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.7.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadded \u003ccode\u003e:compacted\u003c/code\u003e flag to \u003ccode\u003enormalized_query\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eheuristic_parse\u003c/code\u003e handles \u003ccode\u003emailto:\u003c/code\u003e more intuitively\u003c/li\u003e\n\u003cli\u003edropped explicit support for JRuby 9.0.5.0\u003c/li\u003e\n\u003cli\u003ecompatibility w/ public_suffix 4.x\u003c/li\u003e\n\u003cli\u003eperformance improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/6469a232c0f1892809ff66737370c765d574e16c\"\u003e\u003ccode\u003e6469a23\u003c/code\u003e\u003c/a\u003e Updating gemspec again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/24336385de0261571b3adaad0431459edb420c79\"\u003e\u003ccode\u003e2433638\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:sporkmonger/addressable into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e9c76b889789c75d7073c17b0ab557635d3f6704\"\u003e\u003ccode\u003ee9c76b8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/378\"\u003e#378\u003c/a\u003e from ashmaroli/flat-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/56c5cf7ece9223ff4240e07078cc26d3adbbbd30\"\u003e\u003ccode\u003e56c5cf7\u003c/code\u003e\u003c/a\u003e Update the gemspec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c1fed1ca0a44c448e74d761fd44ed94869199807\"\u003e\u003ccode\u003ec1fed1c\u003c/code\u003e\u003c/a\u003e Require a non-vulnerable rake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d8a3127e35886ce9284810a7f2438bff6b43cbc\"\u003e\u003ccode\u003e0d8a312\u003c/code\u003e\u003c/a\u003e Adding note about ReDoS vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/89c76130ce255c601f642a018cb5fb5a80e679a7\"\u003e\u003ccode\u003e89c7613\u003c/code\u003e\u003c/a\u003e Merge branch 'template-regexp' into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/cf8884f815c96b646c796f707bf768cf6eb65543\"\u003e\u003ccode\u003ecf8884f\u003c/code\u003e\u003c/a\u003e Note about alias fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/bb03f7112e8e478240a0f96e1cc7428159b41586\"\u003e\u003ccode\u003ebb03f71\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/371\"\u003e#371\u003c/a\u003e from charleystran/add_missing_encode_component_doc_entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/6d1d8094a66cbf932ecf69db6850bc9edaf86de0\"\u003e\u003ccode\u003e6d1d809\u003c/code\u003e\u003c/a\u003e Adding note about :compacted normalization\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.6.0...addressable-2.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webrick` from 1.8.1 to 1.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/webrick/releases\"\u003ewebrick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop commented-out line by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/108\"\u003eruby/webrick#108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Ruby 3.1 \u0026amp; 3.2 to CI matrix by \u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix/redos by \u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/120\"\u003eruby/webrick#120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/121\"\u003eruby/webrick#121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CI by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/123\"\u003eruby/webrick#123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix WEBrick::TestFileHandler#test_short_filename test not working on mswin by \u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix bug chunk extension detection by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/125\"\u003eruby/webrick#125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix CI. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/131\"\u003eruby/webrick#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge multiple cookie headers, preserving semantic correctness. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/130\"\u003eruby/webrick#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest on macos-latest by \u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRequire CRLF line endings in request line and headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/138\"\u003eruby/webrick#138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer squigly heredocs. by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/143\"\u003eruby/webrick#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly strip space and horizontal tab in headers by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/141\"\u003eruby/webrick#141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat missing CRLF separator after headers as an EOFError by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/142\"\u003eruby/webrick#142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn 400 response for chunked requests with unexpected data after chunk by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/136\"\u003eruby/webrick#136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reference to URI::REGEXP::PATTERN::HOST by \u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent request smuggling by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/146\"\u003eruby/webrick#146\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tricknotes\"\u003e\u003ccode\u003e@​tricknotes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/109\"\u003eruby/webrick#109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ooooooo-q\"\u003e\u003ccode\u003e@​ooooooo-q\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/114\"\u003eruby/webrick#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KJTsanaktsidis\"\u003e\u003ccode\u003e@​KJTsanaktsidis\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/128\"\u003eruby/webrick#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/byroot\"\u003e\u003ccode\u003e@​byroot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/132\"\u003eruby/webrick#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/casperisfine\"\u003e\u003ccode\u003e@​casperisfine\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/webrick/pull/144\"\u003eruby/webrick#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ehttps://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0fb9de6788a3ba5fe903e63d778a0fb8c1dce786\"\u003e\u003ccode\u003e0fb9de6\u003c/code\u003e\u003c/a\u003e Bump up v1.8.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/b9a4c81ea94dec02a750c6b34092c55234519bf1\"\u003e\u003ccode\u003eb9a4c81\u003c/code\u003e\u003c/a\u003e Removed trailing spaces\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/f5faca9222541591e1a7c3c97552ebb0c92733c7\"\u003e\u003ccode\u003ef5faca9\u003c/code\u003e\u003c/a\u003e Prevent request smuggling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/0c600e169bd4ae267cb5eeb6197277c848323bbe\"\u003e\u003ccode\u003e0c600e1\u003c/code\u003e\u003c/a\u003e Fix reference to URI::REGEXP::PATTERN::HOST\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/15a93914782789520837c334e0c302702aec34e2\"\u003e\u003ccode\u003e15a9391\u003c/code\u003e\u003c/a\u003e Return 400 response for chunked requests with unexpected data after chunk\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/2b38d5614e876d313fe981e87c4e35b91556d226\"\u003e\u003ccode\u003e2b38d56\u003c/code\u003e\u003c/a\u003e Treat missing CRLF separator after headers as an EOFError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e4efb4a2300540f14f93c09c06bf0357ac1597dc\"\u003e\u003ccode\u003ee4efb4a\u003c/code\u003e\u003c/a\u003e Remove unnecessary gsub calls in test_httprequest.rb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/426e214532bb0be5e4ab8b3c9cef328432012d0d\"\u003e\u003ccode\u003e426e214\u003c/code\u003e\u003c/a\u003e Only strip space and horizontal tab in headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/e72cb697836e2ff201a4a74c108fdca9d3d2d0ed\"\u003e\u003ccode\u003ee72cb69\u003c/code\u003e\u003c/a\u003e Prefer squigly heredocs. (\u003ca href=\"https://redirect.github.com/ruby/webrick/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/webrick/commit/ee60354bcb84ec33b9245e1d1aa6e1f7e8132101\"\u003e\u003ccode\u003eee60354\u003c/code\u003e\u003c/a\u003e Require CRLF line endings in request line and headers\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `net-imap` from 0.3.4 to 0.3.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/net-imap/releases\"\u003enet-imap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.3.9\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cem\u003eThe \u003ccode\u003e0.3.x\u003c/code\u003e release branch only receives security fixes, and will be unsupported when ruby 3.2 is EOL.\nPlease upgrade to a newer version.\u003c/em\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security\u003c/h3\u003e\n\u003cp\u003eThis release backports two features to prevent unbounded memory use: the \u003ccode\u003eresponse_handlers\u003c/code\u003e keyword argument to \u003ccode\u003eNet::IMAP.new\u003c/code\u003e so response handlers can be added before the server can send any responses (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/438\"\u003eruby/net-imap#438\u003c/a\u003e), and the \u003ccode\u003emax_response_size\u003c/code\u003e config attribute (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/446\"\u003eruby/net-imap#446\u003c/a\u003e, GHSA-j3g3-5qv5-52mj, CVE-2025-43857, reported by \u003ca href=\"https://github.com/Masamuneee\"\u003e\u003ccode\u003e@​Masamuneee\u003c/code\u003e\u003c/a\u003e).\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThe default \u003ccode\u003emax_response_size\u003c/code\u003e is \u003ccode\u003enil\u003c/code\u003e (unlimited), to avoid backward compatibility issues with secure connections to trusted servers that are well-behaved. It can be configured more conservatively to guard against untrusted servers (for example, connecting to user-provided hostnames). \u003cem\u003eIt is the responsibility of \u003ccode\u003enet-imap\u003c/code\u003e users to configure their client appropriately for the server they are connecting to.\u003c/em\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Backport \u003ccode\u003eresponse_handlers\u003c/code\u003eoption to \u003ccode\u003enew\u003c/code\u003e  by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/438\"\u003eruby/net-imap#438\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/419\"\u003e#419\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/427\"\u003e#427\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e✨ Limit max_response_size by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/446\"\u003eruby/net-imap#446\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/444\"\u003e#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🐛 Use \u003ccode\u003eRange#size\u003c/code\u003e vs \u003ccode\u003eRange#count\u003c/code\u003e for \u003ccode\u003euid-set\u003c/code\u003e limit by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/411\"\u003eruby/net-imap#411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📚 Docs: receiver thread, server responses, connection state by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/437\"\u003eruby/net-imap#437\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/418\"\u003e#418\u003c/a\u003e, and only the documentation from \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/416\"\u003e#416\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Backport \u003ccode\u003eResponseReader\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/439\"\u003eruby/net-imap#439\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eBackports \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/422\"\u003e#422\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/433\"\u003e#433\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/434\"\u003e#434\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/435\"\u003e#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.3.8...v0.3.9\"\u003ehttps://github.com/ruby/net-imap/compare/v0.3.8...v0.3.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security Fix\u003c/h3\u003e\n\u003cp\u003eMitigates CVE-2025-25186 (GHSA-7fc5-f82f-cx69): A malicious server can exhaust client memory by sending \u003ccode\u003eAPPENDUID\u003c/code\u003e or \u003ccode\u003eCOPYUID\u003c/code\u003e responses with very large \u003ccode\u003euid-set\u003c/code\u003e ranges. \u003ccode\u003eNet::IMAP::UIDPlusData\u003c/code\u003e expands these ranges into arrays of integers.\u003c/p\u003e\n\u003ch4\u003eFix with minor API changes\u003c/h4\u003e\n\u003cp\u003eFor v0.3.8, this option is not available.  Upgrade to v0.4.19, v0.5.6, or higher to replace \u003ccode\u003eUIDPlusData\u003c/code\u003e with \u003ccode\u003eAppendUIDData\u003c/code\u003e and \u003ccode\u003eCopyUIDData\u003c/code\u003e.  These classes store their UIDs as \u003ccode\u003eNet::IMAP::SequenceSet\u003c/code\u003e objects (\u003cem\u003enot\u003c/em\u003e expanded into arrays of integers).\u003c/p\u003e\n\u003ch4\u003eMitigate with backward compatible API\u003c/h4\u003e\n\u003cp\u003eThis release mitigates the attack by crashing if a server tries to send a \u003ccode\u003euid-set\u003c/code\u003e that represents more than 10,000 numbers.  This should be larger than almost all legitimate \u003ccode\u003eCOPYUID\u003c/code\u003e or \u003ccode\u003eAPPENDUID\u003c/code\u003e responses and would limit the array to only 80KB (on a 64 bit system).\u003c/p\u003e\n\u003cp\u003eFor v0.3.8, this option is not configurable.  Upgrade to v0.4.19, v0.5.6, or higher to configure this limit.\u003c/p\u003e\n\u003ch4\u003ePlease Note: unhandled responses\u003c/h4\u003e\n\u003cp\u003eIf the client does not add response handlers to prune unhandled responses, a malicious server can still eventually exhaust all client memory, by repeatedly sending malicious responses.  However, \u003ccode\u003enet-imap\u003c/code\u003e has always retained unhandled responses, and it has always been necessary for long-lived connections to prune these responses.  This is not significantly different from connecting to a trusted server with a long-lived connection.  To limit the maximum number of retained responses, a simple handler might look something like the following:\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/d86186dee3bc0304c3d1e7d7f1ff1fd54d144d03\"\u003e\u003ccode\u003ed86186d\u003c/code\u003e\u003c/a\u003e 🔖 Bump version to v0.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/2aadab9f5338f46b64d4da9042ac721f0fd8281d\"\u003e\u003ccode\u003e2aadab9\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/446\"\u003e#446\u003c/a\u003e from ruby/backport/v0.3-max_response_size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/e0059251e854cb03d5209c682ba3484fcb6953cd\"\u003e\u003ccode\u003ee005925\u003c/code\u003e\u003c/a\u003e ✅ Fix backport to not-imap 0.3 and ruby 2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/ae0fa010bb5e3c95b9beee31af607d4dba619d63\"\u003e\u003ccode\u003eae0fa01\u003c/code\u003e\u003c/a\u003e ✅ Fix backport compatibility with ruby 2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/158cfdff54f3961b0ec628136444e3b0b0bb1736\"\u003e\u003ccode\u003e158cfdf\u003c/code\u003e\u003c/a\u003e ✨ Make max_response_size configurable [🚧 partial]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/53ceba1e97cbc3ac4d141077732178cc8bc79476\"\u003e\u003ccode\u003e53ceba1\u003c/code\u003e\u003c/a\u003e ✨ Limit max response size to 512MiB (hard-coded)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/4d1206e168b51887481f951d86f66122a069191a\"\u003e\u003ccode\u003e4d1206e\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/439\"\u003e#439\u003c/a\u003e from ruby/backport/v0.3-response_reader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/19495b807371a279098a13a51e2b68d2d7c7c532\"\u003e\u003ccode\u003e19495b8\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/438\"\u003e#438\u003c/a\u003e from ruby/backport/v0.3-response_handlers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/945df803de4a20f5b9759c98266cb79fd18aa95b\"\u003e\u003ccode\u003e945df80\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/437\"\u003e#437\u003c/a\u003e from ruby/backport/v0.3-document-response-limits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b0a6039e8edf83c3871397cd11acb01236336d8c\"\u003e\u003ccode\u003eb0a6039\u003c/code\u003e\u003c/a\u003e ✅ Fix backport compatibility with ruby 2.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.3.4...v0.3.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.0.7 to 2.2.22\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep A Changelog\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine \u003ccode\u003erack.response_finished\u003c/code\u003e callback arguments more strictly. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2365\"\u003e#2365\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Files#assign_headers\u003c/code\u003e to allow overriding how the configured file headers are set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2377\"\u003e#2377\u003c/a\u003e, \u003ca href=\"https://github.com/codergeek121\"\u003e\u003ccode\u003e@​codergeek121\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003erack.response_finished\u003c/code\u003e to \u003ccode\u003eRack::TempfileReaper\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2363\"\u003e#2363\u003c/a\u003e, \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003edeflaters\u003c/code\u003e option to \u003ccode\u003eRack::Deflater\u003c/code\u003e to enable custom compression algorithms like zstd. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2168\"\u003e#2168\u003c/a\u003e, \u003ca href=\"https://github.com/alexanderadam\"\u003e\u003ccode\u003e@​alexanderadam\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#prefetch?\u003c/code\u003e for identifying requests with \u003ccode\u003eSec-Purpose: prefetch\u003c/code\u003e header set. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2405\"\u003e#2405\u003c/a\u003e, \u003ca href=\"https://github.com/glaszig\"\u003e\u003ccode\u003e@​glaszig\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003erack.request.trusted_proxy\u003c/code\u003e environment key to indicate whether the request is coming from a trusted proxy.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise before exceeding a part limit, not after. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2362\"\u003e#2362\u003c/a\u003e, \u003ca href=\"https://github.com/matthew-puku\"\u003e\u003ccode\u003e@​matthew-puku\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRack::Deflater now uses a fixed GZip mtime value. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2372\"\u003e#2372\u003c/a\u003e, \u003ca href=\"https://github.com/bensheldon\"\u003e\u003ccode\u003e@​bensheldon\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMultipart parser drops support for RFC 2231 \u003ccode\u003efilename*\u003c/code\u003e parameter (prohibited by RFC 7578) and now properly handles UTF-8 encoded filenames via percent-encoding and direct UTF-8 bytes. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2398\"\u003e#2398\u003c/a\u003e, \u003ca href=\"https://github.com/wtn\"\u003e\u003ccode\u003e@​wtn\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe query parser now raises \u003ccode\u003eRack::QueryParser::IncompatibleEncodingError\u003c/code\u003e if we try to parse params that are not ASCII compatible. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2416\"\u003e#2416\u003c/a\u003e, \u003ca href=\"https://github.com/bquorning\"\u003e\u003ccode\u003e@​bquorning\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-...\n\n_Description has been truncated_","html_url":"https://github.com/mpusch88/nixpkgs/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mpusch88%2Fnixpkgs/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"1.4.5","new_version":"1.4.8","update_type":"patch","path":null,"pr_created_at":"2026-02-16T07:52:52.000Z","version_change":"1.4.5 → 1.4.8","issue":{"uuid":"3946391863","node_id":"PR_kwDORRTfbc7EBx2R","number":1,"state":"open","title":"Bump sinatra from 1.4.5 to 1.4.8","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-16T07:52:52.000Z","updated_at":"2026-02-16T07:53:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"sinatra","old_version":"1.4.5","new_version":"1.4.8","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 1.4.5 to 1.4.8.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.8 / 2017-01-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix the deprecation warning from Ruby about Fixnum. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e by Akira Matsuda\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.7 / 2016-01-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ashley Williams, Trevor Bramble, and Kashyap Kondamudi to team Sinatra.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCorrectly handle encoded colons in routes. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRename CHANGES to CHANGELOG.md and update Rakefile. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1043\"\u003e#1043\u003c/a\u003e (Eliza Sorensen)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove documentation. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/941\"\u003e#941\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1069\"\u003e#1069\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1075\"\u003e#1075\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1025\"\u003e#1025\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1052\"\u003e#1052\u003c/a\u003e (Many great folks)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIntroduce \u003ccode\u003eSinatra::Ext\u003c/code\u003e to workaround Rack 1.6 bug to fix Ruby 1.8.7\nsupport. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1080\"\u003e#1080\u003c/a\u003e (Zachary Scott)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd CONTRIBUTING guide. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/987\"\u003e#987\u003c/a\u003e (Katrina Owen)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.6 / 2015-03-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprove tests and documentation. (Darío Hereñú, Seiichi Yonezawa, kyoendo,\nJohn Voloski, Ferenc-, Renaud Martinet, Christian Haase, marocchino,\nhuoxito, Damir Svrtan, Amaury Medeiros, Jeremy Evans, Kashyap, shenqihui,\nAusmarton Fernandes, kami, Vipul A M, Lei Wu, 7stud, Taylor Shuler,\nnamusyaka, burningTyger, Cornelius Bock, detomastah, hakeda, John Hope,\nRuben Gonzalez, Andrey Deryabin, attilaolah, Anton Davydov, Nikita Penzin,\nDyego Costa)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove duplicate require of sinatra/base. (Alexey Muranov)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEscape HTML in 404 error page. (Andy Brody)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor to method call in \u003ccode\u003eStream#close\u003c/code\u003e and \u003ccode\u003e#callback\u003c/code\u003e. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDepend on latest version of Slim. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with Tilt version 2. (Yegor Timoschenko)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility issue with Rack \u003ccode\u003epretty\u003c/code\u003e method from ShowExceptions.\n(Kashyap)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eShow date in local time in exception messages. (tayler1)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix logo on error pages when using Ruby 1.8. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade test suite to Minitest version 5 and fix Ruby 2.2 compatibility.\n(Vipul A M)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/1f4444df234a81df582d3171131f8c5e8dd3e6ea\"\u003e\u003ccode\u003e1f4444d\u003c/code\u003e\u003c/a\u003e Bump stable to 1.4.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/0f64edc7db6adbb9cf3658d0e0f3b2f5f3b346fb\"\u003e\u003ccode\u003e0f64edc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e from sinatra/fix-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c01339466befe5d31284b2b71fd2e7505072b730\"\u003e\u003ccode\u003ec013394\u003c/code\u003e\u003c/a\u003e Break this up into 2 statements so jruby doesn't get pegged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/dcc25cec3b8bf984d4c40afccc6f1f27f1bbcda5\"\u003e\u003ccode\u003edcc25ce\u003c/code\u003e\u003c/a\u003e I must have been tired\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/78d732b926b94e87f5e314289c01432f97006b9b\"\u003e\u003ccode\u003e78d732b\u003c/code\u003e\u003c/a\u003e This is too hard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/9638de847034af142cd6408d147b7fadecc0de64\"\u003e\u003ccode\u003e9638de8\u003c/code\u003e\u003c/a\u003e Pick versions of nokogiri, activesupport, and i18n that work everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3944e1a30557a3b5a67c18f52ed23bb825e53edd\"\u003e\u003ccode\u003e3944e1a\u003c/code\u003e\u003c/a\u003e Pick a version of json which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c4f01337deeb4a036bcbed74ed769bef17848b05\"\u003e\u003ccode\u003ec4f0133\u003c/code\u003e\u003c/a\u003e Pick a version of liquid which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5dc6d6d0ede6cc2c0367bb23df9391893ddbad4f\"\u003e\u003ccode\u003e5dc6d6d\u003c/code\u003e\u003c/a\u003e Pin rake to a version that works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/864281878ac76b6db1b8713989420ea558e65d65\"\u003e\u003ccode\u003e8642818\u003c/code\u003e\u003c/a\u003e Update build for supported Ruby versions and remove HEAD testing of tilt/rack\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v1.4.5...v1.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=1.4.5\u0026new-version=1.4.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Codename-shaShank/Skin-skeleton/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Codename-shaShank%2FSkin-skeleton/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.4.5","new_version":"1.4.8","update_type":"patch","path":null,"pr_created_at":"2026-02-13T05:44:40.000Z","version_change":"1.4.5 → 1.4.8","issue":{"uuid":"3935482433","node_id":"PR_kwDORPPTA87DeBde","number":3,"state":"open","title":"Bump sinatra from 1.4.5 to 1.4.8","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-13T05:44:40.000Z","updated_at":"2026-02-13T05:44:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"sinatra","old_version":"1.4.5","new_version":"1.4.8","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 1.4.5 to 1.4.8.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.8 / 2017-01-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix the deprecation warning from Ruby about Fixnum. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e by Akira Matsuda\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.7 / 2016-01-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ashley Williams, Trevor Bramble, and Kashyap Kondamudi to team Sinatra.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCorrectly handle encoded colons in routes. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRename CHANGES to CHANGELOG.md and update Rakefile. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1043\"\u003e#1043\u003c/a\u003e (Eliza Sorensen)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove documentation. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/941\"\u003e#941\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1069\"\u003e#1069\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1075\"\u003e#1075\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1025\"\u003e#1025\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1052\"\u003e#1052\u003c/a\u003e (Many great folks)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIntroduce \u003ccode\u003eSinatra::Ext\u003c/code\u003e to workaround Rack 1.6 bug to fix Ruby 1.8.7\nsupport. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1080\"\u003e#1080\u003c/a\u003e (Zachary Scott)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd CONTRIBUTING guide. \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/987\"\u003e#987\u003c/a\u003e (Katrina Owen)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.6 / 2015-03-23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprove tests and documentation. (Darío Hereñú, Seiichi Yonezawa, kyoendo,\nJohn Voloski, Ferenc-, Renaud Martinet, Christian Haase, marocchino,\nhuoxito, Damir Svrtan, Amaury Medeiros, Jeremy Evans, Kashyap, shenqihui,\nAusmarton Fernandes, kami, Vipul A M, Lei Wu, 7stud, Taylor Shuler,\nnamusyaka, burningTyger, Cornelius Bock, detomastah, hakeda, John Hope,\nRuben Gonzalez, Andrey Deryabin, attilaolah, Anton Davydov, Nikita Penzin,\nDyego Costa)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove duplicate require of sinatra/base. (Alexey Muranov)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEscape HTML in 404 error page. (Andy Brody)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor to method call in \u003ccode\u003eStream#close\u003c/code\u003e and \u003ccode\u003e#callback\u003c/code\u003e. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDepend on latest version of Slim. (Damir Svrtan)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with Tilt version 2. (Yegor Timoschenko)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility issue with Rack \u003ccode\u003epretty\u003c/code\u003e method from ShowExceptions.\n(Kashyap)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eShow date in local time in exception messages. (tayler1)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix logo on error pages when using Ruby 1.8. (Jeremy Evans)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade test suite to Minitest version 5 and fix Ruby 2.2 compatibility.\n(Vipul A M)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/1f4444df234a81df582d3171131f8c5e8dd3e6ea\"\u003e\u003ccode\u003e1f4444d\u003c/code\u003e\u003c/a\u003e Bump stable to 1.4.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/0f64edc7db6adbb9cf3658d0e0f3b2f5f3b346fb\"\u003e\u003ccode\u003e0f64edc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1235\"\u003e#1235\u003c/a\u003e from sinatra/fix-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c01339466befe5d31284b2b71fd2e7505072b730\"\u003e\u003ccode\u003ec013394\u003c/code\u003e\u003c/a\u003e Break this up into 2 statements so jruby doesn't get pegged\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/dcc25cec3b8bf984d4c40afccc6f1f27f1bbcda5\"\u003e\u003ccode\u003edcc25ce\u003c/code\u003e\u003c/a\u003e I must have been tired\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/78d732b926b94e87f5e314289c01432f97006b9b\"\u003e\u003ccode\u003e78d732b\u003c/code\u003e\u003c/a\u003e This is too hard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/9638de847034af142cd6408d147b7fadecc0de64\"\u003e\u003ccode\u003e9638de8\u003c/code\u003e\u003c/a\u003e Pick versions of nokogiri, activesupport, and i18n that work everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3944e1a30557a3b5a67c18f52ed23bb825e53edd\"\u003e\u003ccode\u003e3944e1a\u003c/code\u003e\u003c/a\u003e Pick a version of json which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c4f01337deeb4a036bcbed74ed769bef17848b05\"\u003e\u003ccode\u003ec4f0133\u003c/code\u003e\u003c/a\u003e Pick a version of liquid which works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5dc6d6d0ede6cc2c0367bb23df9391893ddbad4f\"\u003e\u003ccode\u003e5dc6d6d\u003c/code\u003e\u003c/a\u003e Pin rake to a version that works everywhere\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/864281878ac76b6db1b8713989420ea558e65d65\"\u003e\u003ccode\u003e8642818\u003c/code\u003e\u003c/a\u003e Update build for supported Ruby versions and remove HEAD testing of tilt/rack\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v1.4.5...v1.4.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=1.4.5\u0026new-version=1.4.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Codename-shaShank/Skeleton/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Codename-shaShank%2FSkeleton/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"~\u003e 3.0","new_version":"~\u003e 4.2","update_type":null,"path":"/prebuilt-checkout-page/server/ruby","pr_created_at":"2026-02-10T16:04:16.000Z","version_change":"~\u003e 3.0 → ~\u003e 4.2","issue":{"uuid":"3922291927","node_id":"PR_kwDORNI2687CyQYA","number":14,"state":"closed","title":"chore(deps): update sinatra requirement from ~\u003e 3.0 to ~\u003e 4.2 in /prebuilt-checkout-page/server/ruby","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-10T23:31:37.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-10T16:04:16.000Z","updated_at":"2026-02-10T23:31:45.000Z","time_to_close":26841,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): update","packages":[{"name":"sinatra","old_version":"~\u003e 3.0","new_version":"~\u003e 4.2","repository_url":"https://github.com/sinatra/sinatra"}],"path":"/prebuilt-checkout-page/server/ruby","ecosystem":"rubygems"},"body":"Updates the requirements on [sinatra](https://github.com/sinatra/sinatra) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.0.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/renjeff1014/accept-a-payment/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/renjeff1014%2Faccept-a-payment/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"2.1.0","new_version":"3.2.0","update_type":"major","path":null,"pr_created_at":"2026-01-29T10:09:52.000Z","version_change":"2.1.0 → 3.2.0","issue":{"uuid":"3869851417","node_id":"PR_kwDOQ-Pg0s7AFnbC","number":9,"state":"closed","title":"chore(deps): bump sinatra from 2.1.0 to 3.2.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-02-01T04:22:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-29T10:09:52.000Z","updated_at":"2026-02-01T04:22:44.000Z","time_to_close":238364,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"sinatra","old_version":"2.1.0","new_version":"3.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 2.1.0 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.2.0 / 2023-12-29\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add \u003ccode\u003e#except\u003c/code\u003e method to \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1940\"\u003e#1940\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Use \u003ccode\u003eException#detailed_message\u003c/code\u003e to show backtrace (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1952\"\u003e#1952\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add \u003ccode\u003eSinatra::HamlHelpers\u003c/code\u003e to sinatra-contrib (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1960\"\u003e#1960\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Add \u003ccode\u003ebase64\u003c/code\u003e to rack-protection runtime dependencies (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1946\"\u003e#1946\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Avoid open-ended dependencies for sinatra-contrib and rack-protection (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1949\"\u003e#1949\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Helpful message when \u003ccode\u003eSinatra::Runner\u003c/code\u003e times out (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1975\"\u003e#1975\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Ruby 3.3 + Bundler 2.5 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1975\"\u003e#1975\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1940\"\u003e#1940\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1940\"\u003esinatra/sinatra#1940\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1946\"\u003e#1946\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1946\"\u003esinatra/sinatra#1946\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1949\"\u003e#1949\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1949\"\u003esinatra/sinatra#1949\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1952\"\u003e#1952\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1952\"\u003esinatra/sinatra#1952\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1960\"\u003e#1960\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1960\"\u003esinatra/sinatra#1960\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1975\"\u003e#1975\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1975\"\u003esinatra/sinatra#1975\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.1.0 / 2023-08-07\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add sass support via sass-embedded \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1911\"\u003e#1911\u003c/a\u003e by なつき\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Add start and stop callbacks \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1913\"\u003e#1913\u003c/a\u003e by Jevin Sew\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Warn on dropping sessions \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1900\"\u003e#1900\u003c/a\u003e by Jonathan del Strother\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Make Puma the default server \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1924\"\u003e#1924\u003c/a\u003e by Patrik Ragnarsson\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Remove use of Tilt::Cache \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1922\"\u003e#1922\u003c/a\u003e by Jeremy Evans (allows use of Tilt 2.2.0 without deprecation warning)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: rack-protection: specify rack version requirement \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1932\"\u003e#1932\u003c/a\u003e by Patrik Ragnarsson\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1911\"\u003e#1911\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1911\"\u003esinatra/sinatra#1911\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1913\"\u003e#1913\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1913\"\u003esinatra/sinatra#1913\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1900\"\u003e#1900\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1900\"\u003esinatra/sinatra#1900\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1924\"\u003e#1924\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1924\"\u003esinatra/sinatra#1924\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1922\"\u003e#1922\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1922\"\u003esinatra/sinatra#1922\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1932\"\u003e#1932\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1932\"\u003esinatra/sinatra#1932\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.0.6 / 2023-04-11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Add support to keep open streaming connections with Puma \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1858\"\u003e#1858\u003c/a\u003e by Jordan Owens\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Avoid crash in \u003ccode\u003euri\u003c/code\u003e helper on Integer input \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/1890\"\u003e#1890\u003c/a\u003e by Patrik Ragnarsson\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/4e8fdb5172a81c1c237388f264e5684a4a15ed4f\"\u003e\u003ccode\u003e4e8fdb5\u003c/code\u003e\u003c/a\u003e 3.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1977\"\u003e#1977\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3b756578fe189261ce21cf3941124834c7736bc4\"\u003e\u003ccode\u003e3b75657\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Shorter \u003ccode\u003eSinatra::Runner\u003c/code\u003e timeout\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1976\"\u003e#1976\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/1551ef7ffc9f937f8ae02d7adb23b250cfac109b\"\u003e\u003ccode\u003e1551ef7\u003c/code\u003e\u003c/a\u003e Ruby 3.3 + Bundler 2.5 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ca6b71c2e48f90ae0fe3b9cd54c4d2459c1bde7c\"\u003e\u003ccode\u003eca6b71c\u003c/code\u003e\u003c/a\u003e Helpful message when \u003ccode\u003eSinatra::Runner\u003c/code\u003e times out\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/0e43702c3feeeed3495aa4590c0cecd04204d4d7\"\u003e\u003ccode\u003e0e43702\u003c/code\u003e\u003c/a\u003e Shorter \u003ccode\u003eSinatra::Runner\u003c/code\u003e timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cadbeddf001680a5dfc336cb8b2834c949f754cd\"\u003e\u003ccode\u003ecadbedd\u003c/code\u003e\u003c/a\u003e CI: move rack-protection to its own job (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1974\"\u003e#1974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5d844eecdc349d32c5c7de72fe68b5ebaafdbee5\"\u003e\u003ccode\u003e5d844ee\u003c/code\u003e\u003c/a\u003e Add workflow for Trusted Publishing to RubyGems (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1970\"\u003e#1970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/11119a8b5c92965a418ab201d5a55877282f2885\"\u003e\u003ccode\u003e11119a8\u003c/code\u003e\u003c/a\u003e CI: use latest rack-test release, not trunk (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1969\"\u003e#1969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2b8965974c9ffcc84773e5d15db4e827194ec42c\"\u003e\u003ccode\u003e2b89659\u003c/code\u003e\u003c/a\u003e CI: avoid rdiscount \u0026gt;= 2.2.7.2 on truffleruby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/dcdebe981074f0a79a0d8384d149c3d2db831a76\"\u003e\u003ccode\u003edcdebe9\u003c/code\u003e\u003c/a\u003e CI: remove sinatra from rack-protection bundle\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v2.1.0...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=2.1.0\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Codename-shaShank/Sample-ruby-app/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Codename-shaShank%2FSample-ruby-app/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"3.1.0","new_version":"4.2.0","update_type":"major","path":null,"pr_created_at":"2026-01-22T18:44:38.000Z","version_change":"3.1.0 → 4.2.0","issue":{"uuid":"3844252026","node_id":"PR_kwDOAApxXs6-xBj2","number":24533,"state":"open","title":"build(deps): bump the bundler group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-22T18:44:38.000Z","updated_at":"2026-02-17T16:02:37.640Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":4,"packages":[{"name":"nokogiri","old_version":"1.16.5","new_version":"1.18.9","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.8.1","new_version":"2.2.20","repository_url":"https://github.com/rack/rack"},{"name":"rexml","old_version":"3.3.9","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"sinatra","old_version":"3.1.0","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 4 updates in the /record-and-playback/core directory: [nokogiri](https://github.com/sparklemotion/nokogiri), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml) and [sinatra](https://github.com/sinatra/sinatra).\n\nUpdates `nokogiri` from 1.16.5 to 1.18.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e5bcfdf7aa8d1056a7ad5e52e1adffc64ef53d12d0724fbc6f458a3af1a4b9e32  nokogiri-1.18.9-aarch64-linux-gnu.gem\n55e9e6ca46c4ad1715e313f407d8481d15be1e3b65d9f8e52ba1c124d01676a7  nokogiri-1.18.9-aarch64-linux-musl.gem\neea3f1f06463ff6309d3ff5b88033c4948d0da1ab3cc0a3a24f63c4d4a763979  nokogiri-1.18.9-arm64-darwin.gem\nfe611ae65880e445a9c0f650d52327db239f3488626df4173c05beafd161d46e  nokogiri-1.18.9-arm-linux-gnu.gem\n935605e14c0ba17da18d203922440bf6c0676c602659278d855d4622d756a324  nokogiri-1.18.9-arm-linux-musl.gem\nac5a7d93fd0e3cef388800b037407890882413feccca79eb0272a2715a82fa33  nokogiri-1.18.9.gem\n1fe5b7aa4a054eda689a969bb4e03999960a6ea806582d327207d687168bceb5  nokogiri-1.18.9-java.gem\n6b4fc1523aa0370c78653e38c94cb50e7f3ab786425de66ba7ad24222c1164a3  nokogiri-1.18.9-x64-mingw-ucrt.gem\ne0d2deb03d3d7af8016e8c9df5ff4a7d692159cefb135cbb6a4109f265652348  nokogiri-1.18.9-x86_64-darwin.gem\nb52f5defedc53d14f71eeaaf990da66b077e1918a2e13088b6a96d0230f44360  nokogiri-1.18.9-x86_64-linux-gnu.gem\ne69359d6240c17e64cc9f43970d54f13bfc7b8cc516b819228f687e953425e69  nokogiri-1.18.9-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e36badd2eb281fca6214a5188e24a34399b15d89730639a068d12931e2adc210e  nokogiri-1.18.8-aarch64-linux-gnu.gem\n664e0f9a77a7122a66d6c03abba7641ca610769a4728db55ee1706a0838b78a2  nokogiri-1.18.8-aarch64-linux-musl.gem\n483b5b9fb33653f6f05cbe00d09ea315f268f0e707cfc809aa39b62993008212  nokogiri-1.18.8-arm64-darwin.gem\n17de01ca3adf9f8e187883ed73c672344d3dbb3c260f88ffa1008e8dc255a28e  nokogiri-1.18.8-arm-linux-gnu.gem\n6e6d7e71fc39572bd613a82d528cf54392c3de1ba5ce974f05c832b8187a040b  nokogiri-1.18.8-arm-linux-musl.gem\n8c7464875d9ca7f71080c24c0db7bcaa3940e8be3c6fc4bcebccf8b9a0016365  nokogiri-1.18.8.gem\n41002596960ff854198a20aaeb34cff0d445406d5ad85ba7ca9c3fd0c8f03de0  nokogiri-1.18.8-java.gem\n11ab0f76772c5f2d718fb253fca5b74c6ef7628b72bbf8deba6ab1ffc93344cf  nokogiri-1.18.8-x64-mingw-ucrt.gem\n024cdfe7d9ae3466bba6c06f348fb2a8395d9426b66a3c82f1961b907945cc0c  nokogiri-1.18.8-x86_64-darwin.gem\n4a747875db873d18a2985ee2c320a6070c4a414ad629da625fbc58d1a20e5ecc  nokogiri-1.18.8-x86_64-linux-gnu.gem\nddd735fba49475a395b9ea793bb6474e3a3125b89960339604d08a5397de1165  nokogiri-1.18.8-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] In HTML documents, \u003ccode\u003eNode#attribute\u003c/code\u003e now returns the correct attribute. This has been broken, and returning \u003ccode\u003enil\u003c/code\u003e, since v1.17.0. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3487\"\u003e#3487\u003c/a\u003e) \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.5 / 2025-03-19\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Update JRuby's XML serialization so it outputs namespaces exactly like CRuby. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3455\"\u003e#3455\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3456\"\u003e#3456\u003c/a\u003e) \u003ca href=\"https://github.com/johnnyshields\"\u003e\u003ccode\u003e@​johnnyshields\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.4 / 2025-03-14\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxslt is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.43\"\u003ev1.1.43\u003c/a\u003e to address CVE-2025-24855 and CVE-2024-55549. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-mrxw-mxhj-p664\"\u003eGHSA-mrxw-mxhj-p664\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.3 / 2025-02-18\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6\"\u003ev2.13.6\u003c/a\u003e to address CVE-2025-24928 and CVE-2024-56171. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vvfq-8hwr-qm4m\"\u003eGHSA-vvfq-8hwr-qm4m\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.2 / 2024-01-19\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1dcd8ce30365ebd4620a3b823bf806b127eeefc3\"\u003e\u003ccode\u003e1dcd8ce\u003c/code\u003e\u003c/a\u003e version bump to v1.18.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/a05d2b44b930072af70dad12bddbac67f36c6f90\"\u003e\u003ccode\u003ea05d2b4\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3526\"\u003e#3526\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/947a55e87edff3c6d76ffd81f07da728e67c9b82\"\u003e\u003ccode\u003e947a55e\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/9187f4af0dc3cc7ea439bd4957a2fbfab18f6665\"\u003e\u003ccode\u003e9187f4a\u003c/code\u003e\u003c/a\u003e version bump to v1.18.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1deea041e3f359ccef67abadf19f0d634bf473dd\"\u003e\u003ccode\u003e1deea04\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8 (branch \u003ccode\u003ev1.18.x\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3509\"\u003e#3509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/6457fe639359edda9f8817994bc4935abae3e81e\"\u003e\u003ccode\u003e6457fe6\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/13e8aa4ef52f39d1273d2435bd6bfa98982471ef\"\u003e\u003ccode\u003e13e8aa4\u003c/code\u003e\u003c/a\u003e version bump to v1.18.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/605699d271ee5d7f58ab29c4550fad42b9cc3d69\"\u003e\u003ccode\u003e605699d\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7 (v1.18.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/804e59038c4318ebe7ba0dc08105cff2030df415\"\u003e\u003ccode\u003e804e590\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/52bf15b62d4e576292e21ac948030783333f9e0b\"\u003e\u003ccode\u003e52bf15b\u003c/code\u003e\u003c/a\u003e dep(dev): drop Rubocop from JRuby deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.5...v1.18.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.8.1 to 2.2.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.2.20] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.19] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.18] - 2025-09-25\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-625h-95r8-8xpm\"\u003eCVE-2025-59830\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion via semicolon-separated parameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.17] - 2025-06-03\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003eRack::MediaType#params\u003c/code\u003e now handles parameters without values. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2263\"\u003e#2263\u003c/a\u003e, \u003ca href=\"https://github.com/AllyMarthaJ\"\u003e\u003ccode\u003e@​AllyMarthaJ\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.16] - 2025-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect backport of optional \u003ccode\u003eCGI::Cookie\u003c/code\u003e support. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2335\"\u003e#2335\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.15] - 2025-05-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptional support for \u003ccode\u003eCGI::Cookie\u003c/code\u003e if not available. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2327\"\u003e#2327\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2333\"\u003e#2333\u003c/a\u003e, [\u003ca href=\"https://github.com/earlopain\"\u003e\u003ccode\u003e@​earlopain\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.14] - 2025-05-06\u003c/h2\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eThis release includes a security fix that may cause certain routes in previously working applications to fail if query parameters exceed 4,096 in count or 4 MB in total size. See \u003ca href=\"https://github.com/rack/rack/discussions/2356\"\u003ehttps://github.com/rack/rack/discussions/2356\u003c/a\u003e for more details.\u003c/strong\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-gjh7-p2fx-99vx\"\u003eCVE-2025-46727\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.13] - 2025-03-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7wqh-767x-r66v\"\u003eCVE-2025-27610\u003c/a\u003e Local file inclusion in \u003ccode\u003eRack::Static\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.12] - 2025-03-04\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/6ef591522bb44f80654ad1a80654ba46cafdc7c1\"\u003e\u003ccode\u003e6ef5915\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881\"\u003e\u003ccode\u003e4e2c903\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85\"\u003e\u003ccode\u003efba2c8b\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed3d8340d1a7955332b51e74c1075ef3547c09dd\"\u003e\u003ccode\u003eed3d834\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c4ea296fdfd115377912aa7dbcb55b83bf2888e\"\u003e\u003ccode\u003e4c4ea29\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/c370dcd9405a6799763b70a83f06ae2d1aaa0e87\"\u003e\u003ccode\u003ec370dcd\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e\"\u003e\u003ccode\u003ed869fed\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/0f76d43c0d5624bd0d325df4f0a63f5e1faa7254\"\u003e\u003ccode\u003e0f76d43\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/493a4119ea010a7ac3dbc0ff579fc8af42e24ba4\"\u003e\u003ccode\u003e493a411\u003c/code\u003e\u003c/a\u003e Fix thin integration.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71\"\u003e\u003ccode\u003e54e4ffd\u003c/code\u003e\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.8.1...v2.2.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.3.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.3.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 3.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.1.0...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bigbluebutton/bigbluebutton/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bigbluebutton/bigbluebutton/pull/24533","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bigbluebutton%2Fbigbluebutton/issues/24533","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24533/packages"}},{"old_version":"3.1.0","new_version":"4.2.0","update_type":"major","path":null,"pr_created_at":"2026-01-22T14:47:58.000Z","version_change":"3.1.0 → 4.2.0","issue":{"uuid":"3843283353","node_id":"PR_kwDOAApxXs6-tyLk","number":24526,"state":"open","title":"build(deps): bump the bundler group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-22T14:47:58.000Z","updated_at":"2026-01-22T17:00:14.335Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"bundler","update_count":4,"packages":[{"name":"nokogiri","old_version":"1.16.5","new_version":"1.18.9","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.8.1","new_version":"2.2.20","repository_url":"https://github.com/rack/rack"},{"name":"rexml","old_version":"3.3.9","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"sinatra","old_version":"3.1.0","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 4 updates in the /record-and-playback/core directory: [nokogiri](https://github.com/sparklemotion/nokogiri), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml) and [sinatra](https://github.com/sinatra/sinatra).\n\nUpdates `nokogiri` from 1.16.5 to 1.18.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e5bcfdf7aa8d1056a7ad5e52e1adffc64ef53d12d0724fbc6f458a3af1a4b9e32  nokogiri-1.18.9-aarch64-linux-gnu.gem\n55e9e6ca46c4ad1715e313f407d8481d15be1e3b65d9f8e52ba1c124d01676a7  nokogiri-1.18.9-aarch64-linux-musl.gem\neea3f1f06463ff6309d3ff5b88033c4948d0da1ab3cc0a3a24f63c4d4a763979  nokogiri-1.18.9-arm64-darwin.gem\nfe611ae65880e445a9c0f650d52327db239f3488626df4173c05beafd161d46e  nokogiri-1.18.9-arm-linux-gnu.gem\n935605e14c0ba17da18d203922440bf6c0676c602659278d855d4622d756a324  nokogiri-1.18.9-arm-linux-musl.gem\nac5a7d93fd0e3cef388800b037407890882413feccca79eb0272a2715a82fa33  nokogiri-1.18.9.gem\n1fe5b7aa4a054eda689a969bb4e03999960a6ea806582d327207d687168bceb5  nokogiri-1.18.9-java.gem\n6b4fc1523aa0370c78653e38c94cb50e7f3ab786425de66ba7ad24222c1164a3  nokogiri-1.18.9-x64-mingw-ucrt.gem\ne0d2deb03d3d7af8016e8c9df5ff4a7d692159cefb135cbb6a4109f265652348  nokogiri-1.18.9-x86_64-darwin.gem\nb52f5defedc53d14f71eeaaf990da66b077e1918a2e13088b6a96d0230f44360  nokogiri-1.18.9-x86_64-linux-gnu.gem\ne69359d6240c17e64cc9f43970d54f13bfc7b8cc516b819228f687e953425e69  nokogiri-1.18.9-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e36badd2eb281fca6214a5188e24a34399b15d89730639a068d12931e2adc210e  nokogiri-1.18.8-aarch64-linux-gnu.gem\n664e0f9a77a7122a66d6c03abba7641ca610769a4728db55ee1706a0838b78a2  nokogiri-1.18.8-aarch64-linux-musl.gem\n483b5b9fb33653f6f05cbe00d09ea315f268f0e707cfc809aa39b62993008212  nokogiri-1.18.8-arm64-darwin.gem\n17de01ca3adf9f8e187883ed73c672344d3dbb3c260f88ffa1008e8dc255a28e  nokogiri-1.18.8-arm-linux-gnu.gem\n6e6d7e71fc39572bd613a82d528cf54392c3de1ba5ce974f05c832b8187a040b  nokogiri-1.18.8-arm-linux-musl.gem\n8c7464875d9ca7f71080c24c0db7bcaa3940e8be3c6fc4bcebccf8b9a0016365  nokogiri-1.18.8.gem\n41002596960ff854198a20aaeb34cff0d445406d5ad85ba7ca9c3fd0c8f03de0  nokogiri-1.18.8-java.gem\n11ab0f76772c5f2d718fb253fca5b74c6ef7628b72bbf8deba6ab1ffc93344cf  nokogiri-1.18.8-x64-mingw-ucrt.gem\n024cdfe7d9ae3466bba6c06f348fb2a8395d9426b66a3c82f1961b907945cc0c  nokogiri-1.18.8-x86_64-darwin.gem\n4a747875db873d18a2985ee2c320a6070c4a414ad629da625fbc58d1a20e5ecc  nokogiri-1.18.8-x86_64-linux-gnu.gem\nddd735fba49475a395b9ea793bb6474e3a3125b89960339604d08a5397de1165  nokogiri-1.18.8-x86_64-linux-musl.gem\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] In HTML documents, \u003ccode\u003eNode#attribute\u003c/code\u003e now returns the correct attribute. This has been broken, and returning \u003ccode\u003enil\u003c/code\u003e, since v1.17.0. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3487\"\u003e#3487\u003c/a\u003e) \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.5 / 2025-03-19\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Update JRuby's XML serialization so it outputs namespaces exactly like CRuby. (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3455\"\u003e#3455\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3456\"\u003e#3456\u003c/a\u003e) \u003ca href=\"https://github.com/johnnyshields\"\u003e\u003ccode\u003e@​johnnyshields\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.4 / 2025-03-14\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxslt is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.43\"\u003ev1.1.43\u003c/a\u003e to address CVE-2025-24855 and CVE-2024-55549. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-mrxw-mxhj-p664\"\u003eGHSA-mrxw-mxhj-p664\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.3 / 2025-02-18\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6\"\u003ev2.13.6\u003c/a\u003e to address CVE-2025-24928 and CVE-2024-56171. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vvfq-8hwr-qm4m\"\u003eGHSA-vvfq-8hwr-qm4m\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.2 / 2024-01-19\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1dcd8ce30365ebd4620a3b823bf806b127eeefc3\"\u003e\u003ccode\u003e1dcd8ce\u003c/code\u003e\u003c/a\u003e version bump to v1.18.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/a05d2b44b930072af70dad12bddbac67f36c6f90\"\u003e\u003ccode\u003ea05d2b4\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3526\"\u003e#3526\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/947a55e87edff3c6d76ffd81f07da728e67c9b82\"\u003e\u003ccode\u003e947a55e\u003c/code\u003e\u003c/a\u003e Apply upstream patches to address multiple vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/9187f4af0dc3cc7ea439bd4957a2fbfab18f6665\"\u003e\u003ccode\u003e9187f4a\u003c/code\u003e\u003c/a\u003e version bump to v1.18.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1deea041e3f359ccef67abadf19f0d634bf473dd\"\u003e\u003ccode\u003e1deea04\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8 (branch \u003ccode\u003ev1.18.x\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3509\"\u003e#3509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/6457fe639359edda9f8817994bc4935abae3e81e\"\u003e\u003ccode\u003e6457fe6\u003c/code\u003e\u003c/a\u003e dep: libxml2 to v2.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/13e8aa4ef52f39d1273d2435bd6bfa98982471ef\"\u003e\u003ccode\u003e13e8aa4\u003c/code\u003e\u003c/a\u003e version bump to v1.18.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/605699d271ee5d7f58ab29c4550fad42b9cc3d69\"\u003e\u003ccode\u003e605699d\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7 (v1.18.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/804e59038c4318ebe7ba0dc08105cff2030df415\"\u003e\u003ccode\u003e804e590\u003c/code\u003e\u003c/a\u003e dep: bump libxml2 to 2.13.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/52bf15b62d4e576292e21ac948030783333f9e0b\"\u003e\u003ccode\u003e52bf15b\u003c/code\u003e\u003c/a\u003e dep(dev): drop Rubocop from JRuby deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.5...v1.18.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.8.1 to 2.2.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.2.20] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.19] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.18] - 2025-09-25\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-625h-95r8-8xpm\"\u003eCVE-2025-59830\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion via semicolon-separated parameters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.17] - 2025-06-03\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003eRack::MediaType#params\u003c/code\u003e now handles parameters without values. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2263\"\u003e#2263\u003c/a\u003e, \u003ca href=\"https://github.com/AllyMarthaJ\"\u003e\u003ccode\u003e@​AllyMarthaJ\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.16] - 2025-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect backport of optional \u003ccode\u003eCGI::Cookie\u003c/code\u003e support. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2335\"\u003e#2335\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.15] - 2025-05-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptional support for \u003ccode\u003eCGI::Cookie\u003c/code\u003e if not available. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2327\"\u003e#2327\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2333\"\u003e#2333\u003c/a\u003e, [\u003ca href=\"https://github.com/earlopain\"\u003e\u003ccode\u003e@​earlopain\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.14] - 2025-05-06\u003c/h2\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eThis release includes a security fix that may cause certain routes in previously working applications to fail if query parameters exceed 4,096 in count or 4 MB in total size. See \u003ca href=\"https://github.com/rack/rack/discussions/2356\"\u003ehttps://github.com/rack/rack/discussions/2356\u003c/a\u003e for more details.\u003c/strong\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-gjh7-p2fx-99vx\"\u003eCVE-2025-46727\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.13] - 2025-03-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7wqh-767x-r66v\"\u003eCVE-2025-27610\u003c/a\u003e Local file inclusion in \u003ccode\u003eRack::Static\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.2.12] - 2025-03-04\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/6ef591522bb44f80654ad1a80654ba46cafdc7c1\"\u003e\u003ccode\u003e6ef5915\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881\"\u003e\u003ccode\u003e4e2c903\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85\"\u003e\u003ccode\u003efba2c8b\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/ed3d8340d1a7955332b51e74c1075ef3547c09dd\"\u003e\u003ccode\u003eed3d834\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c4ea296fdfd115377912aa7dbcb55b83bf2888e\"\u003e\u003ccode\u003e4c4ea29\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/c370dcd9405a6799763b70a83f06ae2d1aaa0e87\"\u003e\u003ccode\u003ec370dcd\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e\"\u003e\u003ccode\u003ed869fed\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/0f76d43c0d5624bd0d325df4f0a63f5e1faa7254\"\u003e\u003ccode\u003e0f76d43\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/493a4119ea010a7ac3dbc0ff579fc8af42e24ba4\"\u003e\u003ccode\u003e493a411\u003c/code\u003e\u003c/a\u003e Fix thin integration.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71\"\u003e\u003ccode\u003e54e4ffd\u003c/code\u003e\u003c/a\u003e Unbounded parameter parsing in \u003ccode\u003eRack::QueryParser\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.8.1...v2.2.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.3.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.3.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 3.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003esinatra/sinatra#2035\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003esinatra/sinatra#2081\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003esinatra/sinatra#2078\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003esinatra/sinatra#2033\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.1.0...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bigbluebutton/bigbluebutton/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bigbluebutton/bigbluebutton/pull/24526","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bigbluebutton%2Fbigbluebutton/issues/24526","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24526/packages"}},{"old_version":"4.1.1","new_version":"4.2.0","update_type":"minor","path":null,"pr_created_at":"2026-01-22T11:48:58.000Z","version_change":"4.1.1 → 4.2.0","issue":{"uuid":"3842573988","node_id":"PR_kwDOQ4e3VM6-ra5W","number":6,"state":"open","title":"Bump sinatra from 4.1.1 to 4.2.0","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-22T11:48:58.000Z","updated_at":"2026-01-22T11:49:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) from 4.1.1 to 4.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sinatra\u0026package-manager=bundler\u0026previous-version=4.1.1\u0026new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/etchteam/firepit/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/etchteam/firepit/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/etchteam%2Ffirepit/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"1.3.3","new_version":"4.2.1","update_type":"major","path":null,"pr_created_at":"2026-01-18T13:21:39.000Z","version_change":"1.3.3 → 4.2.1","issue":{"uuid":"3826778741","node_id":"PR_kwDOAINMDs693EeX","number":1,"state":"closed","title":"Bump the bundler group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-20T01:19:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-18T13:21:39.000Z","updated_at":"2026-02-20T01:19:38.000Z","time_to_close":2807877,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":8,"packages":[{"name":"rake","old_version":"0.9.2.2","new_version":"12.3.3","repository_url":"https://github.com/ruby/rake"},{"name":"rack","old_version":"1.4.1","new_version":"3.2.4","repository_url":"https://github.com/rack/rack"},{"name":"sinatra","old_version":"1.3.3","new_version":"4.2.1","repository_url":"https://github.com/sinatra/sinatra"},{"name":"jekyll","old_version":"0.11.2","new_version":"4.4.1","repository_url":"https://github.com/jekyll/jekyll"},{"name":"RedCloth","old_version":"4.2.9","new_version":"4.3.3","repository_url":"https://github.com/jgarber/redcloth"},{"name":"haml","old_version":"3.1.7","new_version":"5.0.0","repository_url":"https://github.com/haml/haml"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 6 updates in the /spec/test-site directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rake](https://github.com/ruby/rake) | `0.9.2.2` | `12.3.3` |\n| [rack](https://github.com/rack/rack) | `1.4.1` | `3.2.4` |\n| [sinatra](https://github.com/sinatra/sinatra) | `1.3.3` | `4.2.1` |\n| [jekyll](https://github.com/jekyll/jekyll) | `0.11.2` | `4.4.1` |\n| [RedCloth](https://github.com/jgarber/redcloth) | `4.2.9` | `4.3.3` |\n| [haml](https://github.com/haml/haml) | `3.1.7` | `5.0.0` |\n\n\nUpdates `rake` from 0.9.2.2 to 12.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/releases\"\u003erake's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003erake-10.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.3...rake-10.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.2...rake-10.1.0.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.1.0.beta.1...rake-10.1.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.1.0.beta.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.4...rake-10.1.0.beta.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.3...rake-10.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.2...rake-10.0.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.1...rake-10.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\"\u003ehttps://github.com/ruby/rake/compare/rake-10.0.0.beta.2...rake-10.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-10.0.0.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-10.0.0.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.5...rake-0.9.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.5\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.4...rake-0.9.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.3...rake-0.9.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.2...rake-0.9.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.2...rake-0.9.3.beta.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003erake-0.9.3.beta.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\"\u003ehttps://github.com/ruby/rake/compare/rake-0.9.3.beta.1...rake-0.9.3.beta.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rake/blob/master/History.rdoc\"\u003erake's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e=== 12.3.3\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse the application's name in error message if a task is not found.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/303\"\u003e#303\u003c/a\u003e by tmatilai\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse File.open explicitly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.2\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed test fails caused by 2.6 warnings.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/297\"\u003e#297\u003c/a\u003e by hsbt\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRdoc improvements.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/293\"\u003e#293\u003c/a\u003e by colby-swandale\u003c/li\u003e\n\u003cli\u003eImprove multitask performance.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/273\"\u003e#273\u003c/a\u003e by jsm\u003c/li\u003e\n\u003cli\u003eAdd alias \u003ccode\u003eprereqs\u003c/code\u003e.\nPull Request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/268\"\u003e#268\u003c/a\u003e by take-cheeze\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.1\u003c/p\u003e\n\u003cp\u003e==== Bug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport did_you_mean \u0026gt;= v1.2.0 which has a breaking change on formatters.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/262\"\u003e#262\u003c/a\u003e by FUJI Goro.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e==== Enhancements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't run task if it depends on already invoked but failed task.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/252\"\u003e#252\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eMake space trimming consistent for all task arguments.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/259\"\u003e#259\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRemoves duplicated inclusion of Rake::DSL in tests.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/254\"\u003e#254\u003c/a\u003e by Gonzalo Rodriguez.\u003c/li\u003e\n\u003cli\u003eRe-raise a LoadError that didn't come from require in the test loader.\nPull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/250\"\u003e#250\u003c/a\u003e by Dylan Thacker-Smith.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e=== 12.3.0\u003c/p\u003e\n\u003cp\u003e==== Compatibility Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003erequired_ruby_version\u003c/code\u003e to Ruby 2.0.0. Rake has already\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5c87c462b64aad674ebb92b1f5b0ff2c911406cd\"\u003e\u003ccode\u003e5c87c46\u003c/code\u003e\u003c/a\u003e Bump version to 12.3.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee\"\u003e\u003ccode\u003e5b8f8fc\u003c/code\u003e\u003c/a\u003e Use File.open explicitly.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/6497ba4d94d12c123df48cc8ab40f0a4eb7fb337\"\u003e\u003ccode\u003e6497ba4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/317\"\u003e#317\u003c/a\u003e from ruby/ignore-gitignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/be62efb6cdfc2cc00d660f8fc7d6c1c9de8014e2\"\u003e\u003ccode\u003ebe62efb\u003c/code\u003e\u003c/a\u003e Removed gitignore from gemspec files.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/1c22b490ee6cb8bd614fa8d0d6145f671466206b\"\u003e\u003ccode\u003e1c22b49\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/309\"\u003e#309\u003c/a\u003e from RDIL/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/496944a8febd51e20957e6833c7930286a0e9a25\"\u003e\u003ccode\u003e496944a\u003c/code\u003e\u003c/a\u003e Remove deprecated travis ci option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/489c7d863c666b6d287b760527acf3abe13aaf48\"\u003e\u003ccode\u003e489c7d8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/rake/issues/307\"\u003e#307\u003c/a\u003e from ruby/azure-pipelines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77eb6d87cb69c2cc531f72d4aa1948054e9d077f\"\u003e\u003ccode\u003e77eb6d8\u003c/code\u003e\u003c/a\u003e Only enabled macOS environment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/72ffa2ea89f96df2307158fa151825dbb2c28ddf\"\u003e\u003ccode\u003e72ffa2e\u003c/code\u003e\u003c/a\u003e use realpath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rake/commit/77448726bb057c8ba90a8d12ab6e20ad60dac976\"\u003e\u003ccode\u003e7744872\u003c/code\u003e\u003c/a\u003e Do not specify ruby version of macOS\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rake/compare/v0.9.2.2...v12.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 1.4.1 to 3.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.9.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix content-length calcuation in Rack:Response#write \u003ca href=\"https://redirect.github.com/rack/rack/issues/2150\"\u003e#2150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.8...v3.0.9\"\u003ehttps://github.com/rack/rack/compare/v3.0.8...v3.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Fix some unused variable verbose warnings\u0026quot; by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.7...v3.0.8\"\u003ehttps://github.com/rack/rack/compare/v3.0.7...v3.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Make query parameters without = have nil values\u0026quot;. by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2060\"\u003erack/rack#2060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\"\u003ehttps://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.6.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.3...v3.0.4\"\u003ehttps://github.com/rack/rack/compare/v3.0.3...v3.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v3.0.3 by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2000\"\u003erack/rack#2000\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.2...v3.0.3\"\u003ehttps://github.com/rack/rack/compare/v3.0.2...v3.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.1] -- 2025-09-02\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for streaming bodies when using \u003ccode\u003eRack::Events\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix an issue where a \u003ccode\u003eNoMethodError\u003c/code\u003e would be raised when using \u003ccode\u003eRack::Events\u003c/code\u003e with streaming bodies. (\u003ca href=\"https://redirect.github.com/rack/rack/blob/main/redirect.github.com/rack/rack/pull/2375\"\u003e#2375\u003c/a\u003e, \u003ca href=\"https://github.com/unflxw\"\u003e\u003ccode\u003e@​unflxw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.0] - 2025-07-31\u003c/h2\u003e\n\u003cp\u003eThis release continues Rack's evolution toward a cleaner, more efficient foundation while maintaining backward compatibility for most applications. The breaking changes primarily affect deprecated functionality, so most users should experience a smooth upgrade with improved performance and standards compliance.\u003c/p\u003e\n\u003ch3\u003eSPEC Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequest environment keys must now be strings. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2310\"\u003e#2310\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003enil\u003c/code\u003e as a valid return from a Response \u003ccode\u003ebody.to_path\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2318\"\u003e#2318\u003c/a\u003e, [\u003ca href=\"https://github.com/MSP-Greg\"\u003e\u003ccode\u003e@​MSP-Greg\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRack::Lint#check_header_value\u003c/code\u003e is relaxed, only disallowing CR/LF/NUL characters. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2354\"\u003e#2354\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eRack::VERSION\u003c/code\u003e constant. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2199\"\u003e#2199\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eISO-2022-JP\u003c/code\u003e encoded parts within MIME Multipart sections of an HTTP request body will now be converted to \u003ccode\u003eUTF-8\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2245\"\u003e#2245\u003c/a\u003e, \u003ca href=\"https://github.com/nappa\"\u003e\u003ccode\u003e@​nappa\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#query_parser=\u003c/code\u003e to allow setting the query parser to use. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2349\"\u003e#2349\u003c/a\u003e, [\u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRack::Request#form_pairs\u003c/code\u003e to access form data as raw key-value pairs, preserving duplicate keys. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2351\"\u003e#2351\u003c/a\u003e, [\u003ca href=\"https://github.com/matthewd\"\u003e\u003ccode\u003e@​matthewd\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c24539777db8833d78f881680cd245878cfba31\"\u003e\u003ccode\u003e4c24539\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3ba5e4f22f55abac21037bb137e56e5c8e36b673\"\u003e\u003ccode\u003e3ba5e4f\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/32bf8887d00bd86494f0ce08c46cda59a65d332f\"\u003e\u003ccode\u003e32bf888\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f\"\u003e\u003ccode\u003ee179614\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784\"\u003e\u003ccode\u003e57277b7\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/403b74b2441d666845177ce769036e294f663712\"\u003e\u003ccode\u003e403b74b\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fb395bb48925bba30d090938380c4090f5ae53de\"\u003e\u003ccode\u003efb395bb\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bce149b11154e851c437b5ece1c026c943f4b571\"\u003e\u003ccode\u003ebce149b\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3beacfcd494ec5600c9022d561cfa2f556a524d1\"\u003e\u003ccode\u003e3beacfc\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e\"\u003e\u003ccode\u003e589127f\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/1.4.1...v3.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jekyll` from 0.11.2 to 4.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/releases\"\u003ejekyll's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore globbed path behavior in front matter defaults (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9762\"\u003e#9762\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow marking specific highlighted lines via Liquid (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9138\"\u003e#9138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ecsv\u003c/code\u003e to runtime dependency list (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9522\"\u003e#9522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the minimum ruby version to 2.7 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9525\"\u003e#9525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAcknowledge \u003ccode\u003elivereload_port\u003c/code\u003e from site config too (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9606\"\u003e#9606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ebase64\u003c/code\u003e as runtime dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9740\"\u003e#9740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ejson\u003c/code\u003e as runtime_dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9671\"\u003e#9671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unnecessary constraint on gem \u003ccode\u003emercenary\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize default front matter using \u003ccode\u003eFile.fnmatch?\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9185\"\u003e#9185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove totals in profile table properly (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9186\"\u003e#9186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize \u003ccode\u003eSite#each_site_file\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9187\"\u003e#9187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename sass partial created for new blank site (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9257\"\u003e#9257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ejekyll serve --detach\u003c/code\u003e with jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9304\"\u003e#9304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle TypeError from \u003ccode\u003ewhere\u003c/code\u003e filter gracefully (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9292\"\u003e#9292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for upcoming logger 1.4.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9392\"\u003e#9392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typo in devcontainer.json (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9364\"\u003e#9364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect rubocop lint errors (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9600\"\u003e#9600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inexistent layout warning for the default 404 page (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9589\"\u003e#9589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRelax version constraint on \u003ccode\u003ewdm\u003c/code\u003e in new Gemfile (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9662\"\u003e#9662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e--livereload-ignore\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9570\"\u003e#9570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRender theme-gem root only in development (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9680\"\u003e#9680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDevelopment Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup highlight tag (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9177\"\u003e#9177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRun tests in utc (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9168\"\u003e#9168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLock Ruby in CI to v3.1.2 and bump JRuby to v9.4.0.0 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9196\"\u003e#9196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate sass related tests for jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9223\"\u003e#9223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSplit \u003ccode\u003etest/test_tags.rb\u003c/code\u003e into multiple files (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9230\"\u003e#9230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etest: use hash explicitly for Struct initializer for ruby 3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9237\"\u003e#9237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003escript/default-site: accept flags for \u003ccode\u003ejekyll new\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9259\"\u003e#9259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump check-spelling/check-spelling from 0.0.20 to 0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9205\"\u003e#9205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse check-spelling/check-spelling@v0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9199\"\u003e#9199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump RuboCop to v1.45.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9305\"\u003e#9305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump Rubocop to version 1.48.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9326\"\u003e#9326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump versions of ruby \u0026amp; nodejs in devcontainer (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9360\"\u003e#9360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump rubocop version to 1.52.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9361\"\u003e#9361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade RuboCop to 1.54 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9401\"\u003e#9401\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd CodeQL workflow (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9397\"\u003e#9397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9442\"\u003e#9442\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jekyll/jekyll/blob/master/History.markdown\"\u003ejekyll's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.4.1 / 2025-01-29\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore globbed path behavior in front matter defaults (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9762\"\u003e#9762\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.4.0 / 2025-01-27\u003c/h2\u003e\n\u003ch3\u003eMinor Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow marking specific highlighted lines via Liquid (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9138\"\u003e#9138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ecsv\u003c/code\u003e to runtime dependency list (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9522\"\u003e#9522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump the minimum ruby version to 2.7 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9525\"\u003e#9525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAcknowledge \u003ccode\u003elivereload_port\u003c/code\u003e from site config too (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9606\"\u003e#9606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ebase64\u003c/code\u003e as runtime dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9740\"\u003e#9740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd gem \u003ccode\u003ejson\u003c/code\u003e as runtime_dependency (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9671\"\u003e#9671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove unnecessary constraint on gem \u003ccode\u003emercenary\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize default front matter using \u003ccode\u003eFile.fnmatch?\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9185\"\u003e#9185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove totals in profile table properly (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9186\"\u003e#9186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize \u003ccode\u003eSite#each_site_file\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9187\"\u003e#9187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename sass partial created for new blank site (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9257\"\u003e#9257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ejekyll serve --detach\u003c/code\u003e with jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9304\"\u003e#9304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle TypeError from \u003ccode\u003ewhere\u003c/code\u003e filter gracefully (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9292\"\u003e#9292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for upcoming logger 1.4.3 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9392\"\u003e#9392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typo in devcontainer.json (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9364\"\u003e#9364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect rubocop lint errors (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9600\"\u003e#9600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inexistent layout warning for the default 404 page (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9589\"\u003e#9589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRelax version constraint on \u003ccode\u003ewdm\u003c/code\u003e in new Gemfile (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9662\"\u003e#9662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e--livereload-ignore\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9570\"\u003e#9570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRender theme-gem root only in development (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9680\"\u003e#9680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDevelopment Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup highlight tag (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9177\"\u003e#9177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRun tests in utc (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9168\"\u003e#9168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLock Ruby in CI to v3.1.2 and bump JRuby to v9.4.0.0 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9196\"\u003e#9196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate sass related tests for jekyll-sass-converter 3.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9223\"\u003e#9223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSplit \u003ccode\u003etest/test_tags.rb\u003c/code\u003e into multiple files (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9230\"\u003e#9230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etest: use hash explicitly for Struct initializer for ruby 3.2 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9237\"\u003e#9237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003escript/default-site: accept flags for \u003ccode\u003ejekyll new\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9259\"\u003e#9259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump check-spelling/check-spelling from 0.0.20 to 0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9205\"\u003e#9205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse check-spelling/check-spelling@v0.0.21 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9199\"\u003e#9199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump RuboCop to v1.45.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9305\"\u003e#9305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump Rubocop to version 1.48.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9326\"\u003e#9326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump versions of ruby \u0026amp; nodejs in devcontainer (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9360\"\u003e#9360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump rubocop version to 1.52.x (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9361\"\u003e#9361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade RuboCop to 1.54 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9401\"\u003e#9401\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/1f319fb273b6cdf876bc6edd38d7477935cdda8c\"\u003e\u003ccode\u003e1f319fb\u003c/code\u003e\u003c/a\u003e Release :gem: v4.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/c5cd1fb04f071137631302cb69139db5196d4010\"\u003e\u003ccode\u003ec5cd1fb\u003c/code\u003e\u003c/a\u003e Restore globbed path behavior in front matter defaults  (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9762\"\u003e#9762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/33e8a84a0033bf150754a48c4da1ec5eaff89a03\"\u003e\u003ccode\u003e33e8a84\u003c/code\u003e\u003c/a\u003e Add unrecognized words to expected spelling data [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/cda8c3a402841c6b442b24b191be1c7d6849003c\"\u003e\u003ccode\u003ecda8c3a\u003c/code\u003e\u003c/a\u003e Release :gem: v4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/5431c0945b527a188dd592c99ffb1d6a85f6ce65\"\u003e\u003ccode\u003e5431c09\u003c/code\u003e\u003c/a\u003e Update history to reflect merge of \u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9759\"\u003e#9759\u003c/a\u003e [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/e68b3e3e16b4a1e5dbb40db32e1fe90fdf274fd8\"\u003e\u003ccode\u003ee68b3e3\u003c/code\u003e\u003c/a\u003e Add release post for v4.4.0 (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9759\"\u003e#9759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/0cc09f93caa53bf42e01ade0e22307f05e798294\"\u003e\u003ccode\u003e0cc09f9\u003c/code\u003e\u003c/a\u003e Update history to reflect merge of \u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/448b8b55402c7c82fece08387552f8ce68be6c25\"\u003e\u003ccode\u003e448b8b5\u003c/code\u003e\u003c/a\u003e Remove unnecessary constraint on gem \u003ccode\u003emercenary\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9758\"\u003e#9758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/2cf2665d314407e2d1628539b331f46b2dc5a6fb\"\u003e\u003ccode\u003e2cf2665\u003c/code\u003e\u003c/a\u003e Update history to reflect merge of \u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9756\"\u003e#9756\u003c/a\u003e [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jekyll/jekyll/commit/efc2a7433c7f7770e3e8bfaa37675988b24f74c0\"\u003e\u003ccode\u003eefc2a74\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003echeck-spelling/check-spelling\u003c/code\u003e action (\u003ca href=\"https://redirect.github.com/jekyll/jekyll/issues/9756\"\u003e#9756\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jekyll/jekyll/compare/v0.11.2...v4.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `RedCloth` from 4.2.9 to 4.3.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jgarber/redcloth/blob/master/CHANGELOG\"\u003eRedCloth's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e== 4.3.3 / Nov 2nd, 2023\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tests for CVE-2023-31606 [Helio Cola]\u003c/li\u003e\n\u003cli\u003eFix rake compile [Helio Cola and Faria Education Group]\u003c/li\u003e\n\u003cli\u003eFix CVE-2023-31606 (ReDOS possible in the sanitize_html function) [Kornelius Kalnbach and Merbin Russel]\u003c/li\u003e\n\u003cli\u003eImmutable strings [Matijs van Zuijlen]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.2 / May 23rd, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.1 / May 17th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix additional case for CVE-2012-6684 [Joshua Siler]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.3.0 / April 29th, 2016\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove JRuby and Windows cross compilation and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd Ruby 2.2.3 testing and support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003einclude CVE-2012-6684 fix [Tomas Pospisek]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix by [Antonio Terceiro]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\"\u003ehttp://sources.debian.net/src/ruby-redcloth/4.2.9-4/debian/patches/0001-Filter-out-javascript-links-when-using-filter_html-o.patch/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003evulnerability reported by [Kousuke Ebihara]\n\u003cul\u003e\n\u003cli\u003esee \u003ca href=\"http://co3k.org/blog/redcloth-unfixed-xss-en\"\u003ehttp://co3k.org/blog/redcloth-unfixed-xss-en\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e== 4.2.9.1 / February 24, 2015\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLazy-load latex_entities.yml [Charlie Somerville]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8297da8aa071b3bf1584738229f277833bd20c49\"\u003e\u003ccode\u003e8297da8\u003c/code\u003e\u003c/a\u003e 4.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/2600d93ff164a5244cec86a3047619ae8b4e4b04\"\u003e\u003ccode\u003e2600d93\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/80\"\u003e#80\u003c/a\u003e from jgarber/tests/CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ac10b687041e12cb49a196acf79687d6f596114e\"\u003e\u003ccode\u003eac10b68\u003c/code\u003e\u003c/a\u003e Add tests for CVE-2023-31606\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4e85481aca18e50fcd17ad432234e0af8245b080\"\u003e\u003ccode\u003e4e85481\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/78\"\u003e#78\u003c/a\u003e from jgarber/fix/build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/ccdd54dd68810f8ccd0c9b11c301d883240fcd22\"\u003e\u003ccode\u003eccdd54d\u003c/code\u003e\u003c/a\u003e Fix rake compile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/8b1327688fef8e6617792054ef299d7bc74c0a1e\"\u003e\u003ccode\u003e8b13276\u003c/code\u003e\u003c/a\u003e Fix CVE-2023-31606 (ReDOS possible in the sanitize_html function) (\u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/75\"\u003e#75\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/dd7ee6caaa6c899f4d5389c1b2fe4a17f1e5f326\"\u003e\u003ccode\u003edd7ee6c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/47\"\u003e#47\u003c/a\u003e from greggawatt/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/5c9b35c3f8af989cf2a8d22f1bb9d8140641cd5b\"\u003e\u003ccode\u003e5c9b35c\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/c34fa195ca540b2bea84d9cfe1813e070e4ed154\"\u003e\u003ccode\u003ec34fa19\u003c/code\u003e\u003c/a\u003e Update README.rdoc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber/redcloth/commit/4808b36d7063a7cfade89378d879a9134cd30a3e\"\u003e\u003ccode\u003e4808b36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jgarber/redcloth/issues/38\"\u003e#38\u003c/a\u003e from mvz/immutable-strings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jgarber/redcloth/compare/v4.2.9...v4.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `haml` from 3.1.7 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/haml/haml/blob/main/CHANGELOG.md\"\u003ehaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eReleased on April 26, 2017\n(\u003ca href=\"https://github.com/haml/haml/compare/4.0.7...v5.0.0\"\u003ediff\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eBreaking Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHaml now requires Ruby 2.0.0 or above.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRails 3 is no longer supported, matching the official\n\u003ca href=\"http://weblog.rubyonrails.org/2013/2/24/maintenance-policy-for-ruby-on-rails/\"\u003eMaintenance Policy for Ruby on Rails\u003c/a\u003e.\nUse Haml 4 if you want to use Rails 3.\n(Tee Parham)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003e:ugly\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/haml/haml/pull/894\"\u003e#894\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003ehaml\u003c/code\u003e command's debug option (\u003ccode\u003e-d\u003c/code\u003e) no longer executes the Haml code, but\nrather checks the generated Ruby syntax for errors.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop parser/compiler accessor from \u003ccode\u003eHaml::Engine\u003c/code\u003e. Modify \u003ccode\u003eHaml::Engine#initialize\u003c/code\u003e options\nor \u003ccode\u003eHaml::Template.options\u003c/code\u003e instead. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop dynamic quotes support and always escape \u003ccode\u003e'\u003c/code\u003e for \u003ccode\u003eescape_html\u003c/code\u003e/\u003ccode\u003eescape_attrs\u003c/code\u003e instead.\nAlso, escaped results are slightly changed and always unified to the same characters. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't preserve newlines in attributes. (Takashi Kokubun)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTML escape interpolated code in filters.\n\u003ca href=\"https://redirect.github.com/haml/haml/pull/770\"\u003e#770\u003c/a\u003e\n(Matt Wildig)\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e  :javascript\n    #{JSON.generate(foo: \u0026quot;bar\u0026quot;)}\n  Haml 4 output: {\u0026quot;foo\u0026quot;:\u0026quot;bar\u0026quot;}\n  Haml 5 output: {\u0026amp;quot;foo\u0026amp;quot;:\u0026amp;quot;bar\u0026amp;quot;}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAdded\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a tracing option. When enabled, Haml will output a data-trace attribute on each tag showing the path\nto the source Haml file from which it was generated. Thanks \u003ca href=\"https://github.com/ababkin\"\u003eAlex Babkin\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehaml_tag_if\u003c/code\u003e to render a block, conditionally wrapped in another element (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eSupport Rails 5.1 Erubi template handler.\u003c/li\u003e\n\u003cli\u003eSupport Sprockets 3. Thanks \u003ca href=\"https://github.com/samphilipd\"\u003eSam Davies\u003c/a\u003e and \u003ca href=\"https://github.com/jvenezia\"\u003eJeremy Venezia\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eGeneral performance and memory usage improvements. (Akira Matsuda)\u003c/li\u003e\n\u003cli\u003eAnalyze attribute values by Ripper and render static attributes beforehand. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eOptimize attribute rendering about 3x faster. (Takashi Kokubun)\u003c/li\u003e\n\u003cli\u003eAdd temple gem as dependency and create \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e class.\nSome methods in \u003ccode\u003eHaml::Compiler\u003c/code\u003e are migrated to \u003ccode\u003eHaml::TempleEngine\u003c/code\u003e. (Takashi Kokubun)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFixed\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for attribute merging. When an attribute method (or literal nested hash)\nwas used in an old style attribute hash and there is also a (non-static) new\nstyle hash there is an error. The fix can result in different behavior in\nsome circumstances. See the \u003ca href=\"https://github.com/haml/haml/tree/e475b015d3171fb4c4f140db304f7970c787d6e3\"\u003ecommit message\u003c/a\u003e\nfor detailed info. (Matt Wildig)\u003c/li\u003e\n\u003cli\u003eMake escape_once respect hexadecimal references. (Matt Wildig)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/78e2a09d3b8c6f7cdb3bb87ff84dce8fad5598ac\"\u003e\u003ccode\u003e78e2a09\u003c/code\u003e\u003c/a\u003e Version 5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/e5d6409bad6da77c697efc924c36ad2c5405b680\"\u003e\u003ccode\u003ee5d6409\u003c/code\u003e\u003c/a\u003e Note about \u003ca href=\"https://redirect.github.com/haml/haml/issues/770\"\u003e#770\u003c/a\u003e in Haml 5 changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/1bac6f902fe7683317b46ddcf0fdbbab6ffcd0da\"\u003e\u003ccode\u003e1bac6f9\u003c/code\u003e\u003c/a\u003e Remove JRuby from allow_failures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/d45c2d44b6b993ae7d54634948d69c2951d6dda3\"\u003e\u003ccode\u003ed45c2d4\u003c/code\u003e\u003c/a\u003e Add backslash for @ to support JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/8f207073c2e0e2bc296f18424b3fec3dfe659674\"\u003e\u003ccode\u003e8f20707\u003c/code\u003e\u003c/a\u003e Enable frozen_string_literal pragma if possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/a6bb25529a5df92b355f8e4b2a712c2aa3ff1b26\"\u003e\u003ccode\u003ea6bb255\u003c/code\u003e\u003c/a\u003e Oops, this was not intentional...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/aa4c397410312ab3c3ee6191110f5e595e5eea00\"\u003e\u003ccode\u003eaa4c397\u003c/code\u003e\u003c/a\u003e Fix spec in \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e for pretty mode removal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/11af7954f3e9ba5e21924c11c49773cacc18eeb2\"\u003e\u003ccode\u003e11af795\u003c/code\u003e\u003c/a\u003e Fallback to default value of preserve option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/bbbeb7ea8ade64fec20de4e0254040a229bdda0e\"\u003e\u003ccode\u003ebbbeb7e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG to include \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haml/haml/commit/ed7f24f1dc63c38f3d143289262266cbf59a9f1f\"\u003e\u003ccode\u003eed7f24f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/haml/haml/issues/867\"\u003e#867\u003c/a\u003e from redoPop/atful-css\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/haml/haml/compare/3.1.7...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 1.3.3 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.3.3...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kramdown` from 0.14.0 to 2.5.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gettalong/kramdown/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack-protection` from 1.2.0 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003erack-protection's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/7b50a1bbb5324838908dfaa00ec53ad322673a29\"\u003e\u003ccode\u003e7b50a1b\u003c/code\u003e\u003c/a\u003e 4.1.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2068\"\u003e#2068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/73f3291d114b5b211e067263eeb9c0e197fe8500\"\u003e\u003ccode\u003e73f3291\u003c/code\u003e\u003c/a\u003e 4.1.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2063\"\u003e#2063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cd3e00de20ddaff34ea30f7a74a7b9dad189d1d8\"\u003e\u003ccode\u003ecd3e00d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eHostAuthorization\u003c/code\u003e rack-protection middleware (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2053\"\u003e#2053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a55850\u003c/code\u003e\u003c/a\u003e Remove WEBrick\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/319af3a298cb8278670f285b6c02df0fd084615d\"\u003e\u003ccode\u003e319af3a\u003c/code\u003e\u003c/a\u003e Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/8d0095fc8c37f39d41caf74637da72c1ac952299\"\u003e\u003ccode\u003e8d0095f\u003c/code\u003e\u003c/a\u003e Adjust \u003ccode\u003eCookieTossing\u003c/code\u003e spec for Rack 3.1+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5640495babcb4cfd69ba650b293660b7446402da\"\u003e\u003ccode\u003e5640495\u003c/code\u003e\u003c/a\u003e Fix typos in changelog, readme and code comments (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/1.2.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lilith/link-checker/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/lilith/link-checker/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lilith%2Flink-checker/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"4.1.1","new_version":"4.2.1","update_type":"minor","path":null,"pr_created_at":"2026-01-07T03:07:59.000Z","version_change":"4.1.1 → 4.2.1","issue":{"uuid":"3787187600","node_id":"PR_kwDODLuhc86707-p","number":1031,"state":"closed","title":"Bump the bundler group across 1 directory with 70 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-14T03:09:07.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-07T03:07:59.000Z","updated_at":"2026-01-14T03:09:09.000Z","time_to_close":604868,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":70,"packages":[{"name":"rails","old_version":"8.0.3","new_version":"8.1.1","repository_url":"https://github.com/rails/rails"},{"name":"pg","old_version":"1.6.2","new_version":"1.6.3","repository_url":"https://github.com/ged/ruby-pg"},{"name":"puma","old_version":"7.0.4","new_version":"7.1.0","repository_url":"https://github.com/puma/puma"},{"name":"bootsnap","old_version":"1.18.6","new_version":"1.20.1","repository_url":"https://github.com/rails/bootsnap"},{"name":"faker","old_version":"3.5.2","new_version":"3.5.3","repository_url":"https://github.com/faker-ruby/faker"},{"name":"faraday","old_version":"2.13.4","new_version":"2.14.0","repository_url":"https://github.com/lostisland/faraday"},{"name":"oauth2","old_version":"2.0.17","new_version":"2.0.18","repository_url":"https://github.com/ruby-oauth/oauth2"},{"name":"dotenv-rails","old_version":"3.1.8","new_version":"3.2.0","repository_url":"https://github.com/bkeepers/dotenv"},{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.1","repository_url":"https://github.com/sinatra/sinatra"},{"name":"vcr","old_version":"6.3.1","new_version":"6.4.0","repository_url":"https://github.com/vcr/vcr"},{"name":"webmock","old_version":"3.25.1","new_version":"3.26.1","repository_url":"https://github.com/bblimke/webmock"},{"name":"brakeman","old_version":"7.1.0","new_version":"7.1.2","repository_url":"https://github.com/presidentbeef/brakeman"},{"name":"shoulda-matchers","old_version":"6.5.0","new_version":"7.0.1","repository_url":"https://github.com/thoughtbot/shoulda-matchers"},{"name":"dry-core","old_version":"1.1.0","new_version":"1.2.0","repository_url":"https://github.com/dry-rb/dry-core"},{"name":"factory_bot","old_version":"6.5.5","new_version":"6.5.6","repository_url":"https://github.com/thoughtbot/factory_bot"},{"name":"ffi","old_version":"1.17.2","new_version":"1.17.3","repository_url":"https://github.com/ffi/ffi"},{"name":"parser","old_version":"3.3.9.0","new_version":"3.3.10.0","repository_url":"https://github.com/whitequark/parser"},{"name":"rspec","old_version":"3.13.1","new_version":"3.13.2","repository_url":"https://github.com/rspec/rspec"},{"name":"unicode-emoji","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/janlelis/unicode-emoji"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rails](https://github.com/rails/rails) | `8.0.3` | `8.1.1` |\n| [pg](https://github.com/ged/ruby-pg) | `1.6.2` | `1.6.3` |\n| [puma](https://github.com/puma/puma) | `7.0.4` | `7.1.0` |\n| [bootsnap](https://github.com/rails/bootsnap) | `1.18.6` | `1.20.1` |\n| [faker](https://github.com/faker-ruby/faker) | `3.5.2` | `3.5.3` |\n| [faraday](https://github.com/lostisland/faraday) | `2.13.4` | `2.14.0` |\n| [oauth2](https://github.com/ruby-oauth/oauth2) | `2.0.17` | `2.0.18` |\n| [dotenv-rails](https://github.com/bkeepers/dotenv) | `3.1.8` | `3.2.0` |\n| [sinatra](https://github.com/sinatra/sinatra) | `4.1.1` | `4.2.1` |\n| [vcr](https://github.com/vcr/vcr) | `6.3.1` | `6.4.0` |\n| [webmock](https://github.com/bblimke/webmock) | `3.25.1` | `3.26.1` |\n| [brakeman](https://github.com/presidentbeef/brakeman) | `7.1.0` | `7.1.2` |\n| [shoulda-matchers](https://github.com/thoughtbot/shoulda-matchers) | `6.5.0` | `7.0.1` |\n| [dry-core](https://github.com/dry-rb/dry-core) | `1.1.0` | `1.2.0` |\n| [factory_bot](https://github.com/thoughtbot/factory_bot) | `6.5.5` | `6.5.6` |\n| [ffi](https://github.com/ffi/ffi) | `1.17.2` | `1.17.3` |\n| [parser](https://github.com/whitequark/parser) | `3.3.9.0` | `3.3.10.0` |\n| [rspec](https://github.com/rspec/rspec) | `3.13.1` | `3.13.2` |\n| [unicode-emoji](https://github.com/janlelis/unicode-emoji) | `4.1.0` | `4.2.0` |\n\n\nUpdates `rails` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003erails's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ce0ce1ca2da1d36cdc149a72a777a956ea45dc7\"\u003e\u003ccode\u003e0ce0ce1\u003c/code\u003e\u003c/a\u003e Upgrade sigstore gem to 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/271acd57d1430be8c92fbd8f19a2069e62425803\"\u003e\u003ccode\u003e271acd5\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7574698226c364ab98e69188539e2cf27517ef1f\"\u003e\u003ccode\u003e7574698\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56020\"\u003e#56020\u003c/a\u003e from harsh183/hd/getting_started/fix_line_num_typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/89cb7bff192ce71267ae76f38942ca8f306ce273\"\u003e\u003ccode\u003e89cb7bf\u003c/code\u003e\u003c/a\u003e Fix railties/CHANGELOG.md offense at 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7919bdab44688f1e7f121bc36a76169787cdfe60\"\u003e\u003ccode\u003e7919bda\u003c/code\u003e\u003c/a\u003e Restore header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f007f9ca53448379246a1901b213bd57955af26c\"\u003e\u003ccode\u003ef007f9c\u003c/code\u003e\u003c/a\u003e Disable SSL default config for out of the box Kamal deployments (\u003ca href=\"https://redirect.github.com/rails/rails/issues/56010\"\u003e#56010\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/234b56973bb453bb50850a1be07a2fcad7331592\"\u003e\u003ccode\u003e234b569\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56008\"\u003e#56008\u003c/a\u003e from chaadow/fix_nesting_loop_rails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/21a8742bb6bb5720f0e67d67fe26874598d1afbe\"\u003e\u003ccode\u003e21a8742\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55992\"\u003e#55992\u003c/a\u003e from jsharpify/jsharpify-reduce-deprecation-warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a7ba88b04e935d2a9cbc205382d6cd7c514f425c\"\u003e\u003ccode\u003ea7ba88b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56001\"\u003e#56001\u003c/a\u003e from hachi8833/update_wishlists\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pg` from 1.6.2 to 1.6.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ged/ruby-pg/blob/master/CHANGELOG.md\"\u003epg's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.3 [2025-12-29] Lars Kanis \u003ca href=\"mailto:lars@greiz-reinsdorf.de\"\u003elars@greiz-reinsdorf.de\u003c/a\u003e\u003c/h2\u003e\n\u003cp\u003eAdded:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd binary gems for ruby-4.0, now providing ruby-3.0 to 4.0. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/682\"\u003e#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate fat binary gem to OpenSSL-3.6.0 and PostgreSQL-18.1.\u003c/li\u003e\n\u003cli\u003eImprove documentation of PG::Result and README. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/676\"\u003e#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate errorcodes to PostgreSQL-18.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003erb_hash_new_capa\u003c/code\u003e on Ruby-3.2+ . \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/674\"\u003e#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeny any server communication on a frozen PG::Connection . \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/677\"\u003e#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix possible race condition in PG::Result in Ractor context. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/674\"\u003e#674\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop binary gem support for platform \u003ccode\u003ex86-mingw32\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/682\"\u003e#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop binary gems for ruby-2.7.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/d4539c25dcc89d47088e1423f8d1915c041920f5\"\u003e\u003ccode\u003ed4539c2\u003c/code\u003e\u003c/a\u003e Bump VERSION to pg-1.6.3 and add release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/720900dbb9d16aa855793146f15c3772e14f627a\"\u003e\u003ccode\u003e720900d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/682\"\u003e#682\u003c/a\u003e from larskanis/ruby-4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/f605b5937093884089109c8baa5fe268fc513eaf\"\u003e\u003ccode\u003ef605b59\u003c/code\u003e\u003c/a\u003e Remove x86-mingw32 from binary builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/5c690006ba158da70d73d939a233cf75ecdd30ef\"\u003e\u003ccode\u003e5c69000\u003c/code\u003e\u003c/a\u003e Update to ruby-4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/2acaf3d0f76334e056229efe260e1f558a8c6b42\"\u003e\u003ccode\u003e2acaf3d\u003c/code\u003e\u003c/a\u003e CI: workaround missing ruby-4.0 on Window\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/b500ded81127963603e1f724e82bed649c9ca8a1\"\u003e\u003ccode\u003eb500ded\u003c/code\u003e\u003c/a\u003e fix comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/bc3f2f8b1110e9bcb225d65554e1a7fc842d0506\"\u003e\u003ccode\u003ebc3f2f8\u003c/code\u003e\u003c/a\u003e CI: Macos-13 on Intel is deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/77667eb4313bd7b79356f402b0fa7fba409483b8\"\u003e\u003ccode\u003e77667eb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ged/ruby-pg/issues/678\"\u003e#678\u003c/a\u003e from larskanis/ci-update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/6e52ce504d05c5359d55f45d9580672103263b54\"\u003e\u003ccode\u003e6e52ce5\u003c/code\u003e\u003c/a\u003e CI: Update PostgreSQL on Macos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ged/ruby-pg/commit/6d40f50e51a037022495fe6d98181435652464ff\"\u003e\u003ccode\u003e6d40f50\u003c/code\u003e\u003c/a\u003e CI: Print mkmf.log on failure on Macos\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ged/ruby-pg/compare/v1.6.2...v1.6.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `puma` from 7.0.4 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/puma/puma/releases\"\u003epuma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003e7.1.0 / 2025-10-16 - Neon Witch\u003c/h2\u003e\n\u003cp\u003e\u003cimg src=\"https://github.com/user-attachments/assets/6f013211-35fb-46ce-84d8-00794e020294\" alt=\"neon_witch\" /\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eafter_worker_shutdown\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3707\"\u003e#3707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReintroduce keepalive \u0026quot;fast inline\u0026quot; behavior. Provides faster (8x on JRuby \u0026amp; 1.4x on Ruby) pipeline processing  (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3794\"\u003e#3794\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSkip reading zero bytes when request body is buffered (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3795\"\u003e#3795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e logging twice with prune_bundler enabled (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3778\"\u003e#3778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix prune_bundler not showing in \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e output (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3779\"\u003e#3779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGuard ThreadPool method call, which may be nil during shutdown (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3791\"\u003e#3791\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/puma/puma/issues/3790\"\u003e#3790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eThread.current.puma_server\u003c/code\u003e in Thread init code, not every request (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3774\"\u003e#3774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix race condition while deleting pidfile (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3657\"\u003e#3657\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nerdrew\"\u003e\u003ccode\u003e@​nerdrew\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3707\"\u003epuma/puma#3707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mopp\"\u003e\u003ccode\u003e@​mopp\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3783\"\u003epuma/puma#3783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/marksmith\"\u003e\u003ccode\u003e@​marksmith\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3657\"\u003epuma/puma#3657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Nymuxyzo\"\u003e\u003ccode\u003e@​Nymuxyzo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/puma/puma/pull/3762\"\u003epuma/puma#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/puma/puma/compare/v7.0.4...v7.1.0\"\u003ehttps://github.com/puma/puma/compare/v7.0.4...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/puma/puma/blob/main/History.md\"\u003epuma's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.1.0 / 2025-10-16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce \u003ccode\u003eafter_worker_shutdown\u003c/code\u003e hook (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3707\"\u003e#3707\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReintroduce keepalive \u0026quot;fast inline\u0026quot; behavior. Provides faster (8x on JRuby \u0026amp; 1.4x on Ruby) pipeline processing  (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3794\"\u003e#3794\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSkip reading zero bytes when request body is buffered (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3795\"\u003e#3795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e logging twice with prune_bundler enabled (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3778\"\u003e#3778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix prune_bundler not showing in \u003ccode\u003ePUMA_LOG_CONFIG=1\u003c/code\u003e output (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3779\"\u003e#3779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGuard ThreadPool method call, which may be nil during shutdown (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3791\"\u003e#3791\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/puma/puma/issues/3790\"\u003e#3790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eThread.current.puma_server\u003c/code\u003e in Thread init code, not every request (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3774\"\u003e#3774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix race condition while deleting pidfile (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3657\"\u003e#3657\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/fb2a0733e938c8786e033f22dc5bf66727dddb3a\"\u003e\u003ccode\u003efb2a073\u003c/code\u003e\u003c/a\u003e v7.1.0 (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3797\"\u003e#3797\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/4edb9e9b16835aa24bd037a88dad4d34a76952e4\"\u003e\u003ccode\u003e4edb9e9\u003c/code\u003e\u003c/a\u003e \u003ccode\u003eclient.rb\u003c/code\u003e - \u003ccode\u003eread_body\u003c/code\u003e - cleanup last lines of method (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3798\"\u003e#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/84a568ab1c4d0c5cd0d29a167f5facba9699a35c\"\u003e\u003ccode\u003e84a568a\u003c/code\u003e\u003c/a\u003e Update wait_for_less_busy_worker docs (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3757\"\u003e#3757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/e59a6049c3fc08ac2bd906a10d199bdf3949eb04\"\u003e\u003ccode\u003ee59a604\u003c/code\u003e\u003c/a\u003e Initialize only essential \u003ccode\u003eLauncher\u003c/code\u003e state before \u003ccode\u003eprune_bundler\u003c/code\u003e restart (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/6844de7c4f2503751bad5e9c141de2bdb067f452\"\u003e\u003ccode\u003e6844de7\u003c/code\u003e\u003c/a\u003e client.rb - Skip reading zero bytes when request body is buffered (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3795\"\u003e#3795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/1d3d6b792cdc870171d27cafbd0b7ceaf5e2dfb7\"\u003e\u003ccode\u003e1d3d6b7\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003eThread.current.puma_server\u003c/code\u003e in Thread init code, not every request (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3774\"\u003e#3774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/9b34cde2c5ddf7fd65bfd5f8aea811659226662e\"\u003e\u003ccode\u003e9b34cde\u003c/code\u003e\u003c/a\u003e Adding syntax highlighting in k8s docs (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3782\"\u003e#3782\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/a2bd2f63476a719faa02eacac94b274d0cee1f6d\"\u003e\u003ccode\u003ea2bd2f6\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eprune_bundler\u003c/code\u003e to \u003ccode\u003eConfiguration::DEFAULTS\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3779\"\u003e#3779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/d7a0854a39bbb3f06f12c4a180e42ee6d36f7985\"\u003e\u003ccode\u003ed7a0854\u003c/code\u003e\u003c/a\u003e ci: Update hey benchmark files, minor fixes and formatting (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3796\"\u003e#3796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/puma/puma/commit/ff08099b1fc702093261a90e92da09feb577c683\"\u003e\u003ccode\u003eff08099\u003c/code\u003e\u003c/a\u003e ci: Update Update test/rackup/sleep_fibonacci.ru, add test script (\u003ca href=\"https://redirect.github.com/puma/puma/issues/3793\"\u003e#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/puma/puma/compare/v7.0.4...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionpack` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/actionpack/CHANGELOG.md\"\u003eactionpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSubmit test requests using \u003ccode\u003eas: :html\u003c/code\u003e with \u003ccode\u003eContent-Type: x-www-form-urlencoded\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSean Doyle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd link-local IP ranges to \u003ccode\u003eActionDispatch::RemoteIp\u003c/code\u003e default proxies.\u003c/p\u003e\n\u003cp\u003eLink-local addresses (\u003ccode\u003e169.254.0.0/16\u003c/code\u003e for IPv4 and \u003ccode\u003efe80::/10\u003c/code\u003e for IPv6)\nare now included in the default trusted proxy list, similar to private IP ranges.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAdam Daniels\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eremote_ip\u003c/code\u003e will no longer ignore IPs in X-Forwarded-For headers if they\nare accompanied by port information.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDuncan Brown\u003c/em\u003e, \u003cem\u003ePrevenios Marinos\u003c/em\u003e, \u003cem\u003eMasafumi Koba\u003c/em\u003e, \u003cem\u003eAdam Daniels\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eaction_dispatch.verbose_redirect_logs\u003c/code\u003e setting that logs where redirects were called from.\u003c/p\u003e\n\u003cp\u003eSimilar to \u003ccode\u003eactive_record.verbose_query_logs\u003c/code\u003e and \u003ccode\u003eactive_job.verbose_enqueue_logs\u003c/code\u003e, this adds a line in your logs that shows where a redirect was called from.\u003c/p\u003e\n\u003cp\u003eExample:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eRedirected to http://localhost:3000/posts/1\n↳ app/controllers/posts_controller.rb:32:in `block (2 levels) in create'\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eDennis Paagman\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd engine route filtering and better formatting in \u003ccode\u003ebin/rails routes\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAllow engine routes to be filterable in the routing inspector, and\nimprove formatting of engine routing output.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/271acd57d1430be8c92fbd8f19a2069e62425803\"\u003e\u003ccode\u003e271acd5\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/df9f43214c637c54773581c85c910b356b16fa44\"\u003e\u003ccode\u003edf9f432\u003c/code\u003e\u003c/a\u003e Allow methods starting with underscore to be action methods.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/62a109a53f1471274a150a267239441d0592f389\"\u003e\u003ccode\u003e62a109a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55947\"\u003e#55947\u003c/a\u003e from c0nspiracy/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0777f23945aa498c280279b16091789b402daa64\"\u003e\u003ccode\u003e0777f23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55921\"\u003e#55921\u003c/a\u003e from skipkayhil/hm-ykpyzlmxovpttksv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4663af7e5c5263fa7b5ec5cdd529fc0c357ae037\"\u003e\u003ccode\u003e4663af7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55922\"\u003e#55922\u003c/a\u003e from Shopify/event_subscriber_additionss\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ca45ef19a745b1283ba3bf6b1076c998a3e559e4\"\u003e\u003ccode\u003eca45ef1\u003c/code\u003e\u003c/a\u003e Remove mention of raise_on_open_redirects from doc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe BEGIN template annotation/comment was previously printed on the same line as the following element. We now insert a newline inside the comment so it spans two lines without adding visible whitespace to the HTML output to enhance readability.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;!-- BEGIN /Users/siaw23/Desktop/rails/actionview/test/fixtures/actionpack/test/greeting.html.erb --\u0026gt;\u0026lt;p\u0026gt;This is grand!\u0026lt;/p\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;!-- BEGIN /Users/siaw23/Desktop/rails/actionview/test/fixtures/actionpack/test/greeting.html.erb\n--\u0026gt;\u0026lt;p\u0026gt;This is grand!\u0026lt;/p\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eEmmanuel Hayford\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd structured events for Action View:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_template\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_partial\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_layout\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_collection\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eaction_view.render_start\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eGannon McGibbon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix label with \u003ccode\u003efor\u003c/code\u003e option not getting prefixed by form \u003ccode\u003enamespace\u003c/code\u003e value\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAbeid Ahmed\u003c/em\u003e, \u003cem\u003eHartley McGuire\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003efetchpriority\u003c/code\u003e to Link headers to match HTML generated by \u003ccode\u003epreload_link_tag\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGuillermo Iguaran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd CSP \u003ccode\u003enonce\u003c/code\u003e to Link headers generated by \u003ccode\u003epreload_link_tag\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAlexander Gitter\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ecurrent_page?\u003c/code\u003e to match against specific HTTP method(s) with a \u003ccode\u003emethod:\u003c/code\u003e option.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eBen Sheldon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eautocomplete=\u0026quot;off\u0026quot;\u003c/code\u003e on hidden inputs generated by the following\ntags:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/271acd57d1430be8c92fbd8f19a2069e62425803\"\u003e\u003ccode\u003e271acd5\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ae6c5a23948f0a5c02a19ce625048b4579eace7d\"\u003e\u003ccode\u003eae6c5a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55989\"\u003e#55989\u003c/a\u003e from rails/rm-fix-remove_hidden_field_autocomplete\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1ace68361ed9e87fecbf32604c087d096f7b7f8a\"\u003e\u003ccode\u003e1ace683\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.rc1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d6f9f62d49750fee6a45f3672e2227d5c4198a62\"\u003e\u003ccode\u003ed6f9f62\u003c/code\u003e\u003c/a\u003e Make the Structured Event Subscriber emit events in format that are useful fo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4ae5bfc3a04db36d0f274b272eb68d6136ffb63b\"\u003e\u003ccode\u003e4ae5bfc\u003c/code\u003e\u003c/a\u003e Place template annotation on a separate line\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7d12071e9fe94bd5c01a488ef61718fe88de65b4\"\u003e\u003ccode\u003e7d12071\u003c/code\u003e\u003c/a\u003e Micro optimize ActiveRecord::RuntimeRegistry\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activemodel` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivemodel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/activemodel/CHANGELOG.md\"\u003eactivemodel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003ereset_token: { expires_in: ... }\u003c/code\u003e option to \u003ccode\u003ehas_secure_password\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAllows configuring the expiry duration of password reset tokens (default remains 15 minutes for backwards compatibility).\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003ehas_secure_password reset_token: { expires_in: 1.hour }\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJevin Sew\u003c/em\u003e, \u003cem\u003eAbeid Ahmed\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eexcept_on:\u003c/code\u003e option for validation callbacks.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eBen Sheldon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBackport \u003ccode\u003eActiveRecord::Normalization\u003c/code\u003e to \u003ccode\u003eActiveModel::Attributes::Normalization\u003c/code\u003e\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eclass User\n  include ActiveModel::Attributes\n  include ActiveModel::Attributes::Normalization\n\u003cp\u003eattribute :email, :string\u003c/p\u003e\n\u003cp\u003enormalizes :email, with: -\u0026gt; email { email.strip.downcase }\u003cbr /\u003e\nend\u003c/p\u003e\n\u003cp\u003euser = User.new\u003cbr /\u003e\nuser.email =    \u0026quot; \u003ca href=\"mailto:CRUISE-CONTROL@EXAMPLE.COM\"\u003eCRUISE-CONTROL@EXAMPLE.COM\u003c/a\u003e\\n\u0026quot;\u003cbr /\u003e\nuser.email # =\u0026gt; \u0026quot;\u003ca href=\"mailto:cruise-control@example.com\"\u003ecruise-control@example.com\u003c/a\u003e\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSean Doyle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease check \u003ca href=\"https://github.com/rails/rails/blob/8-0-stable/activemodel/CHANGELOG.md\"\u003e8-0-stable\u003c/a\u003e for previous changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1ace68361ed9e87fecbf32604c087d096f7b7f8a\"\u003e\u003ccode\u003e1ace683\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.rc1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b182bc607041b640f1e5f51e678f3ca4ab077920\"\u003e\u003ccode\u003eb182bc6\u003c/code\u003e\u003c/a\u003e Give credit to the first author of this feature\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d0486d0aefc8a487a20a582868df7e0662fd3520\"\u003e\u003ccode\u003ed0486d0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55574\"\u003e#55574\u003c/a\u003e from jevin/feature/reset-password-token-duration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee29930f58bf125763aeecedaa5048d95f3f1d4b\"\u003e\u003ccode\u003eee29930\u003c/code\u003e\u003c/a\u003e ActiveModel::SecurePassword: configurable reset token expiry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2446a70b0eee6424c90e5a262600c337006096ad\"\u003e\u003ccode\u003e2446a70\u003c/code\u003e\u003c/a\u003e Removing the string option for validations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/80827ca7ff33ca3026f2c74fe8249ccc6f513318\"\u003e\u003ccode\u003e80827ca\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.beta1 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activerecord` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/activerecord/CHANGELOG.md\"\u003eactiverecord's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix SQLite3 data loss during table alterations with CASCADE foreign keys.\u003c/p\u003e\n\u003cp\u003eWhen altering a table in SQLite3 that is referenced by child tables with\n\u003ccode\u003eON DELETE CASCADE\u003c/code\u003e foreign keys, ActiveRecord would silently delete all\ndata from the child tables. This occurred because SQLite requires table\nrecreation for schema changes, and during this process the original table\nis temporarily dropped, triggering CASCADE deletes on child tables.\u003c/p\u003e\n\u003cp\u003eThe root cause was incorrect ordering of operations. The original code\nwrapped \u003ccode\u003edisable_referential_integrity\u003c/code\u003e inside a transaction, but\n\u003ccode\u003ePRAGMA foreign_keys\u003c/code\u003e cannot be modified inside a transaction in SQLite -\nattempting to do so simply has no effect. This meant foreign keys remained\nenabled during table recreation, causing CASCADE deletes to fire.\u003c/p\u003e\n\u003cp\u003eThe fix reverses the order to follow the official SQLite 12-step ALTER TABLE\nprocedure: \u003ccode\u003edisable_referential_integrity\u003c/code\u003e now wraps the transaction instead\nof being wrapped by it. This ensures foreign keys are properly disabled\nbefore the transaction starts and re-enabled after it commits, preventing\nCASCADE deletes while maintaining data integrity through atomic transactions.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRuy Rocha\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd replicas to test database parallelization setup.\u003c/p\u003e\n\u003cp\u003eSetup and configuration of databases for parallel testing now includes replicas.\u003c/p\u003e\n\u003cp\u003eThis fixes an issue when using a replica database, database selector middleware,\nand non-transactional tests, where integration tests running in parallel would select\nthe base test database, i.e. \u003ccode\u003edb_test\u003c/code\u003e, instead of the numbered parallel worker database,\ni.e. \u003ccode\u003edb_test_{n}\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAdam Maas\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport virtual (not persisted) generated columns on PostgreSQL 18+\u003c/p\u003e\n\u003cp\u003ePostgreSQL 18 introduces virtual (not persisted) generated columns,\nwhich are now the default unless the \u003ccode\u003estored: true\u003c/code\u003e option is explicitly specified on PostgreSQL 18+.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003ecreate_table :users do |t|\n  t.string :name\n  t.virtual :lower_name,  type: :string,  as: \u0026quot;LOWER(name)\u0026quot;, stored: false\n  t.virtual :name_length, type: :integer, as: \u0026quot;LENGTH(name)\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fe609bf5ac0e61f445de9bea40f89a058b465ead\"\u003e\u003ccode\u003efe609bf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/50598\"\u003e#50598\u003c/a\u003e from lucasmazza/lm/upsert_all-skip\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/334ed8f172d6e77516e9832567626af9965d435d\"\u003e\u003ccode\u003e334ed8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55969\"\u003e#55969\u003c/a\u003e from rails/fix-explain-tests-mysql-9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bffa22d59214a125add8385e12ec691ed623aff7\"\u003e\u003ccode\u003ebffa22d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55949\"\u003e#55949\u003c/a\u003e from ima1zumi/revert-53969-and-add-test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/be5e9fc703ee86a6ba12bbd7256c43142a3d07dc\"\u003e\u003ccode\u003ebe5e9fc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55945\"\u003e#55945\u003c/a\u003e from claudiob/create_enum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/04c6f1497eb3cd0f21449113747f2b72862a0937\"\u003e\u003ccode\u003e04c6f14\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55938\"\u003e#55938\u003c/a\u003e from aidanharan/truthy-condition-mssql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d4fb183ac2d8f6a3fad83e160c435ef4dbe9c149\"\u003e\u003ccode\u003ed4fb183\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55925\"\u003e#55925\u003c/a\u003e from flavorjones/flavorjones/shard-swap-prohibition...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/activesupport/CHANGELOG.md\"\u003eactivesupport's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated passing a Time object to \u003ccode\u003eTime#since\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eBenchmark.ms\u003c/code\u003e method. It is now defined in the \u003ccode\u003ebenchmark\u003c/code\u003e gem.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated addition for \u003ccode\u003eTime\u003c/code\u003e instances with \u003ccode\u003eActiveSupport::TimeWithZone\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated support for \u003ccode\u003eto_time\u003c/code\u003e to preserve the system local time. It will now always preserve the receiver\ntimezone.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003econfig.active_support.to_time_preserves_timezone\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStandardize event name formatting in \u003ccode\u003eassert_event_reported\u003c/code\u003e error messages.\u003c/p\u003e\n\u003cp\u003eThe event name in failure messages now uses \u003ccode\u003e.inspect\u003c/code\u003e (e.g., \u003ccode\u003ename: \u0026quot;user.created\u0026quot;\u003c/code\u003e)\nto match \u003ccode\u003eassert_events_reported\u003c/code\u003e and provide type clarity between strings and symbols.\nThis only affects tests that assert on the failure message format itself.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGeorge Ma\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eEnumerable#sole\u003c/code\u003e to return the full tuple instead of just the first element of the tuple.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eOlivier Bellone\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix parallel tests hanging when worker processes die abruptly.\u003c/p\u003e\n\u003cp\u003ePreviously, if a worker process was killed (e.g., OOM killed, \u003ccode\u003ekill -9\u003c/code\u003e) during parallel\ntest execution, the test suite would hang forever waiting for the dead worker.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoshua Young\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003econfig.active_support.escape_js_separators_in_json\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIntroduce a new framework default to skip escaping LINE SEPARATOR (U+2028) and PARAGRAPH SEPARATOR (U+2029) in JSON.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/234b56973bb453bb50850a1be07a2fcad7331592\"\u003e\u003ccode\u003e234b569\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56008\"\u003e#56008\u003c/a\u003e from chaadow/fix_nesting_loop_rails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/53c4ed887450cc2dee4b373148162c485999a400\"\u003e\u003ccode\u003e53c4ed8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55973\"\u003e#55973\u003c/a\u003e from rails/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f77a1c3654afdf599fa927e7910d6e9c5e9df7cf\"\u003e\u003ccode\u003ef77a1c3\u003c/code\u003e\u003c/a\u003e Require 'rails' at the top of railltie files to ensure Rails is loaded first\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/cd53d57fe363eef44dd4a58dbe69c77cad041550\"\u003e\u003ccode\u003ecd53d57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55962\"\u003e#55962\u003c/a\u003e from coderhs/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/096f1c7c77cf857a1ca12116678599faac2f0522\"\u003e\u003ccode\u003e096f1c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55943\"\u003e#55943\u003c/a\u003e from skipkayhil/hm-oyxvtrxvupxqzprn\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1ace68361ed9e87fecbf32604c087d096f7b7f8a\"\u003e\u003ccode\u003e1ace683\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0.rc1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d156ee00602eab9044bc23ac8de8f245379d6af5\"\u003e\u003ccode\u003ed156ee0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55871\"\u003e#55871\u003c/a\u003e from Shopify/refresh_event_reporter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/48ca2f8b91f69ae7c08cc16426481a5e17fd2209\"\u003e\u003ccode\u003e48ca2f8\u003c/code\u003e\u003c/a\u003e Load core extensions with require_relative\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `railties` from 8.0.3 to 8.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003erailties's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eremove_hidden_field_autocomplete\u003c/code\u003e config in form builder \u003ccode\u003ehidden_field\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow methods starting with underscore to be action methods.\u003c/p\u003e\n\u003cp\u003eDisallowing methods starting with an underscore from being action methods\nwas an unintended side effect of the performance optimization in\n207a254.\u003c/p\u003e\n\u003cp\u003eFixes \u003ca href=\"https://redirect.github.com/rails/rails/issues/55985\"\u003e#55985\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eOnly index new serializers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJesse Sharps\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Mailer\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Cable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.1/railties/CHANGELOG.md\"\u003erailties's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.1 (October 28, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDo not assume and force SSL in production by default when using Kamal, to allow for out of the box Kamal deployments.\u003c/p\u003e\n\u003cp\u003eIt is still recommended to assume and force SSL in production as soon as you can.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJerome Dalbert\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.0 (October 22, 2025)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSuggest \u003ccode\u003ebin/rails action_text:install\u003c/code\u003e from Action Dispatch error page\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSean Doyle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eSTATS_DIRECTORIES\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003ebin/rake stats\u003c/code\u003e command.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003erails/console/methods.rb\u003c/code\u003e file.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't generate system tests by default.\u003c/p\u003e\n\u003cp\u003eRails scaffold generator will no longer generate system tests by default. To enable this pass \u003ccode\u003e--system-tests=true\u003c/code\u003e or generate them with \u003ccode\u003ebin/rails generate system_test name_of_test\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eEileen M. Uchitelle\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOptionally skip bundler-audit.\u003c/p\u003e\n\u003cp\u003eSkips adding the \u003ccode\u003ebin/bundler-audit\u003c/code\u003e \u0026amp; \u003ccode\u003econfig/bundler-audit.yml\u003c/code\u003e if the gem is not installed when \u003ccode\u003ebin/rails app:update\u003c/code\u003e runs.\u003c/p\u003e\n\u003cp\u003ePasses an option to \u003ccode\u003e--skip-bundler-audit\u003c/code\u003e when new apps are generated \u0026amp; adds that same option to the \u003ccode\u003e--minimal\u003c/code\u003e generator flag.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJill Klang\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eShow engine routes in \u003ccode\u003e/rails/info/routes\u003c/code\u003e as well.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePetrik de Heus\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExclude \u003ccode\u003easset_path\u003c/code\u003e configuration from Kamal \u003ccode\u003edeploy.yml\u003c/code\u003e for API applications.\u003c/p\u003e\n\u003cp\u003eAPI applications don't serve assets, so the \u003ccode\u003easset_path\u003c/code\u003e configuration in \u003ccode\u003edeploy.yml\u003c/code\u003e\nis not needed and can cause 404 errors on in-flight requests. The asset_path is now\nonly included for regular Rails applications that serve assets.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/90a1eaa1b30ba1f2d524e197460e549c03cf5698\"\u003e\u003ccode\u003e90a1eaa\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/89cb7bff192ce71267ae76f38942ca8f306ce273\"\u003e\u003ccode\u003e89cb7bf\u003c/code\u003e\u003c/a\u003e Fix railties/CHANGELOG.md offense at 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/7919bdab44688f1e7f121bc36a76169787cdfe60\"\u003e\u003ccode\u003e7919bda\u003c/code\u003e\u003c/a\u003e Restore header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f007f9ca53448379246a1901b213bd57955af26c\"\u003e\u003ccode\u003ef007f9c\u003c/code\u003e\u003c/a\u003e Disable SSL default config for out of the box Kamal deployments (\u003ca href=\"https://redirect.github.com/rails/rails/issues/56010\"\u003e#56010\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29606f8c7b3aea3991343ee2c1aa5dd1860df283\"\u003e\u003ccode\u003e29606f8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55964\"\u003e#55964\u003c/a\u003e from viralpraxis/skip-ci-rb-tests-if-tests-are-skipped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1cdd190a25e483b65f1f25bbd0f13a25d696b461\"\u003e\u003ccode\u003e1cdd190\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5e231ae6548f1c5686f75e61832638937b134961\"\u003e\u003ccode\u003e5e231ae\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/54914\"\u003e#54914\u003c/a\u003e from chaadow/fix_autoloaded_content_helper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1a8109e0fe8f10fa38a8f6c7fb11daf8a09394d5\"\u003e\u003ccode\u003e1a8109e\u003c/code\u003e\u003c/a\u003e Actually turn this off by default too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/25af9250bf072ac24df2ea058c12284da5a99948\"\u003e\u003ccode\u003e25af925\u003c/code\u003e\u003c/a\u003e Kamal localhost registry (\u003ca href=\"https://redirect.github.com/rails/rails/issues/55934\"\u003e#55934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f58a75a5cf35a94cbf8a45fa64b95a0ea9055e64\"\u003e\u003ccode\u003ef58a75a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55940\"\u003e#55940\u003c/a\u003e from jeromedalbert/fix-ci-yml-whitespace\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.3...v8.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bootsnap` from 1.18.6 to 1.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/bootsnap/releases\"\u003ebootsnap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle broken symlinks in load path scanning code.\nShould fix \u003ccode\u003eErrno::ENOENT fstatat\u003c/code\u003e issues some users have encountered after upgrading to 1.20.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rails/bootsnap/compare/v1.20.0...v1.20.1\"\u003ehttps://github.com/rails/bootsnap/compare/v1.20.0...v1.20.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptimized load path scanning with a C extension. Should be about 2x faster on supported platforms.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rails/bootsnap/compare/v1.19.0...v1.20.0\"\u003ehttps://github.com/rails/bootsnap/compare/v1.19.0...v1.20.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/bootsnap/blob/main/CHANGELOG.md\"\u003ebootsnap's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandle broken symlinks in load path scanning code.\nShould fix \u003ccode\u003eErrno::ENOENT fstatat\u003c/code\u003e issues some users have encountered after upgrading to 1.20.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOptimized load path scanning with a C extension. Should be about 2x faster on supported platforms.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.19.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove JSON parsing cache. Recent versions of the \u003ccode\u003ejson\u003c/code\u003e gem are as fast as \u003ccode\u003emsgpack\u003c/code\u003e if not faster.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/ba59bb8e012ddbe592b0de85d06304afed65688c\"\u003e\u003ccode\u003eba59bb8\u003c/code\u003e\u003c/a\u003e Release 1.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/302b7dbbc31c917456369fe136b86c1ffc591a64\"\u003e\u003ccode\u003e302b7db\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/bootsnap/issues/514\"\u003e#514\u003c/a\u003e from byroot/handle-broken-symlink\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/fd1ddc33aa8a247e204c152ec700167b285188b2\"\u003e\u003ccode\u003efd1ddc3\u003c/code\u003e\u003c/a\u003e Handle broken symlinks in load path\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/fac34b899341134389dd8067678230d95e409939\"\u003e\u003ccode\u003efac34b8\u003c/code\u003e\u003c/a\u003e Release 1.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/71311d4c599a2d4eebec29652889577ff430499c\"\u003e\u003ccode\u003e71311d4\u003c/code\u003e\u003c/a\u003e Include Bootsnap::VERSION in LoadPathCache version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/f5c43ac14b11e9771155d5a5a402c6a8ef0f8ef6\"\u003e\u003ccode\u003ef5c43ac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/bootsnap/issues/512\"\u003e#512\u003c/a\u003e from byroot/prune-load-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/f94f668c545122c26462d31cec647095282b68a1\"\u003e\u003ccode\u003ef94f668\u003c/code\u003e\u003c/a\u003e Stop caching directories in LoadPathCache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/e3b5292b2f00012130b2529ec01ac42bdddbe0b2\"\u003e\u003ccode\u003ee3b5292\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/bootsnap/issues/511\"\u003e#511\u003c/a\u003e from byroot/c-ext-load-path-scan\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/e91dd2158b014d7f233028475942b9fbe2c9ed2c\"\u003e\u003ccode\u003ee91dd21\u003c/code\u003e\u003c/a\u003e Implement PathScanner in C to avoid N+1 \u003ccode\u003estat(2)\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/bootsnap/commit/c77d5ccfec3188c8feb259963eaad5debc955bcf\"\u003e\u003ccode\u003ec77d5cc\u003c/code\u003e\u003c/a\u003e Cleanup the c extension\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/bootsnap/compare/v1.18.6...v1.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faker` from 3.5.2 to 3.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/faker-ruby/faker/releases\"\u003efaker's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.5.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/faker-ruby/faker/tree/v3.5.3\"\u003ev3.5.3\u003c/a\u003e (2025-12-02)\u003c/h2\u003e\n\u003cp\u003eWishing you a cozy and calm Holiday season ☃️\u003c/p\u003e\n\u003cp\u003eThis version adds and improves some locales, fixes some bugs, and deprecates some generators.\u003c/p\u003e\n\u003cp\u003eThanks to all contributors!\u003c/p\u003e\n\u003ch2\u003eDeprecated generators\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: move \u003ccode\u003eFaker::BossaNova\u003c/code\u003e under \u003ccode\u003eFaker::Music::BossaNova\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3140\"\u003efaker-ruby/faker#3140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eFaker::Twitter\u003c/code\u003e in favor of \u003ccode\u003eFaker::X\u003c/code\u003e and update attributes by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3138\"\u003efaker-ruby/faker#3138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eImprovements \u0026amp; Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate entry \u003ccode\u003eamateur radio\u003c/code\u003e from \u003ccode\u003elocales/en/hobby.yml\u003c/code\u003e by \u003ca href=\"https://github.com/Leenday\"\u003e\u003ccode\u003e@​Leenday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3099\"\u003efaker-ruby/faker#3099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/faker-ruby/faker/issues/3114\"\u003e#3114\u003c/a\u003e: prevent scientific notation when generating bank account number by \u003ca href=\"https://github.com/AhmedHisham552\"\u003e\u003ccode\u003e@​AhmedHisham552\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3118\"\u003efaker-ruby/faker#3118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: typos in locales for \u003ccode\u003eoverwatch.yml\u003c/code\u003e, \u003ccode\u003erajnikanth.yml\u003c/code\u003e and \u003ccode\u003estreet_fighter.ym\u003c/code\u003e by \u003ca href=\"https://github.com/smorttey\"\u003e\u003ccode\u003e@​smorttey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3106\"\u003efaker-ruby/faker#3106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eArtist\u003c/code\u003e translations for the japanese locale by \u003ca href=\"https://github.com/neco-nico\"\u003e\u003ccode\u003e@​neco-nico\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3110\"\u003efaker-ruby/faker#3110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecountry_code\u003c/code\u003e to Estonia locale (\u003ccode\u003elocales/ee.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/HassanAkbar\"\u003e\u003ccode\u003e@​HassanAkbar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3111\"\u003efaker-ruby/faker#3111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReformat Arabic locale (\u003ccode\u003elocales/ar.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/ramzieus\"\u003e\u003ccode\u003e@​ramzieus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3130\"\u003efaker-ruby/faker#3130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: Improve UK Phone number false failure hit-rate by \u003ca href=\"https://github.com/luke-hill\"\u003e\u003ccode\u003e@​luke-hill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3136\"\u003efaker-ruby/faker#3136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprovements and fixes for Elder Scrolls locale (\u003ccode\u003eelder_scrolls.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3129\"\u003efaker-ruby/faker#3129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd en-GB ID Numbers (aka National Insurance Numbers) by \u003ca href=\"https://github.com/stefanjcollier\"\u003e\u003ccode\u003e@​stefanjcollier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3032\"\u003efaker-ruby/faker#3032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate ukrainian city locales to the modern ones by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3127\"\u003efaker-ruby/faker#3127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevamp the docs to make them easier to find by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3151\"\u003efaker-ruby/faker#3151\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etest: fix flaky test on \u003ccode\u003eFaker::IdNumber\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3126\"\u003efaker-ruby/faker#3126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove minitest dependency on i18n reload test by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3149\"\u003efaker-ruby/faker#3149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused release workflow by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3133\"\u003efaker-ruby/faker#3133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eUpdate local dependencies\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump benchmark from 0.4.1 to 0.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3122\"\u003efaker-ruby/faker#3122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump rake from 13.3.0 to 13.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3124\"\u003efaker-ruby/faker#3124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump test-unit from 3.7.0 to 3.7.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3128\"\u003efaker-ruby/faker#3128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump rubocop-minitest from 0.38.1 to 0.38.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3116\"\u003efaker-ruby/faker#3116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump dependencies by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3141\"\u003efaker-ruby/faker#3141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump Minitest version to \u003ccode\u003ev5.26.1\u003c/code\u003e and fix issues by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3144\"\u003efaker-ruby/faker#3144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump rubocop version to \u003ccode\u003ev1.81.7\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3143\"\u003efaker-ruby/faker#3143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Leenday\"\u003e\u003ccode\u003e@​Leenday\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3099\"\u003efaker-ruby/faker#3099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/AhmedHisham552\"\u003e\u003ccode\u003e@​AhmedHisham552\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3118\"\u003efaker-ruby/faker#3118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/smorttey\"\u003e\u003ccode\u003e@​smorttey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3106\"\u003efaker-ruby/faker#3106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/neco-nico\"\u003e\u003ccode\u003e@​neco-nico\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3110\"\u003efaker-ruby/faker#3110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/HassanAkbar\"\u003e\u003ccode\u003e@​HassanAkbar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3111\"\u003efaker-ruby/faker#3111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ramzieus\"\u003e\u003ccode\u003e@​ramzieus\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3130\"\u003efaker-ruby/faker#3130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luke-hill\"\u003e\u003ccode\u003e@​luke-hill\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3136\"\u003efaker-ruby/faker#3136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3129\"\u003efaker-ruby/faker#3129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stefanjcollier\"\u003e\u003ccode\u003e@​stefanjcollier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3032\"\u003efaker-ruby/faker#3032\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md\"\u003efaker's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/faker-ruby/faker/tree/v3.5.3\"\u003ev3.5.3\u003c/a\u003e (2025-12-02)\u003c/h2\u003e\n\u003cp\u003eWishing you a cozy and calm Holiday season ☃️\u003c/p\u003e\n\u003cp\u003eThis version adds and improves some locales, fixes some bugs, and deprecates some generators.\u003c/p\u003e\n\u003cp\u003eThanks to all contributors!\u003c/p\u003e\n\u003ch3\u003eDeprecated generators\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: move \u003ccode\u003eFaker::BossaNova\u003c/code\u003e under \u003ccode\u003eFaker::Music::BossaNova\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3140\"\u003efaker-ruby/faker#3140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eFaker::Twitter\u003c/code\u003e in favor of \u003ccode\u003eFaker::X\u003c/code\u003e and update attributes by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3138\"\u003efaker-ruby/faker#3138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements \u0026amp; Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate entry \u003ccode\u003eamateur radio\u003c/code\u003e from \u003ccode\u003elocales/en/hobby.yml\u003c/code\u003e by \u003ca href=\"https://github.com/Leenday\"\u003e\u003ccode\u003e@​Leenday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3099\"\u003efaker-ruby/faker#3099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/faker-ruby/faker/issues/3114\"\u003e#3114\u003c/a\u003e: prevent scientific notation when generating bank account number by \u003ca href=\"https://github.com/AhmedHisham552\"\u003e\u003ccode\u003e@​AhmedHisham552\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3118\"\u003efaker-ruby/faker#3118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: typos in locales for \u003ccode\u003eoverwatch.yml\u003c/code\u003e, \u003ccode\u003erajnikanth.yml\u003c/code\u003e and \u003ccode\u003estreet_fighter.ym\u003c/code\u003e by \u003ca href=\"https://github.com/smorttey\"\u003e\u003ccode\u003e@​smorttey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3106\"\u003efaker-ruby/faker#3106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eArtist\u003c/code\u003e translations for the japanese locale by \u003ca href=\"https://github.com/neco-nico\"\u003e\u003ccode\u003e@​neco-nico\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3110\"\u003efaker-ruby/faker#3110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecountry_code\u003c/code\u003e to Estonia locale (\u003ccode\u003elocales/ee.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/HassanAkbar\"\u003e\u003ccode\u003e@​HassanAkbar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3111\"\u003efaker-ruby/faker#3111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReformat Arabic locale (\u003ccode\u003elocales/ar.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/ramzieus\"\u003e\u003ccode\u003e@​ramzieus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3130\"\u003efaker-ruby/faker#3130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactor: Improve UK Phone number false failure hit-rate by \u003ca href=\"https://github.com/luke-hill\"\u003e\u003ccode\u003e@​luke-hill\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3136\"\u003efaker-ruby/faker#3136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprovements and fixes for Elder Scrolls locale (\u003ccode\u003eelder_scrolls.yml\u003c/code\u003e) by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3129\"\u003efaker-ruby/faker#3129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd en-GB ID Numbers (aka National Insurance Numbers) by \u003ca href=\"https://github.com/stefanjcollier\"\u003e\u003ccode\u003e@​stefanjcollier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3032\"\u003efaker-ruby/faker#3032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate ukrainian city locales to the modern ones by \u003ca href=\"https://github.com/SleekMutt\"\u003e\u003ccode\u003e@​SleekMutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3127\"\u003efaker-ruby/faker#3127\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevamp the docs to make them easier to find by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3151\"\u003efaker-ruby/faker#3151\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest: fix flaky test on \u003ccode\u003eFaker::IdNumber\u003c/code\u003e by \u003ca href=\"https://github.com/thdaraujo\"\u003e\u003ccode\u003e@​thdaraujo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3126\"\u003efaker-ruby/faker#3126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove minitest dependency on i18n reload test by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3149\"\u003efaker-ruby/faker#3149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove unused release workflow by \u003ca href=\"https://github.com/stefannibrasil\"\u003e\u003ccode\u003e@​stefannibrasil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/faker-ruby/faker/pull/3133\"\u003efaker-ruby/faker#3133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUpdate local dependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump benchmark from 0.4.1 to 0.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca ...\n\n_Description has been truncated_","html_url":"https://github.com/ministryofjustice/hmcts-common-platform-mock-api/pull/1031","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ministryofjustice%2Fhmcts-common-platform-mock-api/issues/1031","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1031/packages"}},{"old_version":"3.2.0","new_version":"4.2.1","update_type":"major","path":"/new_app_ruby","pr_created_at":"2026-01-02T11:04:14.000Z","version_change":"3.2.0 → 4.2.1","issue":{"uuid":"3776136857","node_id":"PR_kwDOPoFa3c67Ri1i","number":137,"state":"open","title":"chore(deps): bump sinatra and sinatra-contrib in /new_app_ruby","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-02T11:04:14.000Z","updated_at":"2026-01-02T11:04:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"sinatra","repository_url":"https://github.com/sinatra/sinatra","old_version":"3.2.0","new_version":"4.2.1"},{"name":"sinatra-contrib","repository_url":"https://github.com/sinatra/sinatra","old_version":"3.2.0","new_version":"4.2.1"}],"path":"/new_app_ruby","ecosystem":"rubygems"},"body":"Bumps [sinatra](https://github.com/sinatra/sinatra) and [sinatra-contrib](https://github.com/sinatra/sinatra). These dependencies needed to be updated together.\nUpdates `sinatra` from 3.2.0 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/2c7f8db854a5b75fe08102983788548f8eb806b0\"\u003e\u003ccode\u003e2c7f8db\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty.\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2124\"\u003e#2124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.2.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra-contrib` from 3.2.0 to 4.2.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra-contrib's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.1 / 2025-10-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Revert \u0026quot;\u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty\u0026quot; (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2124\"\u003e#2124\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eaddresses issues with routing and 404, \u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2113#issuecomment-3388476329\"\u003emore in the original pull request\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.1 / 2024-11-20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Restore WEBrick support (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2067\"\u003e#2067\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 / 2024-11-18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003ehost_authorization\u003c/code\u003e setting (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2053\"\u003e#2053\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDefaults to \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e.test\u003c/code\u003e and any IP address in development mode.\u003c/li\u003e\n\u003cli\u003eSecurity: addresses \u003ca href=\"https://github.com/advisories/GHSA-hxx2-7vcw-mqr3\"\u003eCVE-2024-21510\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix: Return an instance of \u003ccode\u003eSinatra::IndifferentHash\u003c/code\u003e when calling \u003ccode\u003e#except\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2044\"\u003e#2044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning from \u003ccode\u003eURI\u003c/code\u003e for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2060\"\u003e#2060\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003erackup\u003c/code\u003e no longer depends on WEBrick, recommend Puma instead (\u003ca href=\"https://github.com/sinatra/sinatra/commit/4a558503a0ee41f26d4ebc07b478340e8a8a5ed6\"\u003e\u003ccode\u003e4a558503\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Zeitwerk 2.7.0+ compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2050\"\u003e#2050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Address warning about Hash construction for Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2028\"\u003e#2028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Declare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2032\"\u003e#2032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Rack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2035\"\u003e#2035\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eDon't depend on \u003ccode\u003eRack::Logger\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDon't delete \u003ccode\u003econtent-length\u003c/code\u003e header when \u003ccode\u003eRack::Files\u003c/code\u003e is used\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.1 / 2025-05-24\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRack 3.1 compatibility (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2035\"\u003e#2035\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2081\"\u003e#2081\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2078\"\u003e#2078\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix compatibility with --enable-frozen-string-literal (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeclare missing dependencies for Ruby 3.5 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2032\"\u003e#2032\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix warning about Hash construction. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2028\"\u003e#2028\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport Zeitwerk 2.7.0+ (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2050\"\u003e#2050\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress URI depreciation (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2060\"\u003e#2060\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/599a007a779dc9940e49f34e9077220f4c209f4b\"\u003e\u003ccode\u003e599a007\u003c/code\u003e\u003c/a\u003e 4.2.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/7b50a1bbb5324838908dfaa00ec53ad322673a29\"\u003e\u003ccode\u003e7b50a1b\u003c/code\u003e\u003c/a\u003e 4.1.1 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2068\"\u003e#2068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/73f3291d114b5b211e067263eeb9c0e197fe8500\"\u003e\u003ccode\u003e73f3291\u003c/code\u003e\u003c/a\u003e 4.1.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2063\"\u003e#2063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ef00c6a0db0ef31143e529e7e6edddf2d5c99653\"\u003e\u003ccode\u003eef00c6a\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSinatra::HamlHelpers\u003c/code\u003e docs (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2046\"\u003e#2046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/973c936319af9132d7ab2f60985e359d0c75c93e\"\u003e\u003ccode\u003e973c936\u003c/code\u003e\u003c/a\u003e Fix compatibility with \u003ccode\u003e--enable-frozen-string-literal\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2033\"\u003e#2033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5640495babcb4cfd69ba650b293660b7446402da\"\u003e\u003ccode\u003e5640495\u003c/code\u003e\u003c/a\u003e Fix typos in changelog, readme and code comments (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/b626e2d82c23b4fde0b51782fd32ca27ccde1d1a\"\u003e\u003ccode\u003eb626e2d\u003c/code\u003e\u003c/a\u003e 4.0.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1996\"\u003e#1996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/e56f657bed6c3b1cb5492e7a8cf995013c4388b5\"\u003e\u003ccode\u003ee56f657\u003c/code\u003e\u003c/a\u003e Require Ruby 2.7.8 as minimum Ruby version (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1993\"\u003e#1993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/8a17d4bbe09e22350b6277f665d6552d4160dde7\"\u003e\u003ccode\u003e8a17d4b\u003c/code\u003e\u003c/a\u003e Add support for Rack 3, drop support for Rack 2 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/1857\"\u003e#1857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v3.2.0...v4.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DevOps-Valgfag/WhoKnows/pull/137","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DevOps-Valgfag%2FWhoKnows/issues/137","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/137/packages"}},{"old_version":"4.1.1","new_version":"4.2.0","update_type":"minor","path":null,"pr_created_at":"2025-12-30T21:18:17.000Z","version_change":"4.1.1 → 4.2.0","issue":{"uuid":"3771316161","node_id":"PR_kwDOQrIdTs67B44r","number":1,"state":"closed","title":"Bump the bundler group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-11T00:48:20.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-30T21:18:17.000Z","updated_at":"2026-03-11T00:48:22.000Z","time_to_close":6060603,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":6,"packages":[{"name":"uri","old_version":"1.0.3","new_version":"1.0.4","repository_url":"https://github.com/ruby/uri"},{"name":"rexml","old_version":"3.4.0","new_version":"3.4.2","repository_url":"https://github.com/ruby/rexml"},{"name":"rack","old_version":"3.2.1","new_version":"3.2.4","repository_url":"https://github.com/rack/rack"},{"name":"aws-sdk-s3","old_version":"1.197.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"net-imap","old_version":"0.5.5","new_version":"0.5.7","repository_url":"https://github.com/ruby/net-imap"},{"name":"sinatra","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/sinatra/sinatra"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uri](https://github.com/ruby/uri) | `1.0.3` | `1.0.4` |\n| [rexml](https://github.com/ruby/rexml) | `3.4.0` | `3.4.2` |\n| [rack](https://github.com/rack/rack) | `3.2.1` | `3.2.4` |\n| [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) | `1.197.0` | `1.208.0` |\n| [net-imap](https://github.com/ruby/net-imap) | `0.5.5` | `0.5.7` |\n| [sinatra](https://github.com/sinatra/sinatra) | `4.1.1` | `4.2.0` |\n\n\nUpdates `uri` from 1.0.3 to 1.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/uri/releases\"\u003euri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.4\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/\"\u003eCVE-2025-61594\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.0.4\"\u003ehttps://github.com/ruby/uri/compare/v1.0.3...v1.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/e5074739c3f28e03a26f6a1daa2a051fdbc3e774\"\u003e\u003ccode\u003ee507473\u003c/code\u003e\u003c/a\u003e Bump up to v1.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/d3116ca66a3b1c97dc7577f9d2d6e353f391cd6a\"\u003e\u003ccode\u003ed3116ca\u003c/code\u003e\u003c/a\u003e Merge branch 'CVE-2025-61594-3-4' into HEAD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/6c6449e15ffae7027bfe83134f0419f682e0b1ad\"\u003e\u003ccode\u003e6c6449e\u003c/code\u003e\u003c/a\u003e Add authority accessor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/5cec76b9e8777764344fd4aee140e309ad207b68\"\u003e\u003ccode\u003e5cec76b\u003c/code\u003e\u003c/a\u003e Clear user info totally at setting any of authority info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rexml` from 3.4.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/releases\"\u003erexml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eREXML 3.4.2 - 2025-08-26\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/rexml/blob/master/NEWS.md\"\u003erexml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.2 - 2025-08-26 {#version-3-4-2}\u003c/h2\u003e\n\u003ch3\u003eImprovement\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImproved performance.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/244\"\u003eGH-244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/245\"\u003eGH-245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/246\"\u003eGH-246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/249\"\u003eGH-249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/256\"\u003eGH-256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise appropriate exception when failing to match start tag in DOCTYPE\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/247\"\u003eGH-247\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate accepting array as an element in XPath.match, first and each\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/252\"\u003eGH-252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by tomoya ishida\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDon't call needless encoding_updated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/259\"\u003eGH-259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by Sutou Kouhei\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReuse XPath::match\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/263\"\u003eGH-263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache redundant calls for doctype\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003eGH-264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse Safe Navigation (\u0026amp;.) from Ruby 2.3\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003eGH-265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove redundant return statements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003eGH-266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by pboling\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded XML declaration check \u0026amp; Source#skip_spaces method\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003eGH-282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by NAITOH Jun\u003c/li\u003e\n\u003cli\u003eReported by Sofi Aberegg\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix docs typo\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/248\"\u003eGH-248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch by James Coleman\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/f36916fe1c66b8cdc1fe482263115625e084d8fe\"\u003e\u003ccode\u003ef36916f\u003c/code\u003e\u003c/a\u003e Add 3.4.2 entry (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23\"\u003e\u003ccode\u003e5859bde\u003c/code\u003e\u003c/a\u003e Added XML declaration check \u0026amp; \u003ccode\u003eSource#skip_spaces\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/282\"\u003e#282\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/1d876e3bf658b7b4ec7c3372867521695e8eb023\"\u003e\u003ccode\u003e1d876e3\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4 to 5 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/283\"\u003e#283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c87bda8bb8773da7e5a0faf9f16ff165eb052a35\"\u003e\u003ccode\u003ec87bda8\u003c/code\u003e\u003c/a\u003e Remove ostruct from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/281\"\u003e#281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/c60ae027a3c20f359fdf76fa41ae64d22313f482\"\u003e\u003ccode\u003ec60ae02\u003c/code\u003e\u003c/a\u003e Remove bundler from dev deps (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/9b084d78708638cedff54743edc0907c4bd6574a\"\u003e\u003ccode\u003e9b084d7\u003c/code\u003e\u003c/a\u003e Fix \u0026amp; Deprecate REXML::Text#text_indent (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/04a589a61bf4e366abee8764ee74b03f4aecc4aa\"\u003e\u003ccode\u003e04a589a\u003c/code\u003e\u003c/a\u003e Fix a bug that XPath can't be used for no document element (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/268\"\u003e#268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/66232eaf680d0937ae59bea285cdb8e4d3d88a93\"\u003e\u003ccode\u003e66232ea\u003c/code\u003e\u003c/a\u003e Remove redundant return statements (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/63f3e9772595a64b036953f0ab026d2ea5560a3b\"\u003e\u003ccode\u003e63f3e97\u003c/code\u003e\u003c/a\u003e Use Safe Navigation (\u0026amp;.) from Ruby 2.3 (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/rexml/commit/d427fc5914fcc17d7247c5ff9099ee38639d6702\"\u003e\u003ccode\u003ed427fc5\u003c/code\u003e\u003c/a\u003e Avoid redundant calls for doctype (\u003ca href=\"https://redirect.github.com/ruby/rexml/issues/264\"\u003e#264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/rexml/compare/v3.4.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 3.2.1 to 3.2.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/4c24539777db8833d78f881680cd245878cfba31\"\u003e\u003ccode\u003e4c24539\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3ba5e4f22f55abac21037bb137e56e5c8e36b673\"\u003e\u003ccode\u003e3ba5e4f\u003c/code\u003e\u003c/a\u003e Allow Multipart head to span read boundary. (\u003ca href=\"https://redirect.github.com/rack/rack/issues/2392\"\u003e#2392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/32bf8887d00bd86494f0ce08c46cda59a65d332f\"\u003e\u003ccode\u003e32bf888\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f\"\u003e\u003ccode\u003ee179614\u003c/code\u003e\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784\"\u003e\u003ccode\u003e57277b7\u003c/code\u003e\u003c/a\u003e Improper handling of proxy headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/403b74b2441d666845177ce769036e294f663712\"\u003e\u003ccode\u003e403b74b\u003c/code\u003e\u003c/a\u003e Normalize adivsories links.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/fb395bb48925bba30d090938380c4090f5ae53de\"\u003e\u003ccode\u003efb395bb\u003c/code\u003e\u003c/a\u003e Fix handling of \u003ccode\u003eErrno::EPIPE\u003c/code\u003e in multipart tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bce149b11154e851c437b5ece1c026c943f4b571\"\u003e\u003ccode\u003ebce149b\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/3beacfcd494ec5600c9022d561cfa2f556a524d1\"\u003e\u003ccode\u003e3beacfc\u003c/code\u003e\u003c/a\u003e Limit amount of retained data when parsing multipart requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e\"\u003e\u003ccode\u003e589127f\u003c/code\u003e\u003c/a\u003e Fix denial of service vulnerbilties in multipart parsing\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rack/rack/compare/v3.2.1...v3.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.197.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `net-imap` from 0.5.5 to 0.5.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/net-imap/releases\"\u003enet-imap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security\u003c/h3\u003e\n\u003cp\u003eThis release adds two features to prevent unbounded memory use: the \u003ccode\u003eresponse_handlers\u003c/code\u003e keyword argument to \u003ca href=\"https://ruby.github.io/net-imap/Net/IMAP.html#method-c-new\"\u003e\u003ccode\u003eNet::IMAP.new\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/419\"\u003eruby/net-imap#419\u003c/a\u003e) so response handlers can be added before the server can send any responses, and the \u003ca href=\"https://ruby.github.io/net-imap/Net/IMAP/Config.html#attribute-i-max_response_size\"\u003e\u003ccode\u003emax_response_size\u003c/code\u003e\u003c/a\u003e config attribute (\u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/444\"\u003eruby/net-imap#444\u003c/a\u003e, GHSA-j3g3-5qv5-52mj, CVE-2025-43857, reported by \u003ca href=\"https://github.com/Masamuneee\"\u003e\u003ccode\u003e@​Masamuneee\u003c/code\u003e\u003c/a\u003e).\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThe default \u003ca href=\"https://ruby.github.io/net-imap/Net/IMAP/Config.html#attribute-i-max_response_size\"\u003e\u003ccode\u003emax_response_size\u003c/code\u003e\u003c/a\u003e is extremely high, to avoid issues with secure connections to trusted servers that are well-behaved.  It can be configured more conservatively to guard against untrusted servers (for example, connecting to user-provided hostnames).  \u003cem\u003eIt is the responsibility of \u003ccode\u003enet-imap\u003c/code\u003e users to configure their client appropriately for the server they are connecting to.\u003c/em\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Track IMAP connection state by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/416\"\u003eruby/net-imap#416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Add \u003ccode\u003eresponse_handlers\u003c/code\u003e kwarg to \u003ccode\u003eNet::IMAP.new\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/419\"\u003eruby/net-imap#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Customize SequenceSet YAML serialization by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/432\"\u003eruby/net-imap#432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Limit \u003ccode\u003emax_response_size\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/444\"\u003eruby/net-imap#444\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📚 Improve docs for unbounded memory use and thread safety by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/418\"\u003eruby/net-imap#418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e📚 Impove SequenceSet docs by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/420\"\u003eruby/net-imap#420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e📚 Doc improvements for open_timeout, etc by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/424\"\u003eruby/net-imap#424\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Reorganize \u003ccode\u003eConfig.version_defaults\u003c/code\u003e creation by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/412\"\u003eruby/net-imap#412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Refactor Config attr type coercion by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/417\"\u003eruby/net-imap#417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️  Refactor \u003ccode\u003eNet::IMAP#get_response\u003c/code\u003e (internal) by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/422\"\u003eruby/net-imap#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Rational config versions by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/429\"\u003eruby/net-imap#429\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Extract ResponseReader from \u003ccode\u003eget_response\u003c/code\u003e by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/433\"\u003eruby/net-imap#433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e♻️ Refactor ResponseReader by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/435\"\u003eruby/net-imap#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump step-security/harden-runner from 2.10.4 to 2.11.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/409\"\u003eruby/net-imap#409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✅ Make FakeServer more robust against disconnect by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/414\"\u003eruby/net-imap#414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✅ Improvements to FakeServer (tests only) by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/415\"\u003eruby/net-imap#415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✅ Ignore more IO errors in some FakeServer tests by \u003ca href=\"https://github.com/nevans\"\u003e\u003ccode\u003e@​nevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/421\"\u003eruby/net-imap#421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e⬆️ Bump step-security/harden-runner from 2.11.0 to 2.11.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/net-imap/pull/423\"\u003eruby/net-imap#423\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.5.6...v0.5.7\"\u003ehttps://github.com/ruby/net-imap/compare/v0.5.6...v0.5.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.5.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003e🔒 Security Fix\u003c/h3\u003e\n\u003cp\u003eFixes CVE-2025-25186 (GHSA-7fc5-f82f-cx69): A malicious server can exhaust client memory by sending \u003ccode\u003eAPPENDUID\u003c/code\u003e or \u003ccode\u003eCOPYUID\u003c/code\u003e responses with very large \u003ccode\u003euid-set\u003c/code\u003e ranges. \u003ccode\u003eNet::IMAP::UIDPlusData\u003c/code\u003e expands these ranges into arrays of integers.\u003c/p\u003e\n\u003ch4\u003eFix with minor API changes\u003c/h4\u003e\n\u003cp\u003eSet \u003ccode\u003econfig.parser_use_deprecated_uidplus_data\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e to replace \u003ccode\u003eUIDPlusData\u003c/code\u003e with \u003ccode\u003eAppendUIDData\u003c/code\u003e and \u003ccode\u003eCopyUIDData\u003c/code\u003e.  These classes store their UIDs as \u003ccode\u003eNet::IMAP::SequenceSet\u003c/code\u003e objects (\u003cem\u003enot\u003c/em\u003e expanded into arrays of integers).  Code that does not handle \u003ccode\u003eAPPENDUID\u003c/code\u003e or \u003ccode\u003eCOPYUID\u003c/code\u003e responses should not see any difference.  Code that does handle these responses \u003cem\u003emay\u003c/em\u003e need to be updated.\u003c/p\u003e\n\u003cp\u003eFor v0.3.8, this option is not available\nFor v0.4.19, the default value is \u003ccode\u003etrue\u003c/code\u003e.\nFor v0.5.6, the default value is \u003ccode\u003e:up_to_max_size\u003c/code\u003e.\nFor v0.6.0, the only allowed value will be \u003ccode\u003efalse\u003c/code\u003e  \u003cem\u003e(\u003ccode\u003eUIDPlusData\u003c/code\u003e will be removed from v0.6)\u003c/em\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/364869b4e674e6c2dd240835b0f3b1e5436fff82\"\u003e\u003ccode\u003e364869b\u003c/code\u003e\u003c/a\u003e 🔖 Bump version to v0.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/10137ba91dbfe6abc3c53d7229e1b368f899ed9c\"\u003e\u003ccode\u003e10137ba\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/444\"\u003e#444\u003c/a\u003e from ruby/limit-response-size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b6bdee27a5cd38dd386042f43fec160840fe7562\"\u003e\u003ccode\u003eb6bdee2\u003c/code\u003e\u003c/a\u003e ✨ Make max_response_size configurable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/0ae8576c1a90bcd9573f81bdad4b4b824642d105\"\u003e\u003ccode\u003e0ae8576\u003c/code\u003e\u003c/a\u003e ✨ Limit max response size to 512MiB (hard-coded)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b32b6751af061b4f0d50c818512b5b41d8fbe951\"\u003e\u003ccode\u003eb32b675\u003c/code\u003e\u003c/a\u003e ♻️ Save ResponseReader ivars: \u003ca href=\"https://github.com/buff\"\u003e\u003ccode\u003e@​buff\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/literal\"\u003e\u003ccode\u003e@​literal\u003c/code\u003e\u003c/a\u003e_size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/d28879eb11f80c4866173436d51ce309b4462a74\"\u003e\u003ccode\u003ed28879e\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/433\"\u003e#433\u003c/a\u003e from ruby/response_reader\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/18bc62150df697596510c6f47a765155e4d6c0f9\"\u003e\u003ccode\u003e18bc621\u003c/code\u003e\u003c/a\u003e ♻️ Extract ResponseReader from get_response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/b1413c65b585bac8f21ba3c2eb9459fe065348b3\"\u003e\u003ccode\u003eb1413c6\u003c/code\u003e\u003c/a\u003e ✨ Customize SequenceSet YAML serialization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/d83926889c99e77c5c241c52f87c0d3e605933f4\"\u003e\u003ccode\u003ed839268\u003c/code\u003e\u003c/a\u003e 🔀 Merge pull request \u003ca href=\"https://redirect.github.com/ruby/net-imap/issues/429\"\u003e#429\u003c/a\u003e from ruby/rational-config-versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/net-imap/commit/c7732e65c55ca3fda6a1115b64390a10e63e9aaf\"\u003e\u003ccode\u003ec7732e6\u003c/code\u003e\u003c/a\u003e ♻️ Add default_proc to Config.version_defaults\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/net-imap/compare/v0.5.5...v0.5.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sinatra` from 4.1.1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md\"\u003esinatra's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 / 2025-10-08\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Add \u003ccode\u003e:static_headers\u003c/code\u003e setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Fix malformed Content-Type headers (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2081\"\u003e#2081\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Avoid crash for integer values in \u003ccode\u003econtent_type\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/pull/2078\"\u003e#2078\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/f2ad45f7d2456172974a30d300e9f82424336e09\"\u003e\u003ccode\u003ef2ad45f\u003c/code\u003e\u003c/a\u003e 4.2.0 release (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2122\"\u003e#2122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/3fe8c38dc405586f7ad8f2ac748aa53e9c3615bd\"\u003e\u003ccode\u003e3fe8c38\u003c/code\u003e\u003c/a\u003e Fix regex in \u003ccode\u003eetag_matches?\u003c/code\u003e to prevent ReDoS (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2121\"\u003e#2121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55\"\u003e\u003ccode\u003efa99a21\u003c/code\u003e\u003c/a\u003e \u003ccode\u003ePATH_INFO\u003c/code\u003e can never be empty. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2114\"\u003e#2114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ea0d3fae36d8bba330c1d1f88ef1be2e9e54516a\"\u003e\u003ccode\u003eea0d3fa\u003c/code\u003e\u003c/a\u003e Skip broken tests. (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2115\"\u003e#2115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/5e1598501eb23a8673d61034df7be7d50c228400\"\u003e\u003ccode\u003e5e15985\u003c/code\u003e\u003c/a\u003e Sync changelog for v4.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/91cfb548c9e50a65324a9ce9e4ea5f10cd897027\"\u003e\u003ccode\u003e91cfb54\u003c/code\u003e\u003c/a\u003e Add :static_headers setting for custom headers in static file responses (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2089\"\u003e#2089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c918134b0a520cb80b8b4cc3ab222cb6bbd9c827\"\u003e\u003ccode\u003ec918134\u003c/code\u003e\u003c/a\u003e Set \u003ccode\u003erubygems_mfa_required\u003c/code\u003e for the \u003ccode\u003esinatra\u003c/code\u003e gem (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2087\"\u003e#2087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/ac3ff2363b6dfc61d2b438c4dfccc515bc6bf48c\"\u003e\u003ccode\u003eac3ff23\u003c/code\u003e\u003c/a\u003e README: Remove duplicate mention of installing puma (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2091\"\u003e#2091\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/cfcc70dee1133690207b5a3dc6000426ec04e250\"\u003e\u003ccode\u003ecfcc70d\u003c/code\u003e\u003c/a\u003e CI: don't use \u003ccode\u003eRack::Lint\u003c/code\u003e on invalid hostname (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2086\"\u003e#2086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sinatra/sinatra/commit/c235249abaafa2780b540aca1813dfcf3d17c2dd\"\u003e\u003ccode\u003ec235249\u003c/code\u003e\u003c/a\u003e CI: Test with Ruby 3.4 (\u003ca href=\"https://redirect.github.com/sinatra/sinatra/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sinatra/sinatra/compare/v4.1.1...v4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/cezary13k/rails/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/cezary13k/rails/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cezary13k%2Frails/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}}]}