Bumps the dependencies group with 4 updates: [addressable](https://github.com/sporkmonger/addressable), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [brakeman](https://github.com/presidentbeef/brakeman) and [database_consistency](https://github.com/djezzzl/database_consistency).
Updates `addressable` from 2.8.8 to 2.8.9 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md">addressable's changelog</a>.</em></p> <blockquote> <h2>Addressable 2.8.9 <!-- raw HTML omitted --></h2> <ul> <li>Reduce gem size by excluding test files (<a href="https://redirect.github.com/sporkmonger/addressable/issues/569">#569</a>)</li> <li>No need for bundler as development dependency (<a href="https://redirect.github.com/sporkmonger/addressable/issues/571">#571</a>, <a href="https://github.com/sporkmonger/addressable/commit/5fc1d93">5fc1d93</a>)</li> <li>idna/pure: stop building the useless <code>COMPOSITION_TABLE</code> (removes the <code>Addressable::IDNA::COMPOSITION_TABLE</code> constant) (<a href="https://redirect.github.com/sporkmonger/addressable/issues/564">#564</a>)</li> </ul> <p><a href="https://redirect.github.com/sporkmonger/addressable/issues/569">#569</a>: <a href="https://redirect.github.com/sporkmonger/addressable/pull/569">sporkmonger/addressable#569</a> <a href="https://redirect.github.com/sporkmonger/addressable/issues/571">#571</a>: <a href="https://redirect.github.com/sporkmonger/addressable/pull/571">sporkmonger/addressable#571</a> <a href="https://redirect.github.com/sporkmonger/addressable/issues/564">#564</a>: <a href="https://redirect.github.com/sporkmonger/addressable/pull/564">sporkmonger/addressable#564</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5"><code>0d7e9b2</code></a> Fix links for 2.8.9 in CHANGELOG (<a href="https://redirect.github.com/sporkmonger/addressable/issues/573">#573</a>)</li> <li><a href="https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8"><code>e209120</code></a> Update version, gemspec, and CHANGELOG for 2.8.9 (<a href="https://redirect.github.com/sporkmonger/addressable/issues/572">#572</a>)</li> <li><a href="https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28"><code>3875874</code></a> Reduce gem size by excluding test files (<a href="https://redirect.github.com/sporkmonger/addressable/issues/569">#569</a>)</li> <li><a href="https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a"><code>3e57cc6</code></a> CI: back to <code>windows-2022</code> for MRI job</li> <li><a href="https://github.com/sporkmonger/addressable/commit/c4f92fc45a018268c6a204aa0b13017d1e0f49ec"><code>c4f92fc</code></a> CI: skip <code>Ractor</code> test on Windows to avoid job timeout</li> <li><a href="https://github.com/sporkmonger/addressable/commit/6aa115f47b5f2e26e5a1dc04d28a9b5663c39a95"><code>6aa115f</code></a> CI: add public_suffix v7 job</li> <li><a href="https://github.com/sporkmonger/addressable/commit/b860736521cd3b46481db63ed5a3fcc4e1bee1f7"><code>b860736</code></a> CI: drop macos-14, add macos-26</li> <li><a href="https://github.com/sporkmonger/addressable/commit/45dd2d3e581cb6fece8829534a1d14826b27e6b2"><code>45dd2d3</code></a> CI: Use Windows 2025 (<code>windows-latest</code>)</li> <li><a href="https://github.com/sporkmonger/addressable/commit/6b5a7d6588d8e3a9740cb5916a182eda260a95cf"><code>6b5a7d6</code></a> CI: timeouts for all jobs</li> <li><a href="https://github.com/sporkmonger/addressable/commit/5fc1d931e7fdc79d878f240fa4706b89cb01e171"><code>5fc1d93</code></a> No need for bundler as development dependency</li> <li>Additional commits viewable in <a href="https://github.com/sporkmonger/addressable/compare/addressable-2.8.8...addressable-2.8.9">compare view</a></li> </ul> </details> <br /> Updates `aws-sdk-s3` from 1.213.0 to 1.214.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md">aws-sdk-s3's changelog</a>.</em></p> <blockquote> <h2>1.214.0 (2026-03-04)</h2> <ul> <li>Feature - Added <code>#upload_directory</code> and <code>#download_directory</code> to <code>Aws::S3::TransferManager</code> for bulk directory transfers.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/aws/aws-sdk-ruby/commits">compare view</a></li> </ul> </details> <br /> Updates `brakeman` from 8.0.2 to 8.0.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/presidentbeef/brakeman/releases">brakeman's releases</a>.</em></p> <blockquote> <h2>8.0.3</h2> <ul> <li>Add release age option for <code>--ensure-latest</code> (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/1989">#1989</a>)</li> <li>Fix <code>polymorphic_name</code> SQLi false positive (<a href="https://github.com/FFederi">Fredrico Franco</a>)</li> <li>Fix logger behavior when loading config files (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/2009">#2009</a>)</li> <li>Handle application names with module prefixes (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/2011">#2011</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md">brakeman's changelog</a>.</em></p> <blockquote> <h1>8.0.4 - 2026-02-26</h1> <ul> <li>Load 'date' library for <code>--ensure-latest</code></li> </ul> <h1>8.0.3 - 2026-02-26</h1> <ul> <li>Fix <code>polymorphic_name</code> SQLi false positive (Fredrico Franco)</li> <li>Fix logger behavior when loading config files</li> <li>Handle application names with module prefixes</li> <li>Add release age option for <code>--ensure-latest</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/presidentbeef/brakeman/commit/2e55d45a9770ee570005400df074d18e8fdb8c3a"><code>2e55d45</code></a> Bump to 8.0.4</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/d6c6c9a54a9d00a04a8b9431593932260618ecd1"><code>d6c6c9a</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/2016">#2016</a> from presidentbeef/fix-ensure-latest-date</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/56f9324929069b99f0c27a1e90f6c47ddc597edc"><code>56f9324</code></a> Load 'date' for --ensure-latest</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/8b644a67c4057dbf0634bc9c533407fc8666f2a7"><code>8b644a6</code></a> Bump to 8.0.3</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/08e0a188a9f2cce8f44ee4fbe64a9428e7551b5c"><code>08e0a18</code></a> Update CHANGES</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/a29fe448287769d6ff9953beeecc72afc8abe861"><code>a29fe44</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/2014">#2014</a> from FFederi/fix-polymorphic-name-false-positive</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/61150cf13be684b40cc7ee096b01ff1be7e16409"><code>61150cf</code></a> Fix polymorphic_name false positive</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/f65d077f7c0d1bf36e252de0aacd74644a333c94"><code>f65d077</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/2013">#2013</a> from presidentbeef/better_logger_loading_options</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/c5dcda51e2240b7e279f843c0ef333cc9bfb87fd"><code>c5dcda5</code></a> Fix logger behavior when loading config files</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/c1d7ccc10f89410860a65f9e76b39deaea99e8dc"><code>c1d7ccc</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/2012">#2012</a> from presidentbeef/handle_application_config_better</li> <li>Additional commits viewable in <a href="https://github.com/presidentbeef/brakeman/compare/v8.0.2...v8.0.4">compare view</a></li> </ul> </details> <br /> Updates `database_consistency` from 2.1.3 to 3.0.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/djezzzl/database_consistency/blob/master/CHANGELOG.md">database_consistency's changelog</a>.</em></p> <blockquote> <h3>[3.0.0] - 2026/03/02</h3> <ul> <li>Add <code>MissingIndexFindByChecker</code> to detect columns used in <code>find_by</code> calls that lack a database index. Uses Ruby's native Prism parser (Ruby 3.3+) to scan project source files. Requires no additional dependencies and silently skips on older Ruby versions.</li> <li>Add <code>ViewPrimaryKeyChecker</code> to enforce setting <code>primary_key</code> for models pointing to database views.</li> <li>Improve <code>UniqueIndexChecker</code> and <code>MissingUniqueIndexChecker</code> to support partial indexes and uniqueness validators with <code>conditions</code> option.</li> <li>Fix <code>UniqueIndexChecker</code> to skip partial indexes (indexes with a <code>WHERE</code> clause).</li> <li>Fix <code>MissingUniqueIndexChecker</code> to skip uniqueness validators with a <code>conditions</code> option.</li> <li>Fix <code>MissingDependentDestroyChecker</code> to skip polymorphic associations. Thanks <a href="https://github.com/gravitystorm">Andy Allan</a> for reporting this!</li> <li>Fix <code>ForeignKeyCascadeChecker</code> to handle missing primary key (no-primary-key tables) and support composite foreign/primary keys. Thanks <a href="https://github.com/gravitystorm">Andy Allan</a> for reporting this!</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/djezzzl/database_consistency/commit/6b572719002beb10267f4871dcaeb308dfb28e32"><code>6b57271</code></a> Release v3.0.0</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/87267da7658107454da02ee78df230303741bfe8"><code>87267da</code></a> Fix release workflow</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/5bd63f8793ddf8236e52c3750e2c518d3a174cc3"><code>5bd63f8</code></a> Fix release workflow</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/1355887895633e812ea1fdb04274f0b455905d63"><code>1355887</code></a> Add manual release workflow for RubyGems publishing (<a href="https://redirect.github.com/djezzzl/database_consistency/issues/287">#287</a>)</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/d65a02b66967504a54f88bfb6ad448d46598c71b"><code>d65a02b</code></a> Add MissingIndexFindByChecker: detect find_by usage on unindexed columns via ...</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/858e0b493ccb8eeae43dbe70b8b5ec5443d82e16"><code>858e0b4</code></a> Add copilot-setup-steps workflow and Copilot instructions (<a href="https://redirect.github.com/djezzzl/database_consistency/issues/286">#286</a>)</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/153d661f300fab6c528c091c473197acc65ff88b"><code>153d661</code></a> Fix ForeignKeyCascadeChecker: handle missing primary key and support composit...</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/debff3a89a442123490fb05ba798cbf4dbc52719"><code>debff3a</code></a> Fix MissingDependentDestroyChecker crash on polymorphic belongs_to associatio...</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/4fa21223d4efd2caed7615621a93d73132768e58"><code>4fa2122</code></a> Support partial indexes and conditions validators in UniqueIndexChecker and M...</li> <li><a href="https://github.com/djezzzl/database_consistency/commit/def7cba28bb046fd0df003eeae2d3e112d530dac"><code>def7cba</code></a> Add ViewPrimaryKeyChecker to enforce explicit primary_key on view-backed mode...</li> <li>Additional commits viewable in <a href="https://github.com/djezzzl/database_consistency/compare/v2.1.3...v3.0.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> You can view, comment on, or merge this pull request online at: https://github.com/openstreetmap/openstreetmap-website/pull/6861 -- Commit Summary -- * Bump the dependencies group with 4 updates -- File Changes -- M Gemfile.lock (14) -- Patch Links -- https://github.com/openstreetmap/openstreetmap-website/pull/6861.patch https://github.com/openstreetmap/openstreetmap-website/pull/6861.diff -- Reply to this email directly or view it on GitHub: https://github.com/openstreetmap/openstreetmap-website/pull/6861 You are receiving this because you are subscribed to this thread. Message ID: <openstreetmap/openstreetmap-website/pull/[email protected]>
_______________________________________________ rails-dev mailing list [email protected] https://lists.openstreetmap.org/listinfo/rails-dev
