Skip to content

build(deps): bump the bundler group across 1 directory with 8 updates#344

Closed
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/bundler/bundler-2f6c11b557
Closed

build(deps): bump the bundler group across 1 directory with 8 updates#344
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/bundler/bundler-2f6c11b557

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown

Bumps the bundler group with 6 updates in the / directory:

Package From To
haml_lint 0.73.0 0.74.0
rubocop 1.87.0 1.88.0
auth-sanitizer 0.2.1 0.2.2
i18n 1.14.8 1.15.2
net-ssh 7.3.2 7.3.3
oauth2 2.0.22 2.0.24

Updates haml_lint from 0.73.0 to 0.74.0

Release notes

Sourced from haml_lint's releases.

0.74.0

What's Changed

New Contributors

Full Changelog: sds/haml-lint@v0.73.0...v0.74.0

Changelog

Sourced from haml_lint's changelog.

0.74.0

  • Add auto-correction (-a/--auto-correct and -A/--auto-correct-all) to Haml-level linters.
    • Safe corrections (run under both -a and -A): ClassAttributeWithStaticValue, ClassesBeforeIds, EmptyObjectReference, FinalNewline, ImplicitDiv, LeadingCommentSpace, RubyComments, SpaceBeforeScript, SpaceInsideHashAttributes, TagName, TrailingEmptyLines, TrailingWhitespace, and UnnecessaryInterpolation.
    • Unsafe corrections (run only under -A): ConsecutiveComments, EmptyScript, and MultilineScript
  • Keep the file, line, and linter name in the github reporter's log output
  • Fix RuboCop reporting a false Lint/UselessAssignment
  • Fix LineLength not being disabled by haml-lint:disable comments inside filter blocks such as :javascript and :css
  • Add UnescapedHtml linter to flag use of !=/!~/! unescaped HTML output
  • Fix RuboCop lints being reported on the wrong line when the same file is linted more than once
  • Fix Layout/EmptyLineAfterGuardClause false positive for a blank line at the end of a :ruby filter
  • Fix UnnecessaryStringOutput false positives
  • Fix cached path handling in parallelized runs under JRuby
Commits
  • cf30d4f Fix automated release process (#666)
  • 149bf63 Cut version 0.74.0 (#665)
  • 773fc54 Add automated gem release flow (#664)
  • c905b5a Attempt fix JRuby parallel linting (#663)
  • 4da7cfb Fix UnnecessaryStringOutput false positives (#651)
  • e562f9c Fix Layout/EmptyLineAfterGuardClause false positive inside a :ruby filter...
  • f42bc0d Fix RuboCop lints reported on wrong line on repeated runs (#655)
  • 0a913fe Add UnescapedHtml linter (#656)
  • e41f734 Fix LineLength not being disabled inside filter blocks (#658)
  • e156f20 Fix false UselessAssignment for HTML-style (parens) attributes (#659)
  • Additional commits viewable in compare view

Updates rubocop from 1.87.0 to 1.88.0

Release notes

Sourced from rubocop's releases.

RuboCop v1.88.0

New features

  • #15166: Add a new Recursive option to Style/MutableConstant. When enabled, the cop checks and freezes mutable literals nested inside arrays and hashes. The option is disabled by default to preserve existing behavior. ([@​paracycle][])

Bug fixes

  • #15220: Fix a bad autocorrect for Lint/RedundantSplatExpansion when splatting an empty literal (e.g. when *[] or rescue *[]), which expanded to invalid or semantically different code. ([@​bbatsov][])
  • #15221: Fix a bad autocorrect for Lint/RegexpAsCondition when the regexp literal is negated (e.g. if !/foo/), which inverted the condition. ([@​bbatsov][])
  • #15242: Fix a bad autocorrect for Lint/SymbolConversion when the receiver is an interpolated string containing an embedded double quote (e.g. "foo#{bar}\"qux".to_sym), which produced a syntax error. ([@​bbatsov][])
  • #15270: Fix a crash for Style/CombinableLoops when a for loop has an empty body, and stop autocorrecting consecutive for loops whose iteration variables differ (which produced code referencing an undefined variable). ([@​bbatsov][])
  • #15272: Fix a crash for Style/ConstantVisibility when a visibility declaration has a numeric literal argument (e.g. private_constant 42). ([@​bbatsov][])
  • #15215: Fix a false negative for Lint/OrderedMagicComments when an encoding magic comment is preceded by a magic comment other than frozen_string_literal (e.g. shareable_constant_value). ([@​bbatsov][])
  • #15228: Fix a false negative for Lint/RedundantWithIndex when the block takes no arguments (e.g. ary.each_with_index { do_something }). ([@​bbatsov][])
  • #15230: Fix a false negative for Lint/RequireRelativeSelfPath when requiring the current file by name with its extension (e.g. require_relative 'foo.rb') and the file path is absolute. ([@​bbatsov][])
  • #15229: Fix a false negative for Lint/SafeNavigationChain when an ordinary method is chained after a parenthesized safe navigation call (e.g. (x&.foo).bar). ([@​bbatsov][])
  • #15225: Fix a false negative for Lint/SafeNavigationWithEmpty when the receiver of &.empty? is a local variable, instance variable, constant, or other non-method-call expression. ([@​bbatsov][])
  • #15231: Fix a false negative for Lint/SendWithMixinArgument when send/public_send/__send__ is called with no explicit receiver or with a self receiver (e.g. send(:include, Bar)). ([@​bbatsov][])
  • #15248: Fix a false negative for Lint/ToEnumArguments when more positional arguments are passed than the method accepts (e.g. def m(x); to_enum(:m, x, extra); end), which raises ArgumentError when the enumerator is used. ([@​bbatsov][])
  • #15249: Fix a false negative for Lint/UnescapedBracketInRegexp when an unescaped ] is preceded by an escaped backslash (e.g. /abc\\]123/). ([@​bbatsov][])
  • #15267: Fix a false positive for Style/ArrayIntersectWithSingleElement with a splat argument (e.g. array.intersect?([*foo])), which is not a single element and was incorrectly rewritten to array.include?(*foo). ([@​bbatsov][])
  • #15272: Fix a false positive for Style/ColonMethodCall with chained JRuby interop calls (e.g. Java::com::something_method). ([@​bbatsov][])
  • #15271: Fix a false positive for Style/ConditionalAssignment with EnforcedStyle: assign_inside_condition when assigning an unless without an else branch (e.g. x = unless cond; 1; end), which was rewritten to move the assignment inside the unless and changed behavior when the condition was true. ([@​bbatsov][])
  • #14401: Fix a false positive for Layout/BlockAlignment with EnforcedStyleAlignWith: start_of_line when a block is passed as a method argument. ([@​augustocbx][])
  • #15216: Fix a false positive for Lint/RaiseException when raise Exception is used inside a module nested within an allowed implicit namespace (e.g. Gem). ([@​bbatsov][])
  • #15219: Fix a false positive for Lint/RedundantDirGlobSort when sort is given a comparator block or a block-pass argument, which is not redundant with the default sorting. ([@​bbatsov][])
  • #15224: Fix a false positive for Lint/ShadowingOuterLocalVariable when a block argument has the same name as a pattern variable from a different in branch of the same case. ([@​bbatsov][])
  • #15239: Fix a false positive for Lint/SuppressedExceptionInNumberConversion when the numeric constructor already passes exception: false (e.g. Integer(arg, exception: false) rescue nil), which also produced an autocorrect with a duplicate exception: false keyword. ([@​bbatsov][])
  • #15243: Fix a false positive for Lint/TopLevelReturnWithArgument when a return with an argument is inside a numbered-parameter block or an it block. ([@​bbatsov][])
  • #15245: Fix a false positive for Lint/UselessRuby2Keywords when ruby2_keywords in a nested class or module refers to a method of the same name defined in an outer scope. ([@​bbatsov][])
  • #15246: Fix a false positive for Lint/UselessSetterCall when a multiple assignment uses nested destructuring (e.g. (a, b), c = arg, other_arg), which misaligned variables with the right-hand side values. ([@​bbatsov][])
  • #15125: Fix a false positive for Style/ZeroLengthPredicate when File::Stat.new(...).size.zero? is used. ([@​augustocbx][])
  • #15196: Fix --start-server to wait until the server is running before returning, which fixes a flaky --restart-server spec and a race for commands run right after starting the server. ([@​koic][])
  • #15272: Fix Style/Alias not detecting block scope for numbered-parameter and it blocks, which caused a false positive for alias_method and a false negative for alias inside such blocks. ([@​bbatsov][])
  • #15281: Fix an incorrect autocorrect when Style/IfUnlessModifier and Style/Next correct the same conditional. ([@​fynsta][])
  • #15260: Fix an error for Style/FileWrite when a literal or variable is passed to write in the block form. ([@​koic][])
  • #15276: Fix an error for Style/RedundantFormat when the format string is a heredoc with format arguments. ([@​fynsta][])
  • #15270: Fix an incorrect autocorrect for Style/AndOr when an operand is next, break, or yield with an argument (e.g. foo and next 1), which produced invalid Ruby like foo && next 1. ([@​bbatsov][])
  • #15267: Fix an incorrect autocorrect for Style/ArrayFirstLast when arr[0]/arr[-1] is the target of a compound assignment (e.g. arr[0] += 1), which produced arr.first += 1 and raised NoMethodError. ([@​bbatsov][])
  • #15267: Fix an incorrect autocorrect for Style/ArrayIntersect where a negated predicate on a safe-navigation chain (e.g. a&.intersection(b)&.none?) was rewritten to !a&.intersect?(b), flipping the result when the receiver is nil. ([@​bbatsov][])
  • #15273: Fix an incorrect autocorrect for Style/BlockDelimiters that converted a single-line do...end block containing a block-level rescue or ensure to {...}, producing invalid Ruby. ([@​bbatsov][])
  • #15268: Fix an incorrect autocorrect for Style/CaseEquality when the argument is an operator or unary expression (e.g. Array === a + b), which produced mis-parsed code like a + b.is_a?(Array). ([@​bbatsov][])
  • #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison inside a namespace when the class name string is already fully qualified (e.g. bar.class.name == '::Bar'), which produced instance_of?(::::Bar) and was a syntax error. ([@​bbatsov][])
  • #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison when comparing Class itself to a string literal (e.g. var.class == 'Date'), which produced var.instance_of?('Date') and raised TypeError; such comparisons are no longer autocorrected. ([@​bbatsov][])
  • #15274: Fix an incorrect autocorrect for Style/ClassMethodsDefinitions that corrupted a preceding comment containing def <name> and left the method undefined as a class method. ([@​bbatsov][])
  • #15270: Fix an incorrect autocorrect for Style/ComparableClamp when the clamped value is an operator expression (e.g. a + b), which produced mis-parsed code like a + b.clamp(low, high). ([@​bbatsov][])
  • #15267: Fix an incorrect autocorrect for Style/ConcatArrayLiterals with an empty array literal argument (e.g. arr.concat([], [b])), which produced invalid Ruby like arr.push(, b). ([@​bbatsov][])
  • #15274: Fix an incorrect autocorrect for Style/DigChain that duplicated a trailing comment and dropped indentation when the chain was inside a method or block. ([@​bbatsov][])
  • #15288: Fix an incorrect autocorrect for Lint/UselessTimes when a 1.times block takes a single destructured (|(a, b)|) or splat (|*a|) argument, which produced a body referencing an undefined variable. ([@​bbatsov][])
  • #15280: Fix an incorrect autocorrect for Style/ConditionalAssignment with EnforcedStyle: assign_inside_condition and a single-line case. ([@​fynsta][])

... (truncated)

Changelog

Sourced from rubocop's changelog.

1.88.0 (2026-06-16)

New features

  • #15166: Add a new Recursive option to Style/MutableConstant. When enabled, the cop checks and freezes mutable literals nested inside arrays and hashes. The option is disabled by default to preserve existing behavior. ([@​paracycle][])

Bug fixes

  • #15220: Fix a bad autocorrect for Lint/RedundantSplatExpansion when splatting an empty literal (e.g. when *[] or rescue *[]), which expanded to invalid or semantically different code. ([@​bbatsov][])
  • #15221: Fix a bad autocorrect for Lint/RegexpAsCondition when the regexp literal is negated (e.g. if !/foo/), which inverted the condition. ([@​bbatsov][])
  • #15242: Fix a bad autocorrect for Lint/SymbolConversion when the receiver is an interpolated string containing an embedded double quote (e.g. "foo#{bar}\"qux".to_sym), which produced a syntax error. ([@​bbatsov][])
  • #15270: Fix a crash for Style/CombinableLoops when a for loop has an empty body, and stop autocorrecting consecutive for loops whose iteration variables differ (which produced code referencing an undefined variable). ([@​bbatsov][])
  • #15272: Fix a crash for Style/ConstantVisibility when a visibility declaration has a numeric literal argument (e.g. private_constant 42). ([@​bbatsov][])
  • #15215: Fix a false negative for Lint/OrderedMagicComments when an encoding magic comment is preceded by a magic comment other than frozen_string_literal (e.g. shareable_constant_value). ([@​bbatsov][])
  • #15228: Fix a false negative for Lint/RedundantWithIndex when the block takes no arguments (e.g. ary.each_with_index { do_something }). ([@​bbatsov][])
  • #15230: Fix a false negative for Lint/RequireRelativeSelfPath when requiring the current file by name with its extension (e.g. require_relative 'foo.rb') and the file path is absolute. ([@​bbatsov][])
  • #15229: Fix a false negative for Lint/SafeNavigationChain when an ordinary method is chained after a parenthesized safe navigation call (e.g. (x&.foo).bar). ([@​bbatsov][])
  • #15225: Fix a false negative for Lint/SafeNavigationWithEmpty when the receiver of &.empty? is a local variable, instance variable, constant, or other non-method-call expression. ([@​bbatsov][])
  • #15231: Fix a false negative for Lint/SendWithMixinArgument when send/public_send/__send__ is called with no explicit receiver or with a self receiver (e.g. send(:include, Bar)). ([@​bbatsov][])
  • #15248: Fix a false negative for Lint/ToEnumArguments when more positional arguments are passed than the method accepts (e.g. def m(x); to_enum(:m, x, extra); end), which raises ArgumentError when the enumerator is used. ([@​bbatsov][])
  • #15249: Fix a false negative for Lint/UnescapedBracketInRegexp when an unescaped ] is preceded by an escaped backslash (e.g. /abc\\]123/). ([@​bbatsov][])
  • #15267: Fix a false positive for Style/ArrayIntersectWithSingleElement with a splat argument (e.g. array.intersect?([*foo])), which is not a single element and was incorrectly rewritten to array.include?(*foo). ([@​bbatsov][])
  • #15272: Fix a false positive for Style/ColonMethodCall with chained JRuby interop calls (e.g. Java::com::something_method). ([@​bbatsov][])
  • #15271: Fix a false positive for Style/ConditionalAssignment with EnforcedStyle: assign_inside_condition when assigning an unless without an else branch (e.g. x = unless cond; 1; end), which was rewritten to move the assignment inside the unless and changed behavior when the condition was true. ([@​bbatsov][])
  • #14401: Fix a false positive for Layout/BlockAlignment with EnforcedStyleAlignWith: start_of_line when a block is passed as a method argument. ([@​augustocbx][])
  • #15216: Fix a false positive for Lint/RaiseException when raise Exception is used inside a module nested within an allowed implicit namespace (e.g. Gem). ([@​bbatsov][])
  • #15219: Fix a false positive for Lint/RedundantDirGlobSort when sort is given a comparator block or a block-pass argument, which is not redundant with the default sorting. ([@​bbatsov][])
  • #15224: Fix a false positive for Lint/ShadowingOuterLocalVariable when a block argument has the same name as a pattern variable from a different in branch of the same case. ([@​bbatsov][])
  • #15239: Fix a false positive for Lint/SuppressedExceptionInNumberConversion when the numeric constructor already passes exception: false (e.g. Integer(arg, exception: false) rescue nil), which also produced an autocorrect with a duplicate exception: false keyword. ([@​bbatsov][])
  • #15243: Fix a false positive for Lint/TopLevelReturnWithArgument when a return with an argument is inside a numbered-parameter block or an it block. ([@​bbatsov][])
  • #15245: Fix a false positive for Lint/UselessRuby2Keywords when ruby2_keywords in a nested class or module refers to a method of the same name defined in an outer scope. ([@​bbatsov][])
  • #15246: Fix a false positive for Lint/UselessSetterCall when a multiple assignment uses nested destructuring (e.g. (a, b), c = arg, other_arg), which misaligned variables with the right-hand side values. ([@​bbatsov][])
  • #15125: Fix a false positive for Style/ZeroLengthPredicate when File::Stat.new(...).size.zero? is used. ([@​augustocbx][])
  • #15196: Fix --start-server to wait until the server is running before returning, which fixes a flaky --restart-server spec and a race for commands run right after starting the server. ([@​koic][])
  • #15272: Fix Style/Alias not detecting block scope for numbered-parameter and it blocks, which caused a false positive for alias_method and a false negative for alias inside such blocks. ([@​bbatsov][])
  • #15281: Fix an incorrect autocorrect when Style/IfUnlessModifier and Style/Next correct the same conditional. ([@​fynsta][])
  • #15260: Fix an error for Style/FileWrite when a literal or variable is passed to write in the block form. ([@​koic][])
  • #15276: Fix an error for Style/RedundantFormat when the format string is a heredoc with format arguments. ([@​fynsta][])
  • #15270: Fix an incorrect autocorrect for Style/AndOr when an operand is next, break, or yield with an argument (e.g. foo and next 1), which produced invalid Ruby like foo && next 1. ([@​bbatsov][])
  • #15267: Fix an incorrect autocorrect for Style/ArrayFirstLast when arr[0]/arr[-1] is the target of a compound assignment (e.g. arr[0] += 1), which produced arr.first += 1 and raised NoMethodError. ([@​bbatsov][])
  • #15267: Fix an incorrect autocorrect for Style/ArrayIntersect where a negated predicate on a safe-navigation chain (e.g. a&.intersection(b)&.none?) was rewritten to !a&.intersect?(b), flipping the result when the receiver is nil. ([@​bbatsov][])
  • #15273: Fix an incorrect autocorrect for Style/BlockDelimiters that converted a single-line do...end block containing a block-level rescue or ensure to {...}, producing invalid Ruby. ([@​bbatsov][])
  • #15268: Fix an incorrect autocorrect for Style/CaseEquality when the argument is an operator or unary expression (e.g. Array === a + b), which produced mis-parsed code like a + b.is_a?(Array). ([@​bbatsov][])
  • #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison inside a namespace when the class name string is already fully qualified (e.g. bar.class.name == '::Bar'), which produced instance_of?(::::Bar) and was a syntax error. ([@​bbatsov][])
  • #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison when comparing Class itself to a string literal (e.g. var.class == 'Date'), which produced var.instance_of?('Date') and raised TypeError; such comparisons are no longer autocorrected. ([@​bbatsov][])
  • #15274: Fix an incorrect autocorrect for Style/ClassMethodsDefinitions that corrupted a preceding comment containing def <name> and left the method undefined as a class method. ([@​bbatsov][])
  • #15270: Fix an incorrect autocorrect for Style/ComparableClamp when the clamped value is an operator expression (e.g. a + b), which produced mis-parsed code like a + b.clamp(low, high). ([@​bbatsov][])
  • #15267: Fix an incorrect autocorrect for Style/ConcatArrayLiterals with an empty array literal argument (e.g. arr.concat([], [b])), which produced invalid Ruby like arr.push(, b). ([@​bbatsov][])
  • #15274: Fix an incorrect autocorrect for Style/DigChain that duplicated a trailing comment and dropped indentation when the chain was inside a method or block. ([@​bbatsov][])
  • #15288: Fix an incorrect autocorrect for Lint/UselessTimes when a 1.times block takes a single destructured (|(a, b)|) or splat (|*a|) argument, which produced a body referencing an undefined variable. ([@​bbatsov][])

... (truncated)

Commits
  • 37bf5ad Cut 1.88
  • cd0c2e3 Update Changelog
  • b7af64a [Fix #12276] Record pending cops options in the auto-gen-config command
  • bbd7ff2 Add hk integration docs
  • 117e40a Merge pull request #15293 from RedZapdos123/fix-literal-interp-hash-symbol
  • 4d95141 [Fix #15291] Fix hash symbol interpolation
  • 0347d27 Add Recursive option to Style/MutableConstant
  • f0d92b4 Fix incorrect autocorrects for Style/FileWrite with heredocs
  • 32df346 Fix an incorrect autocorrect for Style/Semicolon with heredocs
  • 4c221fb [Fix #15269] Fix a false positive where cop Include patterns matched parent...
  • Additional commits viewable in compare view

Updates auth-sanitizer from 0.2.1 to 0.2.2

Release notes

Sourced from auth-sanitizer's releases.

v0.2.2

0.2.2 - 2026-06-18

  • TAG: v0.2.2
  • COVERAGE: 100.00% -- 145/145 lines in 6 files
  • BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
  • 84.62% documented

Changed

  • Documented the released anonymous_loader gem as the preferred reusable helper for zero-auth-sanitizer-namespace loading.

Fixed

  • Documented the $LOAD_PATH fallback needed by isolated loader consumers when Bundler standalone setup provides auth_sanitizer/loader.rb without a matching Gem.loaded_specs or GEM_PATH entry.

Official Discord 👉️ Live Chat on Discord

Many paths lead to being a sponsor or a backer of this project. Are you on such a path?

OpenCollective Backers OpenCollective Sponsors Sponsor Me on Github Liberapay Goal Progress Donate on PayPal

Buy me a coffee Donate on Polar Donate to my FLOSS efforts at ko-fi.com Donate to my FLOSS efforts using Patreon

Changelog

Sourced from auth-sanitizer's changelog.

[0.2.2] - 2026-06-18

  • TAG: [v0.2.2][0.2.2t]
  • COVERAGE: 100.00% -- 145/145 lines in 6 files
  • BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
  • 84.62% documented

Changed

  • Documented the released anonymous_loader gem as the preferred reusable helper for zero-auth-sanitizer-namespace loading.

Fixed

  • Documented the $LOAD_PATH fallback needed by isolated loader consumers when Bundler standalone setup provides auth_sanitizer/loader.rb without a matching Gem.loaded_specs or GEM_PATH entry.
Commits
  • b43c584 🔖 Prepare release v0.2.2
  • ce05777 📝 Document anonymous_loader usage
  • 29371b1 📝 Document standalone loader fallback
  • bc31e2e 💸 Thanks 🙏 to our new backers 🎒 and subscribers 📜
  • 66d050b 🔒️ Checksums for v0.2.1
  • See full diff in compare view

Updates i18n from 1.14.8 to 1.15.2

Release notes

Sourced from i18n's releases.

v1.15.2

What's Changed

Full Changelog: ruby-i18n/i18n@v1.15.1...v1.15.2

v1.15.1

What's Changed

New Contributors

Full Changelog: ruby-i18n/i18n@v1.15.0...v1.15.1

v1.15.0

What's Changed

New Contributors

Full Changelog: ruby-i18n/i18n@v1.14.8...v1.15.0

Commits

Updates net-ssh from 7.3.2 to 7.3.3

Changelog

Sourced from net-ssh's changelog.

=== 7.3.3

  • Support .pub file as IdentityFile to filter/prioritize agent keys (1Password SSH agent use case) #942
  • Fix cert signing regression when using a .pub companion file without an agent #1006
  • Fix unreadable .pub IdentityFile silently skipped instead of raising #1006
  • Allow multiple UserKnownHostsFile entries (space-separated, matching ssh_config(5)) #979
  • Stop mutating ENV['HOME'] at require time #997
  • Fix ED25519 loader with frozen string literals #995
Commits
  • b991e88 Update CHANGES.txt for 7.3.3
  • e7c4afc bump version
  • 9698668 Fix rubocop offenses introduced by #979 and #951
  • 4be06b0 Merge pull request #1006 from net-ssh/pub-key-identity
  • 81b2e89 Fix rubocop offenses: hash brace spacing and empty block comments
  • 60490df Fix cert signing regression and unreadable .pub file error handling
  • 11243f2 Merge pull request #951 from usiegj00/patch-1
  • 491660f Merge pull request #979 from andrewdotn/main
  • 6f01d90 Merge pull request #995 from G-Rath/patch-1
  • 1aa9ea6 Merge pull request #997 from net-ssh/fix/remove-env-home-mutation
  • Additional commits viewable in compare view

Updates oauth2 from 2.0.22 to 2.0.24

Release notes

Sourced from oauth2's releases.

v2.0.24

2.0.24 - 2026-06-18

  • TAG: v2.0.24
  • COVERAGE: 100.00% -- 558/558 lines in 15 files
  • BRANCH COVERAGE: 97.89% -- 186/190 branches in 15 files
  • 88.35% documented

Changed

  • Raised the anonymous_loader runtime dependency floor to >= 0.1.1.
  • Raised the auth-sanitizer runtime dependency floor to >= 0.2.2 and switched isolated sanitizer loading to the released anonymous_loader gem, including local workspace wiring for the new runtime dependency.

Fixed

  • Fixed isolated auth-sanitizer loading when Bundler standalone setup makes auth_sanitizer/loader.rb available on $LOAD_PATH without adding auth-sanitizer to Gem.loaded_specs or GEM_PATH.

Official Discord 👉️ [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite]

Many paths lead to being a sponsor or a backer of this project. Are you on such a path?

OpenCollective Backers OpenCollective Sponsors Sponsor Me on Github Liberapay Goal Progress Donate on PayPal

Buy me a coffee Donate on Polar Donate to my FLOSS efforts at ko-fi.com Donate to my FLOSS efforts using Patreon

... (truncated)

Changelog

Sourced from oauth2's changelog.

[2.0.24] - 2026-06-18

  • TAG: [v2.0.24][2.0.24t]
  • COVERAGE: 100.00% -- 558/558 lines in 15 files
  • BRANCH COVERAGE: 97.89% -- 186/190 branches in 15 files
  • 88.35% documented

Changed

  • Raised the anonymous_loader runtime dependency floor to >= 0.1.1.
  • Raised the auth-sanitizer runtime dependency floor to >= 0.2.2 and switched isolated sanitizer loading to the released anonymous_loader gem, including local workspace wiring for the new runtime dependency.

Fixed

  • Fixed isolated auth-sanitizer loading when Bundler standalone setup makes auth_sanitizer/loader.rb available on $LOAD_PATH without adding auth-sanitizer to Gem.loaded_specs or GEM_PATH.

[2.0.23] - 2026-06-13

  • TAG: [v2.0.23][2.0.23t]
  • COVERAGE: 100.00% -- 562/562 lines in 15 files
  • BRANCH COVERAGE: 97.89% -- 186/190 branches in 15 files
  • 88.35% documented

Changed

  • Upgraded to snaky_hash v2.0.6 by @​pboling
  • Refreshed generated GHA workflow action SHA pins by @​pboling

Fixed

  • Addressed Reek code-quality checks with targeted cleanup and documented compatibility exclusions by @​pboling
  • Fixed deprecation warning from MultiXML by @​robzolkos
  • Fixed head appraisal dependency conflicts and Ruby 2.4 protocol-relative redirect handling by @​pboling
Commits
  • 4f239dc 🧪 Fix head and old TruffleRuby CI appraisals
  • de0636f 📝 Prune internal changelog entries
  • 2f643a5 🧪 Isolate auth sanitizer subprocess environment
  • 21deed4 📝 Update CHANGELOG.md
  • 844f143 🧪 Disable RubyGems prelude in auth sanitizer load spec
  • 7064cc5 📝 Update CHANGELOG.md
  • e0858bd 🧪 Isolate auth sanitizer load path spec from Bundler
  • 7032b58 🔖 Prepare release v2.0.24
  • bf06b5f 🧩 Regenerate anonymous loader template output
  • f46551c ⬆️ Raise anonymous_loader floor to 0.1.1
  • Additional commits viewable in compare view

Updates snaky_hash from 2.0.5 to 2.0.6

Release notes

Sourced from snaky_hash's releases.

v2.0.6

2.0.6 - 2026-06-11

  • TAG: v2.0.6
  • COVERAGE: 100.00% -- 133/133 lines in 7 files
  • BRANCH COVERAGE: 100.00% -- 38/38 branches in 7 files
  • 92.86% documented

Fixed

  • Restored docs/CNAME so the generated documentation site keeps its custom domain.
  • Removed stale legacy CI workflows and duplicate extracted-stdlib gem declarations from generated Appraisal gemfiles.

Official Discord 👉️ Live Chat on Discord

Many paths lead to being a sponsor or a backer of this project. Are you on such a path?

OpenCollective Backers OpenCollective Sponsors

Bumps the bundler group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [haml_lint](https://github.com/sds/haml-lint) | `0.73.0` | `0.74.0` |
| [rubocop](https://github.com/rubocop/rubocop) | `1.87.0` | `1.88.0` |
| [auth-sanitizer](https://github.com/ruby-oauth/auth-sanitizer) | `0.2.1` | `0.2.2` |
| [i18n](https://github.com/ruby-i18n/i18n) | `1.14.8` | `1.15.2` |
| [net-ssh](https://github.com/net-ssh/net-ssh) | `7.3.2` | `7.3.3` |
| [oauth2](https://github.com/ruby-oauth/oauth2) | `2.0.22` | `2.0.24` |



Updates `haml_lint` from 0.73.0 to 0.74.0
- [Release notes](https://github.com/sds/haml-lint/releases)
- [Changelog](https://github.com/sds/haml-lint/blob/main/CHANGELOG.md)
- [Commits](sds/haml-lint@v0.73.0...v0.74.0)

Updates `rubocop` from 1.87.0 to 1.88.0
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop@v1.87.0...v1.88.0)

Updates `auth-sanitizer` from 0.2.1 to 0.2.2
- [Release notes](https://github.com/ruby-oauth/auth-sanitizer/releases)
- [Changelog](https://github.com/ruby-oauth/auth-sanitizer/blob/main/CHANGELOG.md)
- [Commits](ruby-oauth/auth-sanitizer@v0.2.1...v0.2.2)

Updates `i18n` from 1.14.8 to 1.15.2
- [Release notes](https://github.com/ruby-i18n/i18n/releases)
- [Changelog](https://github.com/ruby-i18n/i18n/blob/master/CHANGELOG.md)
- [Commits](ruby-i18n/i18n@v1.14.8...v1.15.2)

Updates `net-ssh` from 7.3.2 to 7.3.3
- [Changelog](https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt)
- [Commits](net-ssh/net-ssh@v7.3.2...v7.3.3)

Updates `oauth2` from 2.0.22 to 2.0.24
- [Release notes](https://github.com/ruby-oauth/oauth2/releases)
- [Changelog](https://github.com/ruby-oauth/oauth2/blob/main/CHANGELOG.md)
- [Commits](ruby-oauth/oauth2@v2.0.22...v2.0.24)

Updates `snaky_hash` from 2.0.5 to 2.0.6
- [Release notes](https://github.com/ruby-oauth/snaky_hash/releases)
- [Changelog](https://github.com/ruby-oauth/snaky_hash/blob/main/CHANGELOG.md)
- [Commits](ruby-oauth/snaky_hash@v2.0.5...v2.0.6)

Updates `version_gem` from 1.1.11 to 1.1.13
- [Release notes](https://github.com/ruby-oauth/version_gem/releases)
- [Changelog](https://github.com/ruby-oauth/version_gem/blob/main/CHANGELOG.md)
- [Commits](ruby-oauth/version_gem@v1.1.11...v1.1.13)

---
updated-dependencies:
- dependency-name: haml_lint
  dependency-version: 0.74.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: bundler
- dependency-name: rubocop
  dependency-version: 1.88.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: bundler
- dependency-name: auth-sanitizer
  dependency-version: 0.2.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: i18n
  dependency-version: 1.15.2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: bundler
- dependency-name: net-ssh
  dependency-version: 7.3.3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: oauth2
  dependency-version: 2.0.24
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: snaky_hash
  dependency-version: 2.0.6
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: bundler
- dependency-name: version_gem
  dependency-version: 1.1.13
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: bundler
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jun 29, 2026
This is just the result of rendering the content, which is itself
escaped.
@werebus werebus self-assigned this Jun 29, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 6, 2026
@dependabot dependabot Bot deleted the dependabot/bundler/bundler-2f6c11b557 branch July 6, 2026 06:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant