Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump addressable from 2.7.0 to 2.8.0 in /IntegrationTests/CocoapodsIntegration #647

Merged
merged 1 commit into from
Jul 13, 2021
Merged

Bump addressable from 2.7.0 to 2.8.0 in /IntegrationTests/CocoapodsIntegration #647

merged 1 commit into from
Jul 13, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 13, 2021
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps addressable from 2.7.0 to 2.8.0.

Changelog

Sourced from addressable's changelog.

Addressable 2.8.0

  • fixes ReDoS vulnerability in Addressable::Template#match
  • no longer replaces + with spaces in queries for non-http(s) schemes
  • fixed encoding ipv6 literals
  • the :compacted flag for normalized_query now dedupes parameters
  • fix broken escape_component alias
  • dropping support for Ruby 2.0 and 2.1
  • adding Ruby 3.0 compatibility for development tasks
  • drop support for rack-mount and remove Addressable::Template#generate
  • performance improvements
  • switch CI/CD to GitHub Actions
Commits
  • 6469a23 Updating gemspec again
  • 2433638 Merge branch 'main' of github.com:sporkmonger/addressable into main
  • e9c76b8 Merge pull request #378 from ashmaroli/flat-map
  • 56c5cf7 Update the gemspec
  • c1fed1c Require a non-vulnerable rake
  • 0d8a312 Adding note about ReDoS vulnerability
  • 89c7613 Merge branch 'template-regexp' into main
  • cf8884f Note about alias fix
  • bb03f71 Merge pull request #371 from charleystran/add_missing_encode_component_doc_entry
  • 6d1d809 Adding note about :compacted normalization
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump addressable in /IntegrationTests/CocoapodsIntegration
8135efa 
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/sporkmonger/addressable/releases)
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md)
- [Commits](sporkmonger/addressable@addressable-2.7.0...addressable-2.8.0)

---
updated-dependencies:
- dependency-name: addressable
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the pr:dependencies Changes on external dependencies label Jul 13, 2021
@aboedo aboedo merged commit 3e0d200 into main Jul 13, 2021
@aboedo aboedo deleted the dependabot/bundler/IntegrationTests/CocoapodsIntegration/addressable-2.8.0 branch July 13, 2021 19:35
aboedo added a commit that referenced this pull request Jul 21, 2021
@aboedo @taquitos
@CoreyRab @vegaro @dependabot @revenuecat-ops
Swift migration: merge changes from main (#665)
b760f2a 
* Create CODE_OF_CONDUCT.md (#589)

Resolves #588

* Update issue templates (#537)

* Update issue templates

Looks like GitHub wants this named differently 🤷‍♂️

* Delete migration_task.md

* Update custom.md

* Update README.md (#636)

Just removing the outdated image on the readme

* ETags support (#509)

* identity v3: public-facing changes (#453)

* re-added the public-facing changes for identity v3

* updated nullability for errors in login

* temporarily removed version from PurchasesCoreSwift in Purchases.podspec

* updated sample app to use identity v3

* improved copy in RCPurchases.h

* Integration tests: Identity v3 test cases (#506)

* added extra test case for storekit tests

* added more test cases

* added a few more test cases

* slight cleanup

* added another, particularly gnarly test case

* updated test case name

* added another test case

* one more test case

* refactors and cleanups, made chained calls more reliable for one test case

* fixed name, added debug information to appUserIDs

* fixed issue with test clearing transactions when it shouldn't

* formatting

* code cleanup

* update call to replace api key and proxy url to catch issues if proxy url is empty

* updated syntax since lanes are executed in a block

* updated xcode and simulator versions for storekitTests

* updated syntax for setting log levels

* fixed fastlane changes that broke replace_in for storekit_tests

* update fastlane

* improvements from PR comments

* restricted storekit_tests to release tags and branches

* removed signing for storekittest app since it only runs in simulator

* removed storekitTestCertificate.cer since it's not needed, re-added tests just in case

* restricted storekit_tests to release branches and tags again now that they passed

* Bump addressable in /IntegrationTests/CocoapodsIntegration (#647)

Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/sporkmonger/addressable/releases)
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md)
- [Commits](sporkmonger/addressable@addressable-2.7.0...addressable-2.8.0)

---
updated-dependencies:
- dependency-name: addressable
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* remove unused typedef to fix build warning (#649)

* Release: 3.12.0 (#648)

* looks like in some rebase createAlias got un-deprecated, re-deprecated it

* updated changelog and version number to 3.12.0

* added missing PR for identity v3 in changelog

* added install swiflint step to more ci jobs

* fix typo in circleci config.yml

* updated the name of the swiftlint step in xcode so it's more obvious at first glance when it fails

* fixed an issue where a few targets wouldn't compile correctly when doing carthage archive because they were pointing to unreleased versions of Purchases.

* re-added the old carthage script for archives

* added `vendor` folder to excluded directories for swiftlint

* Preparing for next version (#656)

Co-authored-by: Andy Boedo <andresboedo@gmail.com>

* added swiftlint installation to all places that were missing it (#657)

* Release: 3.12.1 (#659)

* renamed eTagInResponse -> maybeEtagInResponse to resolve conflict in some versions of Xcode

* updated version number to 3.12.1 and changelog

* added `scan_derived_data` to excluded directories for swiftlint

* Preparing for next version (#661)

Co-authored-by: Distiller <distiller@static.38.39.178.68.cyberlynk.net>

* Fix: Calling `setDebugLogsEnabled(false)` enables debug logs when it should not (#663)

* fixed a bug where setting debugLogsEnabled = false would still set them to true

* cleanup: replaced if / else with ternary operator

* reverted changes in SystemInfo initialization

* format fixes

* removed rchttpRequest

* updated call in `buildTvWatchAndMacOS`: install-gems -> install-dependencies

* undo accidental whitespace

* deleted empty RCSystemInfo.m file

Co-authored-by: Joshua Liebowitz <taquitos@users.noreply.github.com>
Co-authored-by: Corey Rabazinski <6013553+CoreyRab@users.noreply.github.com>
Co-authored-by: Cesar de la Vega <cesarvegaro@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: revenuecat-ops <60164957+revenuecat-ops@users.noreply.github.com>
Co-authored-by: Distiller <distiller@static.38.39.178.68.cyberlynk.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aboedo aboedo aboedo approved these changes

Assignees
No one assigned
Labels
pr:dependencies Changes on external dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aboedo