Skip to content

Comments

Bump sqlite3 from 2.8.0 to 2.9.0#2386

Merged
flavorjones merged 1 commit intomainfrom
dependabot/bundler/sqlite3-2.9.0
Feb 23, 2026
Merged

Bump sqlite3 from 2.8.0 to 2.9.0#2386
flavorjones merged 1 commit intomainfrom
dependabot/bundler/sqlite3-2.9.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 16, 2026
edited
Loading

Bumps sqlite3 from 2.8.0 to 2.9.0.

Release notes

Sourced from sqlite3's releases.

2.9.0 / 2025-12-27

Ruby

Added

  • Introduce Statement#named_params to introspect on a parameterized SQL statement. #627 #642 @​captn3m0

Improved

cfe1e0216f46d7483839719bf827129151e6c680317b99d7b8fc1597a3e13473  sqlite3-2.9.0-aarch64-linux-gnu.gem
56a35cb2d70779afc2ac191baf2c2148242285ecfed72f9b021218c5c4917913  sqlite3-2.9.0-aarch64-linux-musl.gem
a19a21504b0d7c8c825fbbf37b358ae316b6bd0d0134c619874060b2eef05435  sqlite3-2.9.0-arm-linux-gnu.gem
fca5b26197c70e3363115d3faaea34d7b2ad9c7f5fa8d8312e31b64e7556ee07  sqlite3-2.9.0-arm-linux-musl.gem
a917bd9b84285766ff3300b7d79cd583f5a067594c8c1263e6441618c04a6ed3  sqlite3-2.9.0-arm64-darwin.gem
677333ebf8f496f7ffe89bf1e5f8c5331ffe83249228cb262cd896ce8d383da6  sqlite3-2.9.0-x64-mingw-ucrt.gem
47317ba230f6c2c361981aa5fc1bf9de1b99727317171393ba90abab092c5b5f  sqlite3-2.9.0-x86-linux-gnu.gem
b627f3a2ca59aaaa5e10b8666cdbd7122469b49afa4bd895133cecb7b5c1368d  sqlite3-2.9.0-x86-linux-musl.gem
59fe51baa3cb33c36d27ce78b4ed9360cd33ccca09498c2ae63850c97c0a6026  sqlite3-2.9.0-x86_64-darwin.gem
72fff9bd750070ba3af695511ba5f0e0a2d8a9206f84869640b3e99dfaf3d5a5  sqlite3-2.9.0-x86_64-linux-gnu.gem
ef716ba7a66d7deb1ccc402ac3a6d7343da17fac862793b7f0be3d2917253c90  sqlite3-2.9.0-x86_64-linux-musl.gem
ece9c00b32ec5f550d3a4a35c41ea8d738563589f090b9dfd0d510b7ae5f296c  sqlite3-2.9.0.gem

New Contributors

Full Changelog: sparklemotion/sqlite3-ruby@v2.8.1...v2.9.0

2.8.1 / 2025-11-29

  • Vendored sqlite is updated to v3.51.1 (from v3.51.0). #659 @​flavorjones
  • Precompiled native gems are built with rake-compiler-dock v1.10.0 (previously v1.9.1).
9bce166d3e3595a42fc92c28d986ea11d499b55be8bd1cd491be04af30029543  sqlite3-2.8.1-aarch64-linux-gnu.gem
34912f6acf3e9c43c7998c6f99ba3146708e654cf9716b2983e260315cdeed72  sqlite3-2.8.1-aarch64-linux-musl.gem
</tr></table>

... (truncated)

Changelog

Sourced from sqlite3's changelog.

2.9.0 / 2025-12-27

Ruby

Added

  • Introduce Statement#named_params to introspect on a parameterized SQL statement. #627 #642 @​captn3m0

Improved

2.8.1 / 2025-11-29

  • Vendored sqlite is updated to v3.51.1 (from v3.51.0). #659 @​flavorjones
  • Precompiled native gems are built with rake-compiler-dock v1.10.0 (previously v1.9.1).
Commits
  • b9029a6 version bump to v2.9.0
  • f26cb7a Merge pull request #673 from sparklemotion/flavorjones/ruby-4-native-support
  • d479c81 ci: temporarily pin to setup-ruby with windows ruby 4
  • 40cdd3c dep: add native gem support for Ruby 4.0, drop Ruby 3.1 support
  • 9789b37 Merge pull request #674 from sparklemotion/flavorjones/ci-arm-runners
  • e67a33f ci: macos-13 is no longer available
  • 805f3e3 ci: use arm64 runners to speed things up
  • 1d701bc Merge pull request #671 from houyuanjie/main
  • 58d9a0f Fix the inconsistent names in SQLite3::Statement#memused RDoc call-seq
  • 3264d47 dep: Update actions{upload,download}-artifact (#660)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jan 16, 2026
@dependabot dependabot bot force-pushed the dependabot/bundler/sqlite3-2.9.0 branch from 5686a5b to a909101 Compare February 12, 2026 16:08
@flavorjones
Copy link
Member

flavorjones commented Feb 23, 2026

Upgrade Analysis: sqlite3 v2.8.0 → v2.9.0

26 commits analyzed | 20 no impact | 5 analyzed, no app impact | 1 requires awareness (no action needed)

Commits Requiring Mitigation

40cdd3c4: Drop Ruby 3.1 support, add Ruby 4.0 native gem support

Impact: definite impact
Matched in:

  • .ruby-version:13.4.7
  • Gemfile:20gem "sqlite3", ">= 2.0"
  • Dockerfile:11ARG RUBY_VERSION=3.4.7
  • saas/Dockerfile:2ARG RUBY_VERSION=3.4.7

Mitigation:
Fizzy is on Ruby 3.4.7, which exceeds the new minimum of Ruby 3.2. No action required. This is noted for awareness only — if the app were ever rolled back to Ruby 3.1, sqlite3 >= 2.9.0 would not be compatible.

Analyzed — No App Impact

Commit Summary Impact Level
e26be38c New Statement#named_params method for SQL parameter introspection unlikely impact
ad86ad7d named_params filters out numeric placeholder parameters likely impact
2abcde4a named_params includes all named params (:, $, @ prefixed) likely impact
d2aae384 Version bump to v2.8.1 (vendored sqlite updated to v3.51.1) unlikely impact
b9029a69 Version bump to v2.9.0 likely impact

No Impact (Skipped)

20 commits assessed as "no impact" during recon (CI config, merge commits, build deps, docs, test framework updates).

Verdict: Safe to merge. The only notable change (Ruby 3.1 support dropped) doesn't affect fizzy since we're on Ruby 3.4.7. The new Statement#named_params API and vendored sqlite3 update are transparent — fizzy uses ActiveRecord exclusively and doesn't call sqlite3 gem APIs directly.

@dependabot @flavorjones
Bump sqlite3 from 2.8.0 to 2.9.0
35dccbf 
Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases)
- [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/sqlite3-ruby@v2.8.0...v2.9.0)

---
updated-dependencies:
- dependency-name: sqlite3
  dependency-version: 2.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@flavorjones flavorjones force-pushed the dependabot/bundler/sqlite3-2.9.0 branch from a909101 to 35dccbf Compare February 23, 2026 23:40
@flavorjones flavorjones merged commit b0b14ea into main Feb 23, 2026
12 checks passed
@flavorjones flavorjones deleted the dependabot/bundler/sqlite3-2.9.0 branch February 23, 2026 23:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@flavorjones