Update minor updated gems

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
aws-sdk-s3 (source, changelog)	'~> 1' -> '~> 1', '>= 1.148.0'
bundler (source, changelog)	'>= 2.2.33' -> '>= 2.5.9'
daemons	'~> 1.1.9' -> '~> 1.4.1'
ffi	'>= 1.9.4' -> '>= 1.16.3'
foreman	'~> 0.87.2' -> '~> 0.88.1'
hipchat	'~> 1.2.0' -> '~> 1.6.0'
json	'~> 2.3' -> '~> 2.7', '>= 2.7.2'
liquid (source)	'~> 5.1' -> '~> 5.5'
listen (changelog)	'~> 3.0.5' -> '~> 3.9.0'
omniauth-google-oauth2	'>= 0.8.0' -> '>= 0.8.2'
rufus-scheduler (changelog)	'~> 3.4' -> '~> 3.9', '>= 3.9.1'
slack-notifier	'~> 1.0.0' -> '~> 1.5.1'
twilio-ruby	'~> 5.62.0' -> '~> 5.77.0'
typhoeus	'~> 1.3.1' -> '~> 1.4.1'

---

Release Notes

aws/aws-sdk-ruby (aws-sdk-s3)

v1.148.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.147.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Omit ContentType plugin when generating presigned url.

v1.146.1

• Issue - Fix bug where thread_count option was not being respected for multipart uploads.

v1.146.0

• Feature - Fix two issues with response root node names.

v1.145.0

• Feature - Documentation updates for Amazon S3.

v1.144.0

• Feature - This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).

v1.143.1

• Issue - Include original part errors in message when aborting multipart upload fails (#​2990).

v1.143.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.142.0

• Feature - Added additional examples for some operations.

v1.141.0

• Feature - Adds support for S3 Express One Zone.

• Feature - Support S3 Express authentication and endpoints. Express session auth can be disabled with the disable_s3_express_session_auth Client option, the AWS_S3_DISABLE_EXPRESS_SESSION_AUTH environment variable, and the s3_disable_express_session_auth shared config option. A custom express_credentials_provider can be configured onto the Client.

v1.140.0

• Feature - Adding new params - Key and Prefix, to S3 API operations for supporting S3 Access Grants. Note - These updates will not change any of the existing S3 API functionality.

• Issue - Fix thread interruptions in multipart download_file, file_uploader and stream_uploader (#​2944).

v1.139.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.138.0

• Feature - Add support for automatic date based partitioning in S3 Server Access Logs.

v1.137.0

• Feature - Removes all default 0 values for numbers and false values for booleans

v1.136.0

• Feature - This release adds a new field COMPLETED to the ReplicationStatus Enum. You can now use this field to validate the replication status of S3 objects using the AWS SDK.

v1.135.0

• Feature - Fix an issue where the SDK can fail to unmarshall response due to NumberFormatException

v1.134.0

• Feature - Updates to endpoint ruleset tests to address Smithy validation issues.

v1.133.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Feature - Add support for progress_callback in Object#download_file and improve multi-threaded performance #(2901).

v1.132.1

• Issue - Add support for disabling checksum validation in Object#download_file (#​2893).

v1.132.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Feature - Add support for verifying checksums in FileDownloader.

v1.131.0

• Feature - Improve performance of S3 clients by simplifying and optimizing endpoint resolution.

v1.130.0

• Feature - S3 Inventory now supports Object Access Control List and Object Owner as available object metadata fields in inventory reports.

• Feature - Allow Object multipart copy API to work when requiring a checksum algorithm.

• Feature - Allow Object multipart copy API to optionally copy parts as they exist on the source object if it has parts, instead of generating new part ranges, when specifying use_source_parts: true.

v1.129.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.128.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.127.0

• Feature - The S3 LISTObjects, ListObjectsV2 and ListObjectVersions API now supports a new optional header x-amz-optional-object-attributes. If header contains RestoreStatus as the value, then S3 will include Glacier restore status i.e. isRestoreInProgress and RestoreExpiryDate in List response.

• Feature - Select minimum expiration time for presigned urls between the expiration time option and the credential expiration time.

v1.126.0

• Feature - This release adds SDK support for request-payer request header and request-charged response header in the "GetBucketAccelerateConfiguration", "ListMultipartUploads", "ListObjects", "ListObjectsV2" and "ListObjectVersions" S3 APIs.

v1.125.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.124.0

• Feature - Integrate double encryption feature to SDKs.

v1.123.2

• Issue - Fix issue when decrypting noncurrent versions of objects when using client side encryption (#​2866).

v1.123.1

• Issue - Fix multipart download_file so that it does not download bytes out of range (#​2859).

v1.123.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

rubygems/rubygems (bundler)

v2.5.9

Compare Source

Bug fixes:

• Fix installing plugins via relative paths #​7571

v2.5.8

Compare Source

Enhancements:

• Allow installing plugins from path via CLI #​6960
• Improve validation of bundle plugin install options #​7529

Bug fixes:

• Fix resolver error message when it runs out of versions due to --strict --patch filtering out everything #​7527
• Fix incorrect bundle update --bundler message #​7516

v2.5.7

Compare Source

Deprecations:

• Deprecate bundle plugin install --local-git= #​7048

Enhancements:

• Ignore commented out keys in config file #​7514
• Fix exclusion of .gemspec file itself in bundle gem generated gemspec file #​7488
• Remove redundant configs from bundle gem generated rubocop configuration #​7478
• Add gitlab: git source shorthand #​7449
• Use full path for instance_eval in Bundler::DSL#eval_gemfile #​7471

Documentation:

• Use https instead of http in documentation links #​7481

v2.5.6

Compare Source

Deprecations:

• Refactor lockfile generation and deprecate Definition#lock with explicit lockfile #​7047

Enhancements:

• Bump required_ruby_version to be used in bundle gem template #​7430

Bug fixes:

• Fix musl platform not being added to the lockfile #​7441
• Let Bundler.with_original_env properly restore env variables originally empty #​7383

v2.5.5

Compare Source

Bug fixes:

• Fix development dependency not being added if introduced by two gemspecs #​7358
• Fix ETag quoting regression in If-None-Match header of compact index request #​7352

Documentation:

• Refer to underscores as underscores #​7364

v2.5.4

Compare Source

Bug fixes:

• Fix resolution when different platform specific gems have different dependencies #​7324

v2.5.3

Compare Source

Bug fixes:

• Fix incorrect error when Gemfile overrides a gemspec development dependency #​7319

v2.5.2

Compare Source

Enhancements:

• Avoid vendored thor gem polluting the global namespace #​7305

Bug fixes:

• Fix bundle update --bundler when latest version does not support current ruby #​7310
• Fix incorrect lockfiles being generated in some situations #​7307
• Fix incorrect re-resolve messages #​7306

v2.5.1

Compare Source

Bug fixes:

• Fix ruby Gemfile DSL with file: parameter no longer working #​7288

Performance:

• Save array allocation for every dependency in Gemfile #​7270

v2.5.0

Compare Source

Breaking changes:

• Drop ruby 2.6 and 2.7 support #​7116
• The :mswin, :mswin64, :mingw, and :x64_mingw Gemfile platform values are soft-deprecated and aliased to :windows #​6391

Features:

• Leverage ruby feature to warn when requiring default gems not included in the bundle that will be turned into bundled gems in the future #​6831
• Introduce bundle config set version feature to choose the version of Bundler that should be used and potentially disable using the lockfile version by setting it to system #​6817

Performance:

• Use match? when regexp match data is unused #​7263
• Avoid some allocations when evaluating ruby Gemfile DSL #​7251
• Reduce array allocations when loading definition #​7199
• Avoid re-compiling static regexp in a loop #​7198
• Reduce allocations when installing gems with bundler #​6977
• Use a shared connection pool for fetching gems #​7079
• Reduce allocations when parsing compact index #​6971

Enhancements:

• Add 3.4 as a supported ruby version in Gemfile DSL #​7264
• Improve install advice when some gems are not found #​7265
• Vendor net-http, net-protocol, resolv, and timeout to reduce conflicts between Gemfile gems and internal dependencies #​6793
• Allow bundle pristine to run in parallel #​6927
• Make bundle lock always touch the lockfile in non-frozen mode #​7220
• Use Minitest::TestTask in a template file for minitest #​7234
• Add missing services to CI detection and make it consistent between RubyGems and Bundler #​7205
• Allow auto-install to install missing git gems #​7197
• Stop remembering cli flags like --jobs or --retry in configuration #​7191
• Simplify remembered flags deprecation message #​7189
• Make sure to require "rubygems" explicitly #​7139
• Handle development dependencies duplicated in gemspec vs Gemfile #​6014
• Make lockfiles generated on macOS include a lock for Linux by default #​5700
• Only add a dummy bundler spec to the metadata source when necessary #​4443

Bug fixes:

• Resolve ruby file: ".ruby-version" relative to containing Gemfile #​7250
• Implement opaque ETag in Compact Index to avoid falling back to old index in servers with different etag implementations #​7122
• Fix bundle install --system deprecation advice #​7190
• Fix invalid platform removal missing adjacent platforms #​7170

Documentation:

• Add missing --prefer-local to Synopsis in bundle-install.1.ronn #​7194
• Update GitHub organization of Standard Ruby in bundle gem output and generated configuration #​6818
• Replace "prior to" with "immediately after" in bundle gem generated README file #​6338

v2.4.22

Compare Source

Enhancements:

• Add Bundler::Plugin.loaded? helper #​6964
• Give better error when previous installation folder is insecure to remove #​7030
• Set file path when eval-ing local specification in EndpointSpecification #​7106
• Git ignore the proper files for the CI service selected for bundle gem #​7101
• Update vendored thor to v1.3.0 #​7078
• Restore using old way of passing Ruby version to resolver #​7066
• Bump vendored net-http-persistent to 4.0.2 #​6787

Bug fixes:

• Fix regression when installing native extensions on universal rubies #​7077
• Only remove bundler plugin gem when it's inside the cache #​7001
• Don't show bug report template when GEM_HOME has no writable bit #​7113
• Fix regression in old git versions #​7114
• Handle empty array at built-in YAML serializer #​7099
• Fix force_ruby_platform: when the lockfile only locks the ruby platform #​6936

v2.4.21

Compare Source

Enhancements:

• Avoid duplicates -rbundler/setup in RUBYOPT with Ruby preview #​7002
• Prevent gem activation in standalone mode #​6925
• Support Ruby's preview version format (Ex: 3.3.0-preview2) in Gemfile #​7016
• Fix bundle install when older revisions of git source #​6980
• Remove usage of Dir.chdir that only execute a subprocess #​6930

Bug fixes:

• Don't delete the release version from pre-release string more than once #​7054
• Make the lock command not be affected by the frozen setting #​7034
• Raise an error when adding a gem incompatible with some locked platform #​7035
• Re-resolve when lockfile is invalid #​7020
• Don't re-resolve with prereleases if unlocked gem has no prereleases #​7021
• Include gemspec in ExtensionTask for native gem tasks #​7015
• Avoid error reporting relative path when validating frozen #​5128
• Fix bundle lock --minor --update <dep> edge case #​6992
• Stop bundler eagerly loading all specs with exts #​6945

Performance:

• Reduce allocations when parsing lockfile #​6976
• Stop allocating the same settings keys repeatedly #​6963

Documentation:

• Improve formatting and global source information in bundle plugin man page #​7045
• Update man page of bundle exec to reflect default true of flag --keep-file-descriptors #​7033

v2.4.20

Compare Source

Enhancements:

• Bump actions/checkout to v4 in bundler gem template #​6966
• Add support for the ruby-3.2.2 format in the ruby file: Gemfile directive, and explicitly test the 3.2.2@​gemset format as rejected #​6954
• Support ruby file: ".tool-versions" in Gemfile #​6898
• Unify LockfileParser loading of SPECS section #​6933
• Only check circular deps when dependency api is available, not on full index sources #​6919

Bug fixes:

• Allow standalone mode to work on a Windows edge case #​6989
• Fix bundle outdated crashing when both ref and branch specified for a git gem in Gemfile #​6959
• Fix bundle update --redownload #​6924
• Fixed malformed bundler version in lockfile making Bundler crash #​6920
• Fix standalone install crashing when using legacy gemfiles with multiple global sources #​6918
• Resolve ruby version file relative to bundle root #​6892

Performance:

• Lazily construct fetcher debug messages #​6973
• Avoid allocating empty hashes in Index #​6962
• Improve Bundler::Index efficiency by removing unnecessary creation and dups #​6931
• (Further) Improve Bundler::Settings#[] performance and memory usage #​6923
• Don't use full indexes unnecessarily on legacy Gemfiles #​6916
• Improve memory usage in Bundler::Settings, and thus improve boot time #​6884

v2.4.19

Compare Source

Enhancements:

• Add file option to ruby method in Gemfile #​6876
• Show better error when PAT can't authenticate to a private server #​6871
• Don't fallback to old dependency API when bad credentials are configured #​6869

Bug fixes:

• Fix git source conservativeness #​6850

Documentation:

• Clarify that bundle info takes a gem name #​6875

v2.4.18

Compare Source

Security:

• Merge URI-0.12.2 for Bundler #​6779

Enhancements:

• Update Magnus version in Rust extension gem template #​6843

Documentation:

• Update bundle-outdated(1) man to use table output #​6833

v2.4.17

Compare Source

Enhancements:

• Avoid printing "Using ..." messages when version has not changed #​6804

Bug fixes:

• Fix bundler/setup unintendedly writing to the filesystem #​6814

v2.4.16

Compare Source

Bug fixes:

• Exclude Bundler from missing locked dependencies check #​6792
• Fix another incorrect removal of "ruby" platform from lockfile when changing path sources #​6784
• Fix git source lockfile instability #​6786

Documentation:

• gemfile.5: Code format the default glob to escape Markdown #​6790

v2.4.15

Compare Source

Enhancements:

• Improve edge case error message #​6733

Bug fixes:

• Fix bundle lock --update --bundler #​6213

v2.4.14

Compare Source

Enhancements:

• Stop publishing Gemfile in default gem template #​6723
• Avoid infinite loops when hitting resolution bugs #​6722
• Make LockfileParser usable with just a lockfile #​6694
• Always rely on $LOAD_PATH when jumping from exe/ to lib/ #​6702
• Make frozen setting take precedence over deployment setting #​6685
• Show an error when trying to update bundler in frozen mode #​6684

Bug fixes:

• Fix deployment vs path precedence #​6703
• Fix inline mode with multiple sources #​6699

v2.4.13

Compare Source

Bug fixes:

• Fix unexpected fallbacks to full index by adding FalseClass and Time to the SafeMarshal list #​6655

Documentation:

• Fix broken hyperlinks in bundle cache documentation #​6606

v2.4.12

Compare Source

Enhancements:

• Remove reference to pry gem from generated bin/console file #​6515

v2.4.11

Compare Source

Security:

• Use URI-0.12.1 (safe against CVE-2023-28755 ReDoS vulnerability) #​6558

Enhancements:

• Remove one fallback to full indexes on big gemfiles #​6578
• Generate native gems with -fvisibility=hidden #​6541

Bug fixes:

• Fix resolver hangs when dealing with an incomplete lockfile #​6552
• Fix prereleases not being considered by gem version promoter when there's no lockfile #​6537

v2.4.10

Compare Source

Bug fixes:

• Fix some unnecessary top level dependency downgrades #​6535
• Fix incorrect ruby platform removal from lockfile when adding Gemfile dependencies #​6540
• Fix installing plugins in frozen mode #​6543
• Restore "enumerability" of SpecSet #​6532

v2.4.9

Compare Source

Security:

• Don't recommend --full-index on errors #​6493

Enhancements:

• Fix duplicated specs in some error messages #​6475
• When running bundle lock --update <name>, checkout locked revision of unrelated git sources directly #​6459
• Avoid expiring git sources when unnecessary #​6458
• Use RbSys::ExtensionTask when creating new rust gems #​6352
• Don't ignore pre-releases when there's only one candidate #​6441

Bug fixes:

• Fix incorrect removal of ruby platform when auto-healing corrupted lockfiles #​6495
• Don't consider platform specific candidates when force_ruby_platform set #​6442
• Better deal with circular dependencies #​6330

Documentation:

• Add debugging docs #​6387
• Document our current release policy #​6450

v2.4.8

Compare Source

Security:

• Safe load all marshaled data #​6384

Enhancements:

• Better suggestion when bundler/setup fails due to missing gems and Gemfile is not the default #​6428
• Simplify the gem package file filter in the gemspec template #​6344
• Auto-heal corrupted Gemfile.lock with no specs #​6423
• Auto-heal on corrupted lockfile with missing deps #​6400
• Give a better message when Gemfile branch does not exist #​6383

Bug fixes:

• Respect --no-install option for git: sources #​6088
• Fix gems.rb lockfile for bundler version lookup in template #​6413

Documentation:

• Switch supporting explanations to all Ruby Central #​6419

v2.4.7

Compare Source

Enhancements:

• Add --gemfile flag to bundle init to configure gemfile name to generate #​6046
• Improve solve failure explanations by using better wording #​6366
• Restore better error message when locked ref does not exist #​6356
• Avoid crashing when installing from a corrupted lockfile #​6355
• Improve wording of unmet dependencies warning #​6357
• Add Ruby 3.2 and 3.3 platforms to Gemfile DSL #​6346

Bug fixes:

• Fix crash in pub grub involving empty ranges #​6365
• Make gemspec file generated by bundle gem properly exclude itself from packaged gem #​6339
• Preserve relative path sources in standalone setup #​6327

v2.4.6

Compare Source

Enhancements:

• Don't warn on bundle binstubs --standalone --all #​6312

Bug fixes:

• Don't undo require decorations made by other gems #​6308
• Fix bundler/inline not properly installing gems with extensions when used more than once #​6306
• Fix bundler/inline not skipping installation when gems already there, when used more than once #​6305

v2.4.5

Compare Source

Bug fixes:

• Fix bundler/inline not resolving properly if gems not preinstalled #​6282
• Fix packages for external platforms being introduced in lockfile when Bundler retries resolution #​6285

Documentation:

• Update bundle-exec man page to not use deprecated Bundler.with_clean_env #​6284

v2.4.4

Compare Source

Bug fixes:

• Fix platform specific gems removed from the lockfile #​6266
• Properly handle incompatibilities on platform specific gems #​6270
• Optimistically exclude prereleases from initial resolution #​6246
• Fix another case of not properly falling back to ruby variant when materializing #​6261
• Skip setting BUNDLER_SETUP on Ruby 2.6 #​6252
• Let resolver deal with legacy gems with equivalent version and different dependencies #​6219

v2.4.3

Compare Source

Enhancements:

• Enhance bundle open command to allow opening subdir/file of gem #​6146

Bug fixes:

• Fix pointing GitHub sources to PRs #​6241
• Fix version ranges incorrectly handling platforms #​6240
• Cleanup unnecessary gems when removing lockfile platforms #​6234
• When auto-removing RUBY platform don't add specific platform if not needed #​6233
• Fallback to selecting installable candidates if possible when materializing specs #​6225

Documentation:

• Fix several typos #​6224

v2.4.2

Compare Source

Enhancements:

• Add Bundler::Plugin.loaded? helper #​6964
• Give better error when previous installation folder is insecure to remove #​7030
• Set file path when eval-ing local specification in EndpointSpecification #​7106
• Git ignore the proper files for the CI service selected for bundle gem #​7101
• Update vendored thor to v1.3.0 #​7078
• Restore using old way of passing Ruby version to resolver #​7066
• Bump vendored net-http-persistent to 4.0.2 #​6787

Bug fixes:

• Fix regression when installing native extensions on universal rubies #​7077
• Only remove bundler plugin gem when it's inside the cache #​7001
• Don't show bug report template when GEM_HOME has no writable bit #​7113
• Fix regression in old git versions #​7114
• Handle empty array at built-in YAML serializer #​7099
• Fix force_ruby_platform: when the lockfile only locks the ruby platform #​6936

v2.4.1

Compare Source

Enhancements:

• Add file option to ruby method in Gemfile #​6876
• Show better error when PAT can't authenticate to a private server #​6871
• Don't fallback to old dependency API when bad credentials are configured #​6869

Bug fixes:

• Fix git source conservativeness #​6850

Documentation:

• Clarify that bundle info takes a gem name #​6875

v2.4.0

Compare Source

Security:

• In README generated by bundle gem, do not fill rubygems.org install commands with the gem name automatically #​6093
• Use safe Marshal deserialization for dependency API response #​6141

Breaking changes:

• Remove Travis CI from gem skeleton #​6150
• Drop support for Ruby 2.3, 2.4, 2.5 and RubyGems 2.5, 2.6, 2.7 #​6107
• Completely remove "auto-sudo" feature #​5888

Deprecations:

• Turn --ext option of bundle gem into string. Deprecate usage without explicit value #​6144

Features:

• Add --ext=rust support to bundle gem for creating simple gems with Rust extensions #​6149
• Migrate our resolver engine to PubGrub #​5960

Performance:

• Make cloning git repos faster #​4475

Enhancements:

• Add bundle lock --update --bundler #​6134
• Support for pre flag in bundle update/bundle lock #​5258
• Improve error message when changing Gemfile to a mistyped git ref #​6130
• Remove special handling of some LoadError and NoMethodError #​6115

Bug fixes:

• Don't unlock dependencies of a gemspec when its version changes #​6184
• Fix platform specific version for libv8-node and other allowlisted gems not being chosen in Truffleruby #​6169
• Fix bundle outdated with both --groups and --parseable flags #​6148
• Auto-heal lockfile when it's missing specs #​6132
• Fix unintentional downgrades when gemspec DSL is used #​6131
• Fix display of previous gem version when previously downloaded already #​6110
• Fix hang when a lockfile gem does not resolve on the current platform #​6070

Documentation:

• Improve Bundler setup docs for development #​6154
• Fx link in bundle-platform man page #​6071

v2.3.27

Compare Source

Bug fixes

• Provide fix for bundler Gemfile resolving regression. Pull request #​6717
  by Hiroshi SHIBATA.

v2.3.26

Compare Source

Enhancements:

• Map 'universal' to the real arch in Bundler for prebuilt gem selection #​5978

Documentation:

• Fix '--force' option documentation of 'bundle clean' #​6050

v2.3.25

Compare Source

Bug fixes:

• Properly sort specs when materializing #​6015
• Fix bad unfreeze recommendation #​6013

Documentation:

• Bring docs for gemfile(5) manpage up to date #​6007
• Fix github DSL docs to mention they use https protocol over git under the hood [#&Configuration Refactor (WIP) #8

---

Configuration

📅 Schedule: Branch creation - "after 9am and before 1pm on Saturday" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[knu]

I'll let my instance sleep on this.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.