Bump ransack from 1.2.3 to 1.8.10

[dependabot-preview]

Bumps ransack from 1.2.3 to 1.8.10.

Release notes

Sourced from ransack's releases.

Release 1.8.8

• Fix multiple database support PR #893 Thank you @yujideveloper

• Updated Dutch translations PR #887 Thank you @robinvdijk

• Fixed no method error 'asc' for Rails 4.2 PR #885 Thank you @roman-franko

Release 1.8.7

• Lock pg gem at 0.21 to support older Rails releases, @seanfcarroll
• Adds Rails 5.2 support. Thanks @varyonic. Lots of people waiting for this one!
• Warnings cleanups and wildcard escaping. Thank you @amatsuda

Release 1.8.6

This release includes these PR's

activerecord-hackery/ransack#858

activerecord-hackery/ransack#820

Thank you @seanlinsley for the work on reducing Ransack's memory footprint.

Release 1.8.5

Thank you to the contributers to this release.

• Turkish translations activerecord-hackery/ransack#835 @sadikay

Cleanup release

Fixed

• Add / cleanup README
• tests cleanup
• Allow Active Record Ransack aliases with the same name on different models activerecord-hackery/ransack#717
• Use class attributes properly so that inheritance is respected
• use ActiveSupport.on_load to hook into Active Record
• Add custom_arrows config functionality

Thanks

@garettarrowood, @Paxa, @jonatack, @laserlemon, @y-yagi, @jspizziri, @seanfcarroll, @fakefarm, @aspirewit, @mataki

Ransack 1.8.2

Fixed

• Fix empty attribute_fields regression in advanced search mode introduced by 235eae3. Closes #701. Commit 2839acf.

... (truncated)

Changelog

Sourced from ransack's changelog.

Change Log

• Fix for ActiveRecord 5.2.4 (note security fix in 5.2.4.2 for ActiveView's escape_javascript CVE-2020-5267 for all earlier versions)

2.3.2 - 2020-01-11

• Breakfix to bump Polyamorous

2.3.1 - 2020-01-11

• Drop support for Active Record 5.0, 5.1, and 5.2.0. PR #1073

• Drop support for rubies under 2.3. PR #1070

  ... and others

2.3.0 - 2019-08-18

• Arabic translations PR 979

• Rails 6 PR 1027 vrodokanakis

• Make polyamorous a separate gem PR 1002

• Catalan translations PR1007 roslavych

• Don't escape period characters with wildcard searches in mysql2 PR 1013 daflip

• Farsi translations PR 1030

• Finnish translations PR 1049

• Fix wrong table alias when using nested join. for ActiveRecord >= 5.2 PR 374

  hiichan

Version 2.1.1 - 2018-12-05

• Add arabic translation activerecord-hackery/ransack#979

• Deprecate #search PR 975

... (truncated)

Commits

• 08b5ab4 Merge pull request #1003 from gregmolnar/1-8-stable
• f28690f release 1.8.10
• 7f2ba3b set Active Record dependency to < 5.2
• 35da74c remove 5.2 from travis
• 21c1eed release 1.8.9
• a5cd95a lock Active Record compatibility at <= 5.1.1
• 1d1c64b Merge pull request #922 from alpaca-tc/support-form-with
• 0031c90 Merge pull request #927 from gregmolnar/polyamorous
• d0805ac absorb polyamorous
• 0fe5eac Maintainer wanted
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[luisramos0]

I cant remember why I choose to upgrade to 1.2.3 only, probably because of the version used in spree or maybe just the first version that worked with rails 4.1 🙈
The build looks good so maybe we can just do this.

Same tests as in #5610

[sauloperez]

This upgrade is opening the gates to a whole brand new world!

[filipefurtad0]

Hey @luisramos0 and @sauloperez,

The build is green - staging in FR worked well. Did a brief check on the app, all looks good as before.
Moving to ready to go.

[luisramos0]

Hi Filipe, I am sorry, my link above on "Same tests as in #5610" is wrong!

I should have been more clear and use the correct PR number.

To test this PR we need to run the same manual tests we have run on PR #5605

[luisramos0]

Seems this is still in FR staging, re-adding the label in case you want to have an extra look.

[filipefurtad0]

Thanks @luisramos0 - no worries! I will check it tomorrow during the (european) morning. Should you or anyone need the staging server in the meantime, please feel free to use it.
Thanks again!

[filipefurtad0]

Hi @luisramos0 ,

I had a second look at this, and manually tested the filters and queries on search pages in Products and Orders:

Products

• producer
• category
• import date
• quick search

Orders

• date range
• invoice nr.
• first and surname
• (un)ticking "Show only complete orders"
• shipping methods
• order cycles
• distributors
• status
• email

It all looks good, but I did run into this situation:

It looks like the Clear Filters button does not remove the previous settings - this is a known bug #5592. But I think it can really lead to misleading search results, if one adds other options on top, and performs a search. Anyway, this is not introduced by ransack upgrade so -> ready to go! 👍