Skip to content

chore(deps): bump solid_queue_monitor from 1.3.0 to 2.1.0#683

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/solid_queue_monitor-2.1.0
Open

chore(deps): bump solid_queue_monitor from 1.3.0 to 2.1.0#683
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/solid_queue_monitor-2.1.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 14, 2026

Bumps solid_queue_monitor from 1.3.0 to 2.1.0.

Release notes

Sourced from solid_queue_monitor's releases.

v2.1.0 — Custom Authentication

Highlights

Solid Queue Monitor can now plug into your host app's existing auth chain (Devise, Pundit, OmniAuth, custom sessions) instead of being limited to HTTP Basic. Set SolidQueueMonitor.base_controller_class = "AdminController" in an initializer and every before_action, rescue_from, layout, and current_user helper cascades into the dashboard. Default behaviour is byte-identical to v2.0.0 — both changes are opt-in.

Added

  • SolidQueueMonitor.base_controller_class config option. Set it to the name of a host-app controller (e.g. 'AdminController') and the engine's ApplicationController will inherit from that class, so every before_action, rescue_from, layout, and current_user helper cascades into the dashboard. This unblocks integration with Devise, Pundit, OmniAuth, and custom session middleware without monkey-patching. Defaults to 'ActionController::Base'; behaviour is unchanged when not set.
  • README "Custom Authentication" section documenting the integration pattern with minimal and role-gated examples.

Changed

  • The activity chart's x-axis labels and bucket boundaries now consistently use the host application's Time.zone instead of UTC. No new config knob — set config.time_zone in config/application.rb as usual. Tests now pin this behaviour in America/Los_Angeles.

Migration

bundle update solid_queue_monitor is sufficient. The default behaviour matches v2.0.0 exactly; both features are opt-in (the chart automatically picks up your existing Time.zone).

Full Changelog: vishaltps/solid_queue_monitor@v2.0.0...v2.1.0

v2.0.0 — Rails Conventions Refactor

Highlights

Major architectural refactor — the dashboard now renders via standard Rails ERB views, helpers, and partials instead of HTML-in-Ruby presenters. CSS and JavaScript are served as external assets via a new AssetsController with content-hashed URLs and Cache-Control: immutable. Public API (config, mount, URLs, auth, CSP nonce support) is unchanged.

The dashboard now works under a strict script-src 'self'; style-src 'self' Content Security Policy without requiring host-app nonce configuration.

Changed

  • Major architectural refactor: the dashboard now renders via standard Rails ERB views, helpers, and partials instead of Ruby presenters emitting HTML strings. Configuration, mount point, URLs, HTTP Basic auth, and CSP nonce support are unchanged.
  • CSS and JavaScript are now served as external assets via a new AssetsController with content-hashed URLs and Cache-Control: immutable. No Sprockets or Propshaft dependency is required, so Rails API-only host applications keep working as in v1.x.
  • Dashboard pages now work under a strict script-src 'self'; style-src 'self' Content Security Policy without requiring host-app nonce configuration. Nonce-on-link-tag behavior is preserved for hosts running nonce-only CSPs.
  • Runtime configuration such as auto-refresh interval, auto-refresh enabled state, and theme preference is now passed via <body data-*> attributes instead of inline JavaScript interpolation.

Removed

  • SolidQueueMonitor::HtmlGenerator, StylesheetGenerator, ChartPresenter, BasePresenter, and all *Presenter classes. These were internal and not documented as public API. Users who reached into them via monkey patches will need to migrate to view/helper overrides.
  • SolidQueueMonitor::BaseController#render_page now that Rails implicit rendering handles all pages.
  • The brief inline <script> that prevented dark-mode first-paint flash has been removed in favor of zero inline scripts. Users with a dark system preference may see a short light flash on the first page load; subsequent loads use the cached localStorage value.

Migration

For most users, bundle update solid_queue_monitor is sufficient. The dashboard looks and behaves identically. Configuration options, routes, authentication, and CSP nonce support are unchanged.

If you customized the UI by monkey-patching a presenter, migrate that customization to view/helper overrides. Open an issue if you need guidance.

Full Changelog: vishaltps/solid_queue_monitor@v1.3.0...v2.0.0

Changelog

Sourced from solid_queue_monitor's changelog.

[2.1.0] - 2026-05-13

Added

  • SolidQueueMonitor.base_controller_class config option. Set it to the name of a host-app controller (e.g. 'AdminController') and the engine's ApplicationController will inherit from that class, so every before_action, rescue_from, layout, and current_user helper cascades into the dashboard. This unblocks integration with Devise, Pundit, OmniAuth, and custom session middleware without monkey-patching. Defaults to 'ActionController::Base'; behaviour is unchanged when not set.
  • README "Custom Authentication" section documenting the integration pattern with minimal and role-gated examples.

Changed

  • The activity chart's x-axis labels and bucket boundaries now consistently use the host application's Time.zone instead of UTC. No new config knob — set config.time_zone in config/application.rb as usual. Tests now pin this behaviour in America/Los_Angeles.

Migration

bundle update solid_queue_monitor is sufficient. The default behaviour matches v2.0.0 exactly; both features are opt-in (the chart automatically picks up your existing Time.zone).

[2.0.0] - 2026-05-12

Changed

  • Major architectural refactor: the dashboard now renders via standard Rails ERB views, helpers, and partials instead of Ruby presenters emitting HTML strings. Configuration, mount point, URLs, HTTP Basic auth, and CSP nonce support are unchanged.
  • CSS and JavaScript are now served as external assets via a new AssetsController with content-hashed URLs and Cache-Control: immutable. No Sprockets or Propshaft dependency is required, so Rails API-only host applications keep working as in v1.x.
  • Dashboard pages now work under a strict script-src 'self'; style-src 'self' Content Security Policy without requiring host-app nonce configuration. Nonce-on-link-tag behavior is preserved for hosts running nonce-only CSPs.
  • Runtime configuration such as auto-refresh interval, auto-refresh enabled state, and theme preference is now passed via <body data-*> attributes instead of inline JavaScript interpolation.

Removed

  • SolidQueueMonitor::HtmlGenerator, StylesheetGenerator, ChartPresenter, BasePresenter, and all *Presenter classes. These were internal and not documented as public API. Users who reached into them via monkey patches will need to migrate to view/helper overrides.
  • SolidQueueMonitor::BaseController#render_page now that Rails implicit rendering handles all pages.
  • The brief inline <script> that prevented dark-mode first-paint flash has been removed in favor of zero inline scripts. Users with a dark system preference may see a short light flash on the first page load; subsequent loads use the cached localStorage value.

Migration

For most users, bundle update solid_queue_monitor is sufficient. The dashboard looks and behaves identically. Configuration options, routes, authentication, and CSP nonce support are unchanged.

If you customized the UI by monkey-patching a presenter, migrate that customization to view/helper overrides. Open an issue at https://github.com/vishaltps/solid_queue_monitor/issues if you need guidance.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump solid_queue_monitor from 1.3.0 to 2.1.0
8c8eefc 
Bumps [solid_queue_monitor](https://github.com/vishaltps/solid_queue_monitor) from 1.3.0 to 2.1.0.
- [Release notes](https://github.com/vishaltps/solid_queue_monitor/releases)
- [Changelog](https://github.com/vishaltps/solid_queue_monitor/blob/main/CHANGELOG.md)
- [Commits](vishaltps/solid_queue_monitor@v1.3.0...v2.1.0)

---
updated-dependencies:
- dependency-name: solid_queue_monitor
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels May 14, 2026
@dependabot dependabot Bot mentioned this pull request May 14, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants