Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot updates #316

Merged
merged 10 commits into from
May 28, 2021
Merged

Dependabot updates #316

merged 10 commits into from
May 28, 2021

Conversation

rx
Copy link
Owner

@rx rx commented May 27, 2021
edited

Security updates

This is a rollup of a set of dependabot PR's.

dependabot bot and others added 9 commits May 27, 2021 15:34
@dependabot
chore(deps): bump dns-packet from 1.3.1 to 1.3.4 in /views/mdc (#315)
dc113c5 
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump nokogiri from 1.11.2 to 1.11.4 (#314)
9d4c90f 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.2 to 1.11.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.11.2...v1.11.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump puma from 5.2.2 to 5.3.1 (#313)
fd73e37 
Bumps [puma](https://github.com/puma/puma) from 5.2.2 to 5.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](puma/puma@v5.2.2...v5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump lodash from 4.17.20 to 4.17.21 in /views/mdc (#312)
3121976 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump handlebars from 4.7.6 to 4.7.7 in /views/mdc (#311)
a240dda 
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump url-parse from 1.4.4 to 1.5.0 in /views/mdc (#310)
eb86db8 
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.4.4...1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Rebuilt with dependabot updates.
0d5a4c3
chore: Attempt to build the change log as expected.
95259ac
fix: Bumping version from dependabot PR's.
cf6d422 
The dependabot PR's default to chore semantic release and that does not automatically bump the revision. So bumping the version with this change.
@rx rx merged commit 6968282 into master May 28, 2021
@rx rx deleted the dependabot-updates branch May 28, 2021 19:44
rx added a commit that referenced this pull request Jun 2, 2021
@rx @dependabot
Dependabot updates (#316)
2f1a741 
* chore(deps): bump dns-packet from 1.3.1 to 1.3.4 in /views/mdc (#315)

Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump nokogiri from 1.11.2 to 1.11.4 (#314)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.2 to 1.11.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.11.2...v1.11.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump puma from 5.2.2 to 5.3.1 (#313)

Bumps [puma](https://github.com/puma/puma) from 5.2.2 to 5.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](puma/puma@v5.2.2...v5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump lodash from 4.17.20 to 4.17.21 in /views/mdc (#312)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump handlebars from 4.7.6 to 4.7.7 in /views/mdc (#311)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump url-parse from 1.4.4 to 1.5.0 in /views/mdc (#310)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.4.4...1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Rebuilt with dependabot updates.

* chore: Attempt to build the change log as expected.

* fix: Bumping version from dependabot PR's.

The dependabot PR's default to chore semantic release and that does not automatically bump the revision. So bumping the version with this change.

* chore: Trying to fix error with changelog.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Rx <russell@russelledens.net>
rx added a commit that referenced this pull request Jun 2, 2021
@rx @dsgraham @dependabot
Coprl rename (#318)
8acafd5 
* BREAKING CHANGE: Rails Engine supporting native rails template views and partials.
Plugin's are incompatible with this version due to Rails render rules requiring leading '_' and application directory.

* Rails 5 work in progress. Not rending templates currently. Use Rails 6 until resoved.

* Fixed local path gemfile entry.

* Removed puts debugging statements.

* Rails 5 changes to get template handlers to render correctly.  Note: If you don't like the load speeds in dev mode, use Rails 6 instead. Rails 6 template speeds are 5 times faster in development.

* Rendering templates even when empty is significantly slower in Rails than in Sinatra. So we prevent render calls a practice across all component templates. Only render what you are using is the rule of thumb, even if the calling template is wrapped with a `if comp` check.

* docs: Updated README

Added more instructions on rails partials and general cleanup.

* Update README (#309)

* doc: Updated readme bullet items.

* Update README.md

Tweeking readme as a way of testing mirroring from to the new coprl/coprl repository

* feat: Name change from voom to coprl

The repository is moving as well.

This is all part of the 3.0 version that has the following major breaking changes:

* New gem name `coprl`
* New binary name `coprl`
* New plugin interface -- templates must be prefixed with `_` and live in the Coprl module namespace.
* Native rails views and partials, no need to mount Sinatra.

* Replacing Voom with Coprl in comments/docs.

* Updates paramters to NOT pass rails strong parameters as the context.

* doc: Fixed/updated images in the demo. (#317)

Co-authored-by: Rx <russell@russelledens.net>

* Dependabot updates (#316)

* chore(deps): bump dns-packet from 1.3.1 to 1.3.4 in /views/mdc (#315)

Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump nokogiri from 1.11.2 to 1.11.4 (#314)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.2 to 1.11.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.11.2...v1.11.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump puma from 5.2.2 to 5.3.1 (#313)

Bumps [puma](https://github.com/puma/puma) from 5.2.2 to 5.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](puma/puma@v5.2.2...v5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump lodash from 4.17.20 to 4.17.21 in /views/mdc (#312)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump handlebars from 4.7.6 to 4.7.7 in /views/mdc (#311)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump url-parse from 1.4.4 to 1.5.0 in /views/mdc (#310)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.4.4...1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Rebuilt with dependabot updates.

* chore: Attempt to build the change log as expected.

* fix: Bumping version from dependabot PR's.

The dependabot PR's default to chore semantic release and that does not automatically bump the revision. So bumping the version with this change.

* chore: Trying to fix error with changelog.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Rx <russell@russelledens.net>

* fix: Updated generators to use new conventions to support Rails native views

* fix: Added plugin callbacks for setting the view path before rendering to support Rails native views

* fix: Added raw helpers for both Rails and Sinatra that are designed to be called from the plugins to emmit raw code into the page.

* fix: Updated how partials render to use the render_partial methods as mixins from both Sinatra and Rails.

* chore: Added pry-bybug to the Gemfile development group
chore: Updated plugins to point to their coprl organization Github repos.

* doc: Updated readme bullet items.

* Dependabot updates (#316)

* chore(deps): bump dns-packet from 1.3.1 to 1.3.4 in /views/mdc (#315)

Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump nokogiri from 1.11.2 to 1.11.4 (#314)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.2 to 1.11.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.11.2...v1.11.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump puma from 5.2.2 to 5.3.1 (#313)

Bumps [puma](https://github.com/puma/puma) from 5.2.2 to 5.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](puma/puma@v5.2.2...v5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump lodash from 4.17.20 to 4.17.21 in /views/mdc (#312)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump handlebars from 4.7.6 to 4.7.7 in /views/mdc (#311)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump url-parse from 1.4.4 to 1.5.0 in /views/mdc (#310)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.4.4...1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Rebuilt with dependabot updates.

* chore: Attempt to build the change log as expected.

* fix: Bumping version from dependabot PR's.

The dependabot PR's default to chore semantic release and that does not automatically bump the revision. So bumping the version with this change.

* chore: Trying to fix error with changelog.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Rx <russell@russelledens.net>

* fix: Added escape `h` method for rails and sinatra. They behave the opposite -- Rails escapes by default and Sinatra emits raw html by default.

* doc: Added migration doc for migrating plugins

* chore: updated lock file

Co-authored-by: Rx <russell@russelledens.net>
Co-authored-by: Derek Graham <derek@evvnt.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot pushed a commit that referenced this pull request Jun 2, 2021
@semantic-release-bot
chore(release): 3.0.0-beta.1 [skip ci]
b5ad4e2 
# [3.0.0-beta.1](v2.1.1...v3.0.0-beta.1) (2021-06-02)

* Coprl rename (#318) ([8acafd5](8acafd5)), closes [#318](#318) [#309](#309) [#317](#317) [#316](#316) [#315](#315) [#314](#314) [#313](#313) [#312](#312) [#311](#311) [#310](#310) [#316](#316) [#315](#315) [#314](#314) [#313](#313) [#312](#312) [#311](#311) [#310](#310)

### BREAKING CHANGES

* Rails Engine supporting native rails template views and partials.
Plugin's are incompatible with this version due to Rails render rules requiring leading '_' and application directory.

* Rails 5 work in progress. Not rending templates currently. Use Rails 6 until resoved.

* Fixed local path gemfile entry.

* Removed puts debugging statements.

* Rails 5 changes to get template handlers to render correctly.  Note: If you don't like the load speeds in dev mode, use Rails 6 instead. Rails 6 template speeds are 5 times faster in development.

* Rendering templates even when empty is significantly slower in Rails than in Sinatra. So we prevent render calls a practice across all component templates. Only render what you are using is the rule of thumb, even if the calling template is wrapped with a `if comp` check.

* docs: Updated README

Added more instructions on rails partials and general cleanup.
rx added a commit that referenced this pull request Jun 18, 2021
@rx @dependabot
Dependabot updates (#316)
46f933c 
* chore(deps): bump dns-packet from 1.3.1 to 1.3.4 in /views/mdc (#315)

Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump nokogiri from 1.11.2 to 1.11.4 (#314)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.2 to 1.11.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.11.2...v1.11.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump puma from 5.2.2 to 5.3.1 (#313)

Bumps [puma](https://github.com/puma/puma) from 5.2.2 to 5.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](puma/puma@v5.2.2...v5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump lodash from 4.17.20 to 4.17.21 in /views/mdc (#312)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump handlebars from 4.7.6 to 4.7.7 in /views/mdc (#311)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump url-parse from 1.4.4 to 1.5.0 in /views/mdc (#310)

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.4.4...1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Rebuilt with dependabot updates.

* chore: Attempt to build the change log as expected.

* fix: Bumping version from dependabot PR's.

The dependabot PR's default to chore semantic release and that does not automatically bump the revision. So bumping the version with this change.

* chore: Trying to fix error with changelog.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Rx <russell@russelledens.net>
@github-actions
Copy link

🎉 This PR is included in version 2.1.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions
Copy link

🎉 This PR is included in version 3.0.0-beta.5 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dsgraham dsgraham dsgraham approved these changes

Assignees
No one assigned
Labels
released on @beta released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@rx @dsgraham