Bump the bundler group across 1 directory with 4 updates

[dependabot]

Bumps the bundler group with 1 update in the / directory: addressable.

Updates addressable from 2.5.2 to 2.8.6

Changelog

Sourced from addressable's changelog.

Addressable 2.8.6

• Memoize regexps for common character classes (#524)

#524: sporkmonger/addressable#524

Addressable 2.8.5

• Fix thread safety issue with encoding tables (#515)
• Define URI::NONE as a module to avoid serialization issues (#509)
• Fix YAML serialization (#508)

#508: sporkmonger/addressable#508 #509: sporkmonger/addressable#509 #515: sporkmonger/addressable#515

Addressable 2.8.4

• Restore Addressable::IDNA.unicode_normalize_kc as a deprecated method (#504)

#504: sporkmonger/addressable#504

Addressable 2.8.3

• Fix template expand level 2 hash support for non-string objects (#499, #498)

#499: sporkmonger/addressable#499 #498: sporkmonger/addressable#498

Addressable 2.8.2

• Improve cache hits and JIT friendliness (#486)
• Improve code style and test coverage (#482)
• Ensure reset of deferred validation (#481)
• Resolve normalization differences between IDNA::Native and IDNA::Pure (#408, #492)
• Remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438) (accidentally reverted by #449 merge but added back in #492)

#492: sporkmonger/addressable#492

Addressable 2.8.1

• refactor Addressable::URI.normalize_path to address linter offenses (#430)
• update gemspec to reflect supported Ruby versions (#466, #464, #463)
• compatibility w/ public_suffix 5.x (#466, #465, #460)
• fixes "invalid byte sequence in UTF-8" exception when unencoding URLs containing non UTF-8 characters (#459)
• Ractor compatibility (#449)
• use the whole string instead of a single line for template match (#431)
• force UTF-8 encoding only if needed (#341)

#449: sporkmonger/addressable#449 #460: sporkmonger/addressable#460 #463: sporkmonger/addressable#463 #464: sporkmonger/addressable#464 #465: sporkmonger/addressable#465 #466: sporkmonger/addressable#466

... (truncated)

Commits

• 35a0f5c gemspec: more #freeze and rubygems_version bump (#526)
• 63ab40e Update version, gemspec, and CHANGELOG for 2.8.6 (#525)
• 20879a9 Memoize regexps for common character classes (#524)
• 60feb48 Link directly to versioned changelog from gemspec (#522)
• d3635cc Bump actions/checkout from 3 to 4 (#521)
• 7cd185e Update version, gemspec, and CHANGELOG for 2.8.5 (#518)
• a5a8514 Fix gemspec generation (#517)
• e01456b Fix thread safety issue with encoding tables (#515)
• cf2153e Allow ruby-head to fail (#516)
• b56cef3 Define URI::NONE as a module to avoid serialization issues (#509)
• Additional commits viewable in compare view

Updates excon from 0.62.0 to 0.109.0

Changelog

Sourced from excon's changelog.

0.109.0 2024-01-03

• fix to properly utilize Resolv::DefaultResolver.replace_resolvers values

0.108.0 2023-12-15

• fix array syntax error for old ruby versions

0.107.0 2023-12-15

• performance improvements for nonblocking sockets

0.106.0 2023-12-13

• add rackup to Gemfile
• bump actions/stale version
• update bundled default certs

0.105.0 2023-11-28

• add support for non-blocking request timeouts

0.104.0 2023-09-29

• fix dates in changelog
• add resolv_resolver option and deprecate dns_timeout

0.103.0 2023-09-13

• fix cert related warnings
• update checkout github action
• add option to specify dns_timeout
• update bundled default certs

0.102.0 2023-08-23

• revert bundled cert update for now, as it is breaking tests

0.101.0 2023-08-23

• remove old Ruby 1.9 related conditionals and code

... (truncated)

Commits

• 1999ce9 v0.109.0
• f1a80ed Use Resolv::DefaultResolver when no resolv_resolver is set. (#846)
• 54e2077 v0.108.0
• 8a82f2b explicit array start/end values for old ruby versions (#844)
• 69c4694 v0.107.0
• f95758f Performance improvement on nonblocking sockets (#838)
• 3a8800d v0.106.0
• ce4ff60 update bundled certs (#842)
• d2b576e Bump actions/stale from 8 to 9 (#841)
• 8233d3e add rackup (#840)
• Additional commits viewable in compare view

Updates jmespath from 1.4.0 to 1.6.2

Release notes

Sourced from jmespath's releases.

Release v1.6.2 - 2022-11-25

• Issue - Allow comparison of Numeric types (includes Float).

• Issue - Add jmespath.rb to gemspec executables.

Release v1.6.1 - 2022-03-07

• Issue - Use JSON.parse instead of JSON.load.

Release v1.6.0 - 2022-02-14

• Feature - Add support for string comparissons.

Release v1.5.0 - 2022-01-10

• Support implicitly convertible objects/duck-type values responding to to_hash and to_ary.

  [See related GitHub pull request #51](jmespath/jmespath.rb#51).

Changelog

Sourced from jmespath's changelog.

1.6.2 (2022-11-25)

• Issue - Allow comparison of Numeric types (includes Float).

• Issue - Add jmespath.rb to gemspec executables.

1.6.1 (2022-03-07)

• Issue - Use JSON.parse instead of JSON.load.

1.6.0 (2022-02-14)

• Feature - Add support for string comparisons.

1.5.0 (2022-01-10)

• Support implicitly convertible objects/duck-type values responding to to_hash and to_ary.

  [See related GitHub pull request #51](jmespath/jmespath.rb#51).

Commits

• 8336859 Bump changelog and version
• 9c7d316 Merge pull request #57 from mtichner/patch-1
• 90ab191 Merge branch 'main' into patch-1
• a085656 Merge pull request #48 from mvastola/master
• a700772 Update syntax and add changelog entry
• 1b91b71 Merge branch 'main' into master
• c27c82d Add numeric as a comparable type
• 57d77ea Update lib/jmespath/nodes/condition.rb
• fbb7ff4 nit
• a78135f use numerics
• Additional commits viewable in compare view

Updates rubyzip from 1.2.2 to 1.3.0

Release notes

Sourced from rubyzip's releases.

v1.3.0

Security

• Add validate_entry_sizes option so that callers can trust an entry's reported size when using extract #403
  • This option defaults to false for backward compatibility in this release, but you are strongly encouraged to set it to true. It will default to true in rubyzip 2.0.

New Feature

• Add add_stored method to simplify adding entries without compression #366

Tooling / Documentation

• Add more gem metadata links #402

v1.2.4

• Do not rewrite zip files opened with open_buffer that have not changed #360

Tooling / Documentation

• Update example_recursive.rb in README #397
• Hold CI at trusty for now, automatically pick the latest ruby patch version, use rbx-4 and hold jruby at 9.1 #399

v1.2.3

• Allow tilde in zip entry names #391 (fixes regression in 1.2.2 from #376)
• Support frozen string literals in more files #390
• Require pathname explicitly #388 (fixes regression in 1.2.2 from #376)

Tooling / Documentation:

• CI updates #392, #394
  • Bump supported ruby versions and add 2.6
  • JRuby failures are no longer ignored (reverts #375 / part of #371)
• Add changelog entry that was missing for last release #387
• Comment cleanup #385

Since the GitHub release information for 1.2.2 is missing, I will also include it here:

1.2.2

NB: This release drops support for extracting symlinks, because there was no clear way to support this securely. See rubyzip/rubyzip#376 for details.

• Fix CVE-2018-1000544 #376 / #371
• Fix NoMethodError: undefined method `glob' #363
• Fix handling of stored files (i.e. files not using compression) with general purpose bit 3 set #358
• Fix close on StringIO-backed zip file #353
• Add Zip.force_entry_names_encoding option #340
• Update rubocop, apply auto-fixes, and fix regressions caused by said auto-fixes #332, #355
• Save temporary files to temporary directory (rather than current directory) #325

Tooling / Documentation:

... (truncated)

Changelog

Sourced from rubyzip's changelog.

1.3.0 (2019-09-25)

Security

• Add validate_entry_sizes option so that callers can trust an entry's reported size when using extract #403
  • This option defaults to false for backward compatibility in this release, but you are strongly encouraged to set it to true. It will default to true in rubyzip 2.0.

New Feature

• Add add_stored method to simplify adding entries without compression #366

Tooling / Documentation

• Add more gem metadata links #402

1.2.4 (2019-09-06)

• Do not rewrite zip files opened with open_buffer that have not changed #360

Tooling / Documentation

• Update example_recursive.rb in README #397
• Hold CI at trusty for now, automatically pick the latest ruby patch version, use rbx-4 and hold jruby at 9.1 #399

1.2.3

• Allow tilde in zip entry names #391 (fixes regression in 1.2.2 from #376)
• Support frozen string literals in more files #390
• Require pathname explicitly #388 (fixes regression in 1.2.2 from #376)

Tooling / Documentation:

• CI updates #392, #394
  • Bump supported ruby versions and add 2.6
  • JRuby failures are no longer ignored (reverts #375 / part of #371)
• Add changelog entry that was missing for last release #387
• Comment cleanup #385

Commits

• e79d9ea Merge pull request #407 from rubyzip/v1-3-0
• 7c65e1e Bump version to 1.3.0
• d65fe7b Merge pull request #403 from rubyzip/check-size
• 97cb6ae Warn when an entry size is invalid
• 7849f73 Default validate_entry_sizes to false for 1.3 release
• 4167f0c Validate entry sizes when extracting
• 94b7fa2 [ci skip] Update changelog
• 93505ca Check expected entry size in add_stored test
• 6619bf3 Merge pull request #366 from hainesr/add-stored
• ecb2776 Zip::File.add_stored() to add uncompressed files.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[backstage-catalog-validator]

⚠️ Este repositório ainda não está catalogado no Backstage. ⚠️

Por favor, catalogue-o seguindo as instruções nesta documentação. [Via VPN].

💁 Qualquer problema ou dúvida, estamos no Slack, basta abrir um ticket no canal #help-foundation-platform.