Bump puma from 4.3.5 to 5.0.0

[dependabot]

Bumps puma from 4.3.5 to 5.0.0.

Release notes

Sourced from puma's releases.

5.0 - Spoony Bard

5.0.0

• Features

  • Allow compiling without OpenSSL and dynamically load files needed for SSL, add 'no ssl' CI (#2305)
  • EXPERIMENTAL: Add fork_worker option and refork command for reduced memory usage by forking from a worker process instead of the master process. (#2099)
  • EXPERIMENTAL: Added wait_for_less_busy_worker config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (#2079).
  • EXPERIMENTAL: Added nakayoshi_fork option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (#2093, #2256)
  • Added pumactl thread-backtraces command to print thread backtraces (#2054)
  • Added incrementing requests_count to Puma.stats. (#2106)
  • Increased maximum URI path length from 2048 to 8192 bytes (#2167, #2344)
  • lowlevel_error_handler is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (#2203)
  • Faster phased restart and worker timeout (#2220)
  • Added state_permission to config DSL to set state file permissions (#2238)
  • Added Puma.stats_hash, which returns a stats in Hash instead of a JSON string (#2086, #2253)
  • rack.multithread and rack.multiprocess now dynamically resolved by max_thread and workers respectively (#2288)

• Deprecations, Removals and Breaking API Changes

  • --control has been removed. Use --control-url (#1487)
  • worker_directory has been removed. Use directory.
  • min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (#2143)
  • max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (#2143)
  • max_threads default to 5 in MRI or 16 for all other interpreters. (#2143)
  • preload by default if workers > 1 (#2143)
  • Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (#2143)
  • tcp_mode has been removed without replacement. (#2169)
  • Daemonization has been removed without replacement. (#2170)
  • Changed #connected_port to #connected_ports (#2076)
  • Configuration: environment is read from RAILS_ENV, if RACK_ENV can't be found (#2022)
  • Log binding on http:// for TCP bindings to make it clickable

• Bugfixes

  • Fix JSON loading issues on phased-restarts (#2269)
  • Improve shutdown reliability (#2312, #2338)
  • Close client http connections made to an ssl server with TLSv1.3 (#2116)
  • Do not set user_config to quiet by default to allow for file config (#2074)
  • Always close SSL connection in Puma::ControlCLI (#2211)
  • Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (#2069)
  • Ensure control server Unix socket is closed on shutdown (#2112)
  • Preserve BUNDLE_GEMFILE env var when using prune_bundler (#1893)
  • Send 408 request timeout even when queue requests is disabled (#2119)
  • Rescue IO::WaitReadable instead of EAGAIN for blocking read (#2121)
  • Ensure BUNDLE_GEMFILE is unspecified in workers if unspecified in master when using prune_bundler (#2154)
  • Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (#1551)
  • Read directly from the socket in #read_and_drop to avoid raising further SSL errors (#2198)
  • Set Connection: closed header when queue requests is disabled (#2216)
  • Pass queued requests to thread pool on server shutdown (#2122)
  • Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (#2220)

Changelog

Sourced from puma's changelog.

5.0.0

• Features

  • Allow compiling without OpenSSL and dynamically load files needed for SSL, add 'no ssl' CI (#2305)
  • EXPERIMENTAL: Add fork_worker option and refork command for reduced memory usage by forking from a worker process instead of the master process. (#2099)
  • EXPERIMENTAL: Added wait_for_less_busy_worker config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (#2079).
  • EXPERIMENTAL: Added nakayoshi_fork option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (#2093, #2256)
  • Added pumactl thread-backtraces command to print thread backtraces (#2054)
  • Added incrementing requests_count to Puma.stats. (#2106)
  • Increased maximum URI path length from 2048 to 8192 bytes (#2167, #2344)
  • lowlevel_error_handler is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (#2203)
  • Faster phased restart and worker timeout (#2220)
  • Added state_permission to config DSL to set state file permissions (#2238)
  • Added Puma.stats_hash, which returns a stats in Hash instead of a JSON string (#2086, #2253)
  • rack.multithread and rack.multiprocess now dynamically resolved by max_thread and workers respectively (#2288)

• Deprecations, Removals and Breaking API Changes

  • --control has been removed. Use --control-url (#1487)
  • worker_directory has been removed. Use directory.
  • min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (#2143)
  • max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (#2143)
  • max_threads default to 5 in MRI or 16 for all other interpreters. (#2143)
  • preload by default if workers > 1 (#2143)
  • Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (#2143)
  • tcp_mode has been removed without replacement. (#2169)
  • Daemonization has been removed without replacement. (#2170)
  • Changed #connected_port to #connected_ports (#2076)
  • Configuration: environment is read from RAILS_ENV, if RACK_ENV can't be found (#2022)
  • Log binding on http:// for TCP bindings to make it clickable

• Bugfixes

  • Fix JSON loading issues on phased-restarts (#2269)
  • Improve shutdown reliability (#2312, #2338)
  • Close client http connections made to an ssl server with TLSv1.3 (#2116)
  • Do not set user_config to quiet by default to allow for file config (#2074)
  • Always close SSL connection in Puma::ControlCLI (#2211)
  • Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (#2069)
  • Ensure control server Unix socket is closed on shutdown (#2112)
  • Preserve BUNDLE_GEMFILE env var when using prune_bundler (#1893)
  • Send 408 request timeout even when queue requests is disabled (#2119)
  • Rescue IO::WaitReadable instead of EAGAIN for blocking read (#2121)
  • Ensure BUNDLE_GEMFILE is unspecified in workers if unspecified in master when using prune_bundler (#2154)
  • Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (#1551)
  • Read directly from the socket in #read_and_drop to avoid raising further SSL errors (#2198)
  • Set Connection: closed header when queue requests is disabled (#2216)
  • Pass queued requests to thread pool on server shutdown (#2122)
  • Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (#2220)
  • Fix out_of_band hook never executed if the number of worker threads is > 1 (#2177)
  • Fix ThreadPool#shutdown timeout accuracy (#2221)
  • Fix UserFileDefaultOptions#fetch to properly use default (#2233)

Commits

• 13e18e8 Puma 5
• 4be4069 Merge pull request #2370 from MSP-Greg/fix-2368
• b895566 Fix my errors in 2368
• 038a0d9 Documentation - add version info, misc fixes [ci skip] (#2368)
• 18f1810 test/helper.rb -TimeoutEveryTestCase - set non MRI timeouts to 60 sec
• 0ab0eec Leave DISABLE_SSL undocumented
• 1ebdf11 Merge pull request #2305 from MSP-Greg/no-ssl
• 7b3c08a Merge pull request #2365 from MSP-Greg/test-timeout
• 5b56986 Merge pull request #2364 from MSP-Greg/share-cert
• fe2c25b README.md - add 'SSL Connection Support' section
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #269.