chore(deps): update dependency webrick to v1.8.2 [security]

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
webrick	1.8.1 -> 1.8.2

GitHub Vulnerability Alerts

CVE-2024-47220

An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production."

---

Release Notes

ruby/webrick (webrick)

v1.8.2

Compare Source

What's Changed

• Drop commented-out line by @​olleolleolle in https://github.com/ruby/webrick/pull/108
• Add Ruby 3.1 & 3.2 to CI matrix by @​tricknotes in https://github.com/ruby/webrick/pull/109
• Fix/redos by @​ooooooo-q in https://github.com/ruby/webrick/pull/114
• Raise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by @​jeremyevans in https://github.com/ruby/webrick/pull/120
• Bump actions/checkout from 3 to 4 by @​dependabot in https://github.com/ruby/webrick/pull/121
• Improve CI by @​hsbt in https://github.com/ruby/webrick/pull/123
• Fix WEBrick::TestFileHandler#test_short_filename test not working on mswin by @​KJTsanaktsidis in https://github.com/ruby/webrick/pull/128
• Fix bug chunk extension detection by @​jeremyevans in https://github.com/ruby/webrick/pull/125
• Fix CI. by @​ioquatix in https://github.com/ruby/webrick/pull/131
• Merge multiple cookie headers, preserving semantic correctness. by @​ioquatix in https://github.com/ruby/webrick/pull/130
• Test on macos-latest by @​byroot in https://github.com/ruby/webrick/pull/132
• Require CRLF line endings in request line and headers by @​jeremyevans in https://github.com/ruby/webrick/pull/138
• Prefer squigly heredocs. by @​ioquatix in https://github.com/ruby/webrick/pull/143
• Only strip space and horizontal tab in headers by @​jeremyevans in https://github.com/ruby/webrick/pull/141
• Treat missing CRLF separator after headers as an EOFError by @​jeremyevans in https://github.com/ruby/webrick/pull/142
• Return 400 response for chunked requests with unexpected data after chunk by @​jeremyevans in https://github.com/ruby/webrick/pull/136
• Fix reference to URI::REGEXP::PATTERN::HOST by @​casperisfine in https://github.com/ruby/webrick/pull/144
• Prevent request smuggling by @​jeremyevans in https://github.com/ruby/webrick/pull/146

New Contributors

• @​tricknotes made their first contribution in https://github.com/ruby/webrick/pull/109
• @​ooooooo-q made their first contribution in https://github.com/ruby/webrick/pull/114
• @​KJTsanaktsidis made their first contribution in https://github.com/ruby/webrick/pull/128
• @​byroot made their first contribution in https://github.com/ruby/webrick/pull/132
• @​casperisfine made their first contribution in https://github.com/ruby/webrick/pull/144

Full Changelog: https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 95.60%. Comparing base (2b73548) to head (7c7ffe7).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #173   +/-   ##
=======================================
  Coverage   95.60%   95.60%           
=======================================
  Files          11       11           
  Lines          91       91           
=======================================
  Hits           87       87           
  Misses          4        4           

Flag	Coverage Δ
	95.60% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[renovate[bot]]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: docs/Gemfile.lock

/opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendor/thor/lib/thor/error.rb:105:in '<class:Thor>': uninitialized constant DidYouMean::SPELL_CHECKERS (NameError)

    DidYouMean::SPELL_CHECKERS.merge!(
              ^^^^^^^^^^^^^^^^
Did you mean?  DidYouMean::SpellChecker
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendor/thor/lib/thor/error.rb:1:in '<top (required)>'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendor/thor/lib/thor/base.rb:3:in 'Kernel#require_relative'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendor/thor/lib/thor/base.rb:3:in '<top (required)>'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendor/thor/lib/thor.rb:1:in 'Kernel#require_relative'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendor/thor/lib/thor.rb:1:in '<top (required)>'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendored_thor.rb:8:in 'Kernel#require_relative'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/vendored_thor.rb:8:in '<top (required)>'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/friendly_errors.rb:3:in 'Kernel#require_relative'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/lib/bundler/friendly_errors.rb:3:in '<top (required)>'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/exe/bundle:32:in 'Kernel#require_relative'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/exe/bundle:32:in '<top (required)>'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/exe/bundler:4:in 'Kernel#load'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/gems/bundler-2.2.21/exe/bundler:4:in '<top (required)>'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/bin/bundler:25:in 'Kernel#load'
	from /opt/containerbase/tools/bundler/2.2.21/3.4.6/bin/bundler:25:in '<main>'