developer-center icon indicating copy to clipboard operation
developer-center copied to clipboard

Published 20 hours ago verified publisher icon LivePersonInc

Bump sprockets from 3.7.2 to 4.0.3

Open dependabot[bot] opened this issue 3 years ago • 9 comments

Bumps sprockets from 3.7.2 to 4.0.3.

Release notes

Sourced from sprockets's releases.

v4.0.3

What's Changed

New Contributors

Full Changelog: https://github.com/rails/sprockets/compare/v4.0.2...v4.0.3

Changelog

Sourced from sprockets's changelog.

4.0.3

  • Fix Manifest#find yielding from a Promise causing issue on Ruby 3.1.0-dev. #720
  • Better detect the ERB version to avoid deprecation warnings. #719
  • Allow assets already fingerprinted to be served through Sprockets::Server
  • Do not fingerprint files that already contain a valid digest in their name
  • Remove remaining support for Ruby < 2.4.#672

4.0.2

  • Fix etag and digest path compilation that were generating string with invalid digest since 4.0.1.

4.0.1

  • Fix for Ruby 2.7 keyword arguments warning in base.rb. #660
  • Fix for when x_sprockets_linecount is missing from a source map.
  • Fix subresource integrity to match the digest of the asset.

4.0.0

  • Fixes for Ruby 2.7 keyword arguments warnings #625
  • Manifest files are sorted alphabetically #626

4.0.0.beta10

4.0.0.beta9

  • Minimum Ruby version for Sprockets 4 is now 2.5+ which matches minimum ruby version of Rails #604
  • Fix threading bug introduced in Sprockets 4 #603
  • Warn when two potential manifest files exist. #560

4.0.0.beta8

4.0.0.beta7

  • Fix a year long bug that caused Sprockets::FileNotFound errors when the asset was present #547
  • Raise an error when two assets such as foo.js and foo.js.erb would produce the same output artifact (foo.js) [#549 #530]
  • Process *.jst.eco.erb files with ERBProcessor

4.0.0.beta6

  • Fix source map line offsets #515
  • Return a 400 Bad Request when the path encoding is invalid. #514

4.0.0.beta5

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Jul 04 '22 00:07 dependabot[bot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot] avatar Jul 05 '22 12:07 dependabot[bot]

@dependabot rebase

j9t avatar Jul 06 '22 08:07 j9t

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

dependabot[bot] avatar Jul 06 '22 08:07 dependabot[bot]

@dependabot recreate

j9t avatar Jul 06 '22 10:07 j9t

@j9t checked, and this didnt work jekyll 3.9.2 | Error: wrong number of arguments (given 2, expected 1)

itay1313 avatar Aug 08 '22 07:08 itay1313

Then we need to dive in and adjust the code accordingly. This is important but not urgent, so as long as we don’t accrue too many of these PRs this can wait a few days, and we can check on internal support if need be, too.

j9t avatar Aug 08 '22 07:08 j9t

@dependabot reopen

j9t avatar Sep 27 '22 07:09 j9t

@j9t there is a problem with this version of sprockets let's use older version and close this pr https://stackoverflow.com/questions/60198057/jekyll-wrong-number-of-arguments-given-2-expected-1-argumenterror image

image

itay1313 avatar Oct 18 '22 10:10 itay1313

@itay1313, see earlier notes—let’s keep everything open for which there is a newer version, so that we there’s visibility for it.

This issue here seems to exist for some time, so either we’re lucky and someone fixes this (either on the Jekyll or on the Sprockets side), or we bite the bullet and try to work around it, or bring this issue to either side’s attention (file a bug report with Jekyll or Sprockets).

If you want we can add a label for this. Don’t worry about it too much as long as we only have 1–3 of these requests, and keep an eye on it.

j9t avatar Oct 18 '22 12:10 j9t