denali icon indicating copy to clipboard operation
denali copied to clipboard

Published 20 hours ago verified publisher icon gesteves

Bump bootsnap from 1.15.0 to 1.18.4

Open dependabot[bot] opened this issue 6 months ago • 0 comments

Bumps bootsnap from 1.15.0 to 1.18.4.

Changelog

Sourced from bootsnap's changelog.

1.18.4

  • Allow using bootsnap without bundler. See #488.
  • Fix startup failure if the cache directory points to a broken symlink.

1.18.3

  • Fix the cache corruption issue in the revalidation feature. See #474. The cache revalidation feature remains opt-in for now, until it is more battle tested.

1.18.2

  • Disable stale cache entries revalidation by default as it seems to cause cache corruption issues. See #471 and #474. Will be re-enabled in a future version once the root cause is identified.
  • Fix a potential compilation issue on some systems. See #470.

1.18.1

  • Handle EPERM errors when opening files with O_NOATIME.

1.18.0

  • Bootsnap.instrumentation now receive :hit events.
  • Add Bootsnap.log_stats! to print hit rate statistics on process exit. Can also be enabled with BOOTSNAP_STATS=1.
  • Revalidate stale cache entries by digesting the source content. This should significantly improve performance in environments where mtime isn't preserved (e.g. CI systems doing a git clone, etc). See #468.
  • Open source files and cache entries with O_NOATIME when available to reduce disk accesses. See #469.
  • bootsnap precompile --gemfile now look for .rb files in the whole gem and not just the lib/ directory. See #466.

1.17.1

  • Fix a compatibility issue with the prism library that ships with Ruby 3.3. See #463.
  • Improved the Kernel#require decorator to not cause a method redefinition warning. See #461.

1.17.0

  • Ensure $LOAD_PATH.dup is Ractor shareable to fix a conflict with did_you_mean.
  • Allow to ignore directories using absolute paths.
  • Support YAML and JSON CompileCache on TruffleRuby.
  • Support LoadPathCache on TruffleRuby.

1.16.0

  • Use RbConfig::CONFIG["rubylibdir"] instead of RbConfig::CONFIG["libdir"] to check for stdlib files. See #431.
  • Fix the cached version of YAML.load_file being slightly more permissive than the default Psych one. See #434. Date and Time values are now properly rejected, as well as aliases. If this causes a regression in your application, it is recommended to load trusted YAML files with YAML.unsafe_load_file.
Commits
  • cae219a Release 1.18.4
  • 407bdef Merge pull request #489 from Shopify/fix-load-error
  • 7afa951 Fix bootsnap setup in environments without bundler
  • c5513d9 Merge pull request #487 from Uaitt/update-gh-action-versions
  • 65691ca Update GitHub actions versions
  • 156b8c9 Merge pull request #485 from Uaitt/changelog-typo
  • e76fe38 Merge pull request #486 from Uaitt/correct-rubocop-offenses
  • 9ec8d70 Correct Rubocop offenses
  • 47ad134 Correct a typo present in the CHANGELOG
  • f627992 Add --version flag
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Aug 10 '24 01:08 dependabot[bot]