notebook
notebook copied to clipboard
Bump sprockets from 3.7.2 to 4.0.0
⚠️ Dependabot Preview has been deactivated ⚠️
This pull request was created by Dependabot Preview, and you've upgraded to Dependabot. This means it won't respond to dependabot
commands nor will it be automatically closed if a new version is found.
If you close this pull request, Dependabot will re-create it the next time it checks for updates and everything will work as expected.
Bumps sprockets from 3.7.2 to 4.0.0.
Changelog
Sourced from sprockets's changelog.
4.0.0
4.0.0.beta10
- Fix YACB (Yet Another Caching Bug) Fix broken expansion of asset link paths
4.0.0.beta9
- Minimum Ruby version for Sprockets 4 is now 2.5+ which matches minimum ruby verision of Rails #604
- Fix threading bug introduced in Sprockets 4 #603
- Warn when two potential manifest files exist. #560
4.0.0.beta8
- Security release for CVE-2018-3760
4.0.0.beta7
- Fix a year long bug that caused
Sprockets::FileNotFound
errors when the asset was present #547- Raise an error when two assets such as foo.js and foo.js.erb would produce the same output artifact (foo.js) [#549 #530]
- Process
*.jst.eco.erb
files with ERBProcessor4.0.0.beta6
4.0.0.beta5
- Reduce string allocations
- Source map metadata uses compressed form specified by the source map v3 spec. #402 [BREAKING]
- Generate index maps when decoding source maps isn't necessary. #402
- Remove fingerprints from source map files. #402
4.0.0.beta4
- Changing the version now busts the digest of all assets #404
- Exporter interface added #386
- Using ENV vars in templates will recompile templates when the env vars change. #365
- Source maps for imported sass files with sassc is now fixed #391
- Load paths now in error messages #322
- Cache key added to babel processor #387
Environment#find_asset!
can now be used to raise an exception when asset could not be found #3794.0.0.beta3
... (truncated)
Commits
08fef08
v4.0.00ef4c97
Merge pull request #631 from rails/schneems/changelog540b0d2
[ci skip] check changelog entry02d4c0a
Merge pull request #628 from ahorek/optimize_source_maps4caa653
optimize source maps365036d
Merge pull request #627 from ahorek/kwargs6e6d6a7
kwargsd9e7037
Merge pull request #625 from amatsuda/kwargscbf3b82
Merge pull request #626 from amatsuda/sort_manifest_entriesb416821
Sort manifest entries alphabetically before choosing one- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language -
@dependabot badge me
will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot dashboard:
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
We can't merge this until there is a solution to https://github.com/sass/sassc-rails/issues/122.
A newer version of sprockets exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.