build(deps): bump rails from 7.1.4 to 7.2.1 #2292

dependabot · 2024-08-23T10:56:26Z

Bumps rails from 7.1.4 to 7.2.1.

Release notes

7.2.1

Active Support

No changes.

Active Model

No changes.

Active Record

Fix detection for enum columns with parallelized tests and PostgreSQL.

Rafael Mendonça França

Allow to eager load nested nil associations.

fatkodima

Fix swallowing ignore order warning when batching using BatchEnumerator.

fatkodima

Fix memory bloat on the connection pool when using the Fiber IsolatedExecutionState.

Jean Boussier

Restore inferred association class with the same modularized name.

Justin Ko

Fix ActiveRecord::Base.inspect to properly explain how to load schema information.

Jean Boussier

Check invalid enum options for the new syntax.

The options using _ prefix in the old syntax are invalid in the new syntax.

Rafael Mendonça França

Fix ActiveRecord::Encryption::EncryptedAttributeType#type to return actual cast type.

Vasiliy Ermolovich

... (truncated)

Commits

a11f0a6 Preparing for 7.2.1 release
8b40780 Sync changelog
2988deb Update the description of when SQLite might make sense as the configured data...
cd1b3db Revert "Merge pull request #49769 from jonathanhefner/active_record-enum-non-...
e314216 Merge pull request #52546 from Uaitt/config-assets-quiet-improvements
33227d2 Merge pull request #52357 from Uaitt/clarify-upgrading-ruby-on-rails-guide
2402fb4 Merge pull request #52637 from jlduran/cleanup-service-worker-white-space
7600221 Fix linting issues in action_controller_overview.md
90d9e12 Merge pull request #52138 from skipkayhil/hm-rack-input-is-optional
f42a784 Move the rewind code closer to the reason why we need to rewind
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @abtion-internal-projects.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

abtion-internal-projects

@dependabot merge

dependabot · 2024-08-23T10:57:44Z

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

runephilosof-abtion · 2024-09-17T07:10:05Z

@jeppester Do you know why abtion-internal-projects is trying to get this automerged?

It should not be automerging rails minor versions according to

rails-template/.github/auto-merge.yml

Lines 1 to 3 in 3065276

    
           - match: 
        
               dependency_name: rails 
        
               update_type: semver:patch # Because Rails requires manual updates for minor versions.

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

abtion-internal-projects

@dependabot merge

jeppester · 2024-09-18T09:49:55Z

@jeppester Do you know why abtion-internal-projects is trying to get this automerged?

It should not be automerging rails minor versions according to

It sure seems odd. I'll take a look at it.

jeppester · 2024-09-18T10:05:35Z

It looks like the order in the configuration file might matter:

jeppester · 2024-09-18T10:29:14Z

It turns out that automerge does not work the way that you would expect:
https://github.com/ahmadnassri/action-dependabot-auto-merge/blob/4b9c6f0185a1c94f18bc293dc050c8c073b4fcc8/action/lib/parse.js#L93

It loops through all rules and merges if just one of the rules apply.
This is rather unfortunate, as it means that we cannot set it up the way that we want.

Also unfortunately: Since the repo is unmaintained, there's no reason to believe that this will ever be fixed.
I'm thinking if there's a better action for doing the same thing, or if we should perhaps fork the project - the code itself is rather simple.

It would also allow is to fix some other problems. Like for instance that it does not work for non-standard semver versions (e.g. 5.0.0.patch3) and grouped updates.

Bumps [rails](https://github.com/rails/rails) from 7.1.4 to 7.2.1. - [Release notes](https://github.com/rails/rails/releases) - [Commits](rails/rails@v7.1.4...v7.2.1) --- updated-dependencies: - dependency-name: rails dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

abtion-internal-projects

@dependabot merge

runephilosof-abtion · 2024-09-19T07:47:37Z

Some input on auto-merging dependabot PRs from the Github-native Dependabot team (it seems)
dependabot/dependabot-core#1973 (comment)

Auto-merge will not be supported in GitHub-native Dependabot for the foreseeable future.
we’re concerned about auto-merge being used to quickly propagate a malicious package across the ecosystem.
We recommend always verifying your dependencies before merging them.

dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Aug 23, 2024

dependabot bot mentioned this pull request Aug 23, 2024

build(deps): bump rails from 7.1.3.4 to 7.2.0 #2268

Closed

abtion-internal-projects approved these changes Aug 23, 2024

View reviewed changes

dependabot bot force-pushed the dependabot/bundler/rails-7.2.1 branch from 61efc42 to 1b117db Compare August 28, 2024 10:12

abtion-internal-projects approved these changes Aug 28, 2024

View reviewed changes

dependabot bot force-pushed the dependabot/bundler/rails-7.2.1 branch from 1b117db to 3baf8d5 Compare August 29, 2024 10:29

abtion-internal-projects approved these changes Aug 29, 2024

View reviewed changes

dependabot bot force-pushed the dependabot/bundler/rails-7.2.1 branch from 3baf8d5 to 9024596 Compare August 29, 2024 10:30

abtion-internal-projects approved these changes Aug 29, 2024

View reviewed changes

dependabot bot force-pushed the dependabot/bundler/rails-7.2.1 branch from 9024596 to 302a77f Compare September 17, 2024 06:47