Update Mend: high confidence minor and patch dependency updates

[mend-for-github1.v50.ltd]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
aws-sdk-s3 (source, changelog)	1.142.0 -> 1.199.1
brakeman (source, changelog)	6.1.1 -> 6.2.2
capybara (changelog)	3.39.2 -> 3.40.0
connection_pool (changelog)	2.4.1 -> 2.5.4
cssbundling-rails (changelog)	1.3.3 -> 1.4.3
debug (changelog)	1.9.1 -> 1.11.0
delayed_job (changelog)	4.1.11 -> 4.1.13
delayed_job_active_record	4.1.8 -> 4.1.11
eslint-plugin-import	2.27.5 -> 2.32.0
image_processing (changelog)	1.12.2 -> 1.14.0
jbuilder (changelog)	2.11.5 -> 2.14.1
jsbundling-rails (changelog)	1.2.1 -> 1.3.1
listen (changelog)	3.8.0 -> 3.9.0
minitest (changelog)	">= 5.15.0", "< 5.22.0" -> ">= 5.15.0", "< 5.25.6"
propshaft	0.8.0 -> 0.9.1
qunit (source)	2.19.4 -> 2.24.1
rack (changelog)	3.0.8 -> 3.2.1
rake (changelog)	13.1.0 -> 13.3.0
redcarpet	"~> 3.2.3" -> "~> 3.6.0"
redis (changelog)	5.0.8 -> 5.4.1
rexml (changelog)	3.2.6 -> 3.4.4
rollup (source)	2.79.1 -> 2.79.2
rouge (source, changelog)	4.2.0 -> 4.6.1
rubocop-minitest (source, changelog)	0.34.3 -> 0.38.2
rubocop-rails-omakase	1.0.0 -> 1.1.0
rubyzip (changelog)	2.3.2 -> 2.4.1
selenium-webdriver (source, changelog)	4.16.0 -> 4.35.0
sidekiq (source, changelog)	7.2.0 -> 7.3.9
sprockets-rails (changelog)	3.4.2 -> 3.5.2
stackprof (changelog)	0.2.25 -> 0.2.27
stimulus-rails (source)	1.3.0 -> 1.3.4
terser (changelog)	1.1.20 -> 1.2.6
trix (source)	2.0.5 -> 2.1.15
webmock (changelog)	3.19.1 -> 3.25.1
webpack	4.46.0 -> 4.47.0
webrick	1.8.1 -> 1.9.1

---

Release Notes

aws/aws-sdk-ruby (aws-sdk-s3)

v1.199.1

• Issue - Update TransferManager#download_file and Object#download_file documentation regarding temporary file usage and failure handling for different destination types.

v1.199.0

• Feature - This release includes backward compatibility work on the "Expires" parameter.

v1.198.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Fix multipart download_file to support Pathname, File and Tempfile objects as download destinations.

v1.197.0

• Issue - When multipart stream uploader fails to complete multipart upload, it calls abort multipart upload.

• Issue - For Aws::S3::Object class, the following methods have been deprecated: download_file, upload_file and upload_stream. Use Aws::S3::TransferManager instead.

• Feature - Add Aws::S3::TransferManager, a S3 transfer utility that provides upload/download capabilities with automatic multipart handling, progress tracking, and handling of large files.

v1.196.1

• Issue - Add range validation to multipart download to ensure all parts are successfully processed.

• Issue - When multipart uploader fails to complete multipart upload, it calls abort multipart upload.

• Issue - Clean up partially downloaded file on multipart download_file failure while preserving existing file.

v1.196.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.195.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.194.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.193.0

• Feature - Amazon S3 Metadata live inventory tables provide a queryable inventory of all the objects in your general purpose bucket so that you can determine the latest state of your data. To help minimize your storage costs, use journal table record expiration to set a retention period for your records.

v1.192.0

• Feature - Added support for directory bucket creation with tags and bucket ARN retrieval in CreateBucket, ListDirectoryBuckets, and HeadBucket operations

v1.191.0

• Feature - Adds support for additional server-side encryption mode and storage class values for accessing Amazon FSx data from Amazon S3 using S3 Access Points

v1.190.0

• Feature - Added support for renaming objects within the same bucket using the new RenameObject API.

v1.189.1

• Issue - Only load required cgi modules for Ruby 3.5.

v1.189.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.188.0

• Feature - Adding checksum support for S3 PutBucketOwnershipControls API.

v1.187.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Signal data in http response listeners prior to writing, so that data can be inspected or verified before potential mutation.

v1.186.1

• Issue - Abort multipart download if object is modified during download.

v1.186.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.185.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.184.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.183.0

• Feature - Amazon S3 adds support for S3 Access Points for directory buckets in AWS Dedicated Local Zones

v1.182.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.181.0

• Feature - Added support for Content-Range header in HeadObject response.

v1.180.0

• Feature - Updated list of the valid AWS Region values for the LocationConstraint parameter for general purpose buckets.

v1.179.0

• Feature - Change the type of MpuObjectSize in CompleteMultipartUploadRequest from int to long.

v1.178.0

• Feature - This change enhances integrity protections for new SDK requests to S3. S3 SDKs now support the CRC64NVME checksum algorithm, full object checksums for multipart S3 objects, and new default integrity protections for S3 requests.

• Feature - Default to using CRC32 checksum validation for S3 uploads and downloads.

v1.177.0

• Feature - This change is only for updating the model regexp of CopySource which is not for validation but only for documentation and user guide change.

v1.176.1

• Issue - Do not normalize object keys when calling presigned_url or presigned_request.

v1.176.0

• Feature - Amazon S3 Metadata stores object metadata in read-only, fully managed Apache Iceberg metadata tables that you can query. You can create metadata table configurations for S3 general purpose buckets.

v1.175.0

• Feature - Amazon S3 introduces support for AWS Dedicated Local Zones

v1.174.0

• Feature - Amazon Simple Storage Service / Features: Add support for ETag based conditional writes in PutObject and CompleteMultiPartUpload APIs to prevent unintended object modifications.

v1.173.0

• Feature - Add support for conditional deletes for the S3 DeleteObject and DeleteObjects APIs. Add support for write offset bytes option used to append to objects with the S3 PutObject API.

v1.172.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.171.0

• Feature - This release updates the ListBuckets API Reference documentation in support of the new 10,000 general purpose bucket default quota on all AWS accounts. To increase your bucket quota from 10,000 to up to 1 million buckets, simply request a quota increase via Service Quotas.

v1.170.1

• Issue - Tighten regex used to check for S3 200 errors.

v1.170.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.169.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.168.0

• Feature - Add support for the new optional bucket-region and prefix query parameters in the ListBuckets API. For ListBuckets requests that express pagination, Amazon S3 will now return both the bucket names and associated AWS regions in the response.

v1.167.0

• Feature - This release introduces a header representing the minimum object size limit for Lifecycle transitions.

v1.166.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.165.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.164.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.163.0

• Feature - Added SSE-KMS support for directory buckets.

v1.162.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.161.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.160.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.159.0

• Feature - Amazon Simple Storage Service / Features : Add support for conditional writes for PutObject and CompleteMultipartUpload APIs.

v1.158.0

• Feature - Amazon Simple Storage Service / Features : Adds support for pagination in the S3 ListBuckets API.

v1.157.0

• Feature - Support head_bucket, get_object_attributes, delete_objects, and copy_object for Access Grants.

v1.156.0

• Feature - Added response overrides to Head Object requests.

v1.155.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.154.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.153.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.152.3

• Issue - Handle 200 errors for all S3 operations that do not have streaming responses.

v1.152.2

• Issue - Revert Handling of 200 errors for all S3 operations.

v1.152.1

• Issue - Handle 200 errors for all S3 operations that do not have streaming responses.

v1.152.0

• Feature - Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.

v1.151.0

• Feature - Updated a few x-id in the http uri traits

v1.150.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.149.1

• Issue - Fix bug where destination bucket default encryption was inadvertently overridden by source object encryption.

v1.149.0

• Feature - Support S3 Access Grants authentication. Access Grants can be enabled with the access_grants option, and custom options can be passed into the access_grants_credentials_provider option. This feature requires aws-sdk-s3control to be installed.

• Feature - Add RBS signatures for customizations of S3.

v1.148.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.147.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Omit ContentType plugin when generating presigned url.

v1.146.1

• Issue - Fix bug where thread_count option was not being respected for multipart uploads.

v1.146.0

• Feature - Fix two issues with response root node names.

v1.145.0

• Feature - Documentation updates for Amazon S3.

v1.144.0

• Feature - This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).

v1.143.1

• Issue - Include original part errors in message when aborting multipart upload fails (#​2990).

v1.143.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

presidentbeef/brakeman (brakeman)

v6.2.2

Compare Source

• Ignore more native gems when building gem
• Revamp command injection in pipeline* calls
• New end-of-support dates for Rails

v6.2.1

Just a packaging fix for brakeman.gem

v6.2.0

• Add --show-ignored option (Gabriel Zayas)
• Add optional support for Prism parser
• Warn about unscoped finds with find_by!
• Treat ::X and X the same, for now (Jill Klang)
• Fix compatibility with default frozen string literals (Jean Boussier)
• Remediation advice for command injection (Nicholas Barone)
• Fix Ruby warnings in test suite (Jean Boussier)
• Support YAML aliases in secret configs (Chedli Bourguiba)
• Add initial Rails 8 support (Ron Shinall)
• Handle mass assignment with splats
• Add support for symbolic links (Lu Zhu)

v6.1.2

Compare Source

• Update Highline to 3.0
• Add EOL date for Ruby 3.3.0
• Avoid copying Sexps that are too large
• Avoid detecting ViewComponentContrib::Base as dynamic render paths (vividmuimui)
• Remove deprecated use of Kernel#open("|...")
• Remove safe_yaml gem dependency
• Avoid detecting Phlex components as dynamic render paths (Máximo Mussini)

teamcapybara/capybara (capybara)

v3.40.0

Compare Source

Release date: 2024-01-26

Changned

• Dropped support for Ruby 2.7, 3.0+ is now required
• Dropped support for Selenium < 4.8
• Use the new headless option on chromedriver with registered selenium driver [Neil Carvalho]

Added

• Capybara::Result#to_ary to support multiple assignment [Sean Doyle]
• has_element? and related matchers [Sean Doyle]
• Rack 3 support

Fixed

• Forward save_screenshot options to selenium - Issue 2738
• Rack test - don't auto submit forms with multiple inputs [Mitchell Henke]
• Table row selector matches cell values in order - Issue 2686 [Jeff Parr]
• Table row selector fixes for first column - Issue 2685 [Jeff Par]

mperham/connection_pool (connection_pool)

v2.5.4

Compare Source

• Add ability to remove a broken connection from the pool [#​204, womblep]

v2.5.3

Compare Source

• Fix TruffleRuby/JRuby crash [#​201]

v2.5.2

Compare Source

• Rollback inadvertant change to auto_reload_after_fork default. [#​200]

v2.5.1

Compare Source

• Pass options to TimedStack in checkout [#​195]
• Optimize connection lookup [#​196]
• Fixes for use with Ractors

v2.5.0

Compare Source

• Reap idle connections [#​187]

idle_timeout = 60
pool = ConnectionPool.new ...
pool.reap(idle_timeout, &:close)

• ConnectionPool#idle returns the count of connections not in use [#​187]

rails/cssbundling-rails (cssbundling-rails)

v1.4.3

Compare Source

What's Changed

• Improve package manager detection for Bun 1.2 compatibility by @​r3cha in #​165
• Fixes a couple minor issues with bootstrap out of the box by @​mattrasband in #​160

New Contributors

• @​mec made their first contribution in #​167
• @​r3cha made their first contribution in #​165
• @​mattrasband made their first contribution in #​160

Full Changelog: rails/cssbundling-rails@v1.4.2...v1.4.3

v1.4.2

Compare Source

What's Changed

• Update for Tailwind CSS v4 by @​justalever in #​164

Full Changelog: rails/cssbundling-rails@v1.4.1...v1.4.2

v1.4.1

Compare Source

What's Changed

• Disable loading .env file when running foreman for development by @​Flixt in #​155
• Overwrite bin/dev by force to deal with new default bin/dev file coming in Rails 8 by @​dhh

Full Changelog: rails/cssbundling-rails@v1.4.0...v1.4.1

v1.4.0

Compare Source

What's Changed

• Fix bun/bootstrap escaping issue by @​dhh in 09d81cb
• Synchronize bin/dev from jsbundling-rails to cssbundling-rails by @​dorianmarie in #​151
• Use Thor's apply instead of a prerequisite task by @​jonathanhefner in #​150
• Fix running "rails new --css bootstrap" on 7.1 by @​skipkayhil in #​147
• PNPM Support by @​ksylvest in #​145

New Contributors

• @​sedubois made their first contribution in #​129
• @​dorianmarie made their first contribution in #​151
• @​jonathanhefner made their first contribution in #​150
• @​tylerpaige made their first contribution in #​148
• @​skipkayhil made their first contribution in #​147
• @​ksylvest made their first contribution in #​145

Full Changelog: rails/cssbundling-rails@v1.3.3...v1.4.0

ruby/debug (debug)

v1.11.0

Compare Source

What's Changed

• Configurations
  • Add show_src_lines_frame option by @​HeyNonster in #​1138
  • no_repeat option by @​ko1 in #​1140
  • Support XDG directories for config and history files by @​jgarber623 in #​1055
  • fix hitory file path by @​ko1 in #​1146
• Fix
  • Fix FrameInfo#block_identifier by @​andrepiske in #​1137
  • The debug gem can abort when stepping into a rescue clause: by @​mame in #​1142
  • Explicitly skip TracePoint events in internal code by @​mame in #​1143
  • Fix encoding crash when LANG environment is empty by @​jsxs0 in #​1144
• Misc
  • Normalize formatting, grammar, etc… by @​stevenharman in #​1136
  • Fix help message of the eval command by @​matthieuprat in #​1130
  • Self-document the XDG_STATE_HOME fallback by @​jasonkarns in [#​1148]

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box