Skip to content

chore(deps): bump the ruby-deps group with 7 updates #2432

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): bump the ruby-deps group with 7 updates #2432

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 12, 2026

Bumps the ruby-deps group with 7 updates:

Package From To
bootstrap 5.3.5 5.3.8
simple_form 5.4.0 5.4.1
pagy 43.2.2 43.2.3
commonmarker 2.6.0 2.6.1
importmap-rails 2.2.2 2.2.3
rubocop-rspec 3.8.0 3.9.0
carrierwave-aws 1.6.0 1.6.1

Updates bootstrap from 5.3.5 to 5.3.8

Commits

Updates simple_form from 5.4.0 to 5.4.1

Release notes

Sourced from simple_form's releases.

v5.4.1

https://github.com/heartcombo/simple_form/blob/v5.4.1/CHANGELOG.md

Changelog

Sourced from simple_form's changelog.

5.4.1

  • Ruby 4.0 support (no changes required)
  • Support procs on validators for minlength/maxlength, and improve validators logic across the board to match Rails #1859
Commits
  • 2df5c7d Release v5.4.1
  • f231160 Stop updating copyright every year [ci skip]
  • 55e66f1 Exclude Rails main + Ruby 3.2
  • 9dce1a0 Handle length validator with procs, improve validators support (#1859)
  • 584127a Test with Ruby 4.0
  • c13176e Make rdoc a dev dependency on the gemspec
  • ef3e121 Bundle update
  • 44384d3 Test with the released version of v7.0
  • ac606d7 Add version to changelog (oops!) [ci skip]
  • See full diff in compare view

Updates pagy from 43.2.2 to 43.2.3

Release notes

Sourced from pagy's releases.

Version 43.2.3

Changes in 43.2.3

  • Remove rerun
  • Improved direction handling in CSSs

CHANGELOG

Version 43

We needed a leap version to unequivocally signaling that it's not just a major version: it's a complete redesign of the legacy code at all levels, usage and API included.

Why 43? Because it's exactly one step beyond "The answer to the ultimate question of life, the Universe, and everything." 😉

Improvements

This version introduces several enhancements, such as new :countish and :keynav_js paginators and improved automation and configuration processes, reducing setup requirements by 99%. The update also includes a simpler API and new interactive development tools, making it a comprehensive upgrade from previous versions.

  • New :countish Paginator
    • Faster than OFFSET and supporting the full UI
  • New Keynav Pagination
    • The pagy-exclusive technique using the fastest keysetpagination alongside all frontend helpers.
  • New interactive dev-tools
    • New PagyWand to integrate the pagy CSS with your app themes.
    • New Pagy AI available right inside your own app.
  • Intelligent automation
  • Simpler API
    • You solely need the pagy method and the @​pagy instance to paginate any collection and use any navigation tag and helper.
    • Methods are autoloaded only if used, and consume no memory otherwise.
    • Methods have narrower scopes and can be overridden without deep knowledge.
  • New documentation
    • Very concise, straightforward, and easy to navigate and understand.

Upgrade to 43

See the Upgrade Guide

Changelog

Sourced from pagy's changelog.

Version 43.2.3

  • Remove rerun
  • Improved direction handling in CSSs
Commits

Updates commonmarker from 2.6.0 to 2.6.1

Release notes

Sourced from commonmarker's releases.

v2.6.1

What's Changed

Full Changelog: gjtorikian/commonmarker@v2.6.0...v2.6.1

Changelog

Sourced from commonmarker's changelog.

[v2.6.1] - 06-01-2026

What's Changed

Full Changelog: gjtorikian/commonmarker@v2.6.0...v2.6.1

Commits
  • 083c238 Merge pull request #429 from gjtorikian/release/v2.6.1
  • 5461385 [skip test] update changelog
  • dfb3d48 Merge pull request #426 from gjtorikian/bump-to-4
  • ed521e8 add central test suite
  • dbac3c1 add central test suite
  • e1e87e2 💎 bump to 2.6.1
  • a00a9f7 update release mechanism
  • 9e6eb29 Merge pull request #423 from gjtorikian/dependabot/cargo/rb-sys-0.9.123
  • e65b662 Bump rb-sys from 0.9.119 to 0.9.123
  • 160f736 Update CHANGELOG with comrak v0.48.0 changes
  • Additional commits viewable in compare view

Updates importmap-rails from 2.2.2 to 2.2.3

Release notes

Sourced from importmap-rails's releases.

v2.2.3

What's Changed

Full Changelog: rails/importmap-rails@v2.2.2...v2.2.3

Commits
  • 6fb2bd5 Prepare for 2.2.3
  • 682e058 Merge pull request #322 from rails/rmf-fix-321
  • a04dd30 Handle package names with nested paths in import maps
  • 9b0a9e0 Merge pull request #323 from rails/rmf-test-ruby-4
  • e37bea6 Test with Ruby 4.0 and Rails 8.1
  • 51c1a53 Merge pull request #313 from rails/rm-fix-282
  • 3e94dfa Add some copilot prompts for this project
  • 7ffedcb Fix pin_all_from incorrectly removing "js" substring from filenames
  • See full diff in compare view

Updates rubocop-rspec from 3.8.0 to 3.9.0

Release notes

Sourced from rubocop-rspec's releases.

RuboCop RSpec v3.9.0

  • Fix a false positive for RSpec/LeakyLocalVariable when variables are used only in example metadata (e.g., skip messages). (@​ydah)
  • Fix a false positive for RSpec/ScatteredSetup when the hook is defined inside a class method. (@​d4rky-pl)
  • Fix a false positive for RSpec/DescribedClass inside dynamically evaluated blocks (class_eval, module_eval, instance_eval, class_exec, module_exec, instance_exec). (@​sucicfilip)
  • Add new cop RSpec/Output. (@​kevinrobell-st)
Changelog

Sourced from rubocop-rspec's changelog.

3.9.0 (2026-01-07)

  • Fix a false positive for RSpec/LeakyLocalVariable when variables are used only in example metadata (e.g., skip messages). ([@​ydah])
  • Fix a false positive for RSpec/ScatteredSetup when the hook is defined inside a class method. ([@​d4rky-pl])
  • Fix a false positive for RSpec/DescribedClass inside dynamically evaluated blocks (class_eval, module_eval, instance_eval, class_exec, module_exec, instance_exec). ([@​sucicfilip])
  • Add new cop RSpec/Output. ([@​kevinrobell-st])
Commits
  • f7aecf0 Merge pull request #2151 from rubocop/release
  • 893a25b Bump version to 3.9.0
  • 91ad43d Merge pull request #2150 from kevinrobell-st/patch-1
  • 802b386 Fix CHANGELOG
  • a03e0c7 Merge pull request #2149 from rubocop/ci-test-ruby-4.0
  • 68f25d9 Temporarily add irb to Gemfile
  • b9e50b8 CI: Test with Ruby 4.0
  • b63bcd8 Merge pull request #2148 from sucicfilip/fix-described-class-inside-eval
  • 278245a Fix RSpec/DescribedClass to ignore *_eval and *_exec blocks
  • ca18f5e Merge pull request #2144 from rubocop/dont-use-ruby-version
  • Additional commits viewable in compare view

Updates carrierwave-aws from 1.6.0 to 1.6.1

Changelog

Sourced from carrierwave-aws's changelog.

Version 1.6.1 2026-01-10

  • Fixed: Replace deprecated Aws::S3::Object#upload_file with TransferManager if available [Jules, Foto]
  • Fixed: Correct typo MULTIPART_TRESHOLD to MULTIPART_THRESHOLD [Naoki Hayashida]
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the ruby-deps group with 7 updates
dd7ea8f 
Bumps the ruby-deps group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [bootstrap](https://github.com/twbs/bootstrap-rubygem) | `5.3.5` | `5.3.8` |
| [simple_form](https://github.com/heartcombo/simple_form) | `5.4.0` | `5.4.1` |
| [pagy](https://github.com/ddnexus/pagy) | `43.2.2` | `43.2.3` |
| [commonmarker](https://github.com/gjtorikian/commonmarker) | `2.6.0` | `2.6.1` |
| [importmap-rails](https://github.com/rails/importmap-rails) | `2.2.2` | `2.2.3` |
| [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) | `3.8.0` | `3.9.0` |
| [carrierwave-aws](https://github.com/sorentwo/carrierwave-aws) | `1.6.0` | `1.6.1` |


Updates `bootstrap` from 5.3.5 to 5.3.8
- [Release notes](https://github.com/twbs/bootstrap-rubygem/releases)
- [Changelog](https://github.com/twbs/bootstrap-rubygem/blob/main/CHANGELOG.md)
- [Commits](twbs/bootstrap-rubygem@v5.3.5...v5.3.8)

Updates `simple_form` from 5.4.0 to 5.4.1
- [Release notes](https://github.com/heartcombo/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/main/CHANGELOG.md)
- [Commits](heartcombo/simple_form@v5.4.0...v5.4.1)

Updates `pagy` from 43.2.2 to 43.2.3
- [Release notes](https://github.com/ddnexus/pagy/releases)
- [Changelog](https://github.com/ddnexus/pagy/blob/master/docs/CHANGELOG.md)
- [Commits](ddnexus/pagy@43.2.2...43.2.3)

Updates `commonmarker` from 2.6.0 to 2.6.1
- [Release notes](https://github.com/gjtorikian/commonmarker/releases)
- [Changelog](https://github.com/gjtorikian/commonmarker/blob/main/CHANGELOG.md)
- [Commits](gjtorikian/commonmarker@v2.6.0...v2.6.1)

Updates `importmap-rails` from 2.2.2 to 2.2.3
- [Release notes](https://github.com/rails/importmap-rails/releases)
- [Commits](rails/importmap-rails@v2.2.2...v2.2.3)

Updates `rubocop-rspec` from 3.8.0 to 3.9.0
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop-rspec@v3.8.0...v3.9.0)

Updates `carrierwave-aws` from 1.6.0 to 1.6.1
- [Release notes](https://github.com/sorentwo/carrierwave-aws/releases)
- [Changelog](https://github.com/carrierwaveuploader/carrierwave-aws/blob/master/CHANGELOG.md)
- [Commits](carrierwaveuploader/carrierwave-aws@v1.6.0...v1.6.1)

---
updated-dependencies:
- dependency-name: bootstrap
  dependency-version: 5.3.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: simple_form
  dependency-version: 5.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: pagy
  dependency-version: 43.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: commonmarker
  dependency-version: 2.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: importmap-rails
  dependency-version: 2.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: rubocop-rspec
  dependency-version: 3.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: ruby-deps
- dependency-name: carrierwave-aws
  dependency-version: 1.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies ruby Pull requests that update Ruby code labels Jan 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant