Rebase MissingAttribute patch onto v0.4.1 and clear security advisories#3
Closed
alexstoick wants to merge 23 commits into
Closed
Rebase MissingAttribute patch onto v0.4.1 and clear security advisories#3alexstoick wants to merge 23 commits into
alexstoick wants to merge 23 commits into
Conversation
Bumps [json](https://github.com/flori/json) from 2.1.0 to 2.3.1. - [Release notes](https://github.com/flori/json/releases) - [Changelog](https://github.com/flori/json/blob/master/CHANGES.md) - [Commits](ruby/json@v2.1.0...v2.3.1) Signed-off-by: dependabot[bot] <support@github.com>
Configure WhiteSource for GitHub.com
This allows for parsing a handlebars template once, and then evaluating it multiple times in a clean context, potentially simultaneously.
Basic support for the "with" template helper
…n-2.3.1 Bump json from 2.1.0 to 2.3.1
…om/mvz/ruby-handlebars into mvz-evaluate-with-fresh-context-object
This prevents uninitialized constant errors for environments where there isn't another gem already requiring CGI
Explicitly require the CGI gem
Regenerate Gemfile.lock on top of v0.4.1 so the gem's dev dependencies (rack, nokogiri, jwt, addressable, json) move to patched versions, clearing the open Dependabot alerts on this repo. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Rebase our
MissingAttributepatch onto upstream SmartBear v0.4.1 and regenerateGemfile.lock.Why
This repo had 60+ open Dependabot alerts, all against
Gemfile.lockdev dependencies (rack, nokogiri, jwt, addressable, json) pinned to 2020-era versions. Rebasing onto v0.4.1 and regenerating the lock moves them to patched versions and clears the alerts.Contents
a0aa6a3— the existing "Raise error with missing attribute" patch, cherry-picked onto v0.4.1 (Replacement#_evalwas unchanged upstream, so it applied cleanly).bb7712d— regeneratedGemfile.lock(rack 3.2.6, nokogiri 1.19.3, jwt 2.10.3, addressable 2.9.0, json 2.19.8).Verification
Gem suite passes on v0.4.1 + parslet 2.0 + patch: 37 examples, 0 failures. Also validated against rinsed-web's Handlebars specs (159 examples, 0 failures) in rinsed-org/web#23156, which bumps the consuming ref to
bb7712d.🤖 Generated with Claude Code