Skip to content

Bump sprockets from 3.7.2 to 4.2.2#4457

Open
dependabot[bot] wants to merge 2 commits into
masterfrom
dependabot/bundler/sprockets-4.2.2
Open

Bump sprockets from 3.7.2 to 4.2.2#4457
dependabot[bot] wants to merge 2 commits into
masterfrom
dependabot/bundler/sprockets-4.2.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 21, 2025
edited
Loading

Bumps sprockets from 3.7.2 to 4.2.2.

Release notes

Sourced from sprockets's releases.

4.2.1

What's Changed

New Contributors

Full Changelog: rails/sprockets@v4.2.0...v4.2.1

4.2.0

What's Changed

New Contributors

Full Changelog: rails/sprockets@v4.1.1...v4.2.0

v4.1.1

  • Fix Sprockets::Server to return response headers to compatible with with Rack::Lint 2.0.

Full Changelog: rails/sprockets@v4.1.0...v4.1.1

v4.1.0

What's Changed

... (truncated)

Changelog

Sourced from sprockets's changelog.

4.2.2

  • Added missing dependency on logger. #813
  • Fix URI::RFC3986_PARSER warnings. #812
  • Removed dependency on base64. #810

4.2.1

  • Fix for precompile issues when multiple extensions map to the same MIME type (eg. .jpeg / .jpg). #781
  • Fix application/css-sourcemap+json charset #764
  • Fix compatibility with Rack 2 applications. #790

4.2.0

  • Rack 3 compatibility. #758
  • Fix thread safety of Sprockets::CachedEnvironment and Sprockets::Cache::MemoryStore. #771
  • Add support for Rack 3.0. Headers set by sprockets will now be lower case. #758
  • Make Sprockets::Utils.module_include thread safe on JRuby. #759
  • Fix typo in asset.rb file. #768

4.1.1

  • Fix Sprockets::Server to return response headers to be compatible with Rack::Lint 2.0.

4.1.0

  • Allow age to be altered in asset:clean rake task.
  • Fix Sprockets::Server to return lower-cased response headers to comply with Rack::Lint 3.0. #744
  • Adding new directive depend_on_directory #668
  • Fix application/js-sourcemap+json charset #669
  • Fix CachedEnvironment caching nil values #723
  • Process *.jst.ejs.erb files with ERBProcessor #674
  • Fix cache key for coffee script processor to be dependent on the filename #670

4.0.3

  • Fix Manifest#find yielding from a Promise causing issue on Ruby 3.1.0-dev. #720
  • Better detect the ERB version to avoid deprecation warnings. #719
  • Allow assets already fingerprinted to be served through Sprockets::Server
  • Do not fingerprint files that already contain a valid digest in their name
  • Remove remaining support for Ruby < 2.4.#672

4.0.2

  • Fix etag and digest path compilation that were generating string with invalid digest since 4.0.1.

4.0.1

  • Fix for Ruby 2.7 keyword arguments warning in base.rb. #660
  • Fix for when x_sprockets_linecount is missing from a source map.

... (truncated)

Commits
  • 4dff018 Release 4.2.2
  • 2fe13f2 Merge pull request #812 from yahonda/uri_rfc3986_parser_escape_and_unescape_a...
  • 19b056c Merge pull request #813 from yahonda/add_logger
  • ceac1ce Merge pull request #811 from yahonda/bump_rake
  • e87e7c6 Add logger as dependency to address warnings against Ruby 3.4.0dev
  • 9386ae4 Address warning: URI::RFC3986_PARSER warnings against ruby 3.4.0dev
  • 8b47cd5 Bump rake version 13 or higher to suppress ostruct warnings
  • 37b8468 Merge pull request #799 from m-nakamura145/update-ci-matrix
  • e4686d5 Merge pull request #810 from tricknotes/drop-base64
  • b8eaeef Drop base64 gem from dependency
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies ruby Pull requests that update ruby code labels Apr 21, 2025
@dependabot dependabot Bot mentioned this pull request Apr 21, 2025
Closed
@dependabot dependabot Bot force-pushed the dependabot/bundler/sprockets-4.2.2 branch from c0f5100 to 2730db3 Compare May 5, 2025 15:04
@dependabot dependabot Bot force-pushed the dependabot/bundler/sprockets-4.2.2 branch from 2730db3 to 14bcef6 Compare May 20, 2025 18:58
@yuenmichelle1
Copy link
Copy Markdown
Collaborator

yuenmichelle1 commented Mar 26, 2026

@dependabot rebase

@dependabot
Bump sprockets from 3.7.2 to 4.2.2
f843a1e 
Bumps [sprockets](https://github.com/rails/sprockets) from 3.7.2 to 4.2.2.
- [Release notes](https://github.com/rails/sprockets/releases)
- [Changelog](https://github.com/rails/sprockets/blob/main/CHANGELOG.md)
- [Commits](rails/sprockets@v3.7.2...v4.2.2)

---
updated-dependencies:
- dependency-name: sprockets
  dependency-version: 4.2.2
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/sprockets-4.2.2 branch from 14bcef6 to f843a1e Compare March 26, 2026 18:42
@Tooyosi
Copy link
Copy Markdown
Contributor

Tooyosi commented Apr 29, 2026

https://github.com/dependabot rebase

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 29, 2026

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yuenmichelle1 @Tooyosi