Skip to content

Bump the ruby-dependencies group across 1 directory with 4 updates #111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the ruby-dependencies group across 1 directory with 4 updates #111

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 8, 2025
edited
Loading

Bumps the ruby-dependencies group with 4 updates in the /cloud-run/in-container/ruby directory: sinatra, datadog, rackup and puma.

Updates sinatra from 4.1.1 to 4.2.1

Changelog

Sourced from sinatra's changelog.

4.2.1 / 2025-10-10

4.2.0 / 2025-10-08

  • New: Add :static_headers setting for custom headers in static file responses (#2089)
  • Fix: Fix regex in etag_matches? to prevent ReDoS (#2121)
  • Fix: PATH_INFO can never be empty (#2114)
  • Fix: Fix malformed Content-Type headers (#2081)
  • Fix: Avoid crash for integer values in content_type parameters (#2078)
Commits

Updates datadog from 2.21.0 to 2.22.0

Release notes

Sourced from datadog's releases.

2.22.0

Highlights

This release implements most of the Dynamic Instrumentation Expression Language. It is not yet enabled in the Datadog UI. We also added support for Remote Configuration capabilities like fingerprinting, trace tagging and user auto-instrumentation in AppSec.

Added

  • Tracing: Add GraphQL error tracking with OpenTelemetry semantics (#4864)
  • AppSec: API Security: Add endpoint collection for Rails (#4919)
  • AppSec: Updated WAF rules to add support for JWT analysis (#4907)
  • AppSec: Enable Remote Configuration capabilities for fingerprinting, trace tagging and user auto-instrumentation (#4965)
  • Dynamic Instrumentation: Support @duration, @return and @exception in message templates (#4914)
  • Dynamic Instrumentation: Report evaluation errors to the UI (#4913)
  • Dynamic Instrumentation: Support conditions for method probes (#4909)
  • Dynamic Instrumentation: Capture exceptions raised by instrumented methods in method probes (#4906)
  • Dynamic Instrumentation: Add support for probe conditions for line probes (#4861)

Changed

  • Core: Upgrade libdatadog dependency to 22.0.1 (#4902)
  • Tracing: Add Forwarded header to the list of headers used for remote IP detection. (#4969)
  • AppSec: Update libddwaf to version 1.25.1.0.1 (#4894)
  • AppSec: WAF rules can control whether traces are kept or sampled (#4918)
  • Dynamic Instrumentation: Evaluate message templates when logging instrumented code (#4908)

Fixed

  • Core: Improve locking code for remote configuration worker (#4957)
  • Dynamic Instrumentation: Emit a single log event for line probes on exception-raising lines (#4900)
Changelog

Sourced from datadog's changelog.

[2.22.0] - 2025-10-15

Added

  • Tracing: Add GraphQL error tracking with OpenTelemetry semantics (#4864[])
  • AppSec: API Security: Add endpoint collection for Rails (#4919[])
  • AppSec: Updated WAF rules to add support for JWT analysis (#4907[])
  • AppSec: Enable Remote Configuration capabilities for fingerprinting, trace tagging and user auto-instrumentation (#4965[])
  • Dynamic Instrumentation: Support [@duration][], [@return][] and [@exception][] in message templates (#4914[])
  • Dynamic Instrumentation: Report evaluation errors to the UI (#4913[])
  • Dynamic Instrumentation: Support conditions for method probes (#4909[])
  • Dynamic Instrumentation: Capture exceptions raised by instrumented methods in method probes (#4906[])
  • Dynamic Instrumentation: Add support for probe conditions for line probes (#4861[])

Changed

  • Core: Upgrade libdatadog dependency to 22.0.1 (#4902[])
  • Tracing: Add Forwarded header to the list of headers used for remote IP detection. (#4969[])
  • AppSec: Update libbddwaf to version 1.25.1.0.1 (#4894[])
  • AppSec: WAF rules can control whether traces are kept or sampled (#4918[])
  • Dynamic Instrumentation: Evaluate message templates when logging instrumented code (#4908[])

Fixed

  • Core: Improve locking code for remote configuration worker (#4957[])
  • Dynamic Instrumentation: Emit a single log event for line probes on exception-raising lines (#4900[])
Commits

Updates rackup from 2.2.1 to 2.3.1

Changelog

Sourced from rackup's changelog.

Releases

All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference Keep A Changelog.

Commits
  • f3fa1d6 Bump patch version.
  • 583c7dc Fix WEBrick SERVER_PORT handling.
  • adc9596 Bump minor version.
  • 8e538be Update the webrick handler to support OPTIONS * requests. (#40)
  • 7a3e190 Update workflows.
  • 5d18f5a Update spec_server.rb
  • c6cdd47 Fix references from Rack::Server to Rackup::Server in comments
  • e3df7cb Provide a 'Changelog' link on rubygems.org/gems/rackup
  • 39d5226 Documentation for how to access handlers programatically.
  • 301b6dd Update releases.md - fixes #29.
  • See full diff in compare view

Updates puma from 7.0.4 to 7.1.0

Release notes

Sourced from puma's releases.

v7.1.0

7.1.0 / 2025-10-16 - Neon Witch

neon_witch

  • Features

    • Introduce after_worker_shutdown hook (#3707)
    • Reintroduce keepalive "fast inline" behavior. Provides faster (8x on JRuby & 1.4x on Ruby) pipeline processing (#3794)

  • Bugfixes

    • Skip reading zero bytes when request body is buffered (#3795)
    • Fix PUMA_LOG_CONFIG=1 logging twice with prune_bundler enabled (#3778)
    • Fix prune_bundler not showing in PUMA_LOG_CONFIG=1 output (#3779)
    • Guard ThreadPool method call, which may be nil during shutdown (#3791, #3790)
    • Set Thread.current.puma_server in Thread init code, not every request (#3774)
    • Fix race condition while deleting pidfile (#3657)

New Contributors

Full Changelog: puma/puma@v7.0.4...v7.1.0

Changelog

Sourced from puma's changelog.

7.1.0 / 2025-10-16

  • Features

    • Introduce after_worker_shutdown hook (#3707)
    • Reintroduce keepalive "fast inline" behavior. Provides faster (8x on JRuby & 1.4x on Ruby) pipeline processing (#3794)

  • Bugfixes

    • Skip reading zero bytes when request body is buffered (#3795)
    • Fix PUMA_LOG_CONFIG=1 logging twice with prune_bundler enabled (#3778)
    • Fix prune_bundler not showing in PUMA_LOG_CONFIG=1 output (#3779)
    • Guard ThreadPool method call, which may be nil during shutdown (#3791, #3790)
    • Set Thread.current.puma_server in Thread init code, not every request (#3774)
    • Fix race condition while deleting pidfile (#3657)
Commits
  • fb2a073 v7.1.0 (#3797)
  • 4edb9e9 client.rb - read_body - cleanup last lines of method (#3798)
  • 84a568a Update wait_for_less_busy_worker docs (#3757)
  • e59a604 Initialize only essential Launcher state before prune_bundler restart (#3...
  • 6844de7 client.rb - Skip reading zero bytes when request body is buffered (#3795)
  • 1d3d6b7 Set Thread.current.puma_server in Thread init code, not every request (#3774)
  • 9b34cde Adding syntax highlighting in k8s docs (#3782)
  • a2bd2f6 Add prune_bundler to Configuration::DEFAULTS (#3779)
  • d7a0854 ci: Update hey benchmark files, minor fixes and formatting (#3796)
  • ff08099 ci: Update Update test/rackup/sleep_fibonacci.ru, add test script (#3793)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the ruby-dependencies group across 1 directory with 4 updates
9b06096 
Bumps the ruby-dependencies group with 4 updates in the /cloud-run/in-container/ruby directory: [sinatra](https://github.com/sinatra/sinatra), [datadog](https://github.com/DataDog/dd-trace-rb), [rackup](https://github.com/rack/rackup) and [puma](https://github.com/puma/puma).


Updates `sinatra` from 4.1.1 to 4.2.1
- [Changelog](https://github.com/sinatra/sinatra/blob/main/CHANGELOG.md)
- [Commits](sinatra/sinatra@v4.1.1...v4.2.1)

Updates `datadog` from 2.21.0 to 2.22.0
- [Release notes](https://github.com/DataDog/dd-trace-rb/releases)
- [Changelog](https://github.com/DataDog/dd-trace-rb/blob/master/CHANGELOG.md)
- [Commits](DataDog/dd-trace-rb@v2.21.0...v2.22.0)

Updates `rackup` from 2.2.1 to 2.3.1
- [Release notes](https://github.com/rack/rackup/releases)
- [Changelog](https://github.com/rack/rackup/blob/main/releases.md)
- [Commits](rack/rackup@v2.2.1...v2.3.1)

Updates `puma` from 7.0.4 to 7.1.0
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/main/History.md)
- [Commits](puma/puma@v7.0.4...v7.1.0)

---
updated-dependencies:
- dependency-name: sinatra
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-dependencies
- dependency-name: datadog
  dependency-version: 2.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-dependencies
- dependency-name: rackup
  dependency-version: 2.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-dependencies
- dependency-name: puma
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Dec 8, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 8, 2025 18:34
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Dec 8, 2025
@apiarian-datadog apiarian-datadog mentioned this pull request Jan 6, 2026
Merged
apiarian-datadog added a commit that referenced this pull request Jan 6, 2026
@apiarian-datadog @dependabot
chore(deps): combine Dependabot updates (#121)
79ecae3 
## Combined Dependabot Updates

This PR combines 18 Dependabot PR(s) into a single update.

### Included PRs
- #84 - Bump datadog from 2.21.0 to 2.22.0 in /cloud-run-functions/ruby
in the ruby-dependencies group
- #86 - Bump laravel/laravel from 12.5.0 to 12.9.1 in
/cloud-run/in-container/php in the php-dependencies group
- #88 - Bump the java-dependencies group in /cloud-run/in-container/java
with 2 updates
- #92 - Bump the java-dependencies group in /cloud-run/sidecar/java with
2 updates
- #93 - Bump ddtrace from 3.15.0 to 3.17.2 in /cloud-run/sidecar/python
in the python-dependencies group
- #95 - Bump ddtrace from 3.15.0 to 3.17.2 in
/cloud-run-functions/python in the python-dependencies group
- #96 - Bump the go-dependencies group in /cloud-run/sidecar/go with 3
updates
- #97 - Bump the go-dependencies group in /cloud-run-functions/go with 2
updates
- #98 - Bump the go-dependencies group in /cloud-run/in-container/go
with 3 updates
- #99 - Bump the python-dependencies group in
/cloud-run/in-container/python with 2 updates
- #110 - Bump the ruby-dependencies group across 1 directory with 4
updates
- #111 - Bump the ruby-dependencies group across 1 directory with 4
updates
- #112 - Bump the npm-dependencies group across 1 directory with 3
updates
- #113 - Bump the npm-dependencies group across 1 directory with 3
updates
- #114 - Bump the npm-dependencies group across 1 directory with 3
updates
- #117 - Bump the java-dependencies group across 1 directory with 5
updates
- #118 - Bump the dotnet-dependencies group with 2 updates
- #120 - Bump the dotnet-dependencies group with 2 updates

### Summary
- ✅ Successfully combined: 18 PR(s)

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 6, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 6, 2026
@dependabot dependabot bot deleted the dependabot/bundler/cloud-run/in-container/ruby/ruby-dependencies-68f5f06dc1 branch January 6, 2026 20:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant