Skip to content

Bump bootsnap from 1.7.3 to 1.10.3 #163

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump bootsnap from 1.7.3 to 1.10.3 #163

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 7, 2022

Bumps bootsnap from 1.7.3 to 1.10.3.

Changelog

Sourced from bootsnap's changelog.

1.10.3

  • Fix Regexp and Date type support in YAML compile cache. (#400)

  • Improve the YAML compile cache to support UTF-8 symbols. (#398, #399) The default MessagePack symbol serializer assumes all symbols are ASCII, because of this, non-ASCII compatible symbol would be restored with ASCII_8BIT encoding (AKA BINARY). Bootsnap now properly cache them in UTF-8.

    Note that the above only apply for actual YAML symbols (e..g --- :foo). The issue is still present for string keys parsed with YAML.load_file(..., symbolize_names: true), that is a bug in msgpack that will hopefully be solved soon, see: msgpack/msgpack-ruby#246

  • Entirely disable the YAML compile cache if Encoding.default_internal is set to an encoding not supported by msgpack. (#398) Psych coerce strings to Encoding.default_internal, but MessagePack doesn't. So in this scenario we can't provide YAML caching at all without returning the strings in the wrong encoding. This never came up in practice but might as well be safe.

1.10.2

  • Reduce the Kernel.require extra stack frames some more. Now bootsnap should only add one extra frame per require call.

  • Better check freeze option support in JSON compile cache. Previously JSON.load_file(..., freeze: true) would be cached even when the msgpack version is missing support for it.

1.10.1

  • Fix Kernel#autoload's fallback path always being executed.

  • Consider unlink failing with ENOENT as a success.

1.10.0

  • Delay requiring FileUtils. (#285) FileUtils can be installed as a gem, so it's best to wait for bundler to have setup the load path before requiring it.

  • Improve support of Psych 4. (#392) Since 1.8.0, YAML.load_file was no longer cached when Psych 4 was used. This is because load_file loads in safe mode by default, so the Bootsnap cache could defeat that safety. Now when precompiling YAML files, Bootsnap first try to parse them in safe mode, and if it can't fallback to unsafe mode, and the cache contains a flag that records whether it was generated in safe mode or not. YAML.unsafe_load_file will use safe caches just fine, but YAML.load_file will fallback to uncached YAML parsing if the cache was generated using unsafe parsing.

  • Minimize the Kernel.require extra stack frames. (#393) This should reduce the noise generated by bootsnap on LoadError.

1.9.4

  • Ignore absolute paths in the loaded feature index. (#385)

... (truncated)

Commits
  • fbdce33 Release 1.10.3
  • 1e71cc5 Merge pull request #400 from Shopify/improve-yaml-cache-some-more
  • 31dce79 Fix Regexp and Date handling in YAML compile cache
  • a75ab21 Merge pull request #399 from Shopify/simpler-symbol-encoding
  • 85f1242 Simplified handling of UTF-8 symbols in YAML
  • 487d46c Appease rubocop
  • 2e61f8d Merge pull request #398 from Shopify/symbol-encoding
  • 647969f Code style and CI improvements
  • 76a05db YAML compile cache: encoding aware symbols
  • e3ef615 Merge pull request #397 from mishina2228/chagelog
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump bootsnap from 1.7.3 to 1.10.3
5e946bb 
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.7.3 to 1.10.3.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](Shopify/bootsnap@v1.7.3...v1.10.3)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Feb 7, 2022
@dependabot dependabot bot mentioned this pull request Feb 7, 2022
Closed
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 14, 2022

Superseded by #171.

@dependabot dependabot bot closed this Mar 14, 2022
@dependabot dependabot bot deleted the dependabot/bundler/bootsnap-1.10.3 branch March 14, 2022 10:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants