Update Mend: high confidence minor and patch dependency updates

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
aws-sdk-s3 (source, changelog)	1.142.0 -> 1.167.0
aws-sdk-sns (source, changelog)	1.70.0 -> 1.88.0
brakeman (source, changelog)	6.1.1 -> 6.2.1
capybara (changelog)	3.39.2 -> 3.40.0
cssbundling-rails (changelog)	1.3.3 -> 1.4.1
dalli (changelog)	3.2.6 -> 3.2.8
debug	1.9.1 -> 1.9.2
delayed_job_active_record	4.1.8 -> 4.1.10
eslint-plugin-import	2.27.5 -> 2.31.0
image_processing	1.12.2 -> 1.13.0
jbuilder (changelog)	2.11.5 -> 2.13.0
jsbundling-rails (changelog)	1.2.1 -> 1.3.1
listen (changelog)	3.8.0 -> 3.9.0
minitest (changelog)	">= 5.15.0", "< 5.22.0" -> ">= 5.15.0", "< 5.25.2"
propshaft	0.8.0 -> 0.9.1
qunit (source)	2.19.4 -> 2.22.0
rake (changelog)	13.1.0 -> 13.2.1
rdoc (source, changelog)	6.6.2 -> 6.7.0
rexml (changelog)	3.2.6 -> 3.3.8
rouge (source, changelog)	4.2.0 -> 4.4.0
rubocop (source, changelog)	1.59.0 -> 1.66.1
rubocop-minitest (source, changelog)	0.34.3 -> 0.36.0
sprockets-rails (changelog)	3.4.2 -> 3.5.2
stackprof (changelog)	0.2.25 -> 0.2.26
stimulus-rails (source)	1.3.0 -> 1.3.4
trix (source)	2.0.5 -> 2.1.6
webmock (changelog)	3.19.1 -> 3.24.0
webpack	4.46.0 -> 4.47.0
webrick	1.8.1 -> 1.8.2

---

Release Notes

aws/aws-sdk-ruby (aws-sdk-s3)

v1.167.0

• Feature - This release introduces a header representing the minimum object size limit for Lifecycle transitions.

v1.166.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.165.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.164.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.163.0

• Feature - Added SSE-KMS support for directory buckets.

v1.162.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.161.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.160.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.159.0

• Feature - Amazon Simple Storage Service / Features : Add support for conditional writes for PutObject and CompleteMultipartUpload APIs.

v1.158.0

• Feature - Amazon Simple Storage Service / Features : Adds support for pagination in the S3 ListBuckets API.

v1.157.0

• Feature - Support head_bucket, get_object_attributes, delete_objects, and copy_object for Access Grants.

v1.156.0

• Feature - Added response overrides to Head Object requests.

v1.155.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.154.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.153.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.152.3

• Issue - Handle 200 errors for all S3 operations that do not have streaming responses.

v1.152.2

• Issue - Revert Handling of 200 errors for all S3 operations.

v1.152.1

• Issue - Handle 200 errors for all S3 operations that do not have streaming responses.

v1.152.0

• Feature - Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.

v1.151.0

• Feature - Updated a few x-id in the http uri traits

v1.150.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.149.1

• Issue - Fix bug where destination bucket default encryption was inadvertently overridden by source object encryption.

v1.149.0

• Feature - Support S3 Access Grants authentication. Access Grants can be enabled with the access_grants option, and custom options can be passed into the access_grants_credentials_provider option. This feature requires aws-sdk-s3control to be installed.

• Feature - Add RBS signatures for customizations of S3.

v1.148.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.147.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Omit ContentType plugin when generating presigned url.

v1.146.1

• Issue - Fix bug where thread_count option was not being respected for multipart uploads.

v1.146.0

• Feature - Fix two issues with response root node names.

v1.145.0

• Feature - Documentation updates for Amazon S3.

v1.144.0

• Feature - This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).

v1.143.1

• Issue - Include original part errors in message when aborting multipart upload fails (#​2990).

v1.143.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

aws/aws-sdk-ruby (aws-sdk-sns)

v1.88.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.87.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.86.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.85.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.84.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.83.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.82.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.81.0

• Feature - Add v2 smoke tests and smithy smokeTests trait for SDK testing.

v1.80.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.79.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.78.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.77.0

• Feature - Doc-only update for SNS. These changes include customer-reported issues and TXC3 updates.

v1.76.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.75.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.74.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.73.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

v1.72.0

• Feature - This release marks phone numbers as sensitive inputs.

v1.71.0

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

presidentbeef/brakeman (brakeman)

v6.2.1

Just a packaging fix for brakeman.gem

v6.2.0

• Add --show-ignored option (Gabriel Zayas)
• Add optional support for Prism parser
• Warn about unscoped finds with find_by!
• Treat ::X and X the same, for now (Jill Klang)
• Fix compatibility with default frozen string literals (Jean Boussier)
• Remediation advice for command injection (Nicholas Barone)
• Fix Ruby warnings in test suite (Jean Boussier)
• Support YAML aliases in secret configs (Chedli Bourguiba)
• Add initial Rails 8 support (Ron Shinall)
• Handle mass assignment with splats
• Add support for symbolic links (Lu Zhu)

v6.1.2

Compare Source

• Update Highline to 3.0
• Add EOL date for Ruby 3.3.0
• Avoid copying Sexps that are too large
• Avoid detecting ViewComponentContrib::Base as dynamic render paths (vividmuimui)
• Remove deprecated use of Kernel#open("|...")
• Remove safe_yaml gem dependency
• Avoid detecting Phlex components as dynamic render paths (Máximo Mussini)

teamcapybara/capybara (capybara)

v3.40.0

Compare Source

Release date: 2024-01-26

Changned

• Dropped support for Ruby 2.7, 3.0+ is now required
• Dropped support for Selenium < 4.8
• Use the new headless option on chromedriver with registered selenium driver [Neil Carvalho]

Added

• Capybara::Result#to_ary to support multiple assignment [Sean Doyle]
• has_element? and related matchers [Sean Doyle]
• Rack 3 support

Fixed

• Forward save_screenshot options to selenium - Issue 2738
• Rack test - don't auto submit forms with multiple inputs [Mitchell Henke]
• Table row selector matches cell values in order - Issue 2686 [Jeff Parr]
• Table row selector fixes for first column - Issue 2685 [Jeff Par]

rails/cssbundling-rails (cssbundling-rails)

v1.4.1

Compare Source

What's Changed

• Disable loading .env file when running foreman for development by @​Flixt in https://github.com/rails/cssbundling-rails/pull/155
• Overwrite bin/dev by force to deal with new default bin/dev file coming in Rails 8 by @​dhh

Full Changelog: rails/cssbundling-rails@v1.4.0...v1.4.1

v1.4.0

Compare Source

What's Changed

• Fix bun/bootstrap escaping issue by @​dhh in 09d81cb
• Synchronize bin/dev from jsbundling-rails to cssbundling-rails by @​dorianmarie in https://github.com/rails/cssbundling-rails/pull/151
• Use Thor's apply instead of a prerequisite task by @​jonathanhefner in https://github.com/rails/cssbundling-rails/pull/150
• Fix running "rails new --css bootstrap" on 7.1 by @​skipkayhil in https://github.com/rails/cssbundling-rails/pull/147
• PNPM Support by @​ksylvest in https://github.com/rails/cssbundling-rails/pull/145

New Contributors

• @​sedubois made their first contribution in https://github.com/rails/cssbundling-rails/pull/129
• @​dorianmarie made their first contribution in https://github.com/rails/cssbundling-rails/pull/151
• @​jonathanhefner made their first contribution in https://github.com/rails/cssbundling-rails/pull/150
• @​tylerpaige made their first contribution in https://github.com/rails/cssbundling-rails/pull/148
• @​skipkayhil made their first contribution in https://github.com/rails/cssbundling-rails/pull/147
• @​ksylvest made their first contribution in https://github.com/rails/cssbundling-rails/pull/145

Full Changelog: rails/cssbundling-rails@v1.3.3...v1.4.0

petergoldstein/dalli (dalli)

v3.2.8

Compare Source

==========

• Handle IO::TimeoutError when establishing connection (eugeneius)
• Drop dependency on base64 gem (Earlopain)
• Address incompatibility with resolv-replace (y9v)
• Add rubygems.org metadata (m-nakamura145)

v3.2.7

Compare Source

==========

• Fix cascading error when there's an underlying network error in a pipelined get (eugeneius)
• Ruby 3.4/head compatibility by adding base64 to gemspec (tagliala)
• Add Ruby 3.3 to CI (m-nakamura145)
• Use Socket's connect_timeout when available, and pass timeout to the socket's send and receive timeouts (mlarraz)

ruby/debug (debug)

v1.9.2

Compare Source

What's Changed

• config
  • Make irb_console toggleable with config update by @​st0012 in https://github.com/ruby/debug/pull/1057
• internal
  • Stop assuming Array#each is written in C by @​k0kubun in https://github.com/ruby/debug/pull/1061
  • Add base64 gem to the dependencies by @​y-yagi in https://github.com/ruby/debug/pull/1066
  • Support Ruby 3.4's new error message format by @​hsbt in https://github.com/ruby/debug/pull/1080
  • catch up ruby 3.4.0 error related changes by @​ko1 in https://github.com/ruby/debug/pull/1083
  • Fix syntax warnings by @​casperisfine in https://github.com/ruby/debug/pull/1072
  • Drop base64 dependency by @​Earlopain in https://github.com/ruby/debug/pull/1071
  • Fix ENOENT error when readline is not loaded by @​lazyatom in https://github.com/ruby/debug/pull/1073
  • Remove and Restore irb configuration like irbrc while irb console tests by @​hsbt in https://github.com/ruby/debug/pull/1067
  • Use rb_iseqw_to_iseq to get iseq pointer by @​peterzhu2118 in https://github.com/ruby/debug/pull/1093
• tests
  • Add Ruby 3.3 to CI matrix by @​st0012 in https://github.com/ruby/debug/pull/1058
  • Use ruby/actions workflow for ruby versions by @​m-nakamura145 in https://github.com/ruby/debug/pull/1065
  • Separate setup and execution steps in CI by @​ono-max in https://github.com/ruby/debug/pull/1088
  • Fix flakey test "test_reponse_returns_correct_threads_info" by @​ono-max in https://github.com/ruby/debug/pull/1089
  • Add Launchable in CI by @​ono-max in https://github.com/ruby/debug/pull/1090
• doc
  • Correct the irb command's description by @​st0012 in https://github.com/ruby/debug/pull/1056
  • Fix prelude doc example to use curly braces by @​adam12 in https://github.com/ruby/debug/pull/1052
  • Mention IRB console in readme by @​st0012 in https://github.com/ruby/debug/pull/1092

New Contributors

• @​Earlopain made their first contribution in https://github.com/ruby/debug/pull/1071
• @​lazyatom made their first contribution in https://github.com/ruby/debug/pull/1073
• @​m-nakamura145 made their first contribution in https://github.com/ruby/debug/pull/1065

Full Changelog: ruby/debug@v1.9.1...v1.9.2

collectiveidea/delayed_job_active_record (delayed_job_active_record)

v4.1.10

Compare Source

What's Changed

• Fix error in updated clear_all_connections handling by @​albus522 in https://github.com/collectiveidea/delayed_job_active_record/pull/236

Full Changelog: collectiveidea/delayed_job_active_record@v4.1.9...v4.1.10

v4.1.9

Compare Source

What's Changed

• Fix deprecation warning for clear_all_connections! by @​c960657 in https://github.com/collectiveidea/delayed_job_active_record/pull/226
• Optimize PG reservation query for PG >=9.5 by @​stevenharman in https://github.com/collectiveidea/delayed_job_active_record/pull/215
• Optimize mysql query with trilogy gem by @​taketo1113 in https://github.com/collectiveidea/delayed_job_active_record/pull/222
• Add trilogy gem to CI by @​taketo1113 in https://github.com/collectiveidea/delayed_job_active_record/pull/223
• Multiple test suite update contributors

New Contributors

• @​taketo1113 made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/222
• @​m-nakamura145 made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/224
• @​c960657 made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/226
• @​stevenharman made their first contribution in https://github.com/collectiveidea/delayed_job_active_record/pull/215

Full Changelog: collectiveidea/delayed_job_active_record@v4.1.8...v4.1.9

import-js/eslint-plugin-import (eslint-plugin-import)

v2.31.0

Compare Source

Added

• support eslint v9 ([#​2996], thanks [@​G-Rath] [@​michaelfaith])
• [order]: allow validating named imports ([#​3043], thanks [@​manuth])
• [extensions]: add the checkTypeImports option ([#​2817], thanks [@​phryneas])

Fixed

• ExportMap / flat config: include languageOptions in context ([#​3052], thanks [@​michaelfaith])
• [no-named-as-default]: Allow using an identifier if the export is both a named and a default export ([#​3032], thanks [@​akwodkiewicz])
• [export]: False positive for exported overloaded functions in TS ([#​3065], thanks [@​liuxingbaoyu])
• exportMap: export map cache is tainted by unreliable parse results ([#​3062], thanks [@​michaelfaith])
• exportMap: improve cacheKey when using flat config ([#​3072], thanks [@​michaelfaith])
• adjust "is source type module" checks for flat config ([#​2996], thanks [@​G-Rath])

Changed

• [Docs] [no-relative-packages]: fix typo ([#​3066], thanks [@​joshuaobrien])
• [Performance] [no-cycle]: dont scc for each linted file ([#​3068], thanks [@​soryy708])
• [Docs] [no-cycle]: add disableScc to docs ([#​3070], thanks [@​soryy708])
• [Tests] use re-exported RuleTester ([#​3071], thanks [@​G-Rath])
• [Docs] [no-restricted-paths]: fix grammar ([#​3073], thanks [@​unbeauvoyage])
• [Tests] [no-default-export], [no-named-export]: add test case (thanks [@​G-Rath])

v2.30.0

Compare Source

Added

• [dynamic-import-chunkname]: add allowEmpty option to allow empty leading comments ([#​2942], thanks [@​JiangWeixian])
• [dynamic-import-chunkname]: Allow empty chunk name when webpackMode: 'eager' is set; add suggestions to remove name in eager mode ([#​3004], thanks [@​amsardesai])
• [no-unused-modules]: Add ignoreUnusedTypeExports option ([#​3011], thanks [@​silverwind])
• add support for Flat Config ([#​3018], thanks [@​michaelfaith])

Fixed

• [no-extraneous-dependencies]: allow wrong path ([#​3012], thanks [@​chabb])
• [no-cycle]: use scc algorithm to optimize ([#​2998], thanks [@​soryy708])
• [no-duplicates]: Removing duplicates breaks in TypeScript ([#​3033], thanks [@​yesl-kim])
• [newline-after-import]: fix considerComments option when require ([#​2952], thanks [@​developer-bandi])
• [order]: do not compare first path segment for relative paths ([#​2682]) ([#​2885], thanks [@​mihkeleidast])

Changed

• [Docs] [no-extraneous-dependencies]: Make glob pattern description more explicit ([#​2944], thanks [@​mulztob])
• [no-unused-modules]: add console message to help debug [#​2866]
• [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap ([#​2982], thanks [@​soryy708])
• [Refactor] ExportMap: separate ExportMap instance from its builder logic ([#​2985], thanks [@​soryy708])
• [Docs] [order]: Add a quick note on how unbound imports and --fix ([#​2640], thanks [@​minervabot])
• [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) ([#​2987], thanks [@​joeyguerra])
• [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
• [Refactor] exportMapBuilder: avoid hoisting ([#​2989], thanks [@​soryy708])
• [Refactor] ExportMap: extract "builder" logic to separate files ([#​2991], thanks [@​soryy708])
• [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option ([#​3036], thanks [@​liby])
• [readme] Clarify how to install the plugin ([#​2993], thanks [@​jwbth])

v2.29.1

Compare Source

Fixed

• [no-extraneous-dependencies]: ignore export type { ... } from '...' when includeTypes is false ([#​2919], thanks [@​Pandemic1617])
• [no-unused-modules]: support export patterns with array destructuring ([#​2930], thanks [@​ljharb])
• [Deps] update tsconfig-paths ([#​2447], thanks [@​domdomegg])

v2.29.0

Compare Source

Added

• TypeScript config: add .cts and .mts extensions ([#​2851], thanks [@​Zamiell])
• [newline-after-import]: new option exactCount and docs update ([#​1933], thanks [@​anikethsaha] and [@​reosarevok])
• [newline-after-import]: fix exactCount with considerComments false positive, when there is a leading comment ([#​2884], thanks [@​kinland])

v2.28.1

Compare Source

Fixed

• [order]: revert breaking change to single nested group ([#​2854], thanks [@​yndajas])

Changed

• [Docs] remove duplicate fixable notices in docs ([#​2850], thanks [@​bmish])

v2.28.0

Compare Source

Fixed

• [no-duplicates]: remove duplicate identifiers in duplicate imports ([#​2577], thanks [@​joe-matsec])
• [consistent-type-specifier-style]: fix accidental removal of comma in certain cases ([#​2754], thanks [@​bradzacher])
• [Perf] ExportMap: Improve ExportMap.for performance on larger codebases ([#​2756], thanks [@​leipert])
• [no-extraneous-dependencies]/TypeScript: do not error when importing inline type from dev dependencies ([#​2735], thanks [@​andyogo])
• [newline-after-import]/TypeScript: do not error when re-exporting a namespaced import ([#​2832], thanks [@​laurens-dg])
• [order]: partial fix for [#​2687] (thanks [[@&#

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box