Skip to content

Update rails requirement from ~> 7.1.3, >= 7.1.3.2 to ~> 8.1.3 in the rails group across 1 directory#11

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/rails-393114492a
Open

Update rails requirement from ~> 7.1.3, >= 7.1.3.2 to ~> 8.1.3 in the rails group across 1 directory#11
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/rails-393114492a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Dec 2, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Updates the requirements on rails to permit the latest version.
Updates rails to 8.1.3

Release notes

Sourced from rails's releases.

8.1.3

Active Support

  • Fix JSONGemCoderEncoder to correctly serialize custom object hash keys.

    When hash keys are custom objects whose as_json returns a Hash, the encoder now calls to_s on the original key object instead of on the as_json result.

    Before: hash = {CustomKey.new(123) => "value"} hash.to_json # => {"{:id=>123}":"value"}

    After: hash.to_json # => {"custom_123":"value"}

    Dan Sharp

  • Fix inflections to better handle overlapping acronyms.

    ActiveSupport::Inflector.inflections(:en) do |inflect|
  inflect.acronym "USD"
  inflect.acronym "USDC"
end
"USDC".underscore # => "usdc"

    Said Kaldybaev

  • Silence Dalli 4.0+ warning when using ActiveSupport::Cache::MemCacheStore.

    zzak

Active Model

  • Fix Ruby 4.0 delegator warning when calling inspect on attributes.

    Hammad Khan

  • Fix NoMethodError when deserialising Type::Integer objects marshalled under Rails 8.0.

    The performance optimisation that replaced @range with @max/@min broke Marshal compatibility. Objects serialised under 8.0 (with @range) and deserialised under 8.1 (expecting @max/@min) would crash with undefined method '<=' for nil because Marshal.load restores instance variables without calling initialize.

... (truncated)

Commits
  • fa8f081 Preparing for 8.1.3 release
  • 63cef3d Merge branch '8-1-sec' into 8-1-stable
  • 1db4b89 Preparing for 8.1.2.1 release
  • 1c7d1cf Update changelog
  • e91694b Update CHANGELOG (8.1 only)
  • 6752711 Fix XSS in debug exceptions copy-to-clipboard
  • 63f5ad8 Skip blank attribute names in Action View tag helpers
  • 8c9676b Prevent glob injection in ActiveStorage DiskService#delete_prefixed
  • 9b06fbc Prevent path traversal in ActiveStorage DiskService
  • ec1a0e2 Improve performance of NumberToDelimitedConverter
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Dec 2, 2025

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: ruby. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Dec 2, 2025
@dependabot dependabot Bot mentioned this pull request Dec 2, 2025
Closed
@dependabot dependabot Bot force-pushed the dependabot/bundler/rails-393114492a branch from bf4ae77 to 12d3386 Compare December 8, 2025 06:11
@dependabot dependabot Bot force-pushed the dependabot/bundler/rails-393114492a branch 2 times, most recently from e026263 to f1e86a3 Compare December 22, 2025 06:09
@dependabot
Update rails requirement from ~> 7.1.3, >= 7.1.3.2 to ~> 8.1.3
0717df2 
Updates the requirements on [rails](https://github.com/rails/rails) to permit the latest version.

Updates `rails` to 8.1.3
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v7.1.3.2...v8.1.3)

---
updated-dependencies:
- dependency-name: rails
  dependency-version: 8.1.1
  dependency-type: direct:production
  dependency-group: rails
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Update rails requirement from ~> 7.1.3, >= 7.1.3.2 to ~> 8.1.1 in the rails group Update rails requirement from ~> 7.1.3, >= 7.1.3.2 to ~> 8.1.3 in the rails group across 1 directory May 25, 2026
@dependabot dependabot Bot force-pushed the dependabot/bundler/rails-393114492a branch from f1e86a3 to 0717df2 Compare May 25, 2026 07:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants