dependabot[bot]
a0dcc26cda
Bump thruster from 0.1.17 to 0.1.18
...
Bumps [thruster](https://github.com/basecamp/thruster ) from 0.1.17 to 0.1.18.
- [Changelog](https://github.com/basecamp/thruster/blob/main/CHANGELOG.md )
- [Commits](https://github.com/basecamp/thruster/compare/v0.1.17...v0.1.18 )
---
updated-dependencies:
- dependency-name: thruster
dependency-version: 0.1.18
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-03 14:01:36 +01:00
Jorge Manrubia
ea88e7f458
Revert "Bump thruster from 0.1.17 to 0.1.18"
...
This reverts commit a21e93611e .
2026-03-03 13:57:42 +01:00
Jorge Manrubia
41cc11d2c0
Revert "Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3"
...
This reverts commit 14a57c2b90 .
2026-03-03 13:57:12 +01:00
Jorge Manrubia
14a57c2b90
Bump solid_queue from 1.3.1 to 1.3.2 and importmap-rails from 2.2.2 to 2.2.3
2026-03-03 11:36:26 +01:00
Jorge Manrubia
991e31bd66
Merge pull request #2634 from basecamp/dependabot/bundler/stackprof-0.2.28
...
Bump stackprof from 0.2.27 to 0.2.28
2026-03-03 11:34:58 +01:00
Jorge Manrubia
6f33d09471
Merge pull request #2630 from basecamp/dependabot/bundler/thruster-0.1.18
...
Bump thruster from 0.1.17 to 0.1.18
2026-03-03 11:34:52 +01:00
dependabot[bot]
9128fb276b
Bump the development-dependencies group with 2 updates ( #2629 )
...
* Bump the development-dependencies group with 2 updates
Bumps the development-dependencies group with 2 updates: [web-console](https://github.com/rails/web-console ) and [selenium-webdriver](https://github.com/SeleniumHQ/selenium ).
Updates `web-console` from `bdbb391` to `90e3474`
- [Release notes](https://github.com/rails/web-console/releases )
- [Commits](https://github.com/rails/web-console/compare/bdbb39114348b037a515b2ce75a47457b0e647d1...90e3474306f2367cfeaf2875e91e2bc2d71b5f0f )
Updates `selenium-webdriver` from 4.40.0 to 4.41.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases )
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES )
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.40.0...selenium-4.41.0 )
---
updated-dependencies:
- dependency-name: web-console
dependency-version: 90e3474306f2367cfeaf2875e91e2bc2d71b5f0f
dependency-type: direct:development
dependency-group: development-dependencies
- dependency-name: selenium-webdriver
dependency-version: 4.41.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: development-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-27 23:46:48 -08:00
dependabot[bot]
a9c45c5979
Bump stackprof from 0.2.27 to 0.2.28
...
Bumps [stackprof](https://github.com/tmm1/stackprof ) from 0.2.27 to 0.2.28.
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md )
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.27...v0.2.28 )
---
updated-dependencies:
- dependency-name: stackprof
dependency-version: 0.2.28
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-27 20:25:56 +00:00
dependabot[bot]
a21e93611e
Bump thruster from 0.1.17 to 0.1.18
...
Bumps [thruster](https://github.com/basecamp/thruster ) from 0.1.17 to 0.1.18.
- [Changelog](https://github.com/basecamp/thruster/blob/main/CHANGELOG.md )
- [Commits](https://github.com/basecamp/thruster/compare/v0.1.17...v0.1.18 )
---
updated-dependencies:
- dependency-name: thruster
dependency-version: 0.1.18
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-27 20:24:45 +00:00
Rosa Gutierrez
34fd62faf1
Move devices table to saas database
...
Use ActionPushNative's new on_load hook to configure the database connection,
following the same pattern as Active Storage and Action Text:
ActiveSupport.on_load(:action_push_native_record) do
connects_to database: { writing: :saas, reading: :saas }
end
This allows ApplicationPushDevice to inherit directly from ActionPushNative::Device
without needing an intermediate abstract class.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-02-25 19:31:13 +01:00
Samuel Péchèr
0038641ede
Update Lexxy to 0.7.6.beta
2026-02-24 20:25:07 +00:00
dependabot[bot]
395cc06f5c
Bump aws-sdk-s3 from 1.211.0 to 1.213.0 ( #2502 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.211.0 to 1.213.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-version: 1.213.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:53:45 -05:00
dependabot[bot]
b0b14ead28
Bump sqlite3 from 2.8.0 to 2.9.0 ( #2386 )
...
Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby ) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases )
- [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v2.8.0...v2.9.0 )
---
updated-dependencies:
- dependency-name: sqlite3
dependency-version: 2.9.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:48:52 -05:00
dependabot[bot]
3063a40f0f
Bump trilogy from 2.9.0 to 2.10.0 ( #2388 )
...
Bumps [trilogy](https://github.com/trilogy-libraries/trilogy ) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/trilogy-libraries/trilogy/releases )
- [Changelog](https://github.com/trilogy-libraries/trilogy/blob/main/CHANGELOG.md )
- [Commits](https://github.com/trilogy-libraries/trilogy/compare/v2.9.0...v2.10.0 )
---
updated-dependencies:
- dependency-name: trilogy
dependency-version: 2.10.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:43:47 -05:00
dependabot[bot]
361d4a7a52
Bump solid_queue from 1.2.4 to 1.3.1 ( #2425 )
...
Bumps [solid_queue](https://github.com/rails/solid_queue ) from 1.2.4 to 1.3.1.
- [Release notes](https://github.com/rails/solid_queue/releases )
- [Commits](https://github.com/rails/solid_queue/compare/v1.2.4...v1.3.1 )
---
updated-dependencies:
- dependency-name: solid_queue
dependency-version: 1.3.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-23 18:42:48 -05:00
dependabot[bot]
6f99e43f5b
Bump puma from 7.1.0 to 7.2.0 ( #2462 )
...
* Bump puma from 7.1.0 to 7.2.0
Bumps [puma](https://github.com/puma/puma ) from 7.1.0 to 7.2.0.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/main/History.md )
- [Commits](https://github.com/puma/puma/compare/v7.1.0...v7.2.0 )
---
updated-dependencies:
- dependency-name: puma
dependency-version: 7.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 17:25:30 -05:00
dependabot[bot]
85bb2aa1fa
Bump turbo-rails from 2.0.21 to 2.0.23 ( #2501 )
...
* Bump turbo-rails from 2.0.21 to 2.0.23
Bumps [turbo-rails](https://github.com/hotwired/turbo-rails ) from 2.0.21 to 2.0.23.
- [Release notes](https://github.com/hotwired/turbo-rails/releases )
- [Commits](https://github.com/hotwired/turbo-rails/compare/v2.0.21...v2.0.23 )
---
updated-dependencies:
- dependency-name: turbo-rails
dependency-version: 2.0.23
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 17:09:22 -05:00
dependabot[bot]
446640b8e9
Bump the development-dependencies group with 2 updates ( #2588 )
...
* Bump the development-dependencies group with 2 updates
Bumps the development-dependencies group with 2 updates: [brakeman](https://github.com/presidentbeef/brakeman ) and [mocha](https://github.com/freerange/mocha ).
Updates `brakeman` from 8.0.1 to 8.0.2
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v8.0.1...v8.0.2 )
Updates `mocha` from 3.0.1 to 3.0.2
- [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md )
- [Commits](https://github.com/freerange/mocha/compare/v3.0.1...v3.0.2 )
---
updated-dependencies:
- dependency-name: brakeman
dependency-version: 8.0.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: development-dependencies
- dependency-name: mocha
dependency-version: 3.0.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: development-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 16:41:44 -05:00
dependabot[bot]
d8908c4b92
Bump bootsnap from 1.22.0 to 1.23.0 ( #2589 )
...
* Bump bootsnap from 1.22.0 to 1.23.0
Bumps [bootsnap](https://github.com/rails/bootsnap ) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/rails/bootsnap/releases )
- [Changelog](https://github.com/rails/bootsnap/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rails/bootsnap/compare/v1.22.0...v1.23.0 )
---
updated-dependencies:
- dependency-name: bootsnap
dependency-version: 1.23.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-23 16:41:17 -05:00
Mike Dalessio
3b229e9aab
Pin web-console to GitHub main for Rails compatibility
...
web-console 4.2.1 overrides the now-renamed filter_proxies method in
ActionDispatch::RemoteIp::GetIp. The fix (rails/web-console#344 ) is on
main but not yet released.
2026-02-18 15:16:21 -05:00
Mike Dalessio
41c2bd38af
Update Rails to 12e24ea (363 commits past 60d92e4)
...
Also updates transitive dependencies:
- action_text-trix ~> 2.1.15 → ~> 2.1.16
- irb 1.16.0 → 1.17.0
- json 2.18.0 → 2.18.1
- net-imap 0.6.2 → 0.6.3
- nokogiri 1.19.0 → 1.19.1
- prism 1.8.0 → 1.9.0
- rack 3.2.4 → 3.2.5
- rdoc 7.0.3 → 7.2.0
2026-02-18 13:37:13 -05:00
dependabot[bot]
38ff89de09
Bump bootsnap from 1.21.1 to 1.22.0 ( #2544 )
...
* Bump bootsnap from 1.21.1 to 1.22.0
Bumps [bootsnap](https://github.com/rails/bootsnap ) from 1.21.1 to 1.22.0.
- [Release notes](https://github.com/rails/bootsnap/releases )
- [Changelog](https://github.com/rails/bootsnap/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rails/bootsnap/compare/v1.21.1...v1.22.0 )
---
updated-dependencies:
- dependency-name: bootsnap
dependency-version: 1.22.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Sync Gemfile.saas.lock
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-02-16 16:09:22 -08:00
dependabot[bot]
0ead67f85b
Bump the development-dependencies group across 1 directory with 3 updates ( #2546 )
...
* Bump the development-dependencies group across 1 directory with 3 updates
Bumps the development-dependencies group with 3 updates in the / directory: [brakeman](https://github.com/presidentbeef/brakeman ), [faker](https://github.com/faker-ruby/faker ) and [selenium-webdriver](https://github.com/SeleniumHQ/selenium ).
Updates `brakeman` from 7.1.2 to 8.0.1
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v7.1.2...v8.0.1 )
Updates `faker` from 3.5.3 to 3.6.0
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v3.5.3...v3.6.0 )
Updates `selenium-webdriver` from 4.39.0 to 4.40.0
- [Release notes](https://github.com/SeleniumHQ/selenium/releases )
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES )
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.39.0...selenium-4.40.0 )
---
updated-dependencies:
- dependency-name: brakeman
dependency-version: 8.0.1
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: development-dependencies
- dependency-name: faker
dependency-version: 3.6.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: development-dependencies
- dependency-name: selenium-webdriver
dependency-version: 4.40.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: development-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Auto-sync Gemfile.saas.lock on Dependabot PRs
Dependabot can't update custom-named Gemfiles, so Gemfile.saas.lock
drifts whenever it bumps shared gems in Gemfile.lock.
Add `bin/bundle-drift forward` to push oss lockfile changes into the
saas lockfile (the reverse of `correct`), and a GitHub Actions workflow
that runs it automatically on Dependabot bundler branches.
* Update brakeman ignore fingerprint for 8.0.1
Brakeman 8.0.1 changed how it computes warning fingerprints, so the
existing ignore entry for the safe_constantize warning in Notifier
became obsolete. Update to the new fingerprint.
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jeremy Daer <jeremy@37signals.com >
2026-02-16 15:29:51 -08:00
Mike Dalessio
851f13a934
Render inline code in card titles ( #2518 )
...
* Remove unused marked JS dependency
* Remove unused redcarpet dependency
* Render inline code in card titles
Add card_html_title helper that HTML-escapes input then converts
backtick-wrapped text to <code> elements. Apply to card titles in
board preview, card detail, public views, and notification emails.
Style inline code elements in titles to match description styling.
Co-authored-by: Andy Smith <andy@37signals.com >
---------
Co-authored-by: Andy Smith <andy@37signals.com >
2026-02-12 12:07:40 -05:00
Donal McBreen
1506624cd3
Add stackprof for profiling
...
So you can do something like this:
```ruby
require "stackprof"
report = StackProf.run(mode: :wall, interval: 100) do
Account.find_by(external_account_id: 123)
end
StackProf::Report.new(report).print_text
```
2026-02-12 15:42:50 +00:00
Zoltan Hosszu
2ee745cf82
Lexxy version bump
2026-02-12 09:54:20 +01:00
Stanko K.R.
992f15066b
Replace RubyZip with ZipKit
...
ZipKit can read and write files directly from S3 which makes both imports and exports way more efficient in terms of disk usage.
2026-02-02 12:36:48 +01:00
Rosa Gutierrez
1083784a98
Update turbo-rails to get latest Turbo version
...
In preparation for offline mode.
2026-01-19 19:40:08 +01:00
Stanko K.R.
a811ba1b2a
Bump Bootsnap to v1.21.1
2026-01-16 14:26:46 +01:00
Jorge Manrubia
af9f53d82d
Update lexxy to latest
2026-01-15 16:38:07 +01:00
Zoltan Hosszu
43fa7fb6aa
Update to Lexxy 0.7.0beta
2026-01-15 16:34:56 +01:00
Jorge Manrubia
ce1c04803e
Update to latest Lexxy
2026-01-15 16:34:56 +01:00
Stanko K.R.
f6557856f7
Update runtime dependencies
...
Updated kamal, bootsnap, rqrcode, net-http-persistent, web-push, aws-sdk-s3, bcrypt & rouge
2026-01-13 12:03:43 +01:00
Stanko K.R.
40a5d6211e
Update development dependencies
2026-01-13 11:52:10 +01:00
Rosa Gutierrez
182d36aee9
Update Rails
2026-01-02 18:56:28 +01:00
Stanko K.R.
6be2f94581
Update aws-sdk-s3
...
Fixes a security warning raised by gem audit
2025-12-19 19:09:40 +01:00
Jorge Manrubia
3c078ae078
Merge pull request #2145 from bslobodin/bs-intel-mac
...
Update `Gemfile.lock` after `bin/setup` on Intel-based mac
2025-12-19 11:27:50 +01:00
Robin Brandt
dddaf861d4
Bump mittens gem to support build on FreeBSD ( #2196 )
2025-12-18 10:56:24 -08:00
Boris Slobodin
5fb1f6feb4
update Gemfile.lock after bin/setup on intel mac
2025-12-18 09:08:34 -05:00
Kevin McConnell
14f337739d
Update Thruster
2025-12-16 13:28:49 +00:00
Jorge Manrubia
2e66fdff4a
Update lexxy to bring fixes from https://github.com/basecamp/lexxy/releases/tag/v0.1.24.beta
2025-12-14 18:53:23 +01:00
Jeremy Daer
586015c3f9
Bundle drift detection and correction ( #2101 )
...
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:
* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
and re-locks, letting Bundler prune SaaS-only gems while preserving
shared versions
Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00
Thiago Youssef
36419c3600
Bump rails version to remove svg renderer patch ( #2081 )
2025-12-11 15:15:54 +01:00
Jeremy Daer
8a732b081d
Bump Rails to current ast-immediate-variants-process-locally branch
2025-12-09 15:54:06 -08:00
Jeremy Daer
85bd5c2df5
Rails seeded parallel tests ( #2037 )
...
Enable work stealing by default for a tiny speedup at the cost of small
loss in reproducibility.
References https://github.com/rails/rails/pull/56175
2025-12-09 15:50:01 -08:00
Jeremy Daer
8eb01da057
Process blob variants using local files
...
Rails does post-upload variant processing using the same file upload
in https://github.com/rails/rails/pull/56327
Unrelated Lexxy bump:
Pulls in https://github.com/basecamp/lexxy/pull/493 to work around `dom_id`
removal from ActionText tag in https://github.com/rails/rails/pull/51238
2025-12-08 23:41:15 -08:00
Jorge Manrubia
cb0e9b9962
Immediate avatar and embed variants ( #2002 )
...
Reverts #2001
Restores #1955
2025-12-08 14:17:06 -08:00
Robin Brandt
2110fba227
Bump mittens to 0.3.1 ( #2006 )
2025-12-08 15:26:39 +01:00
Jorge Manrubia
c8c91259c7
Revert "Immediate avatar and embed variants"
2025-12-07 12:06:03 +01:00
Jorge Manrubia
91017c9208
Merge pull request #1955 from basecamp/immediate-variants
...
Immediate avatar and embed variants
2025-12-07 11:50:02 +01:00