Bump the production-dependencies group with 6 updates

[dependabot]

Bumps the production-dependencies group with 6 updates:

Package	From	To
bandit	1.5.5	1.5.7
ecto_sql	3.11.3	3.12.0
ecto_sqlite3	0.16.0	0.17.1
gettext	0.24.0	0.26.1
req	0.5.4	0.5.6
swoosh	1.16.10	1.16.12

Updates bandit from 1.5.5 to 1.5.7

Changelog

Sourced from bandit's changelog.

1.5.7 (1 Aug 2024)

Changes

• Timeouts encountered while reading a request body will now result in a 408 Request Timeout being returned to the client by way of a Bandit.HTTPError being raised. Previously, a :more tuple was returned (#385, thanks @​martosaur!)

1.5.6 (1 Aug 2024)

Fixes

• Improve handling of the end of stream condition for HTTP/2 requests that send a body which isn't read by the Plug (#387, thanks @​fekle!)

Commits

• 9342545 Version bump to 1.5.7
• ffdfee9 Dialyzer fixup
• d8056ec Expose body read timeouts as 408 Request Timeout errors (#385)
• af19424 Version bump to 1.5.6
• 5cd0ae9 Read data during stream shutdown to ensure we update expected content-length ...
• dc84294 Bump ex_doc from 0.34.1 to 0.34.2 (#377)
• d02559e Bump hpax from 0.2.0 to 1.0.0 (#383)
• 4d2d126 Bump req from 0.5.1 to 0.5.4 (#382)
• 85420ce Auto rerun on failed tests
• 849fff3 Revert "Bump req from 0.5.1 to 0.5.2 (#376)"
• Additional commits viewable in compare view

Updates ecto_sql from 3.11.3 to 3.12.0

Changelog

Sourced from ecto_sql's changelog.

v3.12.0 (2024-08-12)

Enhancements

• [Ecto.Migration] Add Ecto.Migration.remove_if_exists/1
• [Ecto.Migrator] Warn for migration files that end in .ex
• [sql] Support for subqueries in order_bys and group_bys
• [mysql] Add check constraints for MySQL
• [postgres] Add native bitstring support to Postgres
• [postgres] Add support for :duration type
• [postgres] Add :plan explain option for Postgres
• [tds] Allow passing %Tds.Parameter structs as params for named parameter usage in query

Bug fix

• [mysql] Type cast of integers in MySQL should use signed integers

Commits

• 48b4508 Release v3.12.0
• e54fa04 Release v3.12.0
• ce0927b Add support for :duration type (#631)
• 6350e02 Remove duplicate :ssl config in MyXQL Adapter (#630)
• 48fc2ad Fix typo and return value in doc (#626)
• 5a29789 Add Ecto.Migration.remove_if_exists/1 (#624)
• b1f7386 Update Ecto.Migration.references/2 documentaion (#622)
• b2c9c98 add check constraints for MySQL (#621)
• ccb62ea Update postgres SSL configuration docs (#619)
• 6b2d98c Update MyXQL ssl docs (#620)
• Additional commits viewable in compare view

Updates ecto_sqlite3 from 0.16.0 to 0.17.1

Release notes

Sourced from ecto_sqlite3's releases.

v0.17.0

What's Changed

• Update insertion benchmark by @​gmile in elixir-sqlite/ecto_sqlite3#144
• Fix various issues with ecto 3.12 by @​warmwaffles in elixir-sqlite/ecto_sqlite3#147

New Contributors

• @​gmile made their first contribution in elixir-sqlite/ecto_sqlite3#144

Full Changelog: elixir-sqlite/ecto_sqlite3@v0.16.0...v0.17.0

Changelog

Sourced from ecto_sqlite3's changelog.

v0.17.1

• changed: Bump minimum ecto to 3.12.

v0.17.0

• added: Added an explicit :integer column type support. Under the hood it is stored the same regardless.
• fixed: Handle new style of distinct expressions introduce upstream in Ecto 3.12.
• changed: Allow insert_all to no longer require a where clause.
• changed: Made some public functions now private.
• changed: Test against elixir 1.17 and OTP 27, 26, and 25.

Commits

• 78fb45f Bump to v0.17.1
• 7c8e990 Set minimum ecto version to 3.12 (#148)
• 8d04a38 Bump to v0.17.0
• ea08ea0 Exclude elixir-1.16-otp-27 in CI
• 532a78f Exclude elixir-1.15-otp-27 in CI
• 4ff2bb4 Bump checkout to v4
• 58c0e86 Use latest ubuntu for CI
• 54d74d2 Bump test versions for CI
• 7aa97df Bump tool versions
• 0ddc2bd Fix various issues with ecto 3.12 (#147)
• Additional commits viewable in compare view

Updates gettext from 0.24.0 to 0.26.1

Changelog

Sourced from gettext's changelog.

v0.26.1

• Address backwards incompatible changes in previous release

v0.26.0

This release changes the way you use Gettext. We're not crazy: it does so because doing so makes it a lot faster to compile projects that use Gettext. The changes you have to make to your code are minimal, and the old behavior is deprecated so that you will be guided on how to update.

The reason for this change is that it removes compile-time dependencies from modules that used to import a Gettext backend. In applications such as Phoenix applications, where every view and controller imports the Gettext backend, this change means a lot less compilation when you make translation changes!

Here's the new API. Now, instead of defining a Gettext backend (use Gettext) and then importing that to use its macros, you need to:

1. Define a Gettext backend with use Gettext.Backend
2. Import and use its macros with use Gettext, backend: MyApp.Gettext.

Before and After

Before this release, code using Gettext used to look something like this:

defmodule MyApp.Gettext do
  use Gettext, otp_app: :my_app
end
defmodule MyAppWeb.Controller do
import MyApp.Gettext
end

This creates a compile-time dependency for every module that imports the Gettext backend.

With this release, the above turns into:

defmodule MyApp.Gettext do
  use Gettext.Backend, otp_app: :my_app
end
defmodule MyAppWeb.Controller do
use Gettext, backend: MyApp.Gettext
end

We are also updating Phoenix generators to use the new API.

If you update Gettext and still use use Gettext, otp_app: :my_app to define a backend, Gettext will emit a warning now.

Detailed Changelog

... (truncated)

Commits

• 435c574 Release v0.26.1
• bde32c0 Improve message
• 539b72c Allow extraction to work by setting attribute at expansion time
• 903a466 Simplify macros import to reduce amount of generated content
• 1a74fc8 Keep deprecate code as it was
• 0bac98d Update ex_doc
• 3816c5e Add changelog to Hex and Hexdocs
• 86d44c6 Release v0.26.0
• 968d85e Update instructions in the README
• 1ec048c Only import a subset of Gettext.Macros macros
• Additional commits viewable in compare view

Updates req from 0.5.4 to 0.5.6

Release notes

Sourced from req's releases.

v0.5.5

• put_aws_sigv4: Fix detecting service

• put_aws_sigv4: Raise on no :access_key_id/:secret_access_key/:service

• put_aws_sigv4: Fix handling ?name (no value)

• handle_http_errors: should run before verify_checksum

• encode_body: Support %File.Stream{} in :form_multipart

• encode_body: Support %File.Stream{} from other nodes in :form_multipart

Changelog

Sourced from req's changelog.

v0.5.6 (2024-08-01)

• Fix compatibility with Elixir v1.13

v0.5.5 (2024-08-01)

• [put_aws_sigv4]: Fix detecting service

• [put_aws_sigv4]: Raise on no :access_key_id/:secret_access_key/:service

• [put_aws_sigv4]: Fix handling ?name (no value)

• [handle_http_errors]: should run before verify_checksum

• [encode_body]: Support %File.Stream{} in :form_multipart

• [encode_body]: Support %File.Stream{} from other nodes in :form_multipart

Commits

• 99b4d10 Release v0.5.6
• 37ed548 Fix supporting Elixir v1.13
• 35aec22 Update Telsa URL (#402)
• fbdd3ac Release v0.5.5
• 3f843dd encode_body: Support %File.Stream{} from other nodes in :form_multipart
• 507ebd1 encode_body: Support %File.Stream{} in :form_multipart
• d7906dc put_aws_sigv4: Fix handling ?name (no value)
• a01b032 put_aws_sigv4: Fix service detection on empty host
• 7e164e0 put_aws_sigv4: Raise on no :access_key_id/:secret_access_key/:service
• 4273a81 handle_http_errors should run before verify_checksum
• Additional commits viewable in compare view

Updates swoosh from 1.16.10 to 1.16.12

Release notes

Sourced from swoosh's releases.

v1.16.12 🚀

✨ Features

• Add toggle for text preview @​andreicek (#947)

New Contributors

Thanks Andrei!

• @​andreicek made their first contribution in swoosh/swoosh#947

Full Changelog: swoosh/swoosh@v1.16.11...v1.16.12

v1.16.11 🚀

✨ Features

• mua: add Date and Message-ID headers when missing @​ruslandoga (#945)

📝 Documentation

• Write docs for functions in Mailer __using__ macro @​ivanhercaz (#946)
• Explain how to recompile after installing gen_smtp @​aj-foster (#944)
• Fix typos and improve language @​preciz (#943)

⛓️ Dependency

• Bump req from 0.5.4 to 0.5.6 @​dependabot (#942)
• Bump bandit from 1.5.5 to 1.5.7 @​dependabot (#941)
• Bump jason from 1.4.3 to 1.4.4 @​dependabot (#940)

New Contributors

Thanks to our new contributors!

• @​preciz made their first contribution in swoosh/swoosh#943
• @​aj-foster made their first contribution in swoosh/swoosh#944
• @​ivanhercaz made their first contribution in swoosh/swoosh#946

Full Changelog: swoosh/swoosh@v1.16.10...v1.16.11

Changelog

Sourced from swoosh's changelog.

1.16.12

✨ Features

• Add toggle for text preview @​andreicek (#947)

1.16.11

✨ Features

• mua: add Date and Message-ID headers when missing @​ruslandoga (#945)

📝 Documentation

• Write docs for functions in Mailer __using__ macro @​ivanhercaz (#946)
• Explain how to recompile after installing gen_smtp @​aj-foster (#944)
• Fix typos and improve language @​preciz (#943)

Commits

• ff95618 v1.16.12
• 635e5af Add toggle for text preview (#947)
• f8e8696 v1.16.11
• e679273 Write docs for functions in Mailer using macro (#946)
• d973a53 mua: add Date and Message-ID headers when missing (#945)
• c948e28 Add note clarifying how to recompile after installing gen_smtp (#944)
• 9653720 Fix typos and improve language (#943)
• 284bcae Bump req from 0.5.4 to 0.5.6 (#942)
• 32dc4bc Bump bandit from 1.5.5 to 1.5.7 (#941)
• 1242573 Bump jason from 1.4.3 to 1.4.4 (#940)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions