Bump paperclip from 4.2.4 to 4.3.7 #285

dependabot-preview · 2019-01-06T05:30:18Z

Bumps paperclip from 4.2.4 to 4.3.7.

Release notes

v4.3.7

Add deprecation warnings

Improvement: Add fog_options configuration to send options to fog when storing files

Improvement: the URI adapter now uses the content-disposition header to name the downloaded file

v4.3.6

Bug Fix: When a spoofed media type is detected, megabytes of mime-types info are added to logs. See https://cwe.mitre.org/data/definitions/779.html.

v4.3.2

Performance: Reduce memory allocations (#2056)

v4.3.1

Backport of bugfix to remove_column, so it works in Rails 3 and 4
c740fb171fe2f88c60b999d2a1c2122f2b8f43e9

Fix GeometryParser regex for usage of '@>' flag

url on a unpersisted record returns default_url

spec deprecation warnings and failures

README adjustments

v4.3.0

Improvement: Update aws-sdk and cucumber gem versions.

Improvement: Add length alias for size method in AbstractAdapter.

Improvement: Removed some cruft

Improvement: deep_merge! Attachment definitions

Improvement: Switch to mimemagic gem for content-type detection

Improvement: Allows multiple content types for spoof detector

Bug Fix: Don't assume we have Rails.env if we have Rails

Performance: Decrease Memory footprint

Ruby Versioning: Drop support for 1.9.3 (EOL'ed)

Rails Versioning: Drop support for 4.0.0 (EOL'ed)

Changelog

Sourced from paperclip's changelog.

4.3.7 (7/1/2016):

Add deprecation warnings

Improvement: Add fog_options configuration to send options to fog when storing files.

Improvement: the URI adapter now uses the content-disposition header to name the downloaded file.

4.3.6 (3/13/2016):

Bug Fix: When a spoofed media type is detected, megabytes of mime-types info are added to logs. See https://cwe.mitre.org/data/definitions/779.html.

4.3.5 (2/8/2016):

Bug Fix: Remove deprecation warnings for v5.0 for now. Will re-add once the version has landed.

4.3.4 (2/2/2016):

Bug Fix: Fix incompatible change from v4.3.3.

4.3.3 (1/29/2016):

Improvement: Add deprecation warnings in preparation for release of v5.0

4.3.2 (11/18/2015):

Performance: Reduce memory allocations (#2056)

4.3.1 (9/9/2015):

Backport of bugfix to remove_column, so it works in Rails 3 and 4
c740fb171fe2f88c60b999d2a1c2122f2b8f43e9

Fix GeometryParser regex for usage of '@>' flag

url on a unpersisted record returns default_url

spec deprecation warnings and failures

README adjustments

4.3.0 (6/18/2015):

Improvement: Update aws-sdk and cucumber gem versions.

Improvement: Add length alias for size method in AbstractAdapter.

Improvement: Removed some cruft

Improvement: deep_merge! Attachment definitions

Improvement: Switch to mimemagic gem for content-type detection

Improvement: Allows multiple content types for spoof detector

Bug Fix: Don't assume we have Rails.env if we have Rails

Performance: Decrease Memory footprint

Ruby Versioning: Drop support for 1.9.3 (EOL'ed)

Rails Versioning: Drop support for 4.0.0 (EOL'ed)

Commits

15af98d Fix NEWS date of release [ci skip]
1dd84aa Merge pull request #2161 from thoughtbot/tc-release
4744973 Release version 4.3.7
a7aa969 Revert "Remove deprecations"
98e0c34 The uri io adapter should use the content-disposition filename
87e5ef5 Merge pull request #2135 from jeremywadsack/fog-options
7c153c7 Add fog_options to configuration that can be passed to the fog #create method...
175c91a Merge pull request #2132 from jrectenwald/v4.3
31f50ba update version to 4.3.6 [ci skip]
18a427d Merge pull request #2126 from bdewater/v4.3
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge
@dependabot reopen will reopen this PR if it is closed
@dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
@dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

Update frequency (including time of day and day of week)
Automerge options (never/patch/minor, and dev/runtime dependencies)
Pull request limits (per update run and/or open at any time)
Out-of-range updates (receive only lockfile updates, if desired)
Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

Bumps [paperclip](https://github.com/thoughtbot/paperclip) from 4.2.4 to 4.3.7. - [Release notes](https://github.com/thoughtbot/paperclip/releases) - [Changelog](https://github.com/thoughtbot/paperclip/blob/v4.3.7/NEWS) - [Commits](thoughtbot/paperclip@v4.2.4...v4.3.7) Signed-off-by: dependabot[bot] <support@dependabot.com>

sashadev-sky · 2019-03-27T04:16:17Z

@jywarren Paperclip was one of the gems that threw a lot of warnings so I updated it locally to 4.3.7 as dependabot recommended. It didn't fix any of the warnings but confirming that the update is compatible with everything!

Was this not updated because we wanted to update our rails version first and then switch to ActiveStorage?

jywarren · 2019-03-27T04:31:30Z

No, just hadn't had time to manually test it, so I'll merge now! A lot of this will be easier with better tests but if you happen to confirm any other upgrades I'm happy to merge them. Thanks!

Bumps [paperclip](https://github.com/thoughtbot/paperclip) from 4.2.4 to 4.3.7. - [Release notes](https://github.com/thoughtbot/paperclip/releases) - [Changelog](https://github.com/thoughtbot/paperclip/blob/v4.3.7/NEWS) - [Commits](thoughtbot/paperclip@v4.2.4...v4.3.7) Signed-off-by: dependabot[bot] <support@dependabot.com>

This reverts commit fcb8a3e.

Bumps [paperclip](https://github.com/thoughtbot/paperclip) from 4.2.4 to 4.3.7. - [Release notes](https://github.com/thoughtbot/paperclip/releases) - [Changelog](https://github.com/thoughtbot/paperclip/blob/v4.3.7/NEWS) - [Commits](thoughtbot/paperclip@v4.2.4...v4.3.7) Signed-off-by: dependabot[bot] <support@dependabot.com>

* Shortening docker image in ~30% * Caching bundle, gathering env variables and using newer sintax * Creating startup script and env file * Improving travis CI configuration * Loading assets in production env * Allow uglifier to interpret ES6 * Fix start command * Fix travis script * Tweak travis script * Add delay * Revert assets changes * Return to Mysql5.7 * Tweak travis script * Fix make redeploy-container command * Add db migrate and precompile step. * Add bower install to Makefile * Clean after docker run. Avoid one bower run. * Changes to be able to build container in Google Cloud * Remove spurious symlink * Copy config examples when making build * Export env variable name * Tag cloud image * Add timeout * Push to cloud registry * Fix jenkins build error with docker-compose tty * Add app to container and .dockerignore all else * Copy configuration files when deploying to GCE * Allow copy config to container * Time extended (for cloud build & push) * Delete redundant index.html.erb file (#427) * Setupcoveralls (#438) * Add coveralls * Fix gemfile * Fix env variable * Add coveralls token * Update README.md * Remove legacy image controller code #404 (#417) Deleted the lines from the selection indicated in the issue. * Change comment count on comment creation via AJAX #441 (#443) This closes issue #441 "Change comment count on comment creation via AJAX #441" by incrementing comments-number each time a new comment is added. This would ensure that the counter indicating the number of comments is increased without needing to refresh the page. * update syntax of active record query(license method) (#439) Fixes #437 * Docker improve rebased (#450) * Shortening docker image in ~30% * Caching bundle, gathering env variables and using newer sintax * Creating startup script and env file * Improving travis CI configuration * Loading assets in production env * Allow uglifier to interpret ES6 * Don't dettach when building container in travis * Fix start command * Fix travis script * Try to resolve travis tests invocation * Tweak travis script * Add delay * Bundle install before db setup * Shortening docker image in ~30% * Caching bundle, gathering env variables and using newer sintax * Creating startup script and env file * Improving travis CI configuration * Loading assets in production env * Allow uglifier to interpret ES6 * Fix start command * Fix travis script * Tweak travis script * Add delay * Revert assets changes * Return to Mysql5.7 * Tweak travis script * Fix make redeploy-container command * Add db migrate and precompile step. * Add bower install to Makefile * Clean after docker run. Avoid one bower run. * updte pr template (#448) * Bump recaptcha from 4.13.1 to 4.13.2 (#452) Bumps [recaptcha](https://github.com/ambethia/recaptcha) from 4.13.1 to 4.13.2. - [Release notes](https://github.com/ambethia/recaptcha/releases) - [Changelog](https://github.com/ambethia/recaptcha/blob/master/CHANGELOG.md) - [Commits](ambethia/recaptcha@v4.13.1...v4.13.2) Signed-off-by: dependabot[bot] <support@dependabot.com> * Restructure rake test task runner (#380) * add a mysql setup file * Squash commits * Update README.md (#456) * Change run to exec (#457) * Bump paperclip from 4.2.4 to 4.3.7 (#285) Bumps [paperclip](https://github.com/thoughtbot/paperclip) from 4.2.4 to 4.3.7. - [Release notes](https://github.com/thoughtbot/paperclip/releases) - [Changelog](https://github.com/thoughtbot/paperclip/blob/v4.3.7/NEWS) - [Commits](thoughtbot/paperclip@v4.2.4...v4.3.7) Signed-off-by: dependabot[bot] <support@dependabot.com> * Bump test-unit from 3.3.0 to 3.3.1 (#458) Bumps [test-unit](https://github.com/test-unit/test-unit) from 3.3.0 to 3.3.1. - [Release notes](https://github.com/test-unit/test-unit/releases) - [Commits](test-unit/test-unit@3.3.0...3.3.1) Signed-off-by: dependabot[bot] <support@dependabot.com> * Bump coveralls from 0.7.1 to 0.8.22 (#453) Bumps [coveralls](https://coveralls.io) from 0.7.1 to 0.8.22. Signed-off-by: dependabot[bot] <support@dependabot.com> * gridview aligned (#464) * Alert improvement and adding byebug gem (#383) * byebug gem added and alerts in separate file * adding byebug history to gitignore * adding timestamp to redirect * added z-index to render login dropdown above leaflet icon * fixed image partial rendering when no images (#423) * fixed image partial rendering when no images. * toggle no images <p> om upload * fixed image partial rendering when no images. * Bump recaptcha from 4.13.2 to 4.14.0 (#471) Bumps [recaptcha](https://github.com/ambethia/recaptcha) from 4.13.2 to 4.14.0. - [Release notes](https://github.com/ambethia/recaptcha/releases) - [Changelog](https://github.com/ambethia/recaptcha/blob/master/CHANGELOG.md) - [Commits](ambethia/recaptcha@v4.13.2...v4.14.0) Signed-off-by: dependabot[bot] <support@dependabot.com> * add a flash error when adding tags and not logged in (#473) * Upgrade app to Bootstrap 4 (#480) * Bootstrap 4 small button fixes (#488) * Add tests for comments and maps (#467) * Updated query style (#436) (#469) * Dynamic ports (#462) * Dynamic port in compose file * Omit setting container name * Add initial sql dump entry * Avoid resetting database on build * Shortening docker image in ~30% * Caching bundle, gathering env variables and using newer sintax * Creating startup script and env file * Improving travis CI configuration * Loading assets in production env * Tweak travis script * Roll back to using Debian 9 with custom built GDAL (#489) * Switch back to Debian 9 Stretch * Simplify docker image * Bump Ruby to 2.4.6 * Re-add dependency * Add dependency (zip) * Try pip install gdal * Install libgdal-dev * Revert attept to use pip * Bump ruby * Avoid naming containers in compose file * Avoid overwriting database on redeploy-container * Allow to load mysql dump * Include own GDAL packages * Disable ipv6 to prevent error * Add missing Amazon S3 yml to Makefile * Document unstable instance * Changes to be able to build container in Google Cloud * Copy config examples when making build * Add app to container and .dockerignore all else * Fixed missed merge * Add db configurability by env vars for containers * Fix db config * Copy configs * Switch keyserver * Add env vars, tweak make * Substitute env vars parameters * Env var control * Show env vars * env not ENV * add DB_SOCKET * Add recomended parameters * Not deploy app engine, show cloudsql dir * Omit list cloudsql dir * Added correct image tag * Add database parameters as env vars * Support $PORT env var * Using Node 12 and Yarn for Dockerfile.txt as well * Changing Passenger's port on production env * Setting local db for travis * set .env PORT to $PORT * Remove .env * Compose environment variableZ fallback * Revert all files under /app to versions in main * Revert to main * Delete unneeded files * Remove extra files from rebase * Add bundle install as build step * Deleted not needed Dockerfile * Missed RUN in Dockerfile * Add precompile step * Hardcode environment at build time * Adding missing yaml and update bootsnap version * Omit /app/tmp from volume * Revert try to get precompile to work * Clean up patch for merging * List variables in app.yaml * Tweak for jenkins * Add .env for jenkins * Fix PORT for jenkins/docker-compose * Address PORT properly * New form ports * Enclose docker-compose ports in quotes * ports yaml should be object not array * Try different format for ports * Try docker-compose format * Redirect script for AppEngine * Try to revertt to working condition for appengine * Point PORT in Procfile * Revert to known good config in appengine * Tweak assets precompilation * Restore PORT setting * Add redirect to map /warps directory to legacy archive * Add .env for jenkins/docker-compose * Add hardcoded route to legacy warps * Remove .env for appengine * Satisfy appengine docker-compose * Ignore app.yaml * Ignore app.yaml secrets * Satisfy Jenkins wihout hurting appengine hopefully Co-authored-by: Sebastian Silva <sebastian@fuentelibre.org> Co-authored-by: rarrunategu1 <parker.rose@ymail.com> Co-authored-by: Jeffrey Warren <jeff@unterbahn.com> Co-authored-by: Milo MacPhail <40954168+milomacphail@users.noreply.github.com> Co-authored-by: Sonali Agrawal <sonali9696@gmail.com> Co-authored-by: Ananya Agrawal <33188930+ananya@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Sasha Boginsky <41092741+sashadev-sky@users.noreply.github.com> Co-authored-by: Kaustubh Nair <kaustubh.nair@iiitb.org> Co-authored-by: Divya Baid <32747809+divyabaid16@users.noreply.github.com> Co-authored-by: Gaurav Sachdeva <sachdeva.gaurav1997@gmail.com> Co-authored-by: Govind Jeevan <govindjeevan7@gmail.com> Co-authored-by: Cess <cessmbuguar@gmail.com> Co-authored-by: Stefanni <stefannibrasil@gmail.com> Co-authored-by: hc-barker <hc-barker@users.noreply.github.com>

dependabot-preview bot added the dependencies Pull requests that update a dependency file label Jan 6, 2019

dependabot-preview bot force-pushed the dependabot/bundler/paperclip-4.3.7 branch from 28ece99 to 55f9822 Compare January 10, 2019 04:05

dependabot-preview bot force-pushed the dependabot/bundler/paperclip-4.3.7 branch from 55f9822 to 811a879 Compare January 31, 2019 03:29

dependabot-preview bot force-pushed the dependabot/bundler/paperclip-4.3.7 branch from 811a879 to 43a7876 Compare February 20, 2019 22:04

dependabot-preview bot force-pushed the dependabot/bundler/paperclip-4.3.7 branch from 43a7876 to 054dc6f Compare February 28, 2019 19:51

dependabot-preview bot force-pushed the dependabot/bundler/paperclip-4.3.7 branch from 054dc6f to 8a64e4c Compare March 11, 2019 22:25

dependabot-preview bot force-pushed the dependabot/bundler/paperclip-4.3.7 branch from 8a64e4c to 73cdb64 Compare March 22, 2019 21:15

dependabot-preview bot force-pushed the dependabot/bundler/paperclip-4.3.7 branch from 73cdb64 to c7a1e71 Compare March 25, 2019 14:20

jywarren merged commit fa40509 into main Mar 27, 2019

dependabot-preview bot deleted the dependabot/bundler/paperclip-4.3.7 branch March 27, 2019 04:31

avsingh999 added a commit to avsingh999/mapknitter that referenced this pull request Mar 30, 2019

Revert "Bump paperclip from 4.2.4 to 4.3.7 (publiclab#285)"

9e744b4

This reverts commit fcb8a3e.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump paperclip from 4.2.4 to 4.3.7 #285

Bump paperclip from 4.2.4 to 4.3.7 #285

dependabot-preview bot commented Jan 6, 2019 •

edited

Loading

sashadev-sky commented Mar 27, 2019 •

edited

Loading

jywarren commented Mar 27, 2019

Bump paperclip from 4.2.4 to 4.3.7 #285

Bump paperclip from 4.2.4 to 4.3.7 #285

Conversation

dependabot-preview bot commented Jan 6, 2019 • edited Loading

v4.3.7

v4.3.6

v4.3.2

v4.3.1

v4.3.0

sashadev-sky commented Mar 27, 2019 • edited Loading

jywarren commented Mar 27, 2019

dependabot-preview bot commented Jan 6, 2019 •

edited

Loading

sashadev-sky commented Mar 27, 2019 •

edited

Loading