<p>Bumps <a href="https://github.com/minimagick/minimagick">mini_magick</a> from 4.9.3 to 4.9.4.</p>
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/minimagick/minimagick/releases">mini_magick's releases</a>.</em></p>
<blockquote>
<h2>v4.9.4</h2>
<ul>
<li>Fixed a remote shell execution vulnerability when using <code>MiniMagick::Image.open</code> with URL coming from unsanitized user input (thanks to <a href="https://github.com/rootxharsh">@rootxharsh</a>)</li>
<li>Fixed some Ruby warnings (thanks to <a href="https://github.com/koic">@koic</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/minimagick/minimagick/commit/293f9bb76b72f99150a07be7dae9b0bebc5132d0"><code>293f9bb</code></a> Bump to 4.9.4</li>
<li><a href="https://github.com/minimagick/minimagick/commit/4cd5081e58810d3394d27a67219e8e4e0445d851"><code>4cd5081</code></a> Don't allow remote shell execution</li>
<li><a href="https://github.com/minimagick/minimagick/commit/152d33ac824ecce993134735d1aefc092567d661"><code>152d33a</code></a> Fix test failure</li>
<li><a href="https://github.com/minimagick/minimagick/commit/87e90599f29bc657bba90247bec17f36b47e7c1d"><code>87e9059</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/minimagick/minimagick/issues/427" rel="nofollow">#427</a> from koic/suppress_deprecation_warnings_in_production...</li>
<li><a href="https://github.com/minimagick/minimagick/commit/b5ce04735e0f1d311d8ea67016453c53aa367898"><code>b5ce047</code></a> Suppress <code>warning: instance variable [@​processor](https://github.com/processor)_path not initialized</code></li>
<li><a href="https://github.com/minimagick/minimagick/commit/a74b73e640f64300e6f0681a1e0d4d2a6a76168f"><code>a74b73e</code></a> Suppress <code>warning: instance variable [@​cli](https://github.com/cli)_path not initialized</code></li>
<li><a href="https://github.com/minimagick/minimagick/commit/6fca405159d818259be63cc45943f520c5ca0034"><code>6fca405</code></a> Suppress <code>warning: instance variable [@​cli](https://github.com/cli) not initialized</code></li>
<li><a href="https://github.com/minimagick/minimagick/commit/64560f54fbfaf789a5db7bf7ee7cf5ca96bc4869"><code>64560f5</code></a> Suppress <code>warning: method redefined; discarding old debug=</code></li>
<li><a href="https://github.com/minimagick/minimagick/commit/563cc6118e1866b0a223512cace10a9f5e3dfc77"><code>563cc61</code></a> Suppress <code>warning: method redefined; discarding old cli_path</code></li>
<li><a href="https://github.com/minimagick/minimagick/commit/2965e55c78e590284a676ab79e67f7185aa4a688"><code>2965e55</code></a> Suppress <code>warning: method redefined; discarding old cli and cli=</code></li>
<li>Additional commits viewable in <a href="https://github.com/minimagick/minimagick/compare/v4.9.3...v4.9.4">compare view</a></li>
</ul>
</details>
<br>
<p><a href="https://help.github.com/articles/configuring-automated-security-fixes"><img src="https://camo.githubusercontent.com/8a8908a5c05e17f0e1102ddb7ebdd7d8a2fa79ea/68747470733a2f2f646570656e6461626f742d6261646765732e6769746875626170702e636f6d2f6261646765732f636f6d7061746962696c6974795f73636f72653f646570656e64656e63792d6e616d653d6d696e695f6d616769636b267061636b6167652d6d616e616765723d62756e646c65722670726576696f75732d76657273696f6e3d342e392e33266e65772d76657273696f6e3d342e392e34" alt="Dependabot compatibility score" data-canonical-src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mini_magick&package-manager=bundler&previous-version=4.9.3&new-version=4.9.4" style="max-width:100%;"></a></p>
<p>Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting <code>@dependabot rebase</code>.</p>
<hr>
<details>
<summary>Dependabot commands and options</summary>
<br>
<p>You can trigger Dependabot actions by commenting on this PR:</p>
<ul>
<li><code>@dependabot rebase</code> will rebase this PR</li>
<li><code>@dependabot recreate</code> will recreate this PR, overwriting any edits that have been made to it</li>
<li><code>@dependabot merge</code> will merge this PR after your CI passes on it</li>
<li><code>@dependabot squash and merge</code> will squash and merge this PR after your CI passes on it</li>
<li><code>@dependabot cancel merge</code> will cancel a previously requested merge and block automerging</li>
<li><code>@dependabot reopen</code> will reopen this PR if it is closed</li>
<li><code>@dependabot ignore this [patch|minor|major] version</code> will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)</li>
<li><code>@dependabot ignore this dependency</code> will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)</li>
<li><code>@dependabot use these labels</code> will set the current labels as the default for future PRs for this repo and language</li>
<li><code>@dependabot use these reviewers</code> will set the current reviewers as the default for future PRs for this repo and language</li>
<li><code>@dependabot use these assignees</code> will set the current assignees as the default for future PRs for this repo and language</li>
<li><code>@dependabot use this milestone</code> will set the current milestone as the default for future PRs for this repo and language</li>
</ul>
<p>You can disable automated security fix PRs for this repo from the <a href="https://github.com/openstreetmap/openstreetmap-website/network/alerts">Security Alerts page</a>.</p>
</details>
<hr>
<h4>You can view, comment on, or merge this pull request online at:</h4>
<p> <a href='https://github.com/openstreetmap/openstreetmap-website/pull/2325'>https://github.com/openstreetmap/openstreetmap-website/pull/2325</a></p>
<h4>Commit Summary</h4>
<ul>
<li>Bump mini_magick from 4.9.3 to 4.9.4</li>
</ul>
<h4>File Changes</h4>
<ul>
<li>
<strong>M</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2325/files#diff-0">Gemfile.lock</a>
(2)
</li>
</ul>
<h4>Patch Links:</h4>
<ul>
<li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2325.patch'>https://github.com/openstreetmap/openstreetmap-website/pull/2325.patch</a></li>
<li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2325.diff'>https://github.com/openstreetmap/openstreetmap-website/pull/2325.diff</a></li>
</ul>
<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2325?email_source=notifications&email_token=AAK2OLNCGOW5HFGDIIZ6XO3QACB2BA5CNFSM4IE4V5Q2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HABAB2Q">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAK2OLOMRZTLHFJSE2EQ2NDQACB2BANCNFSM4IE4V5QQ">mute the thread</a>.<img src="https://github.com/notifications/beacon/AAK2OLL5DTMYRJBPXSS7NZTQACB2BA5CNFSM4IE4V5Q2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HABAB2Q.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/openstreetmap/openstreetmap-website/pull/2325?email_source=notifications\u0026email_token=AAK2OLNCGOW5HFGDIIZ6XO3QACB2BA5CNFSM4IE4V5Q2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HABAB2Q",
"url": "https://github.com/openstreetmap/openstreetmap-website/pull/2325?email_source=notifications\u0026email_token=AAK2OLNCGOW5HFGDIIZ6XO3QACB2BA5CNFSM4IE4V5Q2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HABAB2Q",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>