
<p>Bumps <a href="https://github.com/twitter/secureheaders">secure_headers</a> from 6.1.2 to 6.3.0.</p>


<details>


<summary>Changelog</summary>


<p><em>Sourced from <a href="https://github.com/twitter/secure_headers/blob/master/CHANGELOG.md">secure_headers's changelog</a>.</em></p>


<blockquote>


<h2>6.3.0</h2>


<p>Fixes newline injection issue</p>


<h2>6.2.0</h2>


<p>Fixes semicolon injection issue reported by <a href="https://github.com/mvgijssel">@mvgijssel</a> see <a href="https://github-redirect.dependabot.com/twitter/secure_headers/issues/418" rel="nofollow">twitter/secure_headers#418</a></p>


</blockquote>


</details>


<details>


<summary>Commits</summary>


<ul>


<li><a href="https://github.com/twitter/secure_headers/commit/722a69051acce9d26ab0d0648fe10fd2ff77baa8"><code>722a690</code></a> bump to 6.3</li>


<li><a href="https://github.com/twitter/secure_headers/commit/301695706f6a70517c2a90c6ef9b32178440a2d0"><code>3016957</code></a> Merge pull request from <a title="GHSA-w978-rmpf-qmwg" href="https://github.com/twitter/secure_headers/security/advisories/GHSA-w978-rmpf-qmwg">GHSA-w978-rmpf-qmwg</a></li>


<li><a href="https://github.com/twitter/secure_headers/commit/3a2b548223de854ab9768ae07acedfcd2ac211e3"><code>3a2b548</code></a> Filter and warn on newlines</li>


<li><a href="https://github.com/twitter/secure_headers/commit/1298905068931621a2c1988b175a1da186bcd641"><code>1298905</code></a> bump to 6.2</li>


<li><a href="https://github.com/twitter/secure_headers/commit/6e38cb41d2918d85e9a9e31a6489e99809c840ad"><code>6e38cb4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/twitter/secureheaders/issues/419" rel="nofollow">#419</a> from twitter/escape-semi-colons</li>


<li><a href="https://github.com/twitter/secure_headers/commit/eed6c1606feaa874ba53b2ba0e2405accd8d1105"><code>eed6c16</code></a> lint</li>


<li><a href="https://github.com/twitter/secure_headers/commit/3c4b86edd6745275da22d92290872da202d73e64"><code>3c4b86e</code></a> escape semicolons by replacing them with spaces</li>


<li><a href="https://github.com/twitter/secure_headers/commit/2068ba7bb63fb98786db828091cb52304bcae560"><code>2068ba7</code></a> clean up some warnings</li>


<li><a href="https://github.com/twitter/secure_headers/commit/86c762aea480d0a776246652586f93e026f6799f"><code>86c762a</code></a> Remove outdated APL license blurb from readme, use only the LICENSE file</li>


<li><a href="https://github.com/twitter/secure_headers/commit/902041bab6b3e7c29644f49d6dd0ef75b9c5bbb0"><code>902041b</code></a> Do years even matter?</li>


<li>Additional commits viewable in <a href="https://github.com/twitter/secureheaders/compare/v6.1.2...v6.3.0">compare view</a></li>


</ul>


</details>


<br>


<p><a href="https://help.github.com/articles/configuring-automated-security-fixes"><img src="https://camo.githubusercontent.com/832aa569e72059f1308b205e02682ad1a8318cec/68747470733a2f2f646570656e6461626f742d6261646765732e6769746875626170702e636f6d2f6261646765732f636f6d7061746962696c6974795f73636f72653f646570656e64656e63792d6e616d653d7365637572655f68656164657273267061636b6167652d6d616e616765723d62756e646c65722670726576696f75732d76657273696f6e3d362e312e32266e65772d76657273696f6e3d362e332e30" alt="Dependabot compatibility score" data-canonical-src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=secure_headers&package-manager=bundler&previous-version=6.1.2&new-version=6.3.0" style="max-width:100%;"></a></p>


<p>Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting <code>@dependabot rebase</code>.</p>


<hr>


<details>


<summary>Dependabot commands and options</summary>


<br>


<p>You can trigger Dependabot actions by commenting on this PR:</p>


<ul>


<li><code>@dependabot rebase</code> will rebase this PR</li>


<li><code>@dependabot recreate</code> will recreate this PR, overwriting any edits that have been made to it</li>


<li><code>@dependabot merge</code> will merge this PR after your CI passes on it</li>


<li><code>@dependabot squash and merge</code> will squash and merge this PR after your CI passes on it</li>


<li><code>@dependabot cancel merge</code> will cancel a previously requested merge and block automerging</li>


<li><code>@dependabot reopen</code> will reopen this PR if it is closed</li>


<li><code>@dependabot ignore this [patch|minor|major] version</code> will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)</li>


<li><code>@dependabot ignore this dependency</code> will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)</li>


<li><code>@dependabot use these labels</code> will set the current labels as the default for future PRs for this repo and language</li>


<li><code>@dependabot use these reviewers</code> will set the current reviewers as the default for future PRs for this repo and language</li>


<li><code>@dependabot use these assignees</code> will set the current assignees as the default for future PRs for this repo and language</li>


<li><code>@dependabot use this milestone</code> will set the current milestone as the default for future PRs for this repo and language</li>


</ul>


<p>You can disable automated security fix PRs for this repo from the <a href="https://github.com/openstreetmap/openstreetmap-website/network/alerts">Security Alerts page</a>.</p>


</details>


<hr>


<h4>You can view, comment on, or merge this pull request online at:</h4>


<p>  <a href='https://github.com/openstreetmap/openstreetmap-website/pull/2517'>https://github.com/openstreetmap/openstreetmap-website/pull/2517</a></p>


<h4>Commit Summary</h4>


<ul>


  <li>Bump secure_headers from 6.1.2 to 6.3.0</li>


</ul>


<h4>File Changes</h4>


<ul>


  <li>


    <strong>M</strong>


    <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2517/files#diff-0">Gemfile.lock</a>


    (2)


  </li>


</ul>


<h4>Patch Links:</h4>


<ul>


  <li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2517.patch'>https://github.com/openstreetmap/openstreetmap-website/pull/2517.patch</a></li>


  <li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2517.diff'>https://github.com/openstreetmap/openstreetmap-website/pull/2517.diff</a></li>


</ul>


<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2517?email_source=notifications&email_token=AAK2OLKDZUYLQ4KTFKSQZWLQ7D6G5A5CNFSM4KKPWXV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IID4SXA">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAK2OLOJ2HE3YB2SN47VUXLQ7D6G5ANCNFSM4KKPWXVQ">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AAK2OLP7KS2IFGRW522SMZDQ7D6G5A5CNFSM4KKPWXV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IID4SXA.gif" height="1" width="1" alt="" /></p>


<script type="application/ld+json">[


{


"@context": "http://schema.org",


"@type": "EmailMessage",


"potentialAction": {


"@type": "ViewAction",


"target": "https://github.com/openstreetmap/openstreetmap-website/pull/2517?email_source=notifications\u0026email_token=AAK2OLKDZUYLQ4KTFKSQZWLQ7D6G5A5CNFSM4KKPWXV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IID4SXA",


"url": "https://github.com/openstreetmap/openstreetmap-website/pull/2517?email_source=notifications\u0026email_token=AAK2OLKDZUYLQ4KTFKSQZWLQ7D6G5A5CNFSM4KKPWXV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IID4SXA",


"name": "View Pull Request"


},


"description": "View this Pull Request on GitHub",


"publisher": {


"@type": "Organization",


"name": "GitHub",


"url": "https://github.com"


}


}


]</script>