[openstreetmap/openstreetmap-website] Bump puma from 3.12.6 to 4.3.5 (#2676)

dependabot[bot] notifications at github.com
Fri Jun 26 18:25:10 UTC 2020 

Bumps [puma](https://github.com/puma/puma) from 3.12.6 to 4.3.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/puma/puma/releases">puma's releases</a>.</em></p>
<blockquote>
<h2>v4.3.0 - Mysterious Traveller</h2>
<p><img src="https://user-images.githubusercontent.com/845662/68427889-ff59cd00-0178-11ea-8329-8493b3de6906.jpg" alt="0000492109" /></p>
<p><a href="https://www.youtube.com/watch?v=bZ44_P6iM18">Mysterious Traveller</a></p>
<ul>
<li>
<p>Features</p>
<ul>
<li>Strip whitespace at end of HTTP headers (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2010">#2010</a>)</li>
<li>Optimize HTTP parser for JRuby (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2012">#2012</a>)</li>
<li>Add SSL support for the control app and cli (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2046">#2046</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2052">#2052</a>)</li>
</ul>
</li>
<li>
<p>Bugfixes</p>
<ul>
<li>Fix Errno::EINVAL when SSL is enabled and browser rejects cert (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1564">#1564</a>)</li>
<li>Fix pumactl defaulting puma to development if an environment was not specified (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2035">#2035</a>)</li>
<li>Fix closing file stream when reading pid from pidfile (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2048">#2048</a>)</li>
<li>Fix a typo in configuration option <code>--extra_runtime_dependencies</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2050">#2050</a>)</li>
</ul>
</li>
</ul>
<h2>4.2.1</h2>
<ul>
<li>3 bugfixes
<ul>
<li>Fix socket activation of systemd (pre-existing) unix binder files (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1842">#1842</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/1988">#1988</a>)</li>
<li>Deal with multiple calls to bind correctly (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1986">#1986</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/1994">#1994</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2006">#2006</a>)</li>
<li>Accepts symbols for <code>verify_mode</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1222">#1222</a>)</li>
</ul>
</li>
</ul>
<h2>4.2.0 - Distant Airhorns</h2>
<ul>
<li>6 features
<ul>
<li>Pumactl has a new -e environment option and reads config/puma/<!-- raw HTML omitted -->.rb config files (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1885">#1885</a>)</li>
<li>Semicolons are now allowed in URL paths (MRI only), useful for Angular or Redmine (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1934">#1934</a>)</li>
<li>Allow extra dependencies to be defined when using prune_bundler (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1105">#1105</a>)</li>
<li>Puma now reports the correct port when binding to port 0, also reports other listeners when binding to localhost (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1786">#1786</a>)</li>
<li>Sending SIGINFO to any Puma worker now prints currently active threads and their backtraces (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1320">#1320</a>)</li>
<li>Puma threads all now have their name set on Ruby 2.3+ (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1968">#1968</a>)</li>
</ul>
</li>
<li>4 bugfixes
<ul>
<li>Fix some misbehavior with phased restart and externally SIGTERMed workers (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1908">#1908</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/1952">#1952</a>)</li>
<li>Fix socket closing on error (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1941">#1941</a>)</li>
<li>Removed unnecessary SIGINT trap for JRuby that caused some race conditions (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1961">#1961</a>)</li>
<li>Fix socket files being left around after process stopped (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1970">#1970</a>)</li>
</ul>
</li>
<li>Absolutely thousands of lines of test improvements and fixes thanks to <a href="https://github.com/MSP-Greg">@MSP-Greg</a></li>
</ul>
<p><img src="https://user-images.githubusercontent.com/845662/65414357-d3b29b80-ddf3-11e9-8e77-2a66ff5672be.png" alt="air-horn-sound-s-econd-air-horn-sound-me-this-23916124" /></p>
<h2>4.1.1</h2>
<p>3 bugfixes</p>
<ul>
<li>Revert our attempt to not dup STDOUT/STDERR (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1946">#1946</a>)</li>
<li>Fix socket close on error (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1941">#1941</a>)</li>
<li>Fix workers not shutting down correctly (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1908">#1908</a>)</li>
</ul>
<h2>4.1.0 - Fourth and One</h2>
<ul>
<li>4 features
<ul>
<li>Add REQUEST_PATH on parse error message (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1831">#1831</a>)</li>
<li>You can now easily add custom log formatters with the <code>log_formatter</code> config option (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1816">#1816</a>)</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/puma/puma/blob/master/History.md">puma's changelog</a>.</em></p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/puma/puma/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&previous-version=3.12.6&new-version=4.3.5)](https://help.github.com/articles/configuring-automated-security-fixes)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
You can view, comment on, or merge this pull request online at:

  https://github.com/openstreetmap/openstreetmap-website/pull/2676

-- Commit Summary --

  * Bump puma from 3.12.6 to 4.3.5

-- File Changes --

    M Gemfile (2)
    M Gemfile.lock (5)

-- Patch Links --

https://github.com/openstreetmap/openstreetmap-website/pull/2676.patch
https://github.com/openstreetmap/openstreetmap-website/pull/2676.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/2676
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20200626/b63faa56/attachment-0001.htm>

More information about the rails-dev mailing list