[openstreetmap/openstreetmap-website] Bump puma from 4.3.5 to 4.3.6 (#2816)

dependabot[bot] notifications at github.com
Mon Sep 7 05:01:46 UTC 2020 

Bumps [puma](https://github.com/puma/puma) from 4.3.5 to 4.3.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/puma/puma/releases">puma's releases</a>.</em></p>
<blockquote>
<h2>v4.3.6</h2>
<p><a href="https://github.com/puma/puma/compare/v4.3.5...4.3.6">https://github.com/puma/puma/compare/v4.3.5...4.3.6</a></p>
<p>A quick fix for a build error on Mac OS and a JSON require fix for those using phased restart.</p>
<ul>
<li>Explicitly include ctype.h to fix compilation warning and build error on macOS with Xcode 12 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2304">#2304</a>)</li>
<li>Don't require json at boot (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2269">#2269</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/puma/puma/blob/master/History.md">puma's changelog</a>.</em></p>
<blockquote>
<h2>5.0.0</h2>
<ul>
<li>
<p>Features</p>
<ul>
<li>EXPERIMENTAL: Add <code>fork_worker</code> option and <code>refork</code> command for reduced memory usage by forking from a worker process instead of the master process. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2099">#2099</a>)</li>
<li>EXPERIMENTAL: Added <code>wait_for_less_busy_worker</code> config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2079">#2079</a>).</li>
<li>EXPERIMENTAL: Added <code>nakayoshi_fork</code> option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2093">#2093</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2256">#2256</a>)</li>
<li>Added pumactl <code>thread-backtraces</code> command to print thread backtraces (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2054">#2054</a>)</li>
<li>Added incrementing <code>requests_count</code> to <code>Puma.stats</code>. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2106">#2106</a>)</li>
<li>Increased maximum URI path length from 2048 to 8192 bytes (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2167">#2167</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2344">#2344</a>)</li>
<li><code>lowlevel_error_handler</code> is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2203">#2203</a>)</li>
<li>Faster phased restart and worker timeout (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li>
<li>Added <code>state_permission</code> to config DSL to set state file permissions (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2238">#2238</a>)</li>
<li>Added <code>Puma.stats_hash</code>, which returns a stats in Hash instead of a JSON string (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2086">#2086</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2253">#2253</a>)</li>
<li><code>rack.multithread</code> and <code>rack.multiprocess</code> now dynamically resolved by <code>max_thread</code> and <code>workers</code> respectively (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2288">#2288</a>)</li>
</ul>
</li>
<li>
<p>Deprecations, Removals and Breaking API Changes</p>
<ul>
<li><code>--control</code> has been removed. Use <code>--control-url</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1487">#1487</a>)</li>
<li><code>worker_directory</code> has been removed. Use <code>directory</code>.</li>
<li>min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li>
<li>max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li>
<li>max_threads default to 5 in MRI or 16 for all other interpreters. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li>
<li>preload by default if workers &gt; 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li>
<li>Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2143">#2143</a>)</li>
<li><code>tcp_mode</code> has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2169">#2169</a>)</li>
<li>Daemonization has been removed without replacement. (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2170">#2170</a>)</li>
<li>Changed #connected_port to #connected_ports (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2076">#2076</a>)</li>
<li>Configuration: <code>environment</code> is read from <code>RAILS_ENV</code>, if <code>RACK_ENV</code> can't be found (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2022">#2022</a>)</li>
<li>Log binding on http:// for TCP bindings to make it clickable</li>
</ul>
</li>
<li>
<p>Bugfixes</p>
<ul>
<li>Fix JSON loading issues on phased-restarts (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2269">#2269</a>)</li>
<li>Improve shutdown reliability (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2312">#2312</a>, <a href="https://github-redirect.dependabot.com/puma/puma/issues/2338">#2338</a>)</li>
<li>Close client http connections made to an ssl server with TLSv1.3 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2116">#2116</a>)</li>
<li>Do not set user_config to quiet by default to allow for file config (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2074">#2074</a>)</li>
<li>Always close SSL connection in Puma::ControlCLI (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2211">#2211</a>)</li>
<li>Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2069">#2069</a>)</li>
<li>Ensure control server Unix socket is closed on shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2112">#2112</a>)</li>
<li>Preserve <code>BUNDLE_GEMFILE</code> env var when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1893">#1893</a>)</li>
<li>Send 408 request timeout even when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2119">#2119</a>)</li>
<li>Rescue IO::WaitReadable instead of EAGAIN for blocking read (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2121">#2121</a>)</li>
<li>Ensure <code>BUNDLE_GEMFILE</code> is unspecified in workers if unspecified in master when using <code>prune_bundler</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2154">#2154</a>)</li>
<li>Rescue and log exceptions in hooks defined by users (on_worker_boot, after_worker_fork etc) (<a href="https://github-redirect.dependabot.com/puma/puma/issues/1551">#1551</a>)</li>
<li>Read directly from the socket in #read_and_drop to avoid raising further SSL errors (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2198">#2198</a>)</li>
<li>Set <code>Connection: closed</code> header when queue requests is disabled (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2216">#2216</a>)</li>
<li>Pass queued requests to thread pool on server shutdown (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2122">#2122</a>)</li>
<li>Fixed a few minor concurrency bugs in ThreadPool that may have affected non-GVL Rubies (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2220">#2220</a>)</li>
<li>Fix <code>out_of_band</code> hook never executed if the number of worker threads is &gt; 1 (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2177">#2177</a>)</li>
<li>Fix ThreadPool#shutdown timeout accuracy (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2221">#2221</a>)</li>
<li>Fix <code>UserFileDefaultOptions#fetch</code> to properly use <code>default</code> (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2233">#2233</a>)</li>
<li>Improvements to <code>out_of_band</code> hook (<a href="https://github-redirect.dependabot.com/puma/puma/issues/2234">#2234</a>)</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/puma/puma/commit/3e3647a32d4c3f6921c80174ada5ee208d71cfa5"><code>3e3647a</code></a> v4.3.6</li>
<li><a href="https://github.com/puma/puma/commit/73cfdf5e38e278744ffafd5ac17563b3eed50827"><code>73cfdf5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2314">#2314</a> from venables/fix-include</li>
<li><a href="https://github.com/puma/puma/commit/fa54f4da30ad94383a1c09c01ab550586f81b46a"><code>fa54f4d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/puma/puma/issues/2269">#2269</a> from MSP-Greg/json-require</li>
<li>See full diff in <a href="https://github.com/puma/puma/compare/v4.3.5...v4.3.6">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&previous-version=4.3.5&new-version=4.3.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
You can view, comment on, or merge this pull request online at:

  https://github.com/openstreetmap/openstreetmap-website/pull/2816

-- Commit Summary --

  * Bump puma from 4.3.5 to 4.3.6

-- File Changes --

    M Gemfile.lock (2)

-- Patch Links --

https://github.com/openstreetmap/openstreetmap-website/pull/2816.patch
https://github.com/openstreetmap/openstreetmap-website/pull/2816.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/2816
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20200906/bed174e8/attachment-0001.htm>

More information about the rails-dev mailing list