[openstreetmap/openstreetmap-website] Bump the dependencies group with 2 updates (PR #7032)
dependabot[bot]
notifications at github.com
Thu Apr 23 21:37:16 UTC 2026
Bumps the dependencies group with 2 updates: [dalli](https://github.com/petergoldstein/dalli) and [opentelemetry-instrumentation-all](https://github.com/open-telemetry/opentelemetry-ruby-contrib).
Updates `dalli` from 4.3.3 to 5.0.2
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/petergoldstein/dalli/blob/main/CHANGELOG.md">dalli's changelog</a>.</em></p>
<blockquote>
<h1>5.0.2</h1>
<p>Performance:</p>
<ul>
<li>Add single-server fast path for <code>get_multi</code>, <code>set_multi</code>, and <code>delete_multi</code> (<a href="https://redirect.github.com/petergoldstein/dalli/issues/1077">#1077</a>)
<ul>
<li>When only one memcached server is configured, bypass the <code>Pipelined*</code> machinery (IO.select, response buffering, server grouping) and issue all quiet meta requests inline followed by a noop terminator</li>
<li><code>get_multi</code> shows ~1.5x improvement at 10 keys and ~1.75x at 100–500 keys compared to the <code>PipelinedGetter</code> path</li>
<li>Thanks to Dan Mayer (Shopify) for this contribution</li>
</ul>
</li>
</ul>
<p>Development:</p>
<ul>
<li>Add <code>bin/benchmark_branch</code> script for benchmarking against the current branch</li>
</ul>
<h1>5.0.1</h1>
<p>Performance:</p>
<ul>
<li>Reduce object allocations in pipelined get response processing (<a href="https://redirect.github.com/petergoldstein/dalli/issues/1072">#1072</a>, <a href="https://redirect.github.com/petergoldstein/dalli/issues/1078">#1078</a>)
<ul>
<li>Offset-based <code>ResponseBuffer</code>: track a read offset instead of slicing a new string after every parsed response; compact only when the consumed portion exceeds 4KB and more than half the buffer</li>
<li>Inline response processor parsing: avoid intermediate array allocations from <code>split</code>-based header parsing</li>
<li>Block-based <code>pipeline_next_responses</code>: yield <code>(key, value, cas)</code> directly when a block is given, avoiding per-call Hash allocation</li>
<li><code>PipelinedGetter</code>: replace Hash-based socket-to-server mapping with linear scan (faster for typical 1-5 server counts); use <code>Process.clock_gettime(CLOCK_MONOTONIC)</code> instead of <code>Time.now</code></li>
</ul>
</li>
<li>Add cross-version benchmark script (<code>bin/compare_versions</code>) for reproducible performance comparisons across Dalli versions</li>
</ul>
<p>Bug Fixes:</p>
<ul>
<li>Rescue <code>IOError</code> in connection manager <code>write</code>/<code>flush</code> methods (<a href="https://redirect.github.com/petergoldstein/dalli/issues/1075">#1075</a>)
<ul>
<li>Prevents unhandled exceptions when a connection is closed mid-operation</li>
<li>Thanks to Graham Cooper (Shopify) for this fix</li>
</ul>
</li>
</ul>
<p>Development:</p>
<ul>
<li>Add <code>rubocop-thread_safety</code> for detecting thread-safety issues (<a href="https://redirect.github.com/petergoldstein/dalli/issues/1076">#1076</a>)</li>
<li>Add CONTRIBUTING.md with AI contribution policy (<a href="https://redirect.github.com/petergoldstein/dalli/issues/1074">#1074</a>)</li>
</ul>
<h1>5.0.0</h1>
<p><strong>Breaking Changes:</strong></p>
<ul>
<li>
<p><strong>Removed binary protocol</strong> - The meta protocol is now the only supported protocol</p>
<ul>
<li>The <code>:protocol</code> option is no longer used</li>
<li>Requires memcached 1.6+ (for meta protocol support)</li>
<li>Users on older memcached versions must upgrade or stay on Dalli 4.x</li>
</ul>
</li>
<li>
<p><strong>Removed SASL authentication</strong> - The meta protocol does not support authentication</p>
<ul>
<li>Use network-level security (firewall rules, VPN) or memcached's TLS support instead</li>
<li>Users requiring SASL authentication must stay on Dalli 4.x with binary protocol</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/petergoldstein/dalli/commit/d93d9da13900ab3098ea75aea0c21efb3ab4f7b0"><code>d93d9da</code></a> Merge pull request <a href="https://redirect.github.com/petergoldstein/dalli/issues/1083">#1083</a> from petergoldstein/release/5.0.2</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/f73d29ac0ec6be058c4cbdb01eca98de006aac49"><code>f73d29a</code></a> Bump version to 5.0.2 and update CHANGELOG</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/3c45c4219cf0960a9eec535dd7d9f010aceeae08"><code>3c45c42</code></a> Merge pull request <a href="https://redirect.github.com/petergoldstein/dalli/issues/1077">#1077</a> from danmayer/single-server-get-multi-fast-path</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/623dac948366b48697da7d1c5f36ce48452eab08"><code>623dac9</code></a> Merge pull request <a href="https://redirect.github.com/petergoldstein/dalli/issues/1082">#1082</a> from petergoldstein/add-claude-github-actions-177179...</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/86caa3c5e10ae339c77421841fb7a1958ae645a7"><code>86caa3c</code></a> "Update Claude Code Review workflow"</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/27b5f0d47f687f2ca87a5e8d3257d1e624af69de"><code>27b5f0d</code></a> "Update Claude PR Assistant workflow"</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/d0fd3d125475b7cf1e8d0f9dcccdaabaa5541974"><code>d0fd3d1</code></a> Add single-server fast path for set_multi and delete_multi</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/a85e04112f54f819e373ee93ef50dc786b198315"><code>a85e041</code></a> Merge pull request <a href="https://redirect.github.com/petergoldstein/dalli/issues/1080">#1080</a> from petergoldstein/add-claude-github-actions-177171...</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/7a7dff47887504b80c48e233794363003a9bd3e9"><code>7a7dff4</code></a> "Claude Code Review workflow"</li>
<li><a href="https://github.com/petergoldstein/dalli/commit/de9d5bba0a4c37c8261a7267656d033a303f80d5"><code>de9d5bb</code></a> "Claude PR Assistant workflow"</li>
<li>Additional commits viewable in <a href="https://github.com/petergoldstein/dalli/compare/v4.3.3...v5.0.2">compare view</a></li>
</ul>
</details>
<br />
Updates `opentelemetry-instrumentation-all` from 0.91.0 to 0.92.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases">opentelemetry-instrumentation-all's releases</a>.</em></p>
<blockquote>
<h2>opentelemetry-instrumentation-all 0.92.0</h2>
<h2>v0.92.0 / 2026-04-14</h2>
<ul>
<li>BREAKING CHANGE: Min Ruby Version 3.3 (<a href="https://redirect.github.com/open-telemetry/opentelemetry-ruby-contrib/issues/2125">#2125</a>)</li>
<li>ADDED: Min Ruby Version 3.3 (<a href="https://redirect.github.com/open-telemetry/opentelemetry-ruby-contrib/issues/2125">#2125</a>)</li>
<li>ADDED: Add release tag into source code url of gem metadata (<a href="https://redirect.github.com/open-telemetry/opentelemetry-ruby-contrib/issues/1984">#1984</a>)</li>
<li>CHANGED: Update transitive dependencies for all instrumentation gems to new versions</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/open-telemetry/opentelemetry-ruby-contrib/compare/opentelemetry-instrumentation-all/v0.91.0...opentelemetry-instrumentation-all/v0.92.0">compare view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions
</details>
You can view, comment on, or merge this pull request online at:
https://github.com/openstreetmap/openstreetmap-website/pull/7032?email_source=notifications&email_token=AAK2OLMP4SFNBNH6WQRCIET4XKEIZA5CNFSNUABEM5UWIORPF5TWS5BNNB2WEL2QOVWGYUTFOF2WK43UF4ZTKNZVG43TINZRGWTHEZLBONXW5KTTOVRHGY3SNFRGKZFFMV3GK3TUVVYHEX3POBSW4X3DNRUWG2Y
-- Commit Summary --
* Bump the dependencies group with 2 updates
-- File Changes --
M Gemfile (2)
M Gemfile.lock (192)
-- Patch Links --
https://github.com/openstreetmap/openstreetmap-website/pull/7032.patch?email_source=notifications&email_token=AAK2OLOS4B2GTGOA7WYCOET4XKEIZA5CNFSNUABEM5UWIORPF5TWS5BNNB2WEL2QOVWGYUTFOF2WK43UF4ZTKNZVG43TINZRGWTHEZLBONXW5KTTOVRHGY3SNFRGKZFFMV3GK3TUVZYHEX3QMF2GG2C7MNWGSY3Lhttps://github.com/openstreetmap/openstreetmap-website/pull/7032.diff?email_source=notifications&email_token=AAK2OLICZ6WZ6FKBBIQHXDT4XKEIZA5CNFSNUABEM5UWIORPF5TWS5BNNB2WEL2QOVWGYUTFOF2WK43UF4ZTKNZVG43TINZRGWTHEZLBONXW5KTTOVRHGY3SNFRGKZFFMV3GK3TUVVYHEX3ENFTGMX3DNRUWG2Y
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/7032
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/pull/7032 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20260423/a15e7688/attachment-0001.htm>
More information about the rails-dev
mailing list