chore(deps): bump the minor group across 1 directory with 7 updates

[dependabot]

Bumps the minor group with 6 updates in the / directory:

Package	From	To
rails	8.1.2	8.1.3
solid_queue	1.3.2	1.4.0
sentry-ruby	6.4.1	6.5.0
pagy	43.4.2	43.4.3
ferrum	0.17.1	0.17.2
webmock	3.26.1	3.26.2

Updates rails from 8.1.2 to 8.1.3

Release notes

Sourced from rails's releases.

8.1.3

Active Support

• Fix JSONGemCoderEncoder to correctly serialize custom object hash keys.

  When hash keys are custom objects whose as_json returns a Hash, the encoder now calls to_s on the original key object instead of on the as_json result.

  Before: hash = {CustomKey.new(123) => "value"} hash.to_json # => {"{:id=>123}":"value"}

  After: hash.to_json # => {"custom_123":"value"}

  Dan Sharp

• Fix inflections to better handle overlapping acronyms.

  ActiveSupport::Inflector.inflections(:en) do |inflect|
    inflect.acronym "USD"
    inflect.acronym "USDC"
  end
  "USDC".underscore # => "usdc"

  Said Kaldybaev

• Silence Dalli 4.0+ warning when using ActiveSupport::Cache::MemCacheStore.

  zzak

Active Model

• Fix Ruby 4.0 delegator warning when calling inspect on attributes.

  Hammad Khan

• Fix NoMethodError when deserialising Type::Integer objects marshalled under Rails 8.0.

  The performance optimisation that replaced @range with @max/@min broke Marshal compatibility. Objects serialised under 8.0 (with @range) and deserialised under 8.1 (expecting @max/@min) would crash with undefined method '<=' for nil because Marshal.load restores instance variables without calling initialize.

... (truncated)

Commits

• fa8f081 Preparing for 8.1.3 release
• 63cef3d Merge branch '8-1-sec' into 8-1-stable
• 1db4b89 Preparing for 8.1.2.1 release
• 1c7d1cf Update changelog
• e91694b Update CHANGELOG (8.1 only)
• 6752711 Fix XSS in debug exceptions copy-to-clipboard
• 63f5ad8 Skip blank attribute names in Action View tag helpers
• 8c9676b Prevent glob injection in ActiveStorage DiskService#delete_prefixed
• 9b06fbc Prevent path traversal in ActiveStorage DiskService
• ec1a0e2 Improve performance of NumberToDelimitedConverter
• Additional commits viewable in compare view

Updates solid_queue from 1.3.2 to 1.4.0

Release notes

Sourced from solid_queue's releases.

v1.4.0

This release includes support for recurring dynamic tasks. Enable by setting this in your queue.yml configuration:

scheduler: 
  dynamic_tasks_enabled: true
  polling_interval: 1 # optional. Interval in seconds to poll for new recurring tasks. Defaults to 5

And then, schedule recurring tasks dynamically as:

SolidQueue.schedule_recurring_task(
  "my_dynamic_task",
  class: "MyJob",
  args: [1, 2],
  schedule: "every 10 minutes"
)

This accepts the same options as the YAML configuration: class, args, command, schedule, queue, priority, and description.

Learn more about this in the README.

What's Changed

• Add index hint for releasing blocked executions by @​rosa in rails/solid_queue#718
• Avoid an unintended FOR UPDATE query execution inside lock_candidates by @​genya0407 in rails/solid_queue#720
• docs: improve grammar a little by @​G-Rath in rails/solid_queue#723
• Dynamic scheduled tasks by @​cupatea in rails/solid_queue#553

New Contributors

• @​G-Rath made their first contribution in rails/solid_queue#723
• @​cupatea made their first contribution in rails/solid_queue#553

Full Changelog: rails/solid_queue@v1.3.2...v1.4.0

Commits

• 176721e Bump solid_queue to 1.4.0
• 3df3de3 Merge pull request #553 from cupatea/feature/dynamic_recurring_tasks
• 2f142ed docs: improve grammar a little
• 50defe2 Avoid unintended FOR UPDATE query execution.
• 3b490ad Merge right value of static correctly
• 7ded710 Avoid extra queries for dynamic tasks for process metadata and procline
• b4f7c99 Clean a bit top-level SolidQueue methods to manage dynamic tasks
• 3d36ca4 Simplify recurring schedule with respect to dynamic task reloading
• b012535 Refactor scheduler loop and add missing tests
• f7e39b5 Read static from options in from_configuration and rename to dynamic_tasks_en...
• Additional commits viewable in compare view

Updates sentry-ruby from 6.4.1 to 6.5.0

Changelog

Sourced from sentry-ruby's changelog.

6.5.0

New Features ✨

• (otlp) Add collector_url option to OTLP integration by @​sl0thentr0py in #2887
• (release-detector) Prefer HEROKU_BUILD_COMMIT over deprecated HEROKU_SLUG_COMMIT by @​ericapisani in #2886
• Implement strict trace continuation by @​giortzisg in #2872

Bug Fixes 🐛

• Do not overwrite baggage header contents if it already exists by @​jakubsomonday in #2894
• (rails) Set mechanism.handled based on error handling status by @​solnic in #2892
• Copy event processors on Scope#dup by @​sl0thentr0py in #2893
• Map trilogy database adapter to mysql for Query Insights compatibility by @​krismichalski in #2656
• Don't transform attributes in place in metrics by @​sl0thentr0py in #2883

Internal Changes 🔧

• (transport) Handle HTTP 413 response for oversized envelopes by @​sl0thentr0py in #2885

Commits

• a34b047 release: 6.5.0
• d61d271 fix: Copy event processors on Scope#dup (#2893)
• 8205acb fix(release-detector): Prefer HEROKU_BUILD_COMMIT over deprecated HEROKU_SLUG...
• 2c1c8b7 feat(transport): Handle HTTP 413 response for oversized envelopes (#2885)
• 5685885 fix: Don't transform attributes in place in metrics (#2883)
• d8352b6 test: fix flaky request timing tests (#2882)
• cfcab4b feat: Implement strict trace continuation (#2872)
• See full diff in compare view

Updates sentry-rails from 6.4.1 to 6.5.0

Changelog

Sourced from sentry-rails's changelog.

6.5.0

New Features ✨

• (otlp) Add collector_url option to OTLP integration by @​sl0thentr0py in #2887
• (release-detector) Prefer HEROKU_BUILD_COMMIT over deprecated HEROKU_SLUG_COMMIT by @​ericapisani in #2886
• Implement strict trace continuation by @​giortzisg in #2872

Bug Fixes 🐛

• Do not overwrite baggage header contents if it already exists by @​jakubsomonday in #2894
• (rails) Set mechanism.handled based on error handling status by @​solnic in #2892
• Copy event processors on Scope#dup by @​sl0thentr0py in #2893
• Map trilogy database adapter to mysql for Query Insights compatibility by @​krismichalski in #2656
• Don't transform attributes in place in metrics by @​sl0thentr0py in #2883

Internal Changes 🔧

• (transport) Handle HTTP 413 response for oversized envelopes by @​sl0thentr0py in #2885

Commits

• a34b047 release: 6.5.0
• a1c5282 fix(rails): set mechanism.handled based on error handling status (#2892)
• cf9e45c fix: Map trilogy database adapter to mysql for Query Insights compatibili...
• See full diff in compare view

Updates pagy from 43.4.2 to 43.4.3

Release notes

Sourced from pagy's releases.

Version 43.4.3

Changes in 43.4.3

• Deprecate the :max_pages option (close #890)

CHANGELOG

Version 43

We needed a leap version to unequivocally signal that it's not just a major version: it's a complete redesign of the legacy code at all levels, usage and API included.

Why 43? Because it's exactly one step beyond "The answer to the ultimate question of life, the Universe, and everything." 😉

Improvements

This version introduces several enhancements, such as new :countish and :keynav_js paginators and improved automation and configuration processes, reducing setup requirements by 99%. The update also includes a simpler API and new interactive development tools, making it a comprehensive upgrade from previous versions.

• New :countish Paginator
  • Faster than OFFSET and supporting the full UI
• New Keynav Pagination
  • The pagy-exclusive technique using the fastest keyset pagination alongside all frontend helpers.
• New interactive dev-tools
  • New PagyWand to integrate the pagy CSS with your app themes.
  • New Pagy AI available right inside your own app.
• Intelligent automation
  • Configuration requirements reduced by 99%.
  • Simplified JavaScript setup.
  • Automatic I18n loading.
• Simpler API
  • You solely need the pagy method and the @​pagy instance to paginate any collection and use any navigation tag and helper.
  • Methods are autoloaded only if used, and consume no memory otherwise.
  • Methods have narrower scopes and can be overridden without deep knowledge.
• New documentation
  • Very concise, straightforward, and easy to navigate and understand.

Upgrade to 43

See the Upgrade Guide

Changelog

Sourced from pagy's changelog.

Version 43.4.3

• Deprecate the :max_pages option (close #890)

Commits

• 4596940 Merge branch 'dev'
• 1a3cb77 Version 43.4.3
• 92d940b 💎 Deprecate the :max_pages option (close #890)
• e1dcd20 Polish docs
• ce4fe21 Move the shared options, readers and exceptions to docs templates for direct ...
• 36d6d60 Improve docs icons, style and content
• b715f63 Simplify docs layout and content
• b07582e Docs fixes
• c67360c Remove the "Edit this page" repo link
• See full diff in compare view

Updates ferrum from 0.17.1 to 0.17.2

Release notes

Sourced from ferrum's releases.

0.17.2

Added

• Ferrum::Network::Response#body! returns body or throws error if implicable
• Ferrum::Browser#new(dockerize: true) whether to add CLI flags to run a browser in a container, false by default
• Initial support for RBS types #565

Changed

• Ferrum::Network::Response#body returns body or nil in case of errors
• Disable Chrome code sign clones #555
• Ruby version required is >= 3.1 #565

Fixed

• Proper handle wss urls, and fix session_id loss for undetermined order of CDP events #559
• browser.reset tries to dispose default implicit context #566, #540

Changelog

Sourced from ferrum's changelog.

0.17.2 (March 23, 2026)

Added

• Ferrum::Network::Response#body! returns body or throws error if implicable
• Ferrum::Browser#new(dockerize: true) whether to add CLI flags to run a browser in a container, false by default
• Initial support for RBS types #565

Changed

• Ferrum::Network::Response#body returns body or nil in case of errors
• Disable Chrome code sign clones #555
• Ruby version required is >= 3.1 #565

Fixed

• Proper handle wss urls, and fix session_id loss for undetermined order of CDP events #559
• browser.reset tries to dispose default implicit context #566, #540

Removed

Commits

• 2f0699d Bump up
• aa0b7ad chore: revert default for :pending_connection_errors to true and update relat...
• 3606d54 fix: undefined method `find_target' for nil (NoMethodError) #542
• 25f68f8 chore: update CHANGELOG
• 56a46cd fix: browser.reset tries to dispose default implicit context #540 (#566)
• 0c4d14b Add RBS types (#565)
• e1b51b1 chore: add CHANGELOG entry
• 8c68153 fix: ensure session_id is set only if session is absent
• de385e2 Fix wss urls and session_id lost (#559)
• 1cd3d76 chore: move documentation to a dedicated website
• Additional commits viewable in compare view

Updates webmock from 3.26.1 to 3.26.2

Release notes

Sourced from webmock's releases.

3.26.2

• Add support to parse http/2 request on curb adapter

  Thanks to Christoph Rieß

• CurbAdapter alias code from response_code

  Thanks to Christoph Rieß

• Add HTTP.rb v6.0.0 compatibility to http_rb adapter

  Thanks to Erik Berlin

Changelog

Sourced from webmock's changelog.

3.26.2

• Add support to parse http/2 request on curb adapter

  Thanks to Christoph Rieß

• CurbAdapter alias code from response_code

  Thanks to Christoph Rieß

• Add HTTP.rb v6.0.0 compatibility to http_rb adapter

  Thanks to Erik Berlin

Commits

• ce700d9 Version 3.26.2
• ddf8a43 Merge pull request #1121 from criess/cr/curb-http-2-parse-headers
• 035e9fc [fix] add support to parse http/2 request on curb adapter
• 29d3532 Merge pull request #1123 from sferik/support-http_rb-6
• 801ad3b Merge pull request #1122 from criess/cr/curb-easy-code-as-alias
• a4de224 Add HTTP.rb 6.0.0 compatibility to http_rb adapter
• c6cf2f1 [fix] CurbAdapter alias code from response_code
• 596d8a8 Merge pull request #1113 from koic/ci_against_ruby_4_0
• 86977f8 Run CI against Ruby 4.0
• cc11b78 Merge pull request #1114 from koic/remove_pride_option_from_minitest_rake_task
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions