Bump the bundler group across 1 directory with 4 updates

[dependabot]

Updates the requirements on activeresource, rake, activesupport and i18n to permit the latest version.
Updates activeresource from 3.2.12 to 5.1.1

Release notes

Sourced from activeresource's releases.

5.1.0

• Improve support of Active Resource objects inside fibers.

• Add support to Active Model Serializers.

• Fix error when trying to parse nil as a JSON response.

• Fix exists? to return the right value when the response code is between 200 and 206.

• Match the log level to the HTTP response code.

• Add ActiveResource::Connection.logger accessors to configure a specific logger instance for the connection object.

• Add ActiveResource::Base#element_url method.

• Add Active Job serialization support with Rails 6.

• Support lazy setting of configuration options.

• Use UnnamedResource when resource fails to create normally.

• Add support to Bearer Token Authorization header to connection.

4.1.0

Enhancements

• Adds activeresource.rb so require: 'active_resource' is no longer needed in Gemfile. (#95, Pedro Nascimento)
• ActiveResource::Collection delegates all instance methods for Array. (#101, printercu)
• Railtie enables configuration and dev reloading of observers just like ActiveRecord when using Active Resource with Rails. Active Resource also now runs Active Support load hooks for :active_resource. (#109, Ches Martin)

Fixes

• Improvement to thread safety of headers. (#61, niedfelj)
• A belongs_to child with a missing parent ID returns nil for the association instead of making a bogus remote call. (#68, Javier Saldana)
• A has_many association does not trigger a remote call if parent is a new record. (#97, Sasha Shamne)

Changelog

Sourced from activeresource's changelog.

Active Resource 5.1.1 (May 5, 2020)

• Properly encode ID parameters to avoid possible information leak [CVE-2020-8151]

Active Resource 5.1.0 (Nov 2, 2018)

• Improve support of Active Resource objects inside fibers.

• Add support to Active Model Serializers.

• Fix error when trying to parse nil as a JSON response.

• Fix exists? to return the right value when the response code is between 200 and 206.

• Match the log level to the HTTP response code.

• Add ActiveResource::Connection.logger accessors to configure a specific logger instance for the connection object.

• Add ActiveResource::Base#element_url method.

• Add Active Job serialization support with Rails 6.

• Support lazy setting of configuration options.

• Use UnnamedResource when resource fails to create normally.

• Add support to Bearer Token Authorization header to connection.

Active Resource 5.0.0 (May 4, 2017)

• Add ActiveResource::Base.create!.

• Move observers support to rails-observers gem.

• Remove support to Rails 4.

• Remove support to Ruby 1.9, 2.0 and 2.1.

• Fix options[:class_name] to keep the given class name, and not transform it to singular. Example:

  has_one :profile_data, class_name: 'profile_data' #will correctly use ProfileData, and not ProfileDatum

• find_every returns [], not nil, when no records are found.

Please check 4-stable for previous changes.

Commits

• See full diff in compare view

Updates rake from 0.9.6 to 12.3.3

Release notes

Sourced from rake's releases.

rake-10.1.1

Full Changelog: ruby/rake@rake-10.1.0.beta.3...rake-10.1.1

rake-10.1.0

Full Changelog: ruby/rake@rake-10.0.4...rake-10.1.0

rake-10.1.0.beta.3

Full Changelog: ruby/rake@rake-10.1.0.beta.2...rake-10.1.0.beta.3

rake-10.1.0.beta.2

Full Changelog: ruby/rake@rake-10.1.0.beta.1...rake-10.1.0.beta.2

rake-10.1.0.beta.1

Full Changelog: ruby/rake@rake-10.0.4...rake-10.1.0.beta.1

rake-10.0.4

Full Changelog: ruby/rake@rake-10.0.3...rake-10.0.4

rake-10.0.3

Full Changelog: ruby/rake@rake-10.0.2...rake-10.0.3

rake-10.0.2

Full Changelog: ruby/rake@rake-10.0.1...rake-10.0.2

rake-10.0.1

Full Changelog: ruby/rake@rake-10.0.0.beta.2...rake-10.0.1

rake-10.0.0

Full Changelog: ruby/rake@rake-0.9.3.beta.3...rake-10.0.0

rake-10.0.0.beta.2

Full Changelog: ruby/rake@rake-0.9.3.beta.3...rake-10.0.0.beta.2

Changelog

Sourced from rake's changelog.

=== 12.3.3

==== Bug fixes

• Use the application's name in error message if a task is not found. Pull Request #303 by tmatilai

==== Enhancements:

• Use File.open explicitly.

=== 12.3.2

==== Bug fixes

• Fixed test fails caused by 2.6 warnings. Pull Request #297 by hsbt

==== Enhancements:

• Rdoc improvements. Pull Request #293 by colby-swandale
• Improve multitask performance. Pull Request #273 by jsm
• Add alias prereqs. Pull Request #268 by take-cheeze

=== 12.3.1

==== Bug fixes

• Support did_you_mean >= v1.2.0 which has a breaking change on formatters. Pull request #262 by FUJI Goro.

==== Enhancements:

• Don't run task if it depends on already invoked but failed task. Pull request #252 by Gonzalo Rodriguez.
• Make space trimming consistent for all task arguments. Pull request #259 by Gonzalo Rodriguez.
• Removes duplicated inclusion of Rake::DSL in tests. Pull request #254 by Gonzalo Rodriguez.
• Re-raise a LoadError that didn't come from require in the test loader. Pull request #250 by Dylan Thacker-Smith.

=== 12.3.0

==== Compatibility Changes

• Bump required_ruby_version to Ruby 2.0.0. Rake has already

... (truncated)

Commits

• 5c87c46 Bump version to 12.3.3.
• 5b8f8fc Use File.open explicitly.
• 6497ba4 Merge pull request #317 from ruby/ignore-gitignore
• be62efb Removed gitignore from gemspec files.
• 1c22b49 Merge pull request #309 from RDIL/patch-1
• 496944a Remove deprecated travis ci option
• 489c7d8 Merge pull request #307 from ruby/azure-pipelines
• 77eb6d8 Only enabled macOS environment
• 72ffa2e use realpath
• 7744872 Do not specify ruby version of macOS
• Additional commits viewable in compare view

Updates activesupport from 3.2.12 to 6.0.6.1

Release notes

Sourced from activesupport's releases.

v6.0.6.1

Active Support

• No changes.

Active Model

• No changes.

Active Record

• Make sanitize_as_sql_comment more strict

  Though this method was likely never meant to take user input, it was attempting sanitization. That sanitization could be bypassed with carefully crafted input.

  This commit makes the sanitization more robust by replacing any occurrances of "/" or "/" with "/ " or " /". It also performs a first pass to remove one surrounding comment to avoid compatibility issues for users relying on the existing removal.

  This also clarifies in the documentation of annotate that it should not be provided user input.

  [CVE-2023-22794]

Action View

• No changes.

Action Pack

• No changes.

Active Job

• No changes.

... (truncated)

Commits

• 28bb76d Version 6.0.6.1
• 91cf62e Version 6.0.6
• c7d64e9 Preparing for 6.0.5.1 release
• c177e45 updating version and changelog
• 4331155 Preparing for 6.0.5 release
• 1b5df89 Merge pull request #45027 from rails/fix-tag-helper-regression
• 23f8485 Merge branch '6-0-sec' into 6-0-stable
• 27a5ec7 Preparing for 6.0.4.8 release
• 636ee65 updating changelog for release
• 36a6dad Fix and add protections for XSS in names.
• Additional commits viewable in compare view

Updates i18n from 0.6.1 to 0.9.5

Release notes

Sourced from i18n's releases.

v0.9.5

• #404 reported a regression in 0.9.3, which wasn't fixed by 0.9.4. #408 fixes this issue.

Thanks @​wjordan!

v0.9.4

• Fixed a regression with chained backends introduced in v0.9.3 (#402) - #405 - bug report / #407 - PR to fix
• Optimize Backend::Simple#available_locales - reports are that this is now 4x faster than previously - #406

v0.9.3

(For those wondering where v0.9.2 went: I got busy after I pushed the commit for the release, so there was no gem release that day. I am not busy today, so here is v0.9.3 in its stead. This changelog contains changes from v0.9.1 -> v0.9.3)

• I18n no longer stores translations for unavailable locales. #391.
• Added the ability to interpolate with arrays #395.
• Documentation for lambda has been corrected. #396
• I18n will use oj -- a faster JSON library -- but only if it is available. #398
• Fixed an issue with translate and default: [false] as an option. #399
• Fixed an issue with translate with nil and empty keys. #400
• Fix issue with disabled subtrees and pluralization for KeyValue backend #402

Thank you to @​stereobooster, @​fatkodima and @​lulalala for the patches that went towards this release. We appreciate your efforts!

v0.9.1

• Reverted Hash#slice behaviour introduced with #250 - See #390.
• Fixed a regression caused by #387, where translations may have returned a not-helpful error message - See #389

v0.9.0

• Made Backend::Memoize threadsafe. See #51 and #352.
• Added a middleware I18n::Middleware that should be used to ensure that i18n config is reset correctly between requests. See #381 and #382.

v0.8.6

Fixed a small regression introduced in v0.8.5 when using fallbacks - See #378

v0.8.5

• Improved error message for MissingPluralizationKey error - See #371
• Fixed a thread issue when calling translate when fallbacks were enabled - See #369

v0.8.4

Reverted #236 - "Don't allow nil to be submitted as a key to I18n.translate" - See #370

v0.8.3

I18n::Gettext#plural_keys will now return a hash from Gettext if no arguments are provided - svenfuchs/i18n#122 Fixed a bug where passing false to translate would not translate that value - svenfuchs/i18n#367

v0.8.2

Do not allow nil to be passed to translate - svenfuchs/i18n#236

... (truncated)

Commits

• 416859a Bump to 0.9.5
• 5c28de8 Lock Rake to 12.2.x versions
• 29fe565 Merge pull request #408 from wjordan/enforce_available_locales_false_fix
• 596a71d store translations for unavailable locales if enforce_available_locales is false
• 888abcb Bump to 0.9.4
• ba8b206 Merge pull request #407 from fatkodima/fix-key-value-subtrees
• 9ddc9f5 Merge pull request #406 from jhawthorn/optimize_available_locales
• 77c26aa Fix Chained backend with KeyValue
• 7eb3576 Optimize Backend::Simple#available_locales
• 7c6ccf4 Bump to 0.9.3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.