From 552b07555257243e649dfb89b44ea6de2f92dee1 Mon Sep 17 00:00:00 2001 From: viralpraxis Date: Thu, 13 Feb 2025 00:02:31 +0300 Subject: [PATCH 01/23] [Feature #21133] Add `skip_header` option ref: https://bugs.ruby-lang.org/issues/21133 Creating a logger automatically writes a hardcoded header comment ("# Logfile created on ..."). While this helps verify that logdev is writable as early as possible (rather than on the first log entry), it also serves as a useful indicator of which program created the logfile. However, this header can introduce unnecessary complexity -- especially when working with third-party tools that need to ignore these lines. This commit introduces a `skip_header` boolean option (default is `false`), allowing API consumers to disable the header if needed. --- lib/logger.rb | 8 ++++++-- lib/logger/log_device.rb | 8 ++++++-- test/logger/test_logdevice.rb | 6 ++++++ 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/lib/logger.rb b/lib/logger.rb index 3e6ab38..48b137d 100644 --- a/lib/logger.rb +++ b/lib/logger.rb @@ -577,11 +577,14 @@ def fatal!; self.level = FATAL; end # - +reraise_write_errors+: An array of exception classes, which will # be reraised if there is an error when writing to the log device. # The default is to swallow all exceptions raised. + # - +skip_header+: If +true+, prevents the logger from writing a header + # when creating a new log file. The default is +false+, meaning + # the header will be written as usual. # def initialize(logdev, shift_age = 0, shift_size = 1048576, level: DEBUG, progname: nil, formatter: nil, datetime_format: nil, binmode: false, shift_period_suffix: '%Y%m%d', - reraise_write_errors: []) + reraise_write_errors: [], skip_header: false) self.level = level self.progname = progname @default_formatter = Formatter.new @@ -594,7 +597,8 @@ def initialize(logdev, shift_age = 0, shift_size = 1048576, level: DEBUG, shift_size: shift_size, shift_period_suffix: shift_period_suffix, binmode: binmode, - reraise_write_errors: reraise_write_errors) + reraise_write_errors: reraise_write_errors, + skip_header: skip_header) end end diff --git a/lib/logger/log_device.rb b/lib/logger/log_device.rb index cde3158..e16f3b7 100644 --- a/lib/logger/log_device.rb +++ b/lib/logger/log_device.rb @@ -11,10 +11,14 @@ class LogDevice attr_reader :filename include MonitorMixin - def initialize(log = nil, shift_age: nil, shift_size: nil, shift_period_suffix: nil, binmode: false, reraise_write_errors: []) + def initialize( + log = nil, shift_age: nil, shift_size: nil, shift_period_suffix: nil, + binmode: false, reraise_write_errors: [], skip_header: false + ) @dev = @filename = @shift_age = @shift_size = @shift_period_suffix = nil @binmode = binmode @reraise_write_errors = reraise_write_errors + @skip_header = skip_header mon_initialize set_dev(log) set_file(shift_age, shift_size, shift_period_suffix) if @filename @@ -132,7 +136,7 @@ def create_logfile(filename) logdev = fixup_mode(logdev) logdev.sync = true logdev.binmode if @binmode - add_log_header(logdev) + add_log_header(logdev) unless @skip_header logdev.flock(File::LOCK_UN) logdev rescue Errno::EEXIST diff --git a/test/logger/test_logdevice.rb b/test/logger/test_logdevice.rb index c9b0816..ed7ca8a 100644 --- a/test/logger/test_logdevice.rb +++ b/test/logger/test_logdevice.rb @@ -502,6 +502,12 @@ def test_shifting_age_in_multiprocess end end + def test_open_without_header + d(@filename, skip_header: true) + + assert_equal("", File.read(@filename)) + end + def test_open_logfile_in_multiprocess tmpfile = Tempfile.new([File.basename(__FILE__, '.*'), '_1.log']) logfile = tmpfile.path From 88cd1735ed19855e90eff18bf765fdc43167ed5c Mon Sep 17 00:00:00 2001 From: George Ogata Date: Wed, 22 Mar 2023 01:14:05 -0400 Subject: [PATCH 02/23] Expose the logdev The motivation here is to fix a Rails issue caused by the way ActiveSupport extends the ruby Logger to add broadcasting of messages to multiple destinations. [1] I believe the problem could be much more elegantly solved if Logger exposed the underlying LogDevice. Going by repo history, the existence of this object hasn't changed since 2003, so I think it's stable enough to expose. In addition to letting you read the logdev, this also lets you pass a logdev in. To implement broadcasting, we could now define a LogDevice subclass that delegates its 3 methods to the LogDevices of a list of underlying loggers, and simply create a new logger with this device. [1]: https://github.com/rails/rails/blob/ba19dbc49956a73f417abd68c7a5f33e302eacd3/activesupport/lib/active_support/logger.rb#L23 --- lib/logger.rb | 15 ++++++++++++++- test/logger/test_logger.rb | 10 ++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/lib/logger.rb b/lib/logger.rb index 25e2c27..4838107 100644 --- a/lib/logger.rb +++ b/lib/logger.rb @@ -545,6 +545,7 @@ def fatal!; self.level = FATAL; end # new entries are appended. # - An IO stream (typically $stdout, $stderr. or # an open file): entries are to be written to the given stream. + # - An instance of Logger::LogDevice, such as the #logdev of another Logger. # - +nil+ or +File::NULL+: no entries are to be written. # # Argument +shift_age+ must be one of: @@ -603,7 +604,13 @@ def initialize(logdev, shift_age = 0, shift_size = 1048576, level: DEBUG, self.formatter = formatter @logdev = nil @level_override = {} - if logdev && logdev != File::NULL + return unless logdev + case logdev + when File::NULL + # null logger + when LogDevice + @logdev = logdev + else @logdev = LogDevice.new(logdev, shift_age: shift_age, shift_size: shift_size, shift_period_suffix: shift_period_suffix, @@ -612,6 +619,12 @@ def initialize(logdev, shift_age = 0, shift_size = 1048576, level: DEBUG, end end + # The underlying log device. + # + # This is the first argument passed to the constructor, wrapped in a + # Logger::LogDevice, along with the binmode flag and rotation options. + attr_reader :logdev + # Sets the logger's output stream: # # - If +logdev+ is +nil+, reopens the current output stream. diff --git a/test/logger/test_logger.rb b/test/logger/test_logger.rb index ea27fba..75a0f74 100644 --- a/test/logger/test_logger.rb +++ b/test/logger/test_logger.rb @@ -177,6 +177,16 @@ def test_initialize assert_nil(logger.datetime_format) end + def test_logdev + logger = Logger.new(STDERR) + assert_instance_of(Logger::LogDevice, logger.logdev) + + logdev = Logger::LogDevice.new(STDERR) + logger = Logger.new(logdev) + assert_instance_of(Logger::LogDevice, logger.logdev) + assert_equal(STDERR, logger.logdev.dev) + end + def test_initialize_with_level # default logger = Logger.new(STDERR) From f474d07d9890a03e6e40430c4e2ee933c6193d7e Mon Sep 17 00:00:00 2001 From: Hiroshi SHIBATA Date: Thu, 27 Mar 2025 10:32:53 +0900 Subject: [PATCH 03/23] Bump up v1.7.0 --- lib/logger/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/logger/version.rb b/lib/logger/version.rb index 463be13..0d74bec 100644 --- a/lib/logger/version.rb +++ b/lib/logger/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true class Logger - VERSION = "1.6.6" + VERSION = "1.7.0" end From 91e4483505e98417149bc050695f7f426de98d8f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Apr 2025 07:01:05 +0000 Subject: [PATCH 04/23] Bump step-security/harden-runner from 2.11.0 to 2.11.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.0 to 2.11.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.11.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 847493f..610628a 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit From 156d64835b80c0cff6aa2c6878895054d16f035d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 06:14:32 +0000 Subject: [PATCH 05/23] Bump step-security/harden-runner from 2.11.1 to 2.12.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.1 to 2.12.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 610628a..2396c78 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 with: egress-policy: audit From 81c837b895533f7733e9185dea21ec23f469b169 Mon Sep 17 00:00:00 2001 From: Hiroshi SHIBATA Date: Mon, 12 May 2025 19:52:52 +0900 Subject: [PATCH 06/23] Update the latest versions of GitHub Actions --- .github/workflows/push_gem.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 2396c78..64cb5c3 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -27,10 +27,10 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Ruby - uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0 + uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # v1.238.0 with: bundler-cache: true ruby-version: ruby From 9cdb56aa875026eaebacb1d5e4882db7aed690c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Jun 2025 06:49:17 +0000 Subject: [PATCH 07/23] Bump step-security/harden-runner from 2.12.0 to 2.12.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.12.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 64cb5c3..fbc0b0a 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 with: egress-policy: audit From 160142a7bfbb969442f36307ee6c647d0a752e2d Mon Sep 17 00:00:00 2001 From: Hiroshi SHIBATA Date: Fri, 20 Jun 2025 13:46:16 +0900 Subject: [PATCH 08/23] Use GITHUB_TOKEN instead of admin credential --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index fbc0b0a..297ac7b 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -43,4 +43,4 @@ jobs: tag_name="$(git describe --tags --abbrev=0)" gh release create "${tag_name}" --verify-tag --generate-notes env: - GITHUB_TOKEN: ${{ secrets.MATZBOT_GITHUB_WORKFLOW_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 7b9e9769c9b54b0c8750e9a60dd778c2e19fca6b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Jul 2025 08:28:31 +0000 Subject: [PATCH 09/23] Bump step-security/harden-runner from 2.12.1 to 2.12.2 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.1 to 2.12.2. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.12.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 297ac7b..460fb77 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 with: egress-policy: audit From 7ac7a8c3bbe6d00c8134f12af4eb53b4e92e7a03 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Jul 2025 08:32:01 +0000 Subject: [PATCH 10/23] Bump step-security/harden-runner from 2.12.2 to 2.13.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.2 to 2.13.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 460fb77..9ffbcfd 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2 + uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 with: egress-policy: audit From b953337ecbf626e01dbadd36012837d7fe582b96 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Aug 2025 09:54:49 +0000 Subject: [PATCH 11/23] Bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 9ffbcfd..9903b23 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -27,7 +27,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Ruby uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # v1.238.0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ad325f0..9e037d6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,7 @@ jobs: os: windows-latest runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Set up Ruby uses: ruby/setup-ruby@v1 with: From a5a4b7da070cced373cdf41dc4dbaa5dca9d3a6f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Sep 2025 06:27:05 +0000 Subject: [PATCH 12/23] Bump step-security/harden-runner from 2.13.0 to 2.13.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.0 to 2.13.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 9903b23..5ec3a88 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit From 401f4136c8c786dbee6f2b3c8053a9f6ac9d76c0 Mon Sep 17 00:00:00 2001 From: Hiroshi SHIBATA Date: Wed, 29 Oct 2025 15:20:52 +0900 Subject: [PATCH 13/23] Update the latest versions of actions --- .github/workflows/push_gem.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 5ec3a88..7ba29e7 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -30,13 +30,13 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Ruby - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # v1.238.0 + uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 with: bundler-cache: true ruby-version: ruby - name: Publish to RubyGems - uses: rubygems/release-gem@a25424ba2ba8b387abc8ef40807c2c85b96cbe32 # v1.1.1 + uses: rubygems/release-gem@1c162a739e8b4cb21a676e97b087e8268d8fc40b # v1.1.2 - name: Create GitHub release run: | From 3f58316b0974b53178763553c7d71cbf9bb48016 Mon Sep 17 00:00:00 2001 From: Olle Jonsson Date: Mon, 10 Nov 2025 09:34:10 +0100 Subject: [PATCH 14/23] test_logdevice: Suppress warnings in a test power_assert warns about "this Ruby version does not support pattern matching" for versions before 3.0. This avoids issues when running the tests on those versions. --- test/logger/test_logdevice.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/logger/test_logdevice.rb b/test/logger/test_logdevice.rb index ed7ca8a..f8350df 100644 --- a/test/logger/test_logdevice.rb +++ b/test/logger/test_logdevice.rb @@ -745,7 +745,7 @@ class << Time def test_shifting_weekly_dst_change Dir.mktmpdir do |tmpdir| - assert_separately([{"TZ"=>"Europe/London"}, *%W"-I#{@top_dir} -rlogger -C#{tmpdir} -"], "#{<<-"begin;"}\n#{<<-'end;'}") + assert_separately([{"TZ"=>"Europe/London"}, *%W"-I#{@top_dir} -W0 -rlogger -C#{tmpdir} -"], "#{<<-"begin;"}\n#{<<-'end;'}") begin; begin module FakeTime @@ -776,7 +776,7 @@ class << Time def test_shifting_monthly_dst_change Dir.mktmpdir do |tmpdir| - assert_separately([{"TZ"=>"Europe/London"}, *%W"-I#{@top_dir} -rlogger -C#{tmpdir} -"], "#{<<-"begin;"}\n#{<<-'end;'}") + assert_separately([{"TZ"=>"Europe/London"}, *%W"-I#{@top_dir} -W0 -rlogger -C#{tmpdir} -"], "#{<<-"begin;"}\n#{<<-'end;'}") begin; begin module FakeTime From 2bd35211bc4d41102b35d65aae6f4818afbfe73b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Nov 2025 08:44:25 +0000 Subject: [PATCH 15/23] Bump step-security/harden-runner from 2.13.1 to 2.13.2 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.1 to 2.13.2. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a...95d9a5deda9de15063e7595e9719c11c38c90ae2) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 7ba29e7..5e34c8b 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit From e16be675408a53f54e3312a468abc4155147e1ec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 06:02:45 +0000 Subject: [PATCH 16/23] Bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 5e34c8b..70cad70 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -27,7 +27,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - name: Set up Ruby uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9e037d6..73a7361 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,7 @@ jobs: os: windows-latest runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Ruby uses: ruby/setup-ruby@v1 with: From 9f6e7f0061713dd5b6855638f627973b27bfb0ff Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Dec 2025 06:02:09 +0000 Subject: [PATCH 17/23] Bump step-security/harden-runner from 2.13.2 to 2.13.3 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.2 to 2.13.3. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...df199fb7be9f65074067a9eb93f12bb4c5547cf2) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 70cad70..5c4951a 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 with: egress-policy: audit From 45ebed2f0e8e225bbdceee9ffef7a876e7c01e10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 06:01:56 +0000 Subject: [PATCH 18/23] Bump step-security/harden-runner from 2.13.3 to 2.14.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.3 to 2.14.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/df199fb7be9f65074067a9eb93f12bb4c5547cf2...20cf305ff2072d973412fa9b1e3a4f227bda3c76) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 5c4951a..7e7d459 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit From baae07bd44da0f0218faf37c76a30186f662c8e6 Mon Sep 17 00:00:00 2001 From: Robert Schulze Date: Wed, 14 Jan 2026 17:35:16 +0100 Subject: [PATCH 19/23] add rdoc as development dependency fixes running rake tasks on ruby 4.0 --- Gemfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Gemfile b/Gemfile index ba909e8..723b810 100644 --- a/Gemfile +++ b/Gemfile @@ -5,6 +5,7 @@ gemspec group :development do gem "bundler" gem "rake" + gem "rdoc" gem "test-unit" gem "test-unit-ruby-core" end From 319bb8f70f245dd54f4b594478d99c9044de0080 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 07:01:58 +0000 Subject: [PATCH 20/23] Bump step-security/harden-runner from 2.14.0 to 2.14.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.0 to 2.14.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 7e7d459..f32e702 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: egress-policy: audit From 8ed8da4c364106e51d4564bae2cafe1ffb9f9d9c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 06:45:49 +0000 Subject: [PATCH 21/23] Bump step-security/harden-runner from 2.14.1 to 2.15.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.1 to 2.15.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...a90bcbc6539c36a85cdfeb73f7e2f433735f215b) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index f32e702..83d1d44 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0 with: egress-policy: audit From e860659777fc2ad8863620bbbec0d22a0c30f6df Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 06:42:51 +0000 Subject: [PATCH 22/23] Bump step-security/harden-runner from 2.15.0 to 2.15.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.15.0 to 2.15.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/a90bcbc6539c36a85cdfeb73f7e2f433735f215b...58077d3c7e43986b6b15fba718e8ea69e387dfcc) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.15.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index 83d1d44..e88b95b 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0 + uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 with: egress-policy: audit From 03d093ccd8b878d8892d898b9f0d6c2e92e868ce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 06:42:42 +0000 Subject: [PATCH 23/23] Bump rubygems/release-gem from 1.1.2 to 1.1.4 Bumps [rubygems/release-gem](https://github.com/rubygems/release-gem) from 1.1.2 to 1.1.4. - [Release notes](https://github.com/rubygems/release-gem/releases) - [Commits](https://github.com/rubygems/release-gem/compare/1c162a739e8b4cb21a676e97b087e8268d8fc40b...e9a6361a0b14562539327c2a02373edc56dd3169) --- updated-dependencies: - dependency-name: rubygems/release-gem dependency-version: 1.1.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/push_gem.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push_gem.yml b/.github/workflows/push_gem.yml index e88b95b..de54a5b 100644 --- a/.github/workflows/push_gem.yml +++ b/.github/workflows/push_gem.yml @@ -36,7 +36,7 @@ jobs: ruby-version: ruby - name: Publish to RubyGems - uses: rubygems/release-gem@1c162a739e8b4cb21a676e97b087e8268d8fc40b # v1.1.2 + uses: rubygems/release-gem@e9a6361a0b14562539327c2a02373edc56dd3169 # v1.1.4 - name: Create GitHub release run: |