Bumps rubyzip from 1.2.2 to 2.3.2.
Release notes
Sourced from rubyzip's releases.
v2.3.2
No release notes provided.
v2.3.1
This is a "dummy" release to warn about breaking changes coming in version 3.0.
v2.3.0
- Fix frozen string literal error #431
- Set
OutputStream.write_buffer's buffer to binmode #439
- Upgrade rubocop and fix various linting complaints #437 #440
Tooling:
- Add a
bin/console script for development #420
- Update rake requirement (development dependency only) to fix a security alert.
v2.2.0
- Add support for decompression plugin gems #427
v2.1.0
- Fix (at least partially) the
restore_times and restore_permissions options to Zip::File.new #413
- Previously, neither option did anything, regardless of what it was set to. We have therefore defaulted them to
false to preserve the current behavior, for the time being. If you have explicitly set either to true, it will now have an effect.
- Fix handling of UniversalTime (
mtime, atime, ctime) fields. #421
- Previously,
Zip::File did not pass the options to Zip::Entry in some cases. #423
- Note that
restore_times in this release does nothing on Windows and only restores mtime, not atime or ctime.
- Allow
Zip::File.open to take an options hash like Zip::File.new #418
- Always print warnings with
warn, instead of a mix of puts and warn #416
- Create temporary files in the system temporary directory instead of the directory of the zip file #411
- Drop unused
tmpdir requirement #411
Tooling
- Move CI to xenial and include jruby on JDK11 #419
v2.0.0
Security
- Default the
validate_entry_sizes option to true, so that callers can trust an entry's reported size when using extract #403
- This option defaulted to
false in 1.3.0 for backward compatibility, but it now defaults to true. If you are using an older version of ruby and can't yet upgrade to 2.x, you can still use 1.3.0 and set the option to true.
Tooling / Documentation
- Remove test files from the gem to avoid problems with antivirus detections on the test files #405 / #384
- Drop support for unsupported ruby versions #406
v1.3.0
Security
- Add
validate_entry_sizes option so that callers can trust an entry's reported size when using extract #403
- This option defaults to
false for backward compatibility in this release, but you are strongly encouraged to set it to true. It will default to true in rubyzip 2.0.
... (truncated)
Changelog
Sourced from rubyzip's changelog.
2.3.2 (2021年07月05日)
- A "dummy" release to warn about breaking changes coming in version 3.0. This updated version uses the Gem
post_install_message instead of printing to STDERR.
2.3.1 (2021年07月03日)
- A "dummy" release to warn about breaking changes coming in version 3.0.
2.3.0 (2020年03月14日)
- Fix frozen string literal error #431
- Set
OutputStream.write_buffer's buffer to binmode #439
- Upgrade rubocop and fix various linting complaints #437 #440
Tooling:
- Add a
bin/console script for development #420
- Update rake requirement (development dependency only) to fix a security alert.
2.2.0 (2020年02月01日)
- Add support for decompression plugin gems #427
2.1.0 (2020年01月25日)
- Fix (at least partially) the
restore_times and restore_permissions options to Zip::File.new #413
- Previously, neither option did anything, regardless of what it was set to. We have therefore defaulted them to
false to preserve the current behavior, for the time being. If you have explicitly set either to true, it will now have an effect.
- Fix handling of UniversalTime (
mtime, atime, ctime) fields. #421
- Previously,
Zip::File did not pass the options to Zip::Entry in some cases. #423
- Note that
restore_times in this release does nothing on Windows and only restores mtime, not atime or ctime.
- Allow
Zip::File.open to take an options hash like Zip::File.new #418
- Always print warnings with
warn, instead of a mix of puts and warn #416
- Create temporary files in the system temporary directory instead of the directory of the zip file #411
- Drop unused
tmpdir requirement #411
Tooling
- Move CI to xenial and include jruby on JDK11 #419
2.0.0 (2019年09月25日)
Security
- Default the
validate_entry_sizes option to true, so that callers can trust an entry's reported size when using extract #403
- This option defaulted to
false in 1.3.0 for backward compatibility, but it now defaults to true. If you are using an older version of ruby and can't yet upgrade to 2.x, you can still use 1.3.0 and set the option to true.
Tooling / Documentation
- Remove test files from the gem to avoid problems with antivirus detections on the test files #405 / #384
- Drop support for unsupported ruby versions #406
... (truncated)
Commits
2f1c1ea Move to using a post install message for 3.0 warning.
16de339 Print banner text re v3.0.0 when zip is required.
84d7a66 Bump version number and Changelog.
3bc55a5 Merge pull request #443 from rubyzip/v2-3-0
69186f6 Bump version to 2.3.0
516941b Update changelog for #439 and #440
a64a147 Bump rake version (development dependency)
4c789c2 Remove unused constant from #439
fabacf1 Merge pull request #440 from hainesr/rubocop-names
b231b28 Merge pull request #439 from henkeinfo/binary-outstream-buffer
- Additional commits viewable in compare view
Dependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
Bumps rubyzip from 1.2.2 to 2.3.2.
Release notes
Sourced from rubyzip's releases.
... (truncated)
Changelog
Sourced from rubyzip's changelog.
... (truncated)
Commits
2f1c1eaMove to using a post install message for 3.0 warning.16de339Print banner text re v3.0.0 whenzipis required.84d7a66Bump version number and Changelog.3bc55a5Merge pull request #443 from rubyzip/v2-3-069186f6Bump version to 2.3.0516941bUpdate changelog for #439 and #440a64a147Bump rake version (development dependency)4c789c2Remove unused constant from #439fabacf1Merge pull request #440 from hainesr/rubocop-namesb231b28Merge pull request #439 from henkeinfo/binary-outstream-bufferDependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.