github-v3-api icon indicating copy to clipboard operation
github-v3-api copied to clipboard
verified publisher icon jwilger

Bump rest-client from 1.7.2 to 2.1.0

Open dependabot[bot] opened this issue 2 years ago • 0 comments

Bumps rest-client from 1.7.2 to 2.1.0.

Changelog

Sourced from rest-client's changelog.

2.1.0

  • Add a dependency on http-accept for parsing Content-Type charset headers. This works around a bad memory leak introduced in MRI Ruby 2.4.0 and fixed in Ruby 2.4.2. (#615)
  • Use mime/types/columnar from mime-types 2.6.1+, which is leaner in memory usage than the older storage model of mime-types. (#393)
  • Add :log option to individual requests. This allows users to set a log on a per-request / per-resource basis instead of the kludgy global log. (#538)
  • Log request duration by tracking request start and end times. Make log_response a method on the Response object, and ensure the size method works on RawResponse objects. (#126)
    • # => 200 OK | text/html 1270 bytes, 0.08s
    • Also add a new :stream_log_percent parameter, which is applicable only when :raw_response => true is set. This causes progress logs to be emitted only on every N% (default 10%) of the total download size rather than on every chunk.
  • Drop custom handling of compression and use built-in Net::HTTP support for supported Content-Encodings like gzip and deflate. Don't set any explicit Accept-Encoding header, rely instead on Net::HTTP defaults. (#597)
    • Note: this changes behavior for compressed responses when using :raw_response => true. Previously the raw response would not have been uncompressed by rest-client, but now Net::HTTP will uncompress it.
  • The previous fix to avoid having Netrc username/password override an Authorization header was case-sensitive and incomplete. Fix this by respecting existing Authorization headers, regardless of letter case. (#550)
  • Handle ParamsArray payloads. Previously, rest-client would silently drop a ParamsArray passed as the payload. Instead, automatically use Payload::Multipart if the ParamsArray contains a file handle, or use Payload::UrlEncoded if it doesn't. (#508)
  • Gracefully handle Payload objects (Payload::Base or subclasses) that are passed as a payload argument. Previously, Payload.generate would wrap a Payload object in Payload::Streamed, creating a pointlessly nested payload. Also add a closed? method to Payload objects, and don't error in short_inspect if size returns nil. (#603)
  • Test with an image in the public domain to avoid licensing complexity. (#607)

2.0.2

  • Suppress the header override warning introduced in 2.0.1 if the value is the same. There's no conflict if the value is unchanged. (#578)

2.0.1

  • Warn if auto-generated headers from the payload, such as Content-Type, override headers set by the user. This is usually not what the user wants to happen, and can be surprising. (#554)
  • Drop the old check for weak default TLS ciphers, and use the built-in Ruby defaults. Ruby versions from Oct. 2014 onward use sane defaults, so this is no longer needed. (#573)

... (truncated)

Commits
  • cf3e5a1 Version 2.1.0
  • 223f6ea Import history notes for latest 1.6.x releases.
  • 3a54b05 Add docs and change log for :stream_log_percent.
  • f18ca59 Rename multipart tmpfile basename for consistency.
  • 801f18d Merge pull request #505 from servel333/patch-1
  • 68727f1 Merge pull request #716 from rest-client/ab-test-cleanup
  • 746913e Only test a few versions on macOS.
  • 1c264c0 Fix config for recent rubocop.
  • 56d096d Use bundler 1.x in tests.
  • e6e241f Fix integration tests: don't use EV DigiCert root.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Mar 28 '23 15:03 dependabot[bot]