Skip to content

Bump pundit from 2.4.0 to 2.5.0#3746

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bundler/main/pundit-2.5.0
Closed

Bump pundit from 2.4.0 to 2.5.0#3746
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bundler/main/pundit-2.5.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 7, 2025
edited
Loading

Bumps pundit from 2.4.0 to 2.5.0.

Changelog

Sourced from pundit's changelog.

2.5.0 (2025-03-03)

Added

  • Add Pundit::Authorization#pundit_reset! hook to reset the policy and policy scope cache. #830
  • Add links to gemspec. #845
  • Register policies directories for Rails 8 code statistics #833
  • Added an example for how to use pundit with Rails 8 authentication generator #850

Changed

  • Deprecated Pundit::SUFFIX, moved it to Pundit::PolicyFinder::SUFFIX #835
  • Explicitly require less of active_support #837
  • Using permit matcher without a surrouding permissions block now raises a useful error. #836

Fixed

  • Using a hash as custom cache in Pundit.authorize now works as documented. #838
Commits
  • be91242 Merge pull request #851 from varvet/kbs/new-release
  • 37f8099 Bump to v2.5.0
  • 56941c3 Update issue links in CHANGELOG
  • 51ce6a9 Merge pull request #850 from SuzukiRyuichiro/current-user-for-rails-8-auth
  • b117d41 rephrase the sentence for better readability
  • f8c9f45 chore: update changelog;'
  • 9f3e70e feat: add some documentation to provide hints for how to use pundit when peop...
  • 5507430 Merge pull request #833 from javierav/rails-stats
  • 8dfc38f Merge branch 'main' into rails-stats
  • cbaa0ab Merge pull request #845 from eizengan/patch-1
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies ruby Pull requests that update Ruby code labels Mar 7, 2025
@dependabot dependabot bot force-pushed the dependabot/bundler/main/pundit-2.5.0 branch from 405026e to df784f9 Compare March 7, 2025 22:07
@dependabot dependabot bot force-pushed the dependabot/bundler/main/pundit-2.5.0 branch 2 times, most recently from d960179 to bb29607 Compare March 21, 2025 23:50
@dependabot
Bump pundit from 2.4.0 to 2.5.0
f101d5a 
Bumps [pundit](https://github.com/varvet/pundit) from 2.4.0 to 2.5.0.
- [Changelog](https://github.com/varvet/pundit/blob/main/CHANGELOG.md)
- [Commits](varvet/pundit@v2.4.0...v2.5.0)

---
updated-dependencies:
- dependency-name: pundit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/bundler/main/pundit-2.5.0 branch from bb29607 to f101d5a Compare March 21, 2025 23:56
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 12, 2025

Superseded by #3834.

@dependabot dependabot bot closed this Sep 12, 2025
@dependabot dependabot bot deleted the dependabot/bundler/main/pundit-2.5.0 branch September 12, 2025 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ConnorSheremeta ConnorSheremeta Awaiting requested review from ConnorSheremeta ConnorSheremeta is a code owner

@jefferya jefferya Awaiting requested review from jefferya jefferya is a code owner

@lagoan lagoan Awaiting requested review from lagoan lagoan is a code owner

@pgwillia pgwillia Awaiting requested review from pgwillia pgwillia is a code owner

Assignees

No one assigned

Labels

dependencies ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants