dependabot-gitlab/dependabot v3.17.0-alpha.1
on GitLab

4 days ago

3.17.0-alpha.1 (2024-06-24)

⚠️ Security updates (3 changes)

Add url origin validation to prevent SSRF by @andrcuns. See merge request !2986
Remove user controlled method call by @andrcuns. See merge request !2987
Enable rails request forgery protection by @andrcuns. See merge request !2988

📦 Dependency updates (2 changes)

Bump grape from 2.0.0 to 2.1.1 by @dependabot-bot. See merge request !2990
Bump dependabot-omnibus from 0.261.1 to 0.262.0 by @dependabot-bot. See merge request !2989

📦🔧 Development dependency updates (2 changes)

Bump pry-rails from 0.3.9 to 0.3.11 by @dependabot-bot. See merge request !2985
Bump rspec-rails from 6.1.2 to 6.1.3 by @dependabot-bot. See merge request !2984

📄 Documentation updates (1 change)

Improve documentation on webhook configuration by @andrcuns.

Check out latest releases or
releases around dependabot-gitlab/dependabot v3.17.0-alpha.1

Don't miss a new dependabot release

NewReleases is sending notifications on new releases.

Get notifications