Bump the rails_default group across 1 directory with 16 updates

[dependabot]

Bumps the rails_default group with 16 updates in the / directory:

Package	From	To
puma	8.0.0	8.0.1
jbuilder	2.14.1	2.15.0
bootsnap	1.23.0	1.24.5
image_processing	1.14.0	2.0.1
devise	5.0.3	5.0.4
friendly_id	5.6.0	5.7.0
stripe	19.0.0	19.1.0
pagy	43.5.1	43.5.5
cloudinary	2.4.4	2.4.5
active_storage_validations	3.0.4	3.0.5
honeybadger	6.5.5	6.6.1
bullet	8.1.1	8.1.2
rubocop-capybara	2.22.1	2.23.0
solargraph	0.58.3	0.59.2
lefthook	2.1.6	2.1.8
selenium-webdriver	4.43.0	4.44.0

Updates puma from 8.0.0 to 8.0.1

Release notes

Sourced from puma's releases.

v8.0.1

• Bugfixes

  • Fix prune_bundler stripping user-configured BUNDLE_* env vars (e.g. BUNDLE_WITHOUT) on re-exec, which caused workers to crash on boot (#3929)

• Performance

  • Use blocks for debug logging to avoid creating log messages when debug is disabled (#3920)

• Docs

  • Fix incorrect hook names in gRPC docs (#3923)
  • Reword v8 upgrade guide IPv6 bullet for clarity (#3928)

Changelog

Sourced from puma's changelog.

8.0.1 / 2026-04-27

• Bugfixes

  • Fix prune_bundler stripping user-configured BUNDLE_* env vars (e.g. BUNDLE_WITHOUT) on re-exec, which caused workers to crash on boot (#3929)

• Performance

  • Use blocks for debug logging to avoid creating log messages when debug is disabled (#3920)

• Docs

  • Fix incorrect hook names in gRPC docs (#3923)
  • Reword v8 upgrade guide IPv6 bullet for clarity (#3928)

Commits

• cee7e61 Release v8.0.1 (#3932)
• f955caf Fix prune_bundler stripping user-configured BUNDLE_* env vars on re-exec (#3929)
• 97996aa ci: test_error_logger.rb - fix TruffleRuby error (#3930)
• 03825bc Build(deps): Bump actions/github-script from 8 to 9 (#3925)
• 053efae Reword v8 upgrade guide ipv6 bullet (#3928)
• b19f35a Fix incorrect hook names in gRPC docs (#3923)
• eeabe4b Use blocks for debug logging to avoid creating messages if debug disabled (#3...
• See full diff in compare view

Updates jbuilder from 2.14.1 to 2.15.0

Release notes

Sourced from jbuilder's releases.

v2.15.0

What's Changed

• Optimize KeyFormatter on cache hits by @​moberegger in rails/jbuilder#607
• Make method_missing private by @​alexceder in rails/jbuilder#614
• Optimize array! and set! by @​moberegger in rails/jbuilder#604
• Use :unprocessable_content for scaffolds with Rack 3.1 or higher by @​taketo1113 in rails/jbuilder#603
• Optimize _map_collection by @​moberegger in rails/jbuilder#612
• fix: Preserve locals when rendering inline partial for object by @​moberegger in rails/jbuilder#613

New Contributors

• @​mayur-kambariya made their first contribution in rails/jbuilder#609
• @​alexceder made their first contribution in rails/jbuilder#614
• @​taketo1113 made their first contribution in rails/jbuilder#603

Full Changelog: rails/jbuilder@v2.14.1...v2.15.0

Commits

• 018083d Prepare for 2.15.0
• 72cf067 Update devcontainer image to Ruby 4.0.4 and add devcontainer-lock.json
• d35a962 Merge pull request #615 from taketo1113/ci-rails8.1-ruby4.0
• cc42e7e CI: Add Rails 8.1 & Ruby 4.0 to CI Matrix
• cd7482e Merge pull request #613 from affinity/moberegger/fix-inline-partial-locals-be
• 58283a0 Merge pull request #612 from affinity/moberegger/optimize-_map_collection
• 09ca3e1 Merge pull request #603 from taketo1113/update-rack-unprocessable_content
• 9a921d3 Merge pull request #604 from affinity/moberegger/optimize-set-and-array-dsl
• 363c3c8 Merge pull request #614 from alexceder/make-method-missing-private
• 26c236c Make method_missing private
• Additional commits viewable in compare view

Updates bootsnap from 1.23.0 to 1.24.5

Release notes

Sourced from bootsnap's releases.

v1.24.4

What's Changed

• Fix several compatibility issues with Ruby 4.0.4, particularly the should not compile with coverage error. See #547.
• Fix Bootsnap.enable_frozen_string_literal to work even when coverage is enabled. Unfortunately only possible on Ruby 4.0.4+. On older rubies if coverage is enabled a warning will be issued and the feature won't work.
• Reduced cache files header size from 64 to 32 bytes, and got rid of the random padding element.
• Avoid leaking a private method in Object when testing for Parse.y bugs.

Full Changelog: rails/bootsnap@v1.24.3...v1.24.4

v1.24.3

• Fix the 1.24.2 workaround to parse Ruby files with UTF-8 even when the LANG environment variable is unset or set to C.

Full Changelog: rails/bootsnap@v1.24.2...v1.24.3

v1.24.2

What's Changed

• Workaround two Ruby bugs in RubyVM::InstructionSequence.compile_file, that were causing files to be loaded with the old Ruby parser instead of Prism, causing issues with some pattern matching syntax. Ref: https://bugs.ruby-lang.org/issues/22023

Full Changelog: rails/bootsnap@v1.24.1...v1.24.2

v1.24.1

What's Changed

• Fix encoding of Ruby source files loaded when BOOTSNAP_READONLY is set. Files would incorectly be loaded in ASCII-8BIT causing literal strings outside the pure ASCII range to have ASCII-8BIT encoding instead of UTF-8. This bug was introduced in 1.24.0.

Full Changelog: rails/bootsnap@v1.24.0...v1.24.1

v1.24.0

What's Changed

• Added a hook API to customize Ruby compilation.

Full Changelog: rails/bootsnap@v1.23.0...v1.24.0

Changelog

Sourced from bootsnap's changelog.

1.24.5

• No longer load the config file by default when setup is done manually. This is so cli applications like homebrew don't mistakenly load another app's boostnap config.

1.24.4

• Fix several compatibility issues with Ruby 4.0.4, particularly the should not compile with coverage error. See #547.
• Fix Bootsnap.enable_frozen_string_literal to work even when coverage is enabled. Unfortunately only possible on Ruby 4.0.4+. On older rubies if coverage is enabled a warning will be issued and the feature won't work.
• Reduced cache files header size from 64 to 32 bytes, and got rid of the random padding element.
• Avoid leaking a private method in Object when testing for Parse.y bugs.

1.24.3

• Fix the 1.24.2 workaround to parse Ruby files with UTF-8 even when the LANG environment variable is unset or set to C.

1.24.2

• Workaround two Ruby bugs in RubyVM::InstructionSequence.compile_file, that were causing files to be loaded with the old Ruby parser instead of Prism, causing issues with some pattern matching syntax. Ref: https://bugs.ruby-lang.org/issues/22023

1.24.1

• Fix encoding of Ruby source files loaded when BOOTSNAP_READONLY is set. Files would incorectly be loaded in ASCII-8BIT causing literal strings outside the pure ASCII range to have ASCII-8BIT encoding instead of UTF-8. This bug was introduced in 1.24.0.

1.24.0

• Added a hook API to customize Ruby compilation.

Commits

• d6ca050 Release 1.24.5
• 579aa0e Merge pull request #552 from byroot/fix-bootsnap-config
• 2884e89 Only load config file is directed to by .setup
• 103a92b Merge pull request #551 from byroot/enable-fstr-global
• 33c927d Update compiler options when global options change
• 122db7f Simplify enable_frozen_string_literal(app_only: false)
• 0d8a0a6 Release 1.24.4
• 6ccc5eb Merge pull request #550 from byroot/fstr-and-coverage
• 86e9586 Make Bootsnap.enable_frozen_string_literal work even with coverage on
• 36c2224 Merge pull request #549 from byroot/integration-tests
• Additional commits viewable in compare view

Updates image_processing from 1.14.0 to 2.0.1

Changelog

Sourced from image_processing's changelog.

2.0.1 (2026-05-22)

• [minimagick] Prevent remote shell execution when passing loader/saver options from user input

2.0.0 (2026-05-20)

• mini_magick/ruby-vips are now soft dependencies and need to be manually added to the Gemfile (@​janko)

• Avoid remote shell execution vulnerability in #apply when arguments are coming from user input (@​janko)

• [vips] Unfuzzed loaders are now blocked by default (@​janko)

• [vips] Sharpening after resize has been disabled by default (@​janko)

• [minimagick] Remove deprecated :compose and :geometry keyword arguments for #composite (@​janko)

• Ruby 3.0+ is now required (@​janko)

Commits

• 9489387 Bump to 2.0.1
• 31b3d91 Prevent remote shell execution in loader/saver minimagick options
• cd1353d Bump to 2.0.0
• fb1c0ed Update documentation with recent changes
• f9a1379 Use double quotes
• ad46160 Add IRB and Benchmark to Gemfile
• c064833 Remove deprecated :compose and :geometry in MiniMagick#composite
• 4a26fa8 Make ruby-vips and mini_magick soft dependencies
• 201586c Block unfuzzed loaders by default on libvips 8.13+
• a71fcad Remove libvips 8.6+ check
• Additional commits viewable in compare view

Updates devise from 5.0.3 to 5.0.4

Release notes

Sourced from devise's releases.

v5.0.4

https://github.com/heartcombo/devise/blob/v5.0.4/CHANGELOG.md#504---2026-05-08

Changelog

Sourced from devise's changelog.

5.0.4 - 2026-05-08

• security fixes
  • Fix open redirect in FailureApp via unvalidated Referer header on non-GET session timeout. CVE-2026-40295 GHSA-jp94-3292-c3xv

Commits

• 9ea459d Release v5.0.4 with sec fix for timeoutable
• 025fe21 Merge commit from fork
• 7ca7ed9 Add GHSA link to the v5.0.3 sec fix changelog entry [ci skip]
• 605de86 Update links to https [ci skip]
• 5e3a8bf Bundle update
• 5d20277 Cleanup old Rails.version check for db migration path
• 4ffb0b7 Fix Gemfile for Rails 7.2, incorrectly testing against 7.1
• See full diff in compare view

Updates friendly_id from 5.6.0 to 5.7.0

Release notes

Sourced from friendly_id's releases.

v5.7.0

What's Changed

• Reduce gem size by excluding test files by @​yuri-zubov in norman/friendly_id#1042

New Contributors

• @​yuri-zubov made their first contribution in norman/friendly_id#1042

Full Changelog: norman/friendly_id@v5.6.0...v5.7.0

Changelog

Sourced from friendly_id's changelog.

FriendlyId Changelog

We would like to think our many contributors for suggestions, ideas and improvements to FriendlyId.

Commits

• c66779c Bump version to 5.7.0 (#1044)
• cf4b81c Reduce gem size by excluding test files (#1042)
• See full diff in compare view

Updates stripe from 19.0.0 to 19.1.0

Release notes

Sourced from stripe's releases.

v19.1.0

This release changes the pinned API version to 2026-04-22.dahlia.

• #1842 Update generated code
  • Add support for balance_report and payout_reconciliation_report on AccountSession::Component and AccountSessionCreateParams::Component
  • Add support for app_distribution and sunbit_payments on Account::Capability, AccountCreateParams::Capability, and AccountUpdateParams::Capability
  • Add support for sunbit on Charge::PaymentMethodDetail, ConfirmationToken::PaymentMethodPreview, ConfirmationTokenCreateParams::PaymentMethodDatum, PaymentAttemptRecord::PaymentMethodDetail, PaymentIntentConfirmParams::PaymentMethodDatum, PaymentIntentCreateParams::PaymentMethodDatum, PaymentIntentUpdateParams::PaymentMethodDatum, PaymentMethodConfigurationCreateParams, PaymentMethodConfigurationUpdateParams, PaymentMethodConfiguration, PaymentMethodCreateParams, PaymentMethod, PaymentRecord::PaymentMethodDetail, SetupIntentConfirmParams::PaymentMethodDatum, SetupIntentCreateParams::PaymentMethodDatum, and SetupIntentUpdateParams::PaymentMethodDatum
  • Add support for location and reader on Charge::PaymentMethodDetail::Klarna, PaymentAttemptRecord::PaymentMethodDetail::Klarna, and PaymentRecord::PaymentMethodDetail::Klarna
  • Add support for mandate on Charge::PaymentMethodDetail::Pix, PaymentAttemptRecord::PaymentMethodDetail::Pix, and PaymentRecord::PaymentMethodDetail::Pix
  • Add support for managed_payments on Checkout::SessionCreateParams, Checkout::Session, PaymentIntent, PaymentLinkCreateParams, PaymentLink, SetupIntent, and Subscription
  • Add support for mandate_options on Checkout::Session::PaymentMethodOption::Pix, Checkout::SessionCreateParams::PaymentMethodOption::Pix, PaymentIntent::PaymentMethodOption::Pix, PaymentIntentConfirmParams::PaymentMethodOption::Pix, PaymentIntentCreateParams::PaymentMethodOption::Pix, and PaymentIntentUpdateParams::PaymentMethodOption::Pix
  • Change type of Checkout::SessionCreateParams::PaymentMethodOption::Pix.setup_future_usage, PaymentIntentConfirmParams::PaymentMethodOption::Pix.setup_future_usage, PaymentIntentCreateParams::PaymentMethodOption::Pix.setup_future_usage, and PaymentIntentUpdateParams::PaymentMethodOption::Pix.setup_future_usage from literal('none') to enum('none'|'off_session')
  • ⚠️ Change type of Checkout::Session::PaymentMethodOption::Pix.setup_future_usage and PaymentIntent::PaymentMethodOption::Pix.setup_future_usage from literal('none') to enum('none'|'off_session')
  • Add support for pix on Invoice::PaymentSetting::PaymentMethodOption, InvoiceCreateParams::PaymentSetting::PaymentMethodOption, InvoiceUpdateParams::PaymentSetting::PaymentMethodOption, Mandate::PaymentMethodDetail, SetupAttempt::PaymentMethodDetail, SetupIntent::PaymentMethodOption, SetupIntentConfirmParams::PaymentMethodOption, SetupIntentCreateParams::PaymentMethodOption, SetupIntentUpdateParams::PaymentMethodOption, Subscription::PaymentSetting::PaymentMethodOption, SubscriptionCreateParams::PaymentSetting::PaymentMethodOption, and SubscriptionUpdateParams::PaymentSetting::PaymentMethodOption
  • Add support for upi on Invoice::PaymentSetting::PaymentMethodOption, InvoiceCreateParams::PaymentSetting::PaymentMethodOption, InvoiceUpdateParams::PaymentSetting::PaymentMethodOption, Subscription::PaymentSetting::PaymentMethodOption, SubscriptionCreateParams::PaymentSetting::PaymentMethodOption, and SubscriptionUpdateParams::PaymentSetting::PaymentMethodOption
  • Add support for card_presence on Issuing::Authorization
  • Add support for allowed_card_presences and blocked_card_presences on Issuing::Card::SpendingControl, Issuing::CardCreateParams::SpendingControl, Issuing::CardUpdateParams::SpendingControl, Issuing::Cardholder::SpendingControl, Issuing::CardholderCreateParams::SpendingControl, and Issuing::CardholderUpdateParams::SpendingControl
  • Add support for amount and currency on Mandate::MultiUse
  • Add support for amount_to_confirm on PaymentIntentConfirmParams
  • Add support for klarna_display_qr_code on PaymentIntent::NextAction
  • Add support for moto on SetupAttempt::PaymentMethodDetail::Card
  • Add support for pix_display_qr_code on SetupIntent::NextAction
• #1846 Fix 2D array parameter encoding
  • Fixes an issue encoding two-dimensional array request params where the SDK incorrectly flattens the array.
• #1841 Replace other require cgi with require cgi/escape

See the changelog for more details.

v19.1.0-beta.2

• #1840 Update generated code for beta
  • Fix "Unable to resolve constant" sorbet errors for Params classes

See the changelog for more details.

v19.1.0-beta.1

This release changes the pinned API version to 2026-03-25.preview. It is built on top of SDK version 19.0.0 which contains breaking changes. Please review the changelog for 19.0.0 if upgrading from older SDK versions.

• #1833 Update generated code for beta
• #1832 Update generated code for beta
  • Release specs are identical.
• #1801 Update generated code for beta
  • Add support for new resources ProductCatalog::TrialOffer, Tax::Location, and V2::Core::BatchJob
  • Add support for create method on resource ProductCatalog::TrialOffer
  • Add support for create, list, and retrieve methods on resource Tax::Location
  • Add support for cancel, create, and retrieve methods on resource V2::Core::BatchJob
  • Add support for performance_location on Tax::CalculationCreateParams::LineItem and Tax::CalculationLineItem
  • Add support for trial_offer on InvoiceCreatePreviewParams::ScheduleDetail::Amendment::ItemAction::Add, InvoiceCreatePreviewParams::ScheduleDetail::Amendment::ItemAction::Set, InvoiceCreatePreviewParams::ScheduleDetail::Phase::Item, QuoteCreateParams::Line::Action::AddItem, QuoteCreateParams::Line::Action::SetItem, QuoteLine::Action::AddItem, QuoteLine::Action::SetItem, QuotePreviewSubscriptionSchedule::Phase::Item, QuoteUpdateParams::Line::Action::AddItem, QuoteUpdateParams::Line::Action::SetItem, SubscriptionSchedule::Phase::Item, SubscriptionScheduleAmendParams::Amendment::ItemAction::Add, SubscriptionScheduleAmendParams::Amendment::ItemAction::Set, SubscriptionScheduleCreateParams::Phase::Item, and SubscriptionScheduleUpdateParams::Phase::Item
  • Add support for risk_reserved on Balance
  • ⚠️ Remove support for source_type on Charge::PaymentMethodDetail::StripeBalance, ConfirmationToken::PaymentMethodPreview::StripeBalance, ConfirmationTokenCreateParams::PaymentMethodDatum::StripeBalance, PaymentAttemptRecord::PaymentMethodDetail::StripeBalance, PaymentIntentConfirmParams::PaymentMethodDatum::StripeBalance, PaymentIntentCreateParams::PaymentMethodDatum::StripeBalance, PaymentIntentUpdateParams::PaymentMethodDatum::StripeBalance, PaymentMethod::StripeBalance, PaymentMethodCreateParams::StripeBalance, PaymentRecord::PaymentMethodDetail::StripeBalance, SetupIntentConfirmParams::PaymentMethodDatum::StripeBalance, SetupIntentCreateParams::PaymentMethodDatum::StripeBalance, and SetupIntentUpdateParams::PaymentMethodDatum::StripeBalance
  • Add support for tax_details on Checkout::SessionCreateParams::LineItem::PriceDatum::ProductDatum, Checkout::SessionUpdateParams::LineItem::PriceDatum::ProductDatum, InvoiceAddLinesParams::Line::PriceDatum::ProductDatum, InvoiceLineItemUpdateParams::PriceDatum::ProductDatum, InvoiceUpdateLinesParams::Line::PriceDatum::ProductDatum, PaymentLinkCreateParams::LineItem::PriceDatum::ProductDatum, PlanCreateParams::Product, PriceCreateParams::ProductDatum, ProductCreateParams, and ProductUpdateParams

... (truncated)

Changelog

Sourced from stripe's changelog.

19.1.0 - 2026-04-23

This release changes the pinned API version to 2026-04-22.dahlia.

• #1842 Update generated code
  • Add support for balance_report and payout_reconciliation_report on AccountSession::Component and AccountSessionCreateParams::Component
  • Add support for app_distribution and sunbit_payments on Account::Capability, AccountCreateParams::Capability, and AccountUpdateParams::Capability
  • Add support for sunbit on Charge::PaymentMethodDetail, ConfirmationToken::PaymentMethodPreview, ConfirmationTokenCreateParams::PaymentMethodDatum, PaymentAttemptRecord::PaymentMethodDetail, PaymentIntentConfirmParams::PaymentMethodDatum, PaymentIntentCreateParams::PaymentMethodDatum, PaymentIntentUpdateParams::PaymentMethodDatum, PaymentMethodConfigurationCreateParams, PaymentMethodConfigurationUpdateParams, PaymentMethodConfiguration, PaymentMethodCreateParams, PaymentMethod, PaymentRecord::PaymentMethodDetail, SetupIntentConfirmParams::PaymentMethodDatum, SetupIntentCreateParams::PaymentMethodDatum, and SetupIntentUpdateParams::PaymentMethodDatum
  • Add support for location and reader on Charge::PaymentMethodDetail::Klarna, PaymentAttemptRecord::PaymentMethodDetail::Klarna, and PaymentRecord::PaymentMethodDetail::Klarna
  • Add support for mandate on Charge::PaymentMethodDetail::Pix, PaymentAttemptRecord::PaymentMethodDetail::Pix, and PaymentRecord::PaymentMethodDetail::Pix
  • Add support for managed_payments on Checkout::SessionCreateParams, Checkout::Session, PaymentIntent, PaymentLinkCreateParams, PaymentLink, SetupIntent, and Subscription
  • Add support for mandate_options on Checkout::Session::PaymentMethodOption::Pix, Checkout::SessionCreateParams::PaymentMethodOption::Pix, PaymentIntent::PaymentMethodOption::Pix, PaymentIntentConfirmParams::PaymentMethodOption::Pix, PaymentIntentCreateParams::PaymentMethodOption::Pix, and PaymentIntentUpdateParams::PaymentMethodOption::Pix
  • Change type of Checkout::SessionCreateParams::PaymentMethodOption::Pix.setup_future_usage, PaymentIntentConfirmParams::PaymentMethodOption::Pix.setup_future_usage, PaymentIntentCreateParams::PaymentMethodOption::Pix.setup_future_usage, and PaymentIntentUpdateParams::PaymentMethodOption::Pix.setup_future_usage from literal('none') to enum('none'|'off_session')
  • ⚠️ Change type of Checkout::Session::PaymentMethodOption::Pix.setup_future_usage and PaymentIntent::PaymentMethodOption::Pix.setup_future_usage from literal('none') to enum('none'|'off_session')
  • Add support for pix on Invoice::PaymentSetting::PaymentMethodOption, InvoiceCreateParams::PaymentSetting::PaymentMethodOption, InvoiceUpdateParams::PaymentSetting::PaymentMethodOption, Mandate::PaymentMethodDetail, SetupAttempt::PaymentMethodDetail, SetupIntent::PaymentMethodOption, SetupIntentConfirmParams::PaymentMethodOption, SetupIntentCreateParams::PaymentMethodOption, SetupIntentUpdateParams::PaymentMethodOption, Subscription::PaymentSetting::PaymentMethodOption, SubscriptionCreateParams::PaymentSetting::PaymentMethodOption, and SubscriptionUpdateParams::PaymentSetting::PaymentMethodOption
  • Add support for upi on Invoice::PaymentSetting::PaymentMethodOption, InvoiceCreateParams::PaymentSetting::PaymentMethodOption, InvoiceUpdateParams::PaymentSetting::PaymentMethodOption, Subscription::PaymentSetting::PaymentMethodOption, SubscriptionCreateParams::PaymentSetting::PaymentMethodOption, and SubscriptionUpdateParams::PaymentSetting::PaymentMethodOption
  • Add support for card_presence on Issuing::Authorization
  • Add support for allowed_card_presences and blocked_card_presences on Issuing::Card::SpendingControl, Issuing::CardCreateParams::SpendingControl, Issuing::CardUpdateParams::SpendingControl, Issuing::Cardholder::SpendingControl, Issuing::CardholderCreateParams::SpendingControl, and Issuing::CardholderUpdateParams::SpendingControl
  • Add support for amount and currency on Mandate::MultiUse
  • Add support for amount_to_confirm on PaymentIntentConfirmParams
  • Add support for klarna_display_qr_code on PaymentIntent::NextAction
  • Add support for moto on SetupAttempt::PaymentMethodDetail::Card
  • Add support for pix_display_qr_code on SetupIntent::NextAction
• #1846 Fix 2D array parameter encoding
  • Fixes an issue encoding two-dimensional array request params where the SDK incorrectly flattens the array.
• #1841 Replace other require cgi with require cgi/escape

Commits

• 0b1d66f Bump version to 19.1.0
• a2418f5 Update generated code (#1842)
• e76286e Fix 2D array parameter encoding (#1846)
• 645470b Replace other require cgi with require cgi/escape (#1841)
• See full diff in compare view

Updates pagy from 43.5.1 to 43.5.5

Release notes

Sourced from pagy's releases.

Version 43.5.5

Changes in 43.5.5

• Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator (#907)
  • Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator
  • Simplify decoding logic

  ---

  Co-authored-by: Domizio Demichelis dd.nexus@gmail.com

CHANGELOG

Version 43

We needed a leap version to unequivocally signal that it's not just a major version: it's a complete redesign of the legacy code at all levels, usage and API included.

Why 43? Because it's exactly one step beyond "The answer to the ultimate question of life, the Universe, and everything." 😉

Improvements

This version introduces several enhancements, such as new :countish and :keynav_js paginators and improved automation and configuration processes, reducing setup requirements by 99%. The update also includes a simpler API and new interactive development tools, making it a comprehensive upgrade from previous versions.

• New :countish Paginator
  • Faster than OFFSET and supporting the full UI
• New Keynav Pagination
  • The pagy-exclusive technique using the fastest keyset pagination alongside all frontend helpers.
• New interactive dev-tools
  • New PagyWand to integrate the pagy CSS with your app themes.
  • New Pagy AI available right inside your own app.
• Intelligent automation
  • Configuration requirements reduced by 99%.
  • Simplified JavaScript setup.
  • Automatic I18n loading.
• Simpler API
  • You solely need the pagy method and the @​pagy instance to paginate any collection and use any navigation tag and helper.
  • Methods are autoloaded only if used, and consume no memory otherwise.
  • Methods have narrower scopes and can be overridden without deep knowledge.
• New documentation
  • Very concise, straightforward, and easy to navigate and understand.

Upgrade to 43

See the Upgrade Guide

... (truncated)

Changelog

Sourced from pagy's changelog.

Version 43.5.5

• Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator (#907)
  • Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator
  • Simplify decoding logic

  ---

  Co-authored-by: Domizio Demichelis dd.nexus@gmail.com

Version 43.5.4

• Fix SERIES_SLOTS loading error (close #902)

Version 43.5.3

• Autoload series, a_lambda and page_label
• Add Hungarian localization file for Pagy (#896)

Version 43.5.2

• Add type validation for page and limit keys type (close #895)
• Simplify series_nav_js removing "pagy-rjs" CSS class (Fix #894)

Commits

• eb4a810 Merge branch 'dev'
• 8ee37a0 Version 43.5.5
• ac62e00 Improve comment/docs
• 81215c4 Update gem and packages
• 9161301 💎 Rescue malformed page request param in Pagy::Keyset and KeynavJsPaginator (...
• 4e9118c Docs: fix input_nav_js link text in how-to guide (#903)
• c1a0adb Merge branch 'dev'
• 9dc8a75 Version 43.5.4
• 3c85c53 Update gems and packages
• 60429fe 💎 Fix SERIES_SLOTS loading error (close #902)
• Additional commits viewable in compare view

Updates cloudinary from 2.4.4 to 2.4.5

Release notes

Sourced from cloudinary's releases.

Version 2.4.5

• Fix missing require statements for Ruby standard libraries

Changelog

Sourced from cloudinary's changelog.

2.4.5 / 2026-04-27

• Fix missing require statements for Ruby standard libraries

Commits

• da05bad Version 2.4.5
• bdff100 Fix missing require statements for Ruby standard libraries
• See full diff in compare view

Updates active_storage_validations from 3.0.4 to 3.0.5

Release notes

Sourced from active_storage_validations's releases.

3.0.5

What's Changed

• fix(validators): fix issue with overlapping blob and signed_id (#419) by @​Mth0158 in igorkasyanchuk/active_storage_validations#421

Full Changelog: igorkasyanchuk/active_storage_validations@3.0.4...3.0.5

Changelog

Sourced from active_storage_validations's changelog.

• 3.0.5
  • Fix issue when uploading a Blob and signed_id String that references the same Blob (igorkasyanchuk/active_storage_validations#419)

Commits

• 1a48f01 new version
• 3ff0633 Update CHANGES.md
• d47a7d3 Merge pull request #421 from igorkasyanchuk/419-nomethoderror-undefined-metho...
• 5c3fb45 fix(tests): fix failing tests
• df5f715 fix(validators): fix issue with overlapping blob and signed_id (#419)
• See full diff in compare view

Updates honeybadger from 6.5.5 to 6.6.1

Release notes

Sourced from honeybadger's releases.

v6.6.0

6.6.0 (2026-05-08)

Features

• ignore solid_cable_messages queries (#817) (5292bb6)

v6.5.6

6.5.6 (2026-05-04)

Bug Fixes

• attach environment and hostname to metric events (#815) (0762115)

Changelog

Sourced from honeybadger's changelog.

6.6.1 (2026-05-15)

Bug Fixes

• change logging level for messages emitted in the development environment (b615c83)

6.6.0 (2026-05-08)

Features

• ignore solid_cable_messages queries (#817) (5292bb6)

6.5.6 (2026-05-04)

Bug Fixes

• attach environment and hostname to metric events (#815) (0762115)

Commits

• 69faf3b chore(master): release 6.6.1
• b615c83 fix: change logging level for messages emitted in the development environment
• d6dc17f chore(master): release 6.6.0 (#818)
• 5292bb6 feat: ignore solid_cable_messages queries (#817)
• 59c4b71 chore(master): release 6.5.6 (#816)
• 0762115 fix: attach environment and hostname to metric events (#815)
• See full diff in compare view

Updates bullet from 8.1.1 to 8.1.2

Changelog

Sourced from bullet's changelog.

8.1.2 (05/25/2026)

• Skip N+1 detection for optional polymorphic belongs_to whose *_type column is nil. ActiveRecord short-circuits the reader to nil without issuing SQL, so the access cannot represent an N+1 query and preloading would be a no-op.
• Fix Set#<< corruption in UnusedEagerLoading#add_eager_loadings split branch

Commits

• 02b71fd Bumping version to 8.1.2
• b92d8d4 Merge pull request #773 from sloane/sloane/bullet-nil-polymorphic-false-positive
• 5f416e7 Skip N+1 detection for polymorphic belongs_to with nil _type
• 225aacb 📝 docs: clarify test wrapping requirements for Bullet
• 8667044 Merge pull request #771 from martingjaldbaek/fix-add-eager-loadings-set-merge
• 38cea31 Fix Set#<< corruption in UnusedEagerLoading#add_eager_loadings split branch
• 8ae6eff Add failing regression test for add_eager_loadings split branch
• See full diff in compare view

Updates rubocop-capybara from 2.22.1 to 2.23.0

Release notes

Sourced from rubocop-capybara's releases.

RuboCop Capybara v2.23.0

• Bump RuboCop requirement to +1.81. (@​ydah)
• Add new Capybara/RSpec/HaveContent cop. (@​nzlaura)
• Move the department associated with Capybara::RSpecMatchers to Capybara/RSpec/*. (@​ydah)
  • Rename Capybara/CurrentPathExpectation to Capybara/RSpec/CurrentPathExpectation
  • Rename Capybara/SpecificMatcher to Capybara/RSpec/SpecificMatcher
  • Rename Capybara/NegationMatcher to Capybara/RSpec/NegationMatcher
  • Rename Capybara/NegationMatcherAfterVisit to Capybara/RSpec/NegationMatcherAfterVisit
  • Rename Capybara/VisibilityMatcher to Capybara/RSpec/VisibilityMatcher
• Split Capybara/MatchStyle into Capybara/AssertStyle and Capybara/RSpec/MatchStyle. (@​ydah)
• Fix a false positive for Capybara/FindAllFirst when using logical operators with all('...')[0]. (@​ydah)
• Fix an incorrect autocorrect for Capybara/FindAllFirst when find or all with match: :first uses a receiver and mark autocorrection as unsafe. (@​ydah)
• Fix an error for Capybara/RSpec/HaveSelector when passing only a selector type. (@​ydah)

Changelog

Sourced from rubocop-capybara's changelog.

2.23.0 (2026-04-30)

• Bump RuboCop requirement to +1.81. ([@​ydah])
• Add new Capybara/RSpec/HaveContent cop. ([@​nzlaura])
• Move the department associated with Capybara::RSpecMatchers to Capybara/RSpec/*. ([@​ydah])
  • Rename Capybara/CurrentPathExpectation to Capybara/RSpec/CurrentPathExpectation
  • Rename Capybara/SpecificMatcher to Capybara/RSpec/SpecificMatcher
  • Rename Capybara/NegationMatcher to Capybara/RSpec/NegationMatcher
  • Rename Capybara/NegationMatcherAfterVisit to Capybara/RSpec/NegationMatcherAfterVisit
  • Rename Capybara/VisibilityMatcher to Capybara/RSpec/VisibilityMatcher
• Split Capybara/MatchStyle into Capybara/AssertStyle and Capybara/RSpec/MatchStyle. ([@​ydah])
• Fix a false positive for Capybara/FindAllFirst when using logical operators with all('...')[0]. ([@​ydah])
• Fix an incorrect autocorrect for Capybara/FindAllFirst when find or all with match: :first uses a receiver and mark autocorrection as unsafe. ([@​ydah])
• Fix an error for Capybara/RSpec/HaveSelector when passing only a selector type. ([@​ydah])

Commits

• 2aa3696 Merge pull request #170 from rubocop/v2.23.0
• d6ffe96 v2.23.0

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.