Skip to content

build(deps): bump activesupport from 7.1.6 to 7.2.3.1 in /wallet/symbol/mobile#2033

Closed
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/bundler/wallet/symbol/mobile/activesupport-7.2.3.1
Closed

build(deps): bump activesupport from 7.1.6 to 7.2.3.1 in /wallet/symbol/mobile#2033
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/bundler/wallet/symbol/mobile/activesupport-7.2.3.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Bumps activesupport from 7.1.6 to 7.2.3.1.

Release notes

Sourced from activesupport's releases.

7.2.3.1

Active Support

  • Reject scientific notation in NumberConverter

    [CVE-2026-33176]

    Jean Boussier

  • Fix SafeBuffer#% to preserve unsafe status

    [CVE-2026-33170]

    Jean Boussier

  • Improve performance of NumberToDelimitedConverter

    [CVE-2026-33169]

    Jean Boussier

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • Skip blank attribute names in tag helpers to avoid generating invalid HTML.

    [CVE-2026-33168]

    Mike Dalessio

Action Pack

  • No changes.

Active Job

  • No changes.

... (truncated)

Commits
  • ba76fca Preparing for 7.2.3.1 release
  • 8a379f4 Update changelog
  • b54a4b3 Improve performance of NumberToDelimitedConverter
  • c1ad0e8 Fix SafeBuffer#% to preserve unsafe status
  • ebd6be1 NumberConverter: reject scientific notation
  • 4a155f1 Lock some dependencies
  • bb2bdef Preparing for 7.2.3 release
  • fe41a9f Merge pull request #55840 from zzak/asup-xml-mini-bigdecimal-float-precision
  • 12040a3 Merge pull request #55808 from olivier-thatch/fix-enum-sole
  • 58630e1 Merge pull request #55794 from rails/fix-55513
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump activesupport in /wallet/symbol/mobile
08c21ee 
Bumps [activesupport](https://github.com/rails/rails) from 7.1.6 to 7.2.3.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.1.2.1/activesupport/CHANGELOG.md)
- [Commits](rails/rails@v7.1.6...v7.2.3.1)

---
updated-dependencies:
- dependency-name: activesupport
  dependency-version: 7.2.3.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies ruby Pull requests that update ruby code labels Mar 23, 2026
@github-actions github-actions bot mentioned this pull request Mar 30, 2026
Merged
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 30, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/bundler/wallet/symbol/mobile/activesupport-7.2.3.1 branch March 30, 2026 15:33
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 30, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.87%. Comparing base (3d510ff) to head (08c21ee).
⚠️ Report is 2 commits behind head on dev.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##              dev    #2033      +/-   ##
==========================================
- Coverage   96.89%   96.87%   -0.02%     
==========================================
  Files         266      261       -5     
  Lines       19253    19119     -134     
  Branches      215      215              
==========================================
- Hits        18655    18522     -133     
+ Misses        592      591       -1     
  Partials        6        6
Flag Coverage Δ
explorer-rest ?

Flags with carried forward coverage won't be shown. Click here to find out more.
see 5 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants