Bump puma from 6.6.0 to 8.0.0#102
Conversation
Bumps [puma](https://github.com/puma/puma) from 6.6.0 to 8.0.0. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/main/History.md) - [Commits](puma/puma@v6.6.0...v8.0.0) --- updated-dependencies: - dependency-name: puma dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 636796cb1e
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| stringio | ||
| public_suffix (6.0.2) | ||
| puma (6.6.0) | ||
| puma (8.0.0) |
There was a problem hiding this comment.
Set an explicit bind host before adopting Puma 8
This upgrade changes Puma’s production default bind from 0.0.0.0 to ::, but our Puma config only calls port ENV.fetch("PORT", 3000) and does not set a host explicitly. In environments where IPv6 is present but IPv4-mapped IPv6 is disabled (net.ipv6.bindv6only=1), the app will no longer accept IPv4 traffic on $PORT, causing production health checks or ingress connections to fail after this dependency bump.
Useful? React with 👍 / 👎.
|
Superseded by #111. |
Bumps puma from 6.6.0 to 8.0.0.
Release notes
Sourced from puma's releases.
... (truncated)
Changelog
Sourced from puma's changelog.
... (truncated)
Commits
08f63d4Release v8.0.0 (#3914)7406cc1Fix IPv4-mapped IPv6 addresses inREMOTE_ADDRand request logs (#3916)e090243Build(deps): Bump actions/checkout from 4 to 6 (#3915)7d5dca1Update SECURITY.md, native Github vuln reports [ci skip] (#3913)66e6a32Minor correction to defaults documented in dsl.rb (#3912)3788ecaci: limit rack-conform to main pushes and scope ragel PR runs (#3908)57b7799ci: run turbo-rails only on latest stable Ruby and Rails (#3909)6685d6bci: replace skip-duplicate jobs with concurrency and trigger filters (#3907)2848c82ci: run push workflows only on main and release branches (#3906)97a37bbAdd release pre-merge checks and align Release.md [ci skip] (#3904)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)