about summary refs log tree commit diff
path: root/Gemfile
AgeCommit message (Collapse)Author
2023-03-05Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream README has been changed, but we have a completely different one. Kept our `README.md`. - `lib/sanitize_ext/sanitize_config.rb`: Upstream added support for more incoming HTML tags (a large subset of what glitch-soc accepts). Change the code style to match upstream's but otherwise do not change our code. - `spec/lib/sanitize_config_spec.rb`: Upstream added support for more incoming HTML tags (a large subset of what glitch-soc accepts). Kept our version, since the tests are mostly glitch-soc's, except for cases which are purposefuly different.
2023-03-03Remove pry gems (#23884)Nick Schonning
2023-03-03Remove climate_control gem (#23886)Nick Schonning
2023-03-02Merge branch 'main' into glitch-soc/merge-upstreamClaire
2023-03-02Update rspec-rails to version 6.0.1 (#23908)Matt Jankowski
2023-02-28[Dependashlee] Update to Puma 6.1.0 (#23795)Shlee
2023-02-25Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.prettierignore`: Upstream added a line at the end of the file, while glitch-soc had its own extra lines. Took upstream's change. - `CONTRIBUTING.md`: We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes. Ported upstream changes. - `app/controllers/application_controller.rb`: Upstream made code style changes in a method that is entirely replaced in glitch-soc. Ignored the change. - `app/models/account.rb`: Code style changes textually close to glitch-soc-specific changes. Ported upstream changes. - `lib/sanitize_ext/sanitize_config.rb`: Upstream code style changes. Ignored them.
2023-02-21Bump devise from 4.8.1 to 4.9.0 (#23691)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/dependabot.yml`: Upstream made changes while we have dropped this file. Keep the file deleted. - `.prettierignore`: Upstream made changes at the end of the file, where we had our extra lines. Just moved our extra lines back at the end. - `app/serializers/initial_state_serializer.rb`: Upstream code style changes. Applied them. - `app/services/backup_service.rb`: Upstream code style changes. Applied them.
2023-02-18Bump oj from 3.13.23 to 3.14.2 (#23560)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-17Bump webauthn from 2.5.2 to 3.0.0 (#23659)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-15Upgrade to Ruby 3.2 (#22928)Aaron Patterson
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-13Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.prettierignore`: Upstream added a line at the end, glitch-soc had extra entries at the end. Added upstream's new line before glitch-soc's. - `Gemfile.lock`: Upstream updated dependencies while glitch-soc has an extra one (hcaptcha). Updated dependencies like upstream did. - `app/controllers/api/v1/statuses_controller.rb`: Not a real conflict, upstream added a parameter (`allowed_mentions`) where glitch-soc already had an extra one (`content_type`). Added upstream's new parameter. - `app/javascript/styles/fonts/roboto-mono.scss`: A lot of lines were changed upstream due to code style changes, and a lot of those lines had path changes to accomodate glitch-soc's theming system. Applied upstream's style changes. - `app/javascript/styles/fonts/roboto.scss`: A lot of lines were changed upstream due to code style changes, and a lot of those lines had path changes to accomodate glitch-soc's theming system. Applied upstream's style changes.
2023-02-13Switch OpenID Connect gems (#23223)Stan Hu
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13Add dependency on net-http (#23571)Claire
2023-02-13Bump sidekiq-scheduler from 4.0.3 to 5.0.0 (#23212)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13Replace hamlit-rails with haml-rails (#23542)Nick Schonning
2023-02-09Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Minor upstream change, our README is completely different. Kept ours. - `lib/tasks/assets.rake`: glitch-soc has extra code to deal with its theming system, upstream changed a line that exists in glitch-soc. Applied upstream changes.
2023-02-04Bump bootsnap from 1.15.0 to 1.16.0 (#23340)dependabot[bot]
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.15.0 to 1.16.0. - [Release notes](https://github.com/Shopify/bootsnap/releases) - [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md) - [Commits](https://github.com/Shopify/bootsnap/compare/v1.15.0...v1.16.0) --- updated-dependencies: - dependency-name: bootsnap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-03Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Upstream updated `docker/build-push-action`, and we a different config for `docker/metadata-action` so the lines directly above were different, but it's not a real conflict. Upgraded `docker/build-push-action` as upstream did. - `app/javascript/mastodon/features/compose/components/compose_form.js`: Upstream changed the codestyle near a line we had modified to accommodate configurable character count. Kept our change.
2023-02-01Bump redcarpet from 3.5.1 to 3.6.0 (#23339)dependabot[bot]
Bumps [redcarpet](https://github.com/vmg/redcarpet) from 3.5.1 to 3.6.0. - [Release notes](https://github.com/vmg/redcarpet/releases) - [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md) - [Commits](https://github.com/vmg/redcarpet/compare/v3.5.1...v3.6.0) --- updated-dependencies: - dependency-name: redcarpet dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01Bump aws-sdk-s3 from 1.118.0 to 1.119.0 (#23341)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.118.0 to 1.119.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01Bump simple_form from 5.1.0 to 5.2.0 (#23328)dependabot[bot]
Bumps [simple_form](https://github.com/heartcombo/simple_form) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/heartcombo/simple_form/releases) - [Changelog](https://github.com/heartcombo/simple_form/blob/main/CHANGELOG.md) - [Commits](https://github.com/heartcombo/simple_form/compare/v5.1.0...v5.2.0) --- updated-dependencies: - dependency-name: simple_form dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-31Bump gitlab-omniauth-openid-connect from 0.10.0 to 0.10.1 (#23241)dependabot[bot]
Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect) from 0.10.0 to 0.10.1. - [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags) - [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.10.0...v0.10.1) --- updated-dependencies: - dependency-name: gitlab-omniauth-openid-connect dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30Bump aws-sdk-s3 from 1.117.2 to 1.118.0 (#23202)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.117.2 to 1.118.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-24Merge branch 'main' into glitch-soc/merge-upstreamClaire
2023-01-22fix(pghero): update because CVE-2023-22626 (#23190)Kaspar V
There is a vulnerability [CVE-2023-22626](https://github.com/advisories/GHSA-vf99-xw26-86g5) ``` Name: pghero Version: 2.8.3 CVE: CVE-2023-22626 GHSA: GHSA-vf99-xw26-86g5 Criticality: High URL: https://github.com/ankane/pghero/issues/439 Title: Information Disclosure Through EXPLAIN Feature Solution: upgrade to '>= 3.1.0' ```
2023-01-18Merge branch 'main' into glitch-soc/mergeClaire
2023-01-18Bump rack from 2.2.5 to 2.2.6.2 (#23142)dependabot[bot]
Bumps [rack](https://github.com/rack/rack) from 2.2.5 to 2.2.6.2. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.5...v2.2.6.2) --- updated-dependencies: - dependency-name: rack dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-18Bump nokogiri from 1.13.10 to 1.14.0 (#23128)dependabot[bot]
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.10 to 1.14.0. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.10...v1.14.0) --- updated-dependencies: - dependency-name: nokogiri dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-05Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream updated its README, while we have a completely different one. Kept our README. - `app/controllers/concerns/web_app_controller_concern.rb`: Conflict because of glitch-soc's theming system. Additionally, glitch-soc has different behavior regarding moved accounts. Ported some of the changes, but kept our overall behavior. - `app/javascript/packs/admin.js`: Code changes actually applied to `app/javascript/core/admin.js`
2023-01-04Remove microformats gem dependency (#22923)Aaron Patterson
Looks like this gem was introduced as a dependency in 89707ad0ac for testing Miroformat output. The last test using the Microformats gem was removed in 62782babd08bc2385a604e275bf88af925d137c1, so I think it is safe to remove this dependency. For context, you [can't install the microformats gem with Ruby 3.2](https://github.com/microformats/microformats-ruby/pull/131), so we can't currently bundle Mastodon with Ruby 3.2. But since we don't really need this gem, we can just remove it and unblock Ruby 3.2
2023-01-02Merge branch 'main' into glitch-soc/mergeClaire
2022-12-27Bump redis-namespace from 1.9.0 to 1.10.0 (#22765)dependabot[bot]
Bumps [redis-namespace](https://github.com/resque/redis-namespace) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/resque/redis-namespace/releases) - [Changelog](https://github.com/resque/redis-namespace/blob/master/CHANGELOG.md) - [Commits](https://github.com/resque/redis-namespace/compare/v1.9...v1.10.0) --- updated-dependencies: - dependency-name: redis-namespace dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-27Bump rack from 2.2.4 to 2.2.5 (#22777)dependabot[bot]
Bumps [rack](https://github.com/rack/rack) from 2.2.4 to 2.2.5. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/2.2.4...v2.2.5) --- updated-dependencies: - dependency-name: rack dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-27Bump simplecov from 0.21.2 to 0.22.0 (#22773)dependabot[bot]
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.21.2 to 0.22.0. - [Release notes](https://github.com/simplecov-ruby/simplecov/releases) - [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md) - [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.21.2...v0.22.0) --- updated-dependencies: - dependency-name: simplecov dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-27Bump faker from 3.0.0 to 3.1.0 (#22762)dependabot[bot]
Bumps [faker](https://github.com/faker-ruby/faker) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/faker-ruby/faker/releases) - [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md) - [Commits](https://github.com/faker-ruby/faker/compare/v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: faker dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-21Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-12-20Bump scenic from 1.6.0 to 1.7.0 (#22258)dependabot[bot]
Bumps [scenic](https://github.com/scenic-views/scenic) from 1.6.0 to 1.7.0. - [Release notes](https://github.com/scenic-views/scenic/releases) - [Changelog](https://github.com/scenic-views/scenic/blob/main/CHANGELOG.md) - [Commits](https://github.com/scenic-views/scenic/compare/v1.6.0...v1.7.0) --- updated-dependencies: - dependency-name: scenic dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20Bump pundit from 2.2.0 to 2.3.0 (#22516)dependabot[bot]
Bumps [pundit](https://github.com/varvet/pundit) from 2.2.0 to 2.3.0. - [Release notes](https://github.com/varvet/pundit/releases) - [Changelog](https://github.com/varvet/pundit/blob/main/CHANGELOG.md) - [Commits](https://github.com/varvet/pundit/commits) --- updated-dependencies: - dependency-name: pundit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20Bump fog-core from 2.1.0 to 2.3.0 (#22521)dependabot[bot]
Bumps [fog-core](https://github.com/fog/fog-core) from 2.1.0 to 2.3.0. - [Release notes](https://github.com/fog/fog-core/releases) - [Changelog](https://github.com/fog/fog-core/blob/master/changelog.md) - [Commits](https://github.com/fog/fog-core/compare/v2.1.0...v2.3.0) --- updated-dependencies: - dependency-name: fog-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-15Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Discarded upstream changes: we have our own README - `app/controllers/follower_accounts_controller.rb`: Port upstream's minor refactoring
2022-12-15linting: RuboCop update, config fixes (#20574)Kaspar V
* fix(rubocop): update gems and add performance and rspec fix(rubocop): update gems and add performance and rspec - update present rubocop gems - add rubocop-rspec and rubocop-performance gems - move rubocop gems to gem group :development, :test in order to make linting in a github action that runs with RAILS_ENV=test possible * feat(rubocop): disable some annoyance RSpec cops To mee these prooved to be more annoying than helpful. If not agreed, they can be enabled any time. * fix(rubocop): do not ignore spec/**/* Because rubocop-rspec should lint the specs as well, and they deserve to be readable in general. It is relevant code, after all. * fix(rubocop): change ignore db/**/* to db/schema.rb because rails cops do some lints for migrations. E.g. reversable migrations linting and more. * fix(rubocop): tune rules configs Bunch of commits squashed: fix(rubocop): enable Layout/LineLength cop Because this project has code with line lenghts > 500 chars. This is not good practice at all, so I strongly suggest to change the practice in the future. But allow heredoc, URI and comments to still be long lines and make the default Max: 120 explicit, by repeating it in the config. To me this max length seems reasonable. Perhaps a bit more could be ok for some. But > 500 chars in one line Seems to be way too long IMHO. fix(rubocop): Metrics/CyclomaticComplexity Max to 12 The default is 7, perhaps quite strict. But 25 is too loose, the rule becomes pointless like that. fix(rubocop): AllCops ruby version, cacheing and more info - fix the target ruby version from 2.5 to 3.0 - have the cop error messages to be more informative and helpful - enable cacheing in /tmp fix(rubocop): Metrics/AbcSize to 34 from 115 Rubocops default is 17. If the rule is at 115 is becomes pointless. fix(rubocop): Metrics/BlockLength improvements - instead of ignoring tasks completely, ignore only the long blocks that are specific to tasks (task, namespace) - ignore also concern specific block methods (included, class_methods) fix(rubocop): Metrics/ClassLength count heredoc array as one line fix(rubocop): Metrics/MethodLength Max to 25 - the default is 10, but 65 is too loose, so perhaps 25? fix(rubocop): Metrics/ModuleLength array and heredoc count as one fix(rubocop): Metrics/PerceivedComplexity to 16 from 25 Rubocops default is 8, so how about only doubling that, instead of > than tripple it? fix(rubocop): enable Style/RedundantAssignment Because I think that this rule would never really hurt, but improve code quality and readability. fix(rubocop): enable Style/RescueStandardError I think everyone that ever had to debug what this can bring will hopefully agree that this rule totally makes sense. In the super rare exeptions where this is totally needed, it can be excluded by disabling comment in that place. fix(rubocop): Metrics/ParameterLists add explicit defaults and some excludes
2022-12-15Validate nodeinfo response by schema (#21395)Meisam
* add json-schema to :test in Gemfile * Create node_info_2.0_schema.json * test match_response_schema * Create match_response_schema.rb * Update nodeinfo_controller_spec.rb * Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json * Update match_response_schema.rb * cleanup * additionally validate the json schema itself disable throwing errors test the schema matcher * rename nodeinfo schema to nodeinfo_2.0 * use Rails.root.join to construct the path * prettify json * sync Gemfile.lock
2022-12-07Fix unbounded recursion in account discovery (#22025)Claire
* Fix trying to fetch posts from other users when fetching featured posts * Rate-limit discovery of new subdomains * Put a limit on recursively discovering new accounts
2022-12-04Fix unbounded recursion in account discovery (#1994)Claire
* Fix trying to fetch posts from other users when fetching featured posts * Rate-limit discovery of new subdomains * Put a limit on recursively discovering new accounts
2022-12-04Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-12-03Bump faker from 2.23.0 to 3.0.0 (#20039)dependabot[bot]
Bumps [faker](https://github.com/faker-ruby/faker) from 2.23.0 to 3.0.0. - [Release notes](https://github.com/faker-ruby/faker/releases) - [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md) - [Commits](https://github.com/faker-ruby/faker/compare/v2.23.0...v3.0.0) --- updated-dependencies: - dependency-name: faker dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02Bump stoplight from 3.0.0 to 3.0.1 (#21953)dependabot[bot]
Bumps [stoplight](https://github.com/orgsync/stoplight) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/orgsync/stoplight/releases) - [Changelog](https://github.com/bolshakov/stoplight/blob/master/CHANGELOG.md) - [Commits](https://github.com/orgsync/stoplight/commits) --- updated-dependencies: - dependency-name: stoplight dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02Bump pkg-config from 1.4.9 to 1.5.1 (#21820)dependabot[bot]
Bumps [pkg-config](https://github.com/ruby-gnome/pkg-config) from 1.4.9 to 1.5.1. - [Release notes](https://github.com/ruby-gnome/pkg-config/releases) - [Changelog](https://github.com/ruby-gnome/pkg-config/blob/master/NEWS) - [Commits](https://github.com/ruby-gnome/pkg-config/compare/1.4.9...1.5.1) --- updated-dependencies: - dependency-name: pkg-config dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>