Bump rack-mini-profiler from 0.10.5 to 1.1.4

[dependabot-preview]

Bumps rack-mini-profiler from 0.10.5 to 1.1.4.

Changelog

Sourced from rack-mini-profiler's changelog.

1.1.4 - 2019-12-12

• [SECURITY] carefully crafted SQL could cause an XSS on sites that do not use CSPs

1.1.3 - 2019-10-28

• [FEATURE] precompile all templates to avoid need for unsafe-eval

1.1.2 - 2019-10-24

• [FIX] JS payload was not working on IE11 and leading to errors
• [FIX] Remove global singleton_class which was injected
• [FIX] Regressions post removal of jQuery

1.1.1 - 2019-10-22

• [FIX] correct JavaScript fetch support header iteration (Jorge Manrubia)

1.1.0 - 2019-10-01

• [FEATURE] remove jQuery dependency, switch template library to dot.js
• [FEATURE] disable all sensitive debugging methods by default (env, memory profiling) can be enabled with enable_advanced_debugging_tools.
• [FIX] when conditionally requiring rack mini profiler, asset precompile could fail
• [FEATURE] /rack-mini-profiler/requests can be used to monitor all requests for apps that do not have a UI (like API apps)
• [SECURITY] XSS injection in ?pp=help via rogue uri

1.0.2 - 2019-02-05

• [FIX] correct script injection to work with Rails 6 and above

1.0.1 - 2018-12-10

• [FIX] add support for exec_params instrumentation in PG, this method as of PG 1.1.0 no longer
  routes calls to exec / async_exec
• [FIX] add missing started_at on requests
• [UX] amend colors so we pass lighthouse
• [FEATURE] fetch API support
• [FIX] getEntriesByName is missing in iOS, workaround
• [FEATURE] drop support for Ruby 2.2.0 we require 2.3.0 and up (EOL Ruby no longer supported)

1.0.0 - 2018-03-29

• [BREAKING CHANGE] Ruby version 2.2.0 or later is required
• [FEATURE] use new web performance API to avoid warning @​MikeRogers0
• [FEATURE] store hidden pref regarding showing mini profiler in session @​MikeRogers0
• [FIX] correct jQuery 3.0 deprecations @​TiSer
• [FIX] JS in IFRAME @​naiyt

0.10.8 - 2017-12-01

... (truncated)

Commits

• 0a747e5 bump asset version for build
• b9eb875 update changelog to include info about 1.1.4
• e7ad766 SECURITY: prevent XSS from malicious SQL query (#426)
• 6e32b8c DEV: using be_within matcher to avoid float rounding issues by calling to_i (...
• 6fcd49b require rubocop higher than 0.77.0 due to breaking copname changes (#424)
• 4d06679 adding rubocop-discourse and fixing Style/RedundantReturn offenses (#421)
• c7ddce2 Typo (#420)
• 39e7874 Fix grammar in README (#419)
• c5dc08c Update Redis example configuration (#417)
• 3be0211 Standardize CHANGELOG headings (#416)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #101.