Skip to content

Bump prism from 0.22.0 to 1.2.0#345

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/prism-1.2.0
Closed

Bump prism from 0.22.0 to 1.2.0#345
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/prism-1.2.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Oct 11, 2024
edited
Loading

Bumps prism from 0.22.0 to 1.2.0.

Release notes

Sourced from prism's releases.

v1.2.0

Added

  • Introduce Prism::CodeUnitsCache.

Changed

  • Properly handle lexing global variables that begin with $-.
  • Properly reject invalid multi writes within parentheses.
  • Fix unary * binding power.
  • Set contains_keywords flag for implicit gets calls when -p is used.
  • Properly reject invalid non-associative operator patterns.
  • Do not warn about unused variables declared on negative lines.

v1.1.0

Added

  • Explicitly type each child node field in the Ruby API.
  • Add the main_script option to the parse APIs, which controls whether or not shebangs are considered.
  • Add the partial_script options to the parse APIs, which controls whether or not jumps that would otherwise be considered invalid are allowed. This is useful for parsing things like ERB sources, where you know it will be evaluated in a different context. Note that this functionality is replacing the previous idiom of passing in a list of scopes to indicate an eval context, because that behavior has changed upstream in ruby/ruby.
  • Add ArgumentsNode#contains_multiple_splats?.
  • Add ArgumentsNode#contains_forwarding?.
  • Accept all valid Ruby versions for the version option on parse APIs.
  • Accept version shorthands like "3.3" and "3.4" for the version option on parse APIs.
  • Support a max depth to protect against malicious payloads without hitting the stack limit.

Changed

  • Fix some token incompatibilities in the parser translation.
  • Fix up parsing tempfiles on Windows.
  • Fix up handling UTF-8 characters in file paths on Windows.
  • Do not warn for a \r at the end of a shebang on Windows.
  • Properly handle erroring for parsing a directory on Windows.
  • When a numbered reference is out of range, warn instead of raise.
  • Allow returns in default parameter values.
  • Reject many more invalid syntax patterns.

v1.0.0

Added

  • Add Node#breadth_first_search.
  • Add Node#node_id.
  • Add ArgumentsNode#contains_splat?.
  • Passing the special value false for the encoding option tells Prism to ignore magic encoding comments.
  • Expose flags on every node type (allows checking static literal and newline).
  • Implement mismatched indentation warning.
  • Add C API for receiving a callback when parsing shebangs with additional flags.

Changed

... (truncated)

Changelog

Sourced from prism's changelog.

[1.2.0] - 2024-10-10

Added

  • Introduce Prism::CodeUnitsCache.

Changed

  • Properly handle lexing global variables that begin with $-.
  • Properly reject invalid multi writes within parentheses.
  • Fix unary * binding power.
  • Set contains_keywords flag for implicit gets calls when -p is used.
  • Properly reject invalid non-associative operator patterns.
  • Do not warn about unused variables declared on negative lines.

[1.1.0] - 2024-10-02

Added

  • Explicitly type each child node field in the Ruby API.
  • Add the main_script option to the parse APIs, which controls whether or not shebangs are considered.
  • Add the partial_script options to the parse APIs, which controls whether or not jumps that would otherwise be considered invalid are allowed. This is useful for parsing things like ERB sources, where you know it will be evaluated in a different context. Note that this functionality is replacing the previous idiom of passing in a list of scopes to indicate an eval context, because that behavior has changed upstream in ruby/ruby.
  • Add ArgumentsNode#contains_multiple_splats?.
  • Add ArgumentsNode#contains_forwarding?.
  • Accept all valid Ruby versions for the version option on parse APIs.
  • Accept version shorthands like "3.3" and "3.4" for the version option on parse APIs.
  • Support a max depth to protect against malicious payloads without hitting the stack limit.

Changed

  • Fix some token incompatibilities in the parser translation.
  • Fix up parsing tempfiles on Windows.
  • Fix up handling UTF-8 characters in file paths on Windows.
  • Do not warn for a \r at the end of a shebang on Windows.
  • Properly handle erroring for parsing a directory on Windows.
  • When a numbered reference is out of range, warn instead of raise.
  • Allow returns in default parameter values.
  • Reject many more invalid syntax patterns.

[1.0.0] - 2024-08-28

Added

  • Add Node#breadth_first_search.
  • Add Node#node_id.
  • Add ArgumentsNode#contains_splat?.
  • Passing the special value false for the encoding option tells Prism to ignore magic encoding comments.
  • Expose flags on every node type (allows checking static literal and newline).
  • Implement mismatched indentation warning.
  • Add C API for receiving a callback when parsing shebangs with additional flags.

... (truncated)

Commits
  • b08e569 Merge pull request #3177 from ruby/version
  • 2745c81 Short-circuit if possible for start line and unused warning
  • 817a8e3 Bump to v1.2.0
  • ba89182 Merge pull request #3173 from ruby/code-units-cache
  • e6794e6 Merge pull request #3176 from ruby/negative-lines
  • 2e3e1a4 Prism::CodeUnitsCache
  • 27e91f2 Do not warn for unused variables on negative lines
  • 18ce4f8 Merge pull request #3175 from ruby/reject-invalid-splat
  • 3a0b1c6 Reject invalid splat as last statement of parentheses
  • 3ea7da2 Merge pull request #3174 from Shopify/update-rescue-node-doc
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Oct 11, 2024
@dependabot dependabot Bot mentioned this pull request Oct 11, 2024
Closed
@dependabot dependabot Bot force-pushed the dependabot/bundler/prism-1.2.0 branch from 4b4cb70 to 1fc31c3 Compare November 9, 2024 18:33
@dependabot
Bump prism from 0.22.0 to 1.2.0
1b54841 
Bumps [prism](https://github.com/ruby/prism) from 0.22.0 to 1.2.0.
- [Release notes](https://github.com/ruby/prism/releases)
- [Changelog](https://github.com/ruby/prism/blob/main/CHANGELOG.md)
- [Commits](ruby/prism@v0.22.0...v1.2.0)

---
updated-dependencies:
- dependency-name: prism
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/prism-1.2.0 branch from 1fc31c3 to 1b54841 Compare November 9, 2024 18:34
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Dec 23, 2024

Superseded by #381.

@dependabot dependabot Bot closed this Dec 23, 2024
@dependabot dependabot Bot deleted the dependabot/bundler/prism-1.2.0 branch December 23, 2024 02:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants