Skip to content

Bump prism from 0.22.0 to 1.3.0#381

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/prism-1.3.0
Closed

Bump prism from 0.22.0 to 1.3.0#381
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/prism-1.3.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Dec 23, 2024
edited
Loading

Bumps prism from 0.22.0 to 1.3.0.

Release notes

Sourced from prism's releases.

v1.3.0

Added

  • Introduce Prism::StringQuery.
  • Introduce Prism::Relocation.
  • Track do keyword for WhileNode and UntilNode.
  • Change the way the gem is built to rely on mkmf instead of make.
  • Lots more documentation on node fields.

Changed

  • Properly add an error for def @foo; end.
  • Properly add an error for foo(**, *).
  • Fix up regression in string parsing in RubyParser translation.
  • Reject invalid dot method call after match expression.
  • Reject invalid operator after match expression.
  • Fix up %-literals delimited by newlines.
  • Properly add an error for -> { _1; -> { _1 } }.
  • Reject blocks and keywords in index writes.

v1.2.0

Added

  • Introduce Prism::CodeUnitsCache.

Changed

  • Properly handle lexing global variables that begin with $-.
  • Properly reject invalid multi writes within parentheses.
  • Fix unary * binding power.
  • Set contains_keywords flag for implicit gets calls when -p is used.
  • Properly reject invalid non-associative operator patterns.
  • Do not warn about unused variables declared on negative lines.

v1.1.0

Added

  • Explicitly type each child node field in the Ruby API.
  • Add the main_script option to the parse APIs, which controls whether or not shebangs are considered.
  • Add the partial_script options to the parse APIs, which controls whether or not jumps that would otherwise be considered invalid are allowed. This is useful for parsing things like ERB sources, where you know it will be evaluated in a different context. Note that this functionality is replacing the previous idiom of passing in a list of scopes to indicate an eval context, because that behavior has changed upstream in ruby/ruby.
  • Add ArgumentsNode#contains_multiple_splats?.
  • Add ArgumentsNode#contains_forwarding?.
  • Accept all valid Ruby versions for the version option on parse APIs.
  • Accept version shorthands like "3.3" and "3.4" for the version option on parse APIs.
  • Support a max depth to protect against malicious payloads without hitting the stack limit.

Changed

  • Fix some token incompatibilities in the parser translation.
  • Fix up parsing tempfiles on Windows.

... (truncated)

Changelog

Sourced from prism's changelog.

[1.3.0] - 2024-12-21

Added

  • Introduce Prism::StringQuery.
  • Introduce Prism::Relocation.
  • Track do keyword for WhileNode and UntilNode.
  • Change the way the gem is built to rely on mkmf instead of make.
  • Lots more documentation on node fields.

Changed

  • Properly add an error for def @foo; end.
  • Properly add an error for foo(**, *).
  • Fix up regression in string parsing in RubyParser translation.
  • Reject invalid dot method call after match expression.
  • Reject invalid operator after match expression.
  • Fix up %-literals delimited by newlines.
  • Properly add an error for -> { _1; -> { _1 } }.
  • Reject blocks and keywords in index writes.

[1.2.0] - 2024-10-10

Added

  • Introduce Prism::CodeUnitsCache.

Changed

  • Properly handle lexing global variables that begin with $-.
  • Properly reject invalid multi writes within parentheses.
  • Fix unary * binding power.
  • Set contains_keywords flag for implicit gets calls when -p is used.
  • Properly reject invalid non-associative operator patterns.
  • Do not warn about unused variables declared on negative lines.

[1.1.0] - 2024-10-02

Added

  • Explicitly type each child node field in the Ruby API.
  • Add the main_script option to the parse APIs, which controls whether or not shebangs are considered.
  • Add the partial_script options to the parse APIs, which controls whether or not jumps that would otherwise be considered invalid are allowed. This is useful for parsing things like ERB sources, where you know it will be evaluated in a different context. Note that this functionality is replacing the previous idiom of passing in a list of scopes to indicate an eval context, because that behavior has changed upstream in ruby/ruby.
  • Add ArgumentsNode#contains_multiple_splats?.
  • Add ArgumentsNode#contains_forwarding?.
  • Accept all valid Ruby versions for the version option on parse APIs.
  • Accept version shorthands like "3.3" and "3.4" for the version option on parse APIs.
  • Support a max depth to protect against malicious payloads without hitting the stack limit.

Changed

... (truncated)

Commits
  • 439fd97 Merge pull request #3335 from ruby/bump-version
  • b2874df Use 2.7 Gemfile for template CI
  • a679ee0 Bump to v1.3.0
  • e1e5b55 Merge pull request #3334 from ruby/fallthrough-fallback
  • cc810b1 Fallthrough fallback for unknown compilers
  • d869d7e Merge pull request #3333 from ruby/update-deps
  • 6874d78 Bump Ruby dependencies
  • b1a508b Merge pull request #3332 from ruby/dependabot/bundler/gemfiles/typecheck/test...
  • dca90d8 Merge pull request #3327 from ruby/dependabot/bundler/gemfiles/3.0/test-unit-...
  • 0d6b5fc Bump test-unit from 3.6.4 to 3.6.7 in /gemfiles/typecheck
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Dec 23, 2024
@dependabot dependabot Bot mentioned this pull request Dec 23, 2024
Closed
@dependabot dependabot Bot force-pushed the dependabot/bundler/prism-1.3.0 branch from 22b10a8 to f6dc605 Compare December 23, 2024 03:13
@dependabot
Bump prism from 0.22.0 to 1.3.0
39e9e48 
Bumps [prism](https://github.com/ruby/prism) from 0.22.0 to 1.3.0.
- [Release notes](https://github.com/ruby/prism/releases)
- [Changelog](https://github.com/ruby/prism/blob/main/CHANGELOG.md)
- [Commits](ruby/prism@v0.22.0...v1.3.0)

---
updated-dependencies:
- dependency-name: prism
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/prism-1.3.0 branch from f6dc605 to 39e9e48 Compare December 23, 2024 03:14
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 19, 2025

Superseded by #422.

@dependabot dependabot Bot closed this Mar 19, 2025
@dependabot dependabot Bot deleted the dependabot/bundler/prism-1.3.0 branch March 19, 2025 02:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants