Skip to content

build(deps-dev): bump the bundler group with 2 updates#297

Merged
werebus merged 1 commit intomainfrom
dependabot/bundler/bundler-6421a8e663
Mar 23, 2026
Merged

build(deps-dev): bump the bundler group with 2 updates#297
werebus merged 1 commit intomainfrom
dependabot/bundler/bundler-6421a8e663

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Bumps the bundler group with 2 updates: mcp and net-ssh.

Updates mcp from 0.8.0 to 0.9.0

Release notes

Sourced from mcp's releases.

v0.9.0

Added

  • MCP::Client::Stdio transport (#262)
  • Progress notifications per MCP specification (#254)
  • Automatic _meta parameter extraction support (#172)
  • CORS and Accept wildcard support for browser-based MCP clients (#253)

Changed

  • Use autoload to defer loading of unused subsystems (#255)
  • Reduce release package size (#239)

Fixed

  • Return 404 for invalid session ID in handle_regular_request (#257)
  • Use mutex-protected session_exists? in handle_regular_request (#258)
Changelog

Sourced from mcp's changelog.

[0.9.0] - 2026-03-20

Added

  • MCP::Client::Stdio transport (#262)
  • Progress notifications per MCP specification (#254)
  • Automatic _meta parameter extraction support (#172)
  • CORS and Accept wildcard support for browser-based MCP clients (#253)

Changed

  • Use autoload to defer loading of unused subsystems (#255)
  • Reduce release package size (#239)

Fixed

  • Return 404 for invalid session ID in handle_regular_request (#257)
  • Use mutex-protected session_exists? in handle_regular_request (#258)
Commits
  • 910d3ca Merge pull request #264 from koic/release_0_9_0
  • 12922a6 Release 0.9.0
  • 09b4e30 Merge pull request #262 from koic/stdio_client_transport
  • 21eef8d Add MCP::Client::Stdio transport
  • 283c7a4 Merge pull request #260 from koic/use_missing_session_id_response_helper_in_h...
  • 75d03f3 Use missing_session_id_response method in handle_delete
  • f4aab5c Merge pull request #258 from koic/use_mutex_protected_session_exists_predicate
  • be1bbc2 Use mutex-protected session_exists? in handle_regular_request
  • 8823bd3 Merge pull request #257 from koic/return_404_for_invalid_session_id
  • cf1d578 Return 404 for invalid session ID in handle_regular_request
  • Additional commits viewable in compare view

Updates net-ssh from 7.3.1 to 7.3.2

Changelog

Sourced from net-ssh's changelog.

=== 7.3.2 rc2

  • Fix Ruby 2.6 compat: use public_to_der fallback for EC public keys #993
  • Fix test framework hang: preserve StringIO position in idle!

=== 7.3.2 rc1

  • Support frozen strings #958

=== 7.3.0 rc0

  • aes(128|256)gcm #946

=== 7.2.2

  • ruby 3.3.0: base64 fix

=== 7.2.1 rc1

  • feat: allow load of certkey from string #926
  • fix: fix for Socket#recv returning nil on ruby 3.3.0 #928

=== 7.2.0

  • Add debugging information for algorithm of pubkey in use #918

=== 7.2.0 rc1

  • Allow IdentityAgent as option to Net::SSH.start #912

=== 7.2.0 beta1

  • Support chacha20-poly1305@opnessh.com cypher if RbNaCl gem is installed #908

=== 7.1.0

  • Accept pubkey_algorithms option when starting a new connection #891

=== 7.1.0 beta1

  • Don't use the deprecated set_XXX methods on RSA keys. #875
  • Raise error when BCryptPbkdf fails #876

=== 7.0.1

  • Drop leftover debug statement #866

=== 7.0.0

  • BREAKING: Drop support for Ruby 2.5

... (truncated)

Commits
  • c4e128f bump version
  • 719d89e Restore version to 7.3.2.rc1 for proper bump-version release flow
  • c580a4b Revert version to 7.3.2.rc1, restore rc changelog entries
  • a48f4ff bump version
  • 2d4bfdb Release 7.3.2
  • 27e7a42 Update CHANGES.txt for 7.3.2 rc2
  • 802ebea bump version
  • fe1c846 Merge pull request #993 from net-ssh/fix-ecdsa-key-manager-flaky-test
  • 61a675d Fix rubocop: rename param ec -> key (min 3 chars)
  • 39ad224 Fix Ruby 2.6 compat: use public_to_der fallback for EC public keys
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps-dev): bump the bundler group with 2 updates
73b35d9 
Bumps the bundler group with 2 updates: [mcp](https://github.com/modelcontextprotocol/ruby-sdk) and [net-ssh](https://github.com/net-ssh/net-ssh).


Updates `mcp` from 0.8.0 to 0.9.0
- [Release notes](https://github.com/modelcontextprotocol/ruby-sdk/releases)
- [Changelog](https://github.com/modelcontextprotocol/ruby-sdk/blob/main/CHANGELOG.md)
- [Commits](modelcontextprotocol/ruby-sdk@v0.8.0...v0.9.0)

Updates `net-ssh` from 7.3.1 to 7.3.2
- [Changelog](https://github.com/net-ssh/net-ssh/blob/master/CHANGES.txt)
- [Commits](net-ssh/net-ssh@v7.3.1...v7.3.2)

---
updated-dependencies:
- dependency-name: mcp
  dependency-version: 0.9.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: bundler
- dependency-name: net-ssh
  dependency-version: 7.3.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: bundler
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Mar 23, 2026
@werebus werebus merged commit 6618274 into main Mar 23, 2026
4 checks passed
@dependabot dependabot bot deleted the dependabot/bundler/bundler-6421a8e663 branch March 23, 2026 21:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@werebus werebus werebus approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@werebus