rack-cloudflare_middleware 1.2.3 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2609ebe8665618548d47b46498870d9a8c1e5331caea52cc947dd1cad87a8fc7
-  data.tar.gz: aaa6de3fdab8d9ca9818ce5e6f7d4ae3641cd83b489fd287fa7e4d67f7acd91b
+  metadata.gz: 22757d992eeecdb17309877680ce87ff3f276c3feee9204f74e268b8f7a191c1
+  data.tar.gz: f6ed538c9de7682d91113ea40204a29e2c933f4d4da5d88716ca4c69121e1541
 SHA512:
-  metadata.gz: 4c0e453400a747e25b00364d05f9a8278e2b408532599e32d551d463f204995b5dcabfb91230512ee48bde649d39227b454bbacfc4beead1e8ff23f4b18d0486
-  data.tar.gz: ccccb2ba8e68dacf97b4142e175f1686307937a18b95bea9cb38d0f49afc3a282e3a2efa9973b17eb8c18a92b7e04de07e23e2004f3ede628ed5167550ae50ca
+  metadata.gz: 6f5723f47e69a46e6712ca9e77ceb55d95a31c2a8a3e18daffcd46f751a30f8e044d590f282c749d67917a4dff2b9e055f5f6e089e0736a58f0a3cf40e7aaba8
+  data.tar.gz: 7398eb50105915fbf26825ebc3169b0603aae9ad3a56bbc2449b63bb8d8ca55bac54daea46339fba05fcb900d60f8ba496d72cbde1f1706fcb7693b4a91f3cb0

data/.github/workflows/ci.yml

@@ -16,10 +16,10 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        ruby: ["3.1", "3.2", "3.3", "3.4"]
+        ruby: ["3.2", "3.3", "3.4"]
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Install Ruby and gems
         uses: ruby/setup-ruby@v1
         with:
@@ -35,7 +35,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Install Ruby and gems
         uses: ruby/setup-ruby@v1
         with:
@@ -44,7 +44,7 @@ jobs:
       - name: Bundle Audit Check
         run: bundle exec bundle-audit update && bundle exec bundle-audit check
       - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.12"
       - name: Run pre-commit

data/.github/workflows/release.yml

@@ -9,7 +9,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Install Ruby and gems
         uses: ruby/setup-ruby@v1
         with:

data/CHANGELOG.md

@@ -1,4 +1,16 @@
 
+v2.0.0 - 2026-02-19
+-------------------
+- **BREAKING CHANGE**: Dropped support for Ruby 3.1 (EOL as of March 31, 2025)
+- Updated minimum Ruby version requirement from >= 3.1 to >= 3.2
+- This change resolves Dependabot dependency resolution issues with bundler-audit
+- CI now tests against Ruby 3.2, 3.3, and 3.4
+- First major version bump following semantic versioning for breaking changes
+
+v1.2.4 - 2026-02-10
+-------------------
+- Updated Faraday dependency to >= 2.14.1 to address CVE-2026-25765 (SSRF vulnerability)
+
 v1.2.3 - 2025-07-25
 -------------------
 - Libraries updates

data/Gemfile

@@ -4,7 +4,7 @@ source "https://rubygems.org"
 
 gemspec
 
-gem "faraday", "~> 2.13"
+gem "faraday", "~> 2.14"
 gem "rake", "~> 13.3"
 
 group :development, :test do
@@ -13,6 +13,6 @@ group :development, :test do
   gem "rack-test", "~> 2"
   gem "standard", "~> 1"
   gem "pry"
-  gem "webmock", "~> 3.25"
-  gem "bundler-audit", "~> 0.9.2"
+  gem "webmock", "~> 3.26"
+  gem "bundler-audit", "~> 0.9.3"
 end

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    rack-cloudflare_middleware (1.2.3)
+    rack-cloudflare_middleware (2.0.0)
       faraday (>= 1.0, < 3)
       rack (>= 2, < 4)
 
@@ -11,51 +11,55 @@ GEM
     addressable (2.8.7)
       public_suffix (>= 2.0.2, < 7.0)
     ast (2.4.3)
-    bigdecimal (3.1.9)
-    bundler-audit (0.9.2)
-      bundler (>= 1.2.0, < 3)
+    bigdecimal (3.3.1)
+    bundler-audit (0.9.3)
+      bundler (>= 1.2.0)
       thor (~> 1.0)
     coderay (1.1.3)
-    crack (1.0.0)
+    crack (1.0.1)
       bigdecimal
       rexml
     diff-lcs (1.6.2)
-    faraday (2.13.3)
+    faraday (2.14.1)
       faraday-net_http (>= 2.0, < 3.5)
       json
       logger
-    faraday-net_http (3.4.1)
-      net-http (>= 0.5.0)
-    hashdiff (1.1.2)
-    json (2.13.0)
+    faraday-net_http (3.4.2)
+      net-http (~> 0.5)
+    hashdiff (1.2.1)
+    io-console (0.8.2)
+    json (2.18.1)
     language_server-protocol (3.17.0.5)
     lint_roller (1.1.0)
     logger (1.7.0)
     method_source (1.1.0)
-    net-http (0.6.0)
-      uri
+    net-http (0.9.1)
+      uri (>= 0.11.1)
     parallel (1.27.0)
-    parser (3.3.8.0)
+    parser (3.3.10.0)
       ast (~> 2.4.1)
       racc
-    prism (1.4.0)
-    pry (0.15.2)
+    prism (1.6.0)
+    pry (0.16.0)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    public_suffix (6.0.1)
+      reline (>= 0.6.0)
+    public_suffix (6.0.2)
     racc (1.8.1)
-    rack (3.1.16)
+    rack (3.2.4)
     rack-test (2.2.0)
       rack (>= 1.3)
     rainbow (3.1.1)
-    rake (13.3.0)
-    regexp_parser (2.10.0)
-    rexml (3.4.1)
-    rspec (3.13.1)
+    rake (13.3.1)
+    regexp_parser (2.11.3)
+    reline (0.6.3)
+      io-console (~> 0.5)
+    rexml (3.4.4)
+    rspec (3.13.2)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
       rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.4)
+    rspec-core (3.13.6)
       rspec-support (~> 3.13.0)
     rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
@@ -63,11 +67,11 @@ GEM
     rspec-its (2.0.0)
       rspec-core (>= 3.13.0)
       rspec-expectations (>= 3.13.0)
-    rspec-mocks (3.13.5)
+    rspec-mocks (3.13.6)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-support (3.13.4)
-    rubocop (1.75.5)
+    rspec-support (3.13.6)
+    rubocop (1.81.7)
       json (~> 2.3)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.1.0)
@@ -75,10 +79,10 @@ GEM
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 2.9.3, < 3.0)
-      rubocop-ast (>= 1.44.0, < 2.0)
+      rubocop-ast (>= 1.47.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.44.1)
+    rubocop-ast (1.48.0)
       parser (>= 3.3.7.2)
       prism (~> 1.4)
     rubocop-performance (1.25.0)
@@ -86,10 +90,10 @@ GEM
       rubocop (>= 1.75.0, < 2.0)
       rubocop-ast (>= 1.38.0, < 2.0)
     ruby-progressbar (1.13.0)
-    standard (1.50.0)
+    standard (1.52.0)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.0)
-      rubocop (~> 1.75.5)
+      rubocop (~> 1.81.7)
       standard-custom (~> 1.0.0)
       standard-performance (~> 1.8)
     standard-custom (1.0.2)
@@ -99,11 +103,11 @@ GEM
       lint_roller (~> 1.1)
       rubocop-performance (~> 1.25.0)
     thor (1.4.0)
-    unicode-display_width (3.1.4)
-      unicode-emoji (~> 4.0, >= 4.0.4)
-    unicode-emoji (4.0.4)
-    uri (1.0.3)
-    webmock (3.25.1)
+    unicode-display_width (3.2.0)
+      unicode-emoji (~> 4.1)
+    unicode-emoji (4.1.0)
+    uri (1.1.1)
+    webmock (3.26.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
@@ -116,8 +120,8 @@ PLATFORMS
 
 DEPENDENCIES
   bundler (~> 2)
-  bundler-audit (~> 0.9.2)
-  faraday (~> 2.13)
+  bundler-audit (~> 0.9.3)
+  faraday (~> 2.14)
   pry
   rack-cloudflare_middleware!
   rack-test (~> 2)
@@ -125,7 +129,7 @@ DEPENDENCIES
   rspec (~> 3.13)
   rspec-its (~> 2.0)
   standard (~> 1)
-  webmock (~> 3.25)
+  webmock (~> 3.26)
 
 BUNDLED WITH
    2.5.23

data/lib/rack/cloudflare_middleware/version.rb

@@ -2,6 +2,6 @@
 
 module Rack
   module CloudflareMiddleware
-    VERSION = "1.2.3"
+    VERSION = "2.0.0"
   end
 end

data/rack-cloudflare_middleware.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
   end
   spec.require_paths = ["lib"]
 
-  spec.required_ruby_version = ">= 3.1"
+  spec.required_ruby_version = ">= 3.2"
 
   spec.add_dependency "faraday", ">= 1.0", "< 3"
   spec.add_dependency "rack", ">= 2", "< 4"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-cloudflare_middleware
 version: !ruby/object:Gem::Version
-  version: 1.2.3
+  version: 2.0.0
 platform: ruby
 authors:
 - James Brown
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-07-25 00:00:00.000000000 Z
+date: 2026-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -115,7 +115,6 @@ extra_rdoc_files: []
 files:
 - ".github/dependabot.yml"
 - ".github/workflows/ci.yml"
-- ".github/workflows/pull-request-updated.yml"
 - ".github/workflows/release.yml"
 - ".gitignore"
 - ".pre-commit-config.yaml"
@@ -146,7 +145,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.1'
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/.github/workflows/pull-request-updated.yml

@@ -1,32 +0,0 @@
-name: Pull Request Updated
-
-on:
-  pull_request_target:
-    types:
-      - opened
-      - reopened
-      - edited
-
-jobs:
-  tag-for-dependabot:
-    name: Tag Infrastructure For Dependabot
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    runs-on: ubuntu-24.04
-    timeout-minutes: 2
-    permissions:
-      contents: read
-      pull-requests: write
-    steps:
-      - name: Generate a token
-        id: generate_token
-        uses: actions/create-github-app-token@v2
-        with:
-          owner: ${{ github.repository_owner }}
-          repositories: ${{ github.event.repository.name }}
-      - name: Auto Assign infrastructure as reviewer
-        run: gh pr edit "$PR_URL" --add-reviewer "$REVIEWER"
-        env:
-          PR_URL: ${{ github.event.pull_request.html_url }}
-          REVIEWER: instrumentl/infrastructure
-          GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
-          GH_REPO: ${{github.repository}}