[bundler] Bump the rails group with 2 updates #26

dependabot · 2025-10-22T14:12:50Z

Bumps the rails group with 2 updates: activesupport and activemodel.

Updates activesupport from 8.0.3 to 8.1.0

Release notes

Sourced from activesupport's releases.

8.1.0

Active Support

Remove deprecated passing a Time object to Time#since.

Rafael Mendonça França

Remove deprecated Benchmark.ms method. It is now defined in the benchmark gem.

Rafael Mendonça França

Remove deprecated addition for Time instances with ActiveSupport::TimeWithZone.

Rafael Mendonça França

Remove deprecated support for to_time to preserve the system local time. It will now always preserve the receiver timezone.

Rafael Mendonça França

Deprecate config.active_support.to_time_preserves_timezone.

Rafael Mendonça França

Standardize event name formatting in assert_event_reported error messages.

The event name in failure messages now uses .inspect (e.g., name: "user.created") to match assert_events_reported and provide type clarity between strings and symbols. This only affects tests that assert on the failure message format itself.

George Ma

Fix Enumerable#sole to return the full tuple instead of just the first element of the tuple.

Olivier Bellone

Fix parallel tests hanging when worker processes die abruptly.

Previously, if a worker process was killed (e.g., OOM killed, kill -9) during parallel test execution, the test suite would hang forever waiting for the dead worker.

Joshua Young

Add config.active_support.escape_js_separators_in_json.

Introduce a new framework default to skip escaping LINE SEPARATOR (U+2028) and PARAGRAPH SEPARATOR (U+2029) in JSON.

Historically these characters were not valid inside JavaScript literal strings but that changed in ECMAScript 2019. As such it's no longer a concern in modern browsers: https://caniuse.com/mdn-javascript_builtins_json_json_superset.

... (truncated)

Changelog

Sourced from activesupport's changelog.

Rails 8.1.0 (October 22, 2025)

Remove deprecated passing a Time object to Time#since.

Rafael Mendonça França

Remove deprecated Benchmark.ms method. It is now defined in the benchmark gem.

Rafael Mendonça França

Remove deprecated addition for Time instances with ActiveSupport::TimeWithZone.

Rafael Mendonça França

Remove deprecated support for to_time to preserve the system local time. It will now always preserve the receiver timezone.

Rafael Mendonça França

Deprecate config.active_support.to_time_preserves_timezone.

Rafael Mendonça França

Standardize event name formatting in assert_event_reported error messages.

The event name in failure messages now uses .inspect (e.g., name: "user.created") to match assert_events_reported and provide type clarity between strings and symbols. This only affects tests that assert on the failure message format itself.

George Ma

Fix Enumerable#sole to return the full tuple instead of just the first element of the tuple.

Olivier Bellone

Fix parallel tests hanging when worker processes die abruptly.

Previously, if a worker process was killed (e.g., OOM killed, kill -9) during parallel test execution, the test suite would hang forever waiting for the dead worker.

Joshua Young

Add config.active_support.escape_js_separators_in_json.

Introduce a new framework default to skip escaping LINE SEPARATOR (U+2028) and PARAGRAPH SEPARATOR (U+2029) in JSON.

Historically these characters were not valid inside JavaScript literal strings but that changed in ECMAScript 2019. As such it's no longer a concern in modern browsers: https://caniuse.com/mdn-javascript_builtins_json_json_superset.

Étienne Barrié, Jean Boussier

... (truncated)

Commits

1cdd190 Preparing for 8.1.0 release
096f1c7 Merge pull request #55943 from skipkayhil/hm-oyxvtrxvupxqzprn
1ace683 Preparing for 8.1.0.rc1 release
d156ee0 Merge pull request #55871 from Shopify/refresh_event_reporter
48ca2f8 Load core extensions with require_relative
a855714 Remove deprecated passing a Time object to Time#since
632b2c5 Remove deprecated Benchmark.ms method. It is now defined in the benchmark...
93d370c Remove deprecated addition for Time instances with `ActiveSupport::TimeWith...
c79dc28 Remove deprecated support for to_time to preserve the system local time
a32f123 Allow event payload filter to update after app configuration
Additional commits viewable in compare view

Updates activemodel from 8.0.3 to 8.1.0

Release notes

Sourced from activemodel's releases.

8.1.0

Active Support

Remove deprecated passing a Time object to Time#since.

Rafael Mendonça França

Remove deprecated Benchmark.ms method. It is now defined in the benchmark gem.

Rafael Mendonça França

Remove deprecated addition for Time instances with ActiveSupport::TimeWithZone.

Rafael Mendonça França

Remove deprecated support for to_time to preserve the system local time. It will now always preserve the receiver timezone.

Rafael Mendonça França

Deprecate config.active_support.to_time_preserves_timezone.

Rafael Mendonça França

Standardize event name formatting in assert_event_reported error messages.

The event name in failure messages now uses .inspect (e.g., name: "user.created") to match assert_events_reported and provide type clarity between strings and symbols. This only affects tests that assert on the failure message format itself.

George Ma

Fix Enumerable#sole to return the full tuple instead of just the first element of the tuple.

Olivier Bellone

Fix parallel tests hanging when worker processes die abruptly.

Previously, if a worker process was killed (e.g., OOM killed, kill -9) during parallel test execution, the test suite would hang forever waiting for the dead worker.

Joshua Young

Add config.active_support.escape_js_separators_in_json.

Introduce a new framework default to skip escaping LINE SEPARATOR (U+2028) and PARAGRAPH SEPARATOR (U+2029) in JSON.

Historically these characters were not valid inside JavaScript literal strings but that changed in ECMAScript 2019. As such it's no longer a concern in modern browsers: https://caniuse.com/mdn-javascript_builtins_json_json_superset.

... (truncated)

Changelog

Sourced from activemodel's changelog.

Rails 8.1.0 (October 22, 2025)
Add reset_token: { expires_in: ... } option to has_secure_password.

Allows configuring the expiry duration of password reset tokens (default remains 15 minutes for backwards compatibility).
has_secure_password reset_token: { expires_in: 1.hour }
Jevin Sew, Abeid Ahmed
Add except_on: option for validation callbacks.

Ben Sheldon
Backport ActiveRecord::Normalization to ActiveModel::Attributes::Normalization
class User
  include ActiveModel::Attributes
  include ActiveModel::Attributes::Normalization
attribute :email, :string
normalizes :email, with: -> email { email.strip.downcase }
end
user = User.new
user.email =    " CRUISE-CONTROL@EXAMPLE.COM\n"
user.email # => "cruise-control@example.com"
Sean Doyle
Please check 8-0-stable for previous changes.

Commits

1cdd190 Preparing for 8.1.0 release
1ace683 Preparing for 8.1.0.rc1 release
b182bc6 Give credit to the first author of this feature
d0486d0 Merge pull request #55574 from jevin/feature/reset-password-token-duration
ee29930 ActiveModel::SecurePassword: configurable reset token expiry
2446a70 Removing the string option for validations
80827ca Preparing for 8.1.0.beta1 release
842200c Use comment for example return values [ci-skip]
9a10a82 Replace "mailing list" with "forum" [ci-skip]
aa69684 Link using rdoc-ref instead of rdoc-label [ci-skip]
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the rails group with 2 updates: [activesupport](https://github.com/rails/rails) and [activemodel](https://github.com/rails/rails). Updates `activesupport` from 8.0.3 to 8.1.0 - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v8.1.0/activesupport/CHANGELOG.md) - [Commits](rails/rails@v8.0.3...v8.1.0) Updates `activemodel` from 8.0.3 to 8.1.0 - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v8.1.0/activemodel/CHANGELOG.md) - [Commits](rails/rails@v8.0.3...v8.1.0) --- updated-dependencies: - dependency-name: activesupport dependency-version: 8.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rails - dependency-name: activemodel dependency-version: 8.1.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: rails ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Oct 22, 2025

This was referenced Oct 22, 2025

[bundler] Bump activemodel from 8.0.3 to 8.1.0 #23

Closed

[bundler] Bump activesupport from 8.0.3 to 8.1.0 #24

Closed

dependabot bot force-pushed the dependabot/bundler/rails-09eea5f297 branch from 7369a44 to d4d192e Compare October 22, 2025 15:44

dependabot bot force-pushed the dependabot/bundler/rails-09eea5f297 branch from d4d192e to ed6acca Compare November 13, 2025 13:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[bundler] Bump the rails group with 2 updates #26

[bundler] Bump the rails group with 2 updates #26

Uh oh!

dependabot bot commented on behalf of github Oct 22, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

[bundler] Bump the rails group with 2 updates #26

Are you sure you want to change the base?

[bundler] Bump the rails group with 2 updates #26

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 22, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

8.1.0

Active Support

Rails 8.1.0 (October 22, 2025)

8.1.0

Active Support

Rails 8.1.0 (October 22, 2025)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Oct 22, 2025 •

edited

Loading