Bump activesupport, middleman and rubocop-govuk

[dependabot]

Bumps activesupport, middleman and rubocop-govuk. These dependencies needed to be updated together.
Updates activesupport from 7.0.8.7 to 8.0.2

Release notes

Sourced from activesupport's releases.

8.0.2

Active Support

• Fix setting to_time_preserves_timezone from new_framework_defaults_8_0.rb.

  fatkodima

• Fix Active Support Cache fetch_multi when local store is active.

  fetch_multi now properly yield to the provided block for missing entries that have been recorded as such in the local store.

  Jean Boussier

• Fix execution wrapping to report all exceptions, including Exception.

  If a more serious error like SystemStackError or NoMemoryError happens, the error reporter should be able to report these kinds of exceptions.

  Gannon McGibbon

• Fix RedisCacheStore and MemCacheStore to also handle connection pool related errors.

  These errors are rescued and reported to Rails.error.

  Jean Boussier

• Fix ActiveSupport::Cache#read_multi to respect version expiry when using local cache.

  zzak

• Fix ActiveSupport::MessageVerifier and ActiveSupport::MessageEncryptor configuration of on_rotation callback.

  verifier.rotate(old_secret).on_rotation { ... }

  Now both work as documented.

  Jean Boussier

• Fix ActiveSupport::MessageVerifier to always be able to verify both URL-safe and URL-unsafe payloads.

  This is to allow transitioning seemlessly from either configuration without immediately invalidating all previously generated signed messages.

  Jean Boussier, Florent Beaurain, Ali Sepehri

• Fix cache.fetch to honor the provided expiry when :race_condition_ttl is used.

... (truncated)

Changelog

Sourced from activesupport's changelog.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• Fix setting to_time_preserves_timezone from new_framework_defaults_8_0.rb.

  fatkodima

• Fix Active Support Cache fetch_multi when local store is active.

  fetch_multi now properly yield to the provided block for missing entries that have been recorded as such in the local store.

  Jean Boussier

• Fix execution wrapping to report all exceptions, including Exception.

  If a more serious error like SystemStackError or NoMemoryError happens, the error reporter should be able to report these kinds of exceptions.

  Gannon McGibbon

• Fix RedisCacheStore and MemCacheStore to also handle connection pool related errors.

  These errors are rescued and reported to Rails.error.

  Jean Boussier

• Fix ActiveSupport::Cache#read_multi to respect version expiry when using local cache.

  zzak

• Fix ActiveSupport::MessageVerifier and ActiveSupport::MessageEncryptor configuration of on_rotation callback.

  verifier.rotate(old_secret).on_rotation { ... }

  Now both work as documented.

  Jean Boussier

• Fix ActiveSupport::MessageVerifier to always be able to verify both URL-safe and URL-unsafe payloads.

  This is to allow transitioning seemlessly from either configuration without immediately invalidating all previously generated signed messages.

... (truncated)

Commits

• 3235827 Preparing for 8.0.2 release
• e2b9a41 Sync CHANGELOG
• c34be20 Merge pull request #54646 from Edouard-chin/ec-current-attribute-fix
• c3ad0af Merge pull request #54641 from etiennebarrie/json-doc
• 6644442 Merge pull request #54617 from byroot/move-strict-warnings
• dae2bea Merge pull request #54586 from byroot/local-store-fetch-multi-recorded-miss
• e11c613 Use ::new instead of #initialize for ghost methods [ci-skip]
• d1ad075 Add MessageVerifiers#rotate block form signature [ci-skip]
• 69867ec Use delete_prefix in add_filter example [ci-skip]
• b2fced8 Autolink Enumerable::SoleItemExpectedError [ci-skip]
• Additional commits viewable in compare view

Updates middleman from 4.5.0 to 4.6.0

Changelog

Sourced from middleman's changelog.

4.6.0

• Update Rubies matrix support (add: 3.3 and 3.4, remove: 2.5, 2.6)
• Allow users to use newer versions of Active Support (#2670, #2797)
• Update Uglifier (#2671)
• Unlock Contracts version restriction (#2687)
• Delete unnecessary "backports" runtime dep (#2751)
• Move runtime deps to middleman-core gem (#2750)
• Allow to use newer Liquid versions in Ruby 3+ (#2771)
• Downcase Rack headers (#2706)
• Support Rack 3 (#2776)
• Support newer Tilt versions (#2772, #2774, #2775)
• Support Slim 5 and remove Less support (#2777)
• Internal clean up (#2749, #2782, #2736, #2742)

4.5.1

• Lock thor dependency to 1.2.x

Commits

• 09f0e7f Bump Gemfile.lock
• 003df88 Prepare new release v4.6.0 (#2804)
• 88d8894 Bump liquid from 5.7.2 to 5.7.3 (#2803)
• 0874e02 Bump nokogiri from 1.18.1 to 1.18.3 (#2802)
• d5d6c6b Bump rack from 3.1.9 to 3.1.10 (#2801)
• 68b3cc5 Bump liquid from 5.7.1 to 5.7.2 (#2799)
• 50d625e Bump rack from 3.1.8 to 3.1.9 (#2798)
• 18e328a [deps] allow newer Active Support versions for Ruby 3.2+ (#2797)
• 3904e5e Bump tilt from 2.5.0 to 2.6.0 (#2795)
• 2be85b1 Bump liquid from 5.7.0 to 5.7.1 (#2796)
• Additional commits viewable in compare view

Updates rubocop-govuk from 5.0.9 to 5.0.10

Changelog

Sourced from rubocop-govuk's changelog.

5.0.10

• Update dependencies

Commits

• b704d5c Merge pull request #470 from alphagov/release-5.0.10
• 3d06df2 Release v5.0.10
• c85e785 Merge pull request #469 from alphagov/dependabot/bundler/rubocop-capybara-eq-...
• 9ffab33 Update rubocop-capybara requirement from = 2.21.0 to = 2.22.0
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.