chore(deps): bump mini_magick from 4.13.2 to 5.2.0

[dependabot]

Bumps mini_magick from 4.13.2 to 5.2.0.

Release notes

Sourced from mini_magick's releases.

v5.2.0

• Added MiniMagick.restricted_env configuration for stopping IM command from inheriting environment variables from the parent process.
• Fixed "ambiguous * has been interpreted as an argument prefix" warning

v5.1.2

• Add benchmark gem to runtime dependencies

v5.1.1

• Add logger gem to dependencies for Ruby 3.4+.

v5.1.0

• New cli_env configuration was added for setting extra environment variables for every CLI command:

  MiniMagick.configure do |config|
    config.cli_env = { "MAGICK_MEMORY_LIMIT" => "128MiB" }
  end

• New graphicsmagick configuration was added for telling MiniMagick to use GraphicsMagick instead of MiniMagick:

  MiniMagick.configure do |config|
    config.graphicsmagick = true # prepend all commands with "gm"
  end

  Previously, the recommended approach was setting MiniMagick.cli_prefix = "gm", but that doesn't work when ImageMagick 7 is installed, as in that case MiniMagick will try to prepend magick on top of gm.

v5.0.1

• MiniMagick::Image#write doesn't delete the internal tempfile anymore, which restores use cases like:

  image = MiniMagick::Image.open("...")
  image.resize("500x500")
  image.write("foo.jpg")
  image.blur
  image.write("bar.png")

• Prevented MiniMagick::Image#to_ary being called by ruby in certain cases, such as [image].flatten(1).

v5.0.0

Improvements

• New class method shorthands were added for the tool API:

  # BEFORE
  MiniMagick::Tool::Convert.new { |convert| ... }

... (truncated)

Commits

• 34433dc Bump to 5.2.0
• bbcb06f Use Hash#slice
• 238ff7b Drop support for Ruby 2.3 and 2.4
• 8609522 Fix "ambiguous * has been interpreted as an argument prefix" warning (#588)
• 92e1789 Add restricted_env option to use Open3 unsetenv_others:true (#587)
• 21b48d9 Bump to 5.1.2
• 53ea605 Add benchmark gem to dependencies
• 7c17853 Bump to 5.1.1
• 7c52f4b Test on Rubt 3.4
• a182d60 Add logger gem to dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
rubygems/mini_magick	~> 5.2	🟢 5.4	Details Check Score Reason Maintained 🟢 10 18 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 1 Found 4/30 approved changesets -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
rubygems/image_processing	1.14.0	🟢 4.8	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 4 Found 12/30 approved changesets -- score normalized to 4 Maintained 🟢 10 7 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
rubygems/mini_magick	5.2.0	🟢 5.4	Details Check Score Reason Maintained 🟢 10 18 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 1 Found 4/30 approved changesets -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• Gemfile
• Gemfile.lock