Skip to content

Bump pg from 1.5.9 to 1.6.1#10

Open
dependabot[bot] wants to merge 12 commits intomainfrom
dependabot/bundler/pg-1.6.1
Open

Bump pg from 1.5.9 to 1.6.1#10
dependabot[bot] wants to merge 12 commits intomainfrom
dependabot/bundler/pg-1.6.1

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Aug 5, 2025
edited
Loading

Bumps pg from 1.5.9 to 1.6.1.

Changelog

Sourced from pg's changelog.

v1.6.1 [2025-08-03] Lars Kanis lars@greiz-reinsdorf.de

  • Add binary gems for platforms aarch64-linux-musl and x86_64-linux-musl without the need to install package gcompat. #657.
  • Serialize CompositeCoder#dimensions only when set. #652 This fixes the compatibility to pg-1.5.9, when deserializing Marshal data from pg-1.6, as long as the new attribute isn't used.
  • Remove dependency to MSYS2 package "postgresql" from binary Windows gem #654

v1.6.0 [2025-07-27] Lars Kanis lars@greiz-reinsdorf.de

Added:

  • Add binary gems for Ruby 3.4.
  • Add fat binary gem for platform aarch64-mingw-ucrt aka Windows on ARM #626, for platform Macos on Intel and ARM #643, for platform aarch64-linux #646 and for platform x86_64-linux #551.
  • Update fat binary gem to OpenSSL-3.5.1 and PostgreSQL-17.5.
  • Add a patch to libpq to avoid starvation on bigger SSL records, which some database engines other than vanilla PostgreSQL use. This patch applies to platform specific binary gems only. #616
  • Add support for new query cancel functions of PostgreSQL-17. This adds the new class PG::CancelConnection which provides the ability to cancel a query per blocking or per non-blocking functions. If the new functions are available they are used and the older are no longer compiled in. This way we can get rid of reading out the internal PGcancel struct by Connection#backend_key. #614
  • Add PG::BinaryDecoder::Array and PG::BinaryEncoder::Array to parse and encode PostgreSQL arrays in binary format. #603
  • Add possibility to define the number of array dimensions to be encoded. Setting dimensions is especially useful, when a Record shall be encoded into an Array, since the Array encoder can not distinguish if the array shall be encoded as a higher dimension or as a record otherwise. #622
  • Add Connection#set_chunked_rows_mode #610
  • Add PG::Connection#close_prepared, PG::Connection#close_portal, PG::Connection#send_close_prepared and PG::Connection#send_close_portal which are new in PostgreSQL-17. #611
  • Add Connection#send_pipeline_sync, async_pipeline_sync and release GVL at PQ(sendP|P)ipelineSync. #612
  • Add MINGW package dependency which is resolved by RubyInstaller. #617
  • Change conn.server_version and conn.protocol_version to raise instead of return 0 on error. #632
  • Fix connecting to multiple hosts after connnect_timeout. #637
  • Fix making PG::BasicTypeMapForQueries shareable for Ractor in ruby-3.5. #636
  • Fix missing array input verification in PG::TypeMapByColumn. This could cause a segfault. #620
  • Rename History.md to CHANGELOG.md, which is more common. #642

Removed:

  • Drop support of Ruby < 2.7 #606

... (truncated)

Commits
  • 5da9f3b Bump VERSION to 1.6.1
  • f326991 Add release notes for pg-1.6.1
  • f181983 Merge pull request #657 from larskanis/add-musl
  • 3ce8a71 Add binary gems for aarch64-linux-musl and x86_64-linux-musl
  • 385edeb Merge pull request #655 from ged/revert-647-remove_mig
  • 95fb237 Revert "Remove installation of Macos "mig" tool"
  • c2f3468 Merge pull request #653 from larskanis/marshal-compat-array
  • 3a9938b Merge pull request #654 from larskanis/remove-binary-dependencies
  • ce0599b Merge pull request #647 from larskanis/remove_mig
  • b8ee7b2 Merge pull request #651 from larskanis/fixci
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Aug 5, 2025
@dependabot dependabot bot mentioned this pull request Aug 5, 2025
Closed
@rjohnson2011 @claude
Implement GitHub OAuth authentication with VA org verification
4ad3d60 
Backend Implementation:
- Added omniauth, omniauth-github, jwt, and bcrypt gems
- Created User model with encrypted access tokens
- Added AuthController for OAuth flow and JWT generation
- Added authentication methods to ApplicationController
- Updated CORS to support auth headers and credentials
- Created migration for users table
- Added comprehensive documentation

Frontend Implementation:
- Created AuthService for managing authentication state
- Added LoginButton component with GitHub branding
- Added UserProfile component showing user info and VA status
- Created AuthCallback component for OAuth flow
- Added ProtectedRoute component for access control
- Updated Dashboard to include auth UI and headers
- Added auth headers to all API requests

Security Features:
- JWT tokens expire after 24 hours
- Access tokens encrypted in database
- VA organization membership verification
- Protected endpoints with auth requirements

Next Steps:
- Create GitHub OAuth app
- Add environment variables
- Test authentication flow

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@dependabot dependabot bot force-pushed the dependabot/bundler/pg-1.6.1 branch from 8780b5c to cf5c01d Compare August 11, 2025 16:53
rjohnson2011 and others added 11 commits August 11, 2025 18:18
@rjohnson2011 @claude
Add explicit CORS support for vetsapi-pr-review.vercel.app
4aecf92 
- Added vetsapi-pr-review.vercel.app to allowed origins
- Already had wildcard support but being explicit for production domain

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@rjohnson2011 @claude
Fix last updated timestamp not updating in production
fbb6b28 
- Enabled Rails.cache.write for last_refresh_time in all scrapers
- Added cache update to fast_pr_scraper.rb
- Uncommented cache updates in render_cron_scraper.rb and fixed version
- This will make the "Last updated" timestamp update every 15 minutes

The timestamp was showing old times because the cache writes were disabled

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@rjohnson2011
Add comprehensive README documentation
1a2f88f 
- Overview of API features and tech stack
- Installation and development instructions
- API endpoints documentation
- Background jobs and cron configuration
- Deployment instructions for Render.com
- Monitoring and debugging guides
- Contributing guidelines
@rjohnson2011
Fix production cron job error - remove invalid callback skip
a7c00ac 
- Remove skip_before_action :verify_authenticity_token from AuthController
- This callback doesn't exist in API-only Rails apps (ActionController::API)
- Was causing ArgumentError preventing cron jobs from running
@rjohnson2011
Force rebuild and add health check endpoint
473cf6f 
- Add explanatory comment about verify_authenticity_token not needed in API apps
- Add /health endpoint with version 1.0.1 to verify deployments
- This should force Render to rebuild with the fixed code
@rjohnson2011
Temporarily rename auth_controller to force cache clear
05fb22e
@rjohnson2011
Rename back to auth_controller.rb - cache should be cleared
1ec0a45
@rjohnson2011
Remove auth controller to fix production deployment
2936750 
- Completely remove auth_controller.rb that was causing deployment failures
- Comment out auth routes in routes.rb
- Update health check version to 1.0.2
- This removes the problematic skip_before_action that was breaking cron jobs
- OAuth can be re-implemented later when needed
@rjohnson2011
Completely remove all OAuth/authentication code
b9274ec 
- Remove User model
- Remove user migration
- Remove all authentication methods from ApplicationController
- Comment out JWT and OAuth gems in Gemfile
- Update health check to version 1.0.3

This should finally fix the cron job failures by removing all OAuth-related code that was causing the verify_authenticity_token error
@rjohnson2011
Update Gemfile.lock after removing OAuth gems
a764492
@dependabot
Bump pg from 1.5.9 to 1.6.1
b2b8ef6 
Bumps [pg](https://github.com/ged/ruby-pg) from 1.5.9 to 1.6.1.
- [Changelog](https://github.com/ged/ruby-pg/blob/master/CHANGELOG.md)
- [Commits](ged/ruby-pg@v1.5.9...v1.6.1)

---
updated-dependencies:
- dependency-name: pg
  dependency-version: 1.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/bundler/pg-1.6.1 branch from cf5c01d to b2b8ef6 Compare August 12, 2025 18:34
@dependabot @github
Copy link
Copy Markdown
Author

dependabot bot commented on behalf of github Sep 3, 2025

A newer version of pg exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rjohnson2011