Skip to content

Bump concurrent-ruby from 1.3.5 to 1.3.7#104

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/concurrent-ruby-1.3.7
Open

Bump concurrent-ruby from 1.3.5 to 1.3.7#104
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/concurrent-ruby-1.3.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown

Bumps concurrent-ruby from 1.3.5 to 1.3.7.

Release notes

Sourced from concurrent-ruby's releases.

v1.3.7

There are 3 security fixes in this release, so updating is recommended. These security vulnerabilities are not very likely to be hit in practice and have a corresponding Low severity score.

What's Changed

New Contributors

Full Changelog: ruby-concurrency/concurrent-ruby@v1.3.6...v1.3.7

v1.3.6

What's Changed

New Contributors

Full Changelog: ruby-concurrency/concurrent-ruby@v1.3.5...v1.3.6

Changelog

Sourced from concurrent-ruby's changelog.

Release v1.3.7 (16 June 2026)

concurrent-ruby:

Release v1.3.6 (13 December 2025)

concurrent-ruby:

Commits
  • 4c8fc28 Release 1.3.7
  • d91ca94 Fix AtomicReference#update livelock when stored value is Float::NAN on JRuby ...
  • 7e4d711 Fix ReentrantReadWriteLock read hold overflow into write-lock bit
  • 6e37e06 Fix AtomicReference#update livelock when stored value is Float::NAN
  • 2825cfa Cleanup spec
  • 3fd4932 Fix ReadWriteLock wrong-thread write release and stray read release
  • 1974b47 Add Ruby 4.0 in CI
  • df8706d Add SECURITY.md (#1104)
  • 7a1b789 Bump actions/upload-pages-artifact from 4 to 5
  • 9b2dbf7 Bump actions/deploy-pages from 4 to 5
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Jun 23, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 23, 2026 21:22
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Jun 23, 2026
Comment thread Gemfile.lock
activesupport (= 8.0.2)
bundler (>= 1.15.0)
railties (= 8.0.2)
rails (0.9.5)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lol

@dependabot @github

dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Author

Dependabot can't resolve your Ruby dependency files. Because of this, Dependabot cannot update this pull request.

@drinkbeer

Copy link
Copy Markdown

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Author

Dependabot can't resolve your Ruby dependency files. Because of this, Dependabot cannot update this pull request.

1 similar comment
@dependabot @github

dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Author

Dependabot can't resolve your Ruby dependency files. Because of this, Dependabot cannot update this pull request.

Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.3.5 to 1.3.7.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](ruby-concurrency/concurrent-ruby@v1.3.5...v1.3.7)

---
updated-dependencies:
- dependency-name: concurrent-ruby
  dependency-version: 1.3.7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/concurrent-ruby-1.3.7 branch from 5abff06 to 4496c93 Compare July 13, 2026 18:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants