Skip to content

Bump puma from 6.6.1 to 7.2.1 in /spec/tester_mongo#1654

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/bundler/spec/tester_mongo/puma-7.2.1
Open

Bump puma from 6.6.1 to 7.2.1 in /spec/tester_mongo#1654
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/bundler/spec/tester_mongo/puma-7.2.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 9, 2026
edited
Loading

Copy link
Copy Markdown

Bumps puma from 6.6.1 to 7.2.1.

Release notes

Sourced from puma's releases.

v7.2.1

  • Bugfixes
    • Limit and anchor PROXY protocol v1 parsing to prevent abuse via crafted inputs (#3947)
    • Parse PROXY protocol only once per connection to prevent injection on keep-alive requests (#3947)

Security advisories

v7.2.0 - On The Corner

  • Features

    • Add workers :auto (#3827)
    • Make it possible to restrict control server commands to stats (#3787)

  • Bugfixes

    • Don't break if WEB_CONCURRENCY is set to a blank string (#3837)
    • Don't share server between worker 0 and descendants on refork (#3602)
    • Fix phase check race condition in Puma::Cluster#check_workers (#3690)
    • Fix advertising of CLI config before config files are loaded (#3823)

  • Performance

    • 17% faster HTTP parsing through pre-interning env keys (#3825)
    • Implement dsize and dcompact functions for Puma::HttpParser, which makes Puma's C-extension GC-compactible (#3828)

  • Refactor

    • Remove NoMethodError rescue in Reactor#select_loop (#3831)
    • Various cleanups in the C extension (#3814)
    • Monomorphize handle_request return (#3802)

  • Docs

    • Change link to docs/deployment.md in README.md (#3848)
    • Fix formatting for each signal description in signals.md (#3813)
    • Update deployment and Kubernetes docs with Puma configuration tips (#3807)
    • Rename master to main (#3809, #3808, #3800)
    • Fix some minor typos in the docs (#3804)
    • Add GOVERNANCE.md, MAINTAINERS (#3826)
    • Remove Code Climate badge (#3820)
    • Add @​joshuay03 to the maintainer list

  • CI

v7.1.0

7.1.0 / 2025-10-16 - Neon Witch

neon_witch

  • Features

... (truncated)

Changelog

Sourced from puma's changelog.

7.2.1 / 2026-05-27

  • Bugfixes
    • Limit and anchor PROXY protocol v1 parsing to prevent abuse via crafted inputs (#3947)
    • Parse PROXY protocol only once per connection to prevent injection on keep-alive requests (#3947)

7.2.0 / 2026-01-20

  • Features

    • Add workers :auto (#3827)
    • Make it possible to restrict control server commands to stats (#3787)

  • Bugfixes

    • Don't break if WEB_CONCURRENCY is set to a blank string (#3837)
    • Don't share server between worker 0 and descendants on refork (#3602)
    • Fix phase check race condition in Puma::Cluster#check_workers (#3690)
    • Fix advertising of CLI config before config files are loaded (#3823)

  • Performance

    • 17% faster HTTP parsing through pre-interning env keys (#3825)
    • Implement dsize and dcompact functions for Puma::HttpParser, which makes Puma's C-extension GC-compactible (#3828)

  • Refactor

    • Remove NoMethodError rescue in Reactor#select_loop (#3831)
    • Various cleanups in the C extension (#3814)
    • Monomorphize handle_request return (#3802)

  • Docs

    • Change link to docs/deployment.md in README.md (#3848)
    • Fix formatting for each signal description in signals.md (#3813)
    • Update deployment and Kubernetes docs with Puma configuration tips (#3807)
    • Rename master to main (#3809, #3808, #3800)
    • Fix some minor typos in the docs (#3804)
    • Add GOVERNANCE.md, MAINTAINERS (#3826)
    • Remove Code Climate badge (#3820)
    • Add @​joshuay03 to the maintainer list

  • CI

7.1.0 / 2025-10-16

  • Features

    • Introduce after_worker_shutdown hook (#3707)
    • Reintroduce keepalive "fast inline" behavior. Provides faster (8x on JRuby & 1.4x on Ruby) pipeline processing (#3794)

  • Bugfixes

    • Skip reading zero bytes when request body is buffered (#3795)
    • Fix PUMA_LOG_CONFIG=1 logging twice with prune_bundler enabled (#3778)

... (truncated)

Commits

@github-actions github-actions Bot enabled auto-merge (squash) June 9, 2026 01:19
@dependabot dependabot Bot force-pushed the dependabot/bundler/spec/tester_mongo/puma-7.2.1 branch from 716e418 to 6758dd2 Compare June 9, 2026 18:50
@dependabot
Bump puma from 6.6.1 to 7.2.1 in /spec/tester_mongo
fcd63da 
Bumps [puma](https://github.com/puma/puma) from 6.6.1 to 7.2.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/main/History.md)
- [Commits](puma/puma@v6.6.1...v7.2.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-version: 7.2.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/spec/tester_mongo/puma-7.2.1 branch from 6758dd2 to fcd63da Compare June 9, 2026 18:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies ruby

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants