Skip to content

build(deps): Bump the ruby-minor-and-patch group across 1 directory with 2 updates#534

Closed
dependabot[bot] wants to merge 1 commit into
trunkfrom
dependabot/bundler/ruby-minor-and-patch-866977ef05
Closed

build(deps): Bump the ruby-minor-and-patch group across 1 directory with 2 updates#534
dependabot[bot] wants to merge 1 commit into
trunkfrom
dependabot/bundler/ruby-minor-and-patch-866977ef05

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the ruby-minor-and-patch group with 2 updates in the / directory: fastlane and fastlane-plugin-wpmreleasetoolkit.

Updates fastlane from 2.234.0 to 2.237.0

Release notes

Sourced from fastlane's releases.

2.237.0 Improvements

2.236.1 Improvements

  • Revert "[transporter] Decode Base64 key content for .p8 file generation in Al…" (#30066) via Connor Tumbleson (@​iBotPeaches)

2.236.0 Improvements

2.235.0 Improvements

... (truncated)

Commits
  • ca86f0d Version bump to 2.237.0 (#30110)
  • 2fc4196 [ci] drop CircleCI for GHA (#30108)
  • b97b541 [fastlane_core] Restore altool -f flag, keep -assetFile only for iTMSTranspor...
  • ac35270 [gym] handle xcpretty errors cleaner & promote xcbeautify (#30099)
  • e856f9d [docs] reflect specification changes regarding iPad Pro 12.9-inch screenshots...
  • 53dc18d [core] Reduce duplication on output and noise during failure. (#30097)
  • 3fb6cfc [ci] Bump actions/checkout from 6 to 7 (#30100)
  • 20f68fd [match] Restore renew expired certs (opt in) (#30096)
  • dd954d6 [match] fail fast for SSH authentication prompts in non-interactive shell (#3...
  • 198dd4f [gem] move to faraday 1.0.6 (#30095)
  • Additional commits viewable in compare view

Updates fastlane-plugin-wpmreleasetoolkit from 14.6.0 to 14.10.0

Release notes

Sourced from fastlane-plugin-wpmreleasetoolkit's releases.

14.10.0

New Features

  • android_prune_orphaned_translations action: removes <string>, <string-array> and <plurals> entries from values-*/strings.xml whose keys are not declared in the source values/strings.xml optionally unioned with additional_source_strings_paths. #734

Bug Fixes

14.9.0

New Features

  • upload_github_release_assets action: uploads assets on an existing GitHub release without disturbing unrelated assets. If assets exists already, it replaces them. #743

14.8.0

New Features

  • find_or_create_pull_request action: returns the URL of the open Pull Request for a head branch, creating one only if none exists yet. #733
  • ContinuousBuildCodeFormatter: derives an Android Play Store versionCode for a "continuous trunk" release model as (major * 10 + minor) * 10^build_digits + build_number (default build_digits: 6). #735

14.7.0

New Features

  • Added new update_apps_cdn_build_metadata action to update metadata (e.g. visibility) of one or more existing builds on the Apps CDN without re-uploading the files, via the dedicated /wpcom/v2/sites/{site_id}/a8c-cdn/builds/{post_id} endpoint. Accepts an array of post_ids. This enables a two-phase release flow: upload builds as Internal first, then flip to External at publish time. #701

Bug Fixes

  • openai_ask: avoid logging sensitive tool diagnostics and refuse to execute additional tool calls after max_tool_iterations. #719
  • Bump the fastlane floor to ~> 2.235 to pull in jwt >= 3.2.0, fixing GHSA-c32j-vqhx-rx3x (ruby-jwt empty-key HMAC bypass). #728

Internal Changes

  • openai_ask: validate named function tools, default to gpt-4.1, use max_completion_tokens, and opt out of OpenAI request storage. #719
  • Configure Dependabot to update Ruby dependencies daily, grouping minor/patch bumps under ruby-minor-and-patch. #724
Changelog

Sourced from fastlane-plugin-wpmreleasetoolkit's changelog.

14.10.0

New Features

  • android_prune_orphaned_translations action: removes <string>, <string-array> and <plurals> entries from values-*/strings.xml whose keys are not declared in the source values/strings.xml optionally unioned with additional_source_strings_paths. #734

Bug Fixes

14.9.0

New Features

  • upload_github_release_assets action: uploads assets on an existing GitHub release without disturbing unrelated assets. If assets exists already, it replaces them. #743

14.8.0

New Features

  • find_or_create_pull_request action: returns the URL of the open Pull Request for a head branch, creating one only if none exists yet. #733
  • ContinuousBuildCodeFormatter: derives an Android Play Store versionCode for a "continuous trunk" release model as (major * 10 + minor) * 10^build_digits + build_number (default build_digits: 6). #735

14.7.0

New Features

  • Added new update_apps_cdn_build_metadata action to update metadata (e.g. visibility) of one or more existing builds on the Apps CDN without re-uploading the files, via the dedicated /wpcom/v2/sites/{site_id}/a8c-cdn/builds/{post_id} endpoint. Accepts an array of post_ids. This enables a two-phase release flow: upload builds as Internal first, then flip to External at publish time. #701

Bug Fixes

  • openai_ask: avoid logging sensitive tool diagnostics and refuse to execute additional tool calls after max_tool_iterations. #719
  • Bump the fastlane floor to ~> 2.235 to pull in jwt >= 3.2.0, fixing GHSA-c32j-vqhx-rx3x (ruby-jwt empty-key HMAC bypass). #728

Internal Changes

  • openai_ask: validate named function tools, default to gpt-4.1, use max_completion_tokens, and opt out of OpenAI request storage. #719
  • Configure Dependabot to update Ruby dependencies daily, grouping minor/patch bumps under ruby-minor-and-patch. #724
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Jul 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 1, 2026 19:02
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Jul 1, 2026
@github-actions github-actions Bot added the [Type] Build Tooling Issues or PRs related to build tooling label Jul 1, 2026
@wpmobilebot

wpmobilebot commented Jul 1, 2026

Copy link
Copy Markdown

XCFramework Build

This PR's XCFramework is available for testing. Add the following to your Package.swift:

.package(url: "https://github.com/wordpress-mobile/GutenbergKit", branch: "pr-build/534")

Built from c379da2

@mokagio mokagio enabled auto-merge (squash) July 2, 2026 07:56
@mokagio

mokagio commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Changes look good. Too bad the E2E fail.

I retried them, too.

Cc @jkmassel in case this is more than a flaky?

…ith 2 updates

Bumps the ruby-minor-and-patch group with 2 updates in the / directory: [fastlane](https://github.com/fastlane/fastlane) and [fastlane-plugin-wpmreleasetoolkit](https://github.com/wordpress-mobile/release-toolkit).


Updates `fastlane` from 2.234.0 to 2.237.0
- [Release notes](https://github.com/fastlane/fastlane/releases)
- [Changelog](https://github.com/fastlane/fastlane/blob/master/CHANGELOG.latest.md)
- [Commits](fastlane/fastlane@fastlane/2.234.0...fastlane/2.237.0)

Updates `fastlane-plugin-wpmreleasetoolkit` from 14.6.0 to 14.10.0
- [Release notes](https://github.com/wordpress-mobile/release-toolkit/releases)
- [Changelog](https://github.com/wordpress-mobile/release-toolkit/blob/trunk/CHANGELOG.md)
- [Commits](wordpress-mobile/release-toolkit@14.6.0...14.10.0)

---
updated-dependencies:
- dependency-name: fastlane
  dependency-version: 2.236.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-minor-and-patch
- dependency-name: fastlane-plugin-wpmreleasetoolkit
  dependency-version: 14.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ruby-minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): Bump the ruby-minor-and-patch group with 2 updates build(deps): Bump the ruby-minor-and-patch group across 1 directory with 2 updates Jul 9, 2026
@dependabot dependabot Bot force-pushed the dependabot/bundler/ruby-minor-and-patch-866977ef05 branch from e9f7cac to c379da2 Compare July 9, 2026 09:22
@dependabot @github

dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 10, 2026
auto-merge was automatically disabled July 10, 2026 23:52

Pull request was closed

@dependabot dependabot Bot deleted the dependabot/bundler/ruby-minor-and-patch-866977ef05 branch July 10, 2026 23:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code [Type] Build Tooling Issues or PRs related to build tooling

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants