Bump rails from 8.0.5 to 8.1.3

[dependabot]

Bumps rails from 8.0.5 to 8.1.3.

Release notes

Sourced from rails's releases.

8.1.3

Active Support

• Fix JSONGemCoderEncoder to correctly serialize custom object hash keys.

  When hash keys are custom objects whose as_json returns a Hash, the encoder now calls to_s on the original key object instead of on the as_json result.

  Before: hash = {CustomKey.new(123) => "value"} hash.to_json # => {"{:id=>123}":"value"}

  After: hash.to_json # => {"custom_123":"value"}

  Dan Sharp

• Fix inflections to better handle overlapping acronyms.

  ActiveSupport::Inflector.inflections(:en) do |inflect|
    inflect.acronym "USD"
    inflect.acronym "USDC"
  end
  "USDC".underscore # => "usdc"

  Said Kaldybaev

• Silence Dalli 4.0+ warning when using ActiveSupport::Cache::MemCacheStore.

  zzak

Active Model

• Fix Ruby 4.0 delegator warning when calling inspect on attributes.

  Hammad Khan

• Fix NoMethodError when deserialising Type::Integer objects marshalled under Rails 8.0.

  The performance optimisation that replaced @range with @max/@min broke Marshal compatibility. Objects serialised under 8.0 (with @range) and deserialised under 8.1 (expecting @max/@min) would crash with undefined method '<=' for nil because Marshal.load restores instance variables without calling initialize.

... (truncated)

Commits

• fa8f081 Preparing for 8.1.3 release
• 63cef3d Merge branch '8-1-sec' into 8-1-stable
• 1db4b89 Preparing for 8.1.2.1 release
• 1c7d1cf Update changelog
• e91694b Update CHANGELOG (8.1 only)
• 6752711 Fix XSS in debug exceptions copy-to-clipboard
• 63f5ad8 Skip blank attribute names in Action View tag helpers
• 8c9676b Prevent glob injection in ActiveStorage DiskService#delete_prefixed
• 9b06fbc Prevent path traversal in ActiveStorage DiskService
• ec1a0e2 Improve performance of NumberToDelimitedConverter
• Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[3kh0]

@dependabot rebase

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	gem/​rails@​8.0.5 ⏵ 8.1.3

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: gem actionpack is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: Gemfile.lock → gem/phlex-rails@2.4.0 → gem/web-console@4.3.0 → gem/sentry-rails@6.5.0 → gem/solid_queue@1.4.0 → gem/rails@8.1.3 → gem/propshaft@1.3.2 → gem/vite_rails@3.11.0 → gem/solid_cable@3.0.12 → gem/solid_cache@1.0.10 → gem/dotenv-rails@3.2.0 → gem/actionpack@8.1.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore gem/actionpack@8.1.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: gem activerecord is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: Gemfile.lock → gem/solid_queue@1.4.0 → gem/rails@8.1.3 → gem/kaminari@1.2.2 → gem/pg_search@2.3.7 → gem/hashid-rails@1.4.1 → gem/solid_cable@3.0.12 → gem/solid_cache@1.0.10 → gem/activerecord@8.1.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore gem/activerecord@8.1.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: gem activerecord is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: Gemfile.lock → gem/solid_queue@1.4.0 → gem/rails@8.1.3 → gem/kaminari@1.2.2 → gem/pg_search@2.3.7 → gem/hashid-rails@1.4.1 → gem/solid_cable@3.0.12 → gem/solid_cache@1.0.10 → gem/activerecord@8.1.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore gem/activerecord@8.1.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: gem activesupport is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: Gemfile.lock → gem/phlex-rails@2.4.0 → gem/web-console@4.3.0 → gem/sentry-rails@6.5.0 → gem/solid_queue@1.4.0 → gem/rails@8.1.3 → gem/blind_index@2.8.0 → gem/propshaft@1.3.2 → gem/vite_rails@3.11.0 → gem/primer_view_components@0.51.5 → gem/kaminari@1.2.2 → gem/pg_search@2.3.7 → gem/hashid-rails@1.4.1 → gem/rubocop-rails-omakase@1.1.0 → gem/solid_cable@3.0.12 → gem/pundit@2.5.2 → gem/solid_cache@1.0.10 → gem/dotenv-rails@3.2.0 → gem/activesupport@8.1.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore gem/activesupport@8.1.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[3kh0]

@dependabot rebase

[dependabot]

Looks like rails is up-to-date now, so this is no longer needed.