Skip to content

Bump rspec-its from 1.3.0 to 2.0.0 in /updater#33

Open
dependabot[bot] wants to merge 5 commits into
mainfrom
dependabot/bundler/updater/rspec-its-2.0.0
Open

Bump rspec-its from 1.3.0 to 2.0.0 in /updater#33
dependabot[bot] wants to merge 5 commits into
mainfrom
dependabot/bundler/updater/rspec-its-2.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jan 28, 2026

Copy link
Copy Markdown

Bumps rspec-its from 1.3.0 to 2.0.0.

Changelog

Sourced from rspec-its's changelog.

2.0.0 / 2024-11-04

Version 2.0.0 drops support for Ruby below 3, and changes the supported RSpec version to "main" and current release series. (At the time of writing this is 3.13.x, but it means the current supported release only).

Breaking changes:

  • Now uses public_send so that private methods will not be accidentally reachable. (James Ottaway #33, #101)

1.3.1 / 2024-10-23

full changelog

Bug fixes:

  • Prevent overridden example methods causing issues by creating our own Example Group creation alias __its_example. (Jon Rowe, #95)
Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by cubic

Upgrade rspec-its from 1.3.0 to 2.0.0 to align with the latest RSpec and simplify maintenance. This enforces Ruby 3+, RSpec 3.13+, and prevents accessing private methods in specs.

  • Dependencies

    • Updated rspec-its to 2.0.0 and gemspec to "~> 2.0"; lockfile bumps rspec-core/expectations/support to 3.13.x and diff-lcs to 1.6.2.
    • rspec-its now requires Ruby 3+ and RSpec 3.13+, and uses public_send (private methods no longer reachable).
  • Migration

    • Ensure CI runs on Ruby 3+ and RSpec 3.13+.
    • Update any its specs that relied on private methods to use public API.

Written for commit 46cec79. Summary will update on new commits.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot Bot and others added 5 commits January 23, 2026 21:35
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [tar](https://github.com/isaacs/node-tar) to 7.5.6 and updates ancestor dependencies [tar](https://github.com/isaacs/node-tar), [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist) and [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Updates `tar` from 6.2.1 to 7.5.6
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v6.2.1...v7.5.6)

Updates `@npmcli/arborist` from 8.0.0 to 9.1.10
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/commits/arborist-v9.1.10/workspaces/arborist)

Updates `npm` from 6.14.18 to 11.8.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](npm/cli@v6.14.18...v11.8.0)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.6
  dependency-type: indirect
- dependency-name: "@npmcli/arborist"
  dependency-version: 9.1.10
  dependency-type: direct:production
- dependency-name: npm
  dependency-version: 11.8.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
…lpers/multi-6afa301cf6

Bump tar, @npmcli/arborist and npm in /bun/helpers
Bumps [rspec-its](https://github.com/rspec/rspec-its) from 1.3.0 to 2.0.0.
- [Changelog](https://github.com/rspec/rspec-its/blob/main/Changelog.md)
- [Commits](rspec/rspec-its@v1.3.0...v2.0.0)

---
updated-dependencies:
- dependency-name: rspec-its
  dependency-version: 2.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Jan 28, 2026
@coderabbitai

coderabbitai Bot commented Jan 28, 2026

Copy link
Copy Markdown

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review

Comment @coderabbitai help to get the list of available commands and usage tips.

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant