Skip to content

build(deps): bump devise from 5.0.3 to 5.0.4#484

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/bundler/devise-5.0.4
Open

build(deps): bump devise from 5.0.3 to 5.0.4#484
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/bundler/devise-5.0.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 9, 2026

Copy link
Copy Markdown
Contributor

Bumps devise from 5.0.3 to 5.0.4.

Release notes

Sourced from devise's releases.

v5.0.4

https://github.com/heartcombo/devise/blob/v5.0.4/CHANGELOG.md#504---2026-05-08

Changelog

Sourced from devise's changelog.

5.0.4 - 2026-05-08

Commits
  • 9ea459d Release v5.0.4 with sec fix for timeoutable
  • 025fe21 Merge commit from fork
  • 7ca7ed9 Add GHSA link to the v5.0.3 sec fix changelog entry [ci skip]
  • 605de86 Update links to https [ci skip]
  • 5e3a8bf Bundle update
  • 5d20277 Cleanup old Rails.version check for db migration path
  • 4ffb0b7 Fix Gemfile for Rails 7.2, incorrectly testing against 7.1
  • See full diff in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels May 9, 2026
@dependabot dependabot Bot requested a review from jnms-me as a code owner May 9, 2026 09:02
@dependabot dependabot Bot added the ruby Pull requests that update Ruby code label May 9, 2026
@jnms-me

jnms-me commented Jun 27, 2026

Copy link
Copy Markdown
Contributor

@dependabot rebase

Bumps [devise](https://github.com/heartcombo/devise) from 5.0.3 to 5.0.4.
- [Release notes](https://github.com/heartcombo/devise/releases)
- [Changelog](https://github.com/heartcombo/devise/blob/main/CHANGELOG.md)
- [Commits](heartcombo/devise@v5.0.3...v5.0.4)

---
updated-dependencies:
- dependency-name: devise
  dependency-version: 5.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/devise-5.0.4 branch from 668d439 to 9608863 Compare June 27, 2026 13:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant