Bump the dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the dependencies group with 6 updates in the / directory:

Package	From	To
bootsnap	1.21.1	1.23.0
rspec-rails	8.0.2	8.0.3
devise	5.0.0	5.0.2
secure_headers	7.1.0	7.2.0
honeybadger	6.3.0	6.4.0
faraday	2.14.0	2.14.1

Updates bootsnap from 1.21.1 to 1.23.0

Release notes

Sourced from bootsnap's releases.

v1.23.0

What's Changed

• Require Ruby 2.7.
• Fix support for absolute paths in BOOTSNAP_IGNORE_DIRECTORIES.

Full Changelog: rails/bootsnap@v1.22.0...v1.23.0

v1.22.0

What's Changed

• Proper fix for the opendir crash.
• Add bootsnap/rake for cleaning the bootsnap cache as part of rake clobber.

Full Changelog: rails/bootsnap@v1.21.1...v1.22.0

Changelog

Sourced from bootsnap's changelog.

1.23.0

• Require Ruby 2.7.
• Fix support for absolute paths in BOOTSNAP_IGNORE_DIRECTORIES.

1.22.0

• Better fix for the opendir crash.
• Add bootsnap/rake for cleaning the bootsnap cache as part of rake clobber.

Commits

• 7b04583 Release 1.23.0
• 32e709d Merge pull request #530 from fxn/readdir
• 8326783 Handle readdir errors in bs_rb_scan_dir()
• 7807284 Merge pull request #528 from Umofomia/path-scanner-cleanup
• c30155d Fix bundle path check and consolidate common code in PathScanner
• c2ef9a3 Merge pull request #526 from Umofomia/claw--fix-ignored-directories-absolute-...
• 93c35b8 LoadPathScanner: Avoid computing the absolute path when not needed
• 2bf7aa4 Fix absolute path support for ignored directories in PathScanner.native_call
• 749bf76 Merge pull request #527 from byroot/ruby-2.7
• 5241189 Require Ruby 2.7
• Additional commits viewable in compare view

Updates rspec-rails from 8.0.2 to 8.0.3

Changelog

Sourced from rspec-rails's changelog.

8.0.3 / 2026-02-17

Full Changelog

Bug Fixes:

• Fix insertion order of controller prefix in the view lookup_context. (Stephen Nelson, #2749)
• Ensure rails stats looks for specs using application root rather than working directory. (Marvin Tangpos, #2879)

Commits

• 58d0380 Fix changelog link
• aa37b05 Drop main from maintenance branch
• 7ec5827 v8.0.3
• a7b0ad4 Merge pull request #2882 from tylerhunt/fix-error-typo
• 42d3a65 Add note about supported versions
• d547cb8 Bump actions/checkout from 5 to 6
• 8530dd4 Bump actions/checkout from 4 to 5
• 440b3c3 Switch to gem.coop in Gemfile
• 76cb716 Update Code of Conduct based on Contributor Covenant v3
• 577a301 Changelog for #2879
• Additional commits viewable in compare view

Updates devise from 5.0.0 to 5.0.2

Release notes

Sourced from devise's releases.

v5.0.2

https://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18

v5.0.1

https://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13

Changelog

Sourced from devise's changelog.

5.0.2 - 2026-02-18

• enhancements
  • Allow resource class scopes to override the global configuration for sign_in_after_change_password behaviour. #5825
  • Add sign_in_after_reset_password? check hook to passwords controller, to allow it to be customized by users. #5826

5.0.1 - 2026-02-13

• bug fixes
  • Fix translation issue with German E-Mail on invalid authentication messages caused by previous fix for incorrect grammar #5822

Commits

• 5b008ed Release v5.0.2
• 916f94e Add sign_in_after_reset_password? check hook to passwords controller (#5826)
• 1befcb5 Stop building both branch & PR with pushes
• bb2b4ec Allow model config to override sign_in_after_change_password (#5825)
• e5ffdc4 Update missed generator to use correct grammar for "send password reset" butt...
• 1054ef8 Release v5.0.1
• 03c419e Only downcase first letter of each auth key, not the entire string (#5822)
• dbc1bb2 Fix minitest name (#5821)
• See full diff in compare view

Updates secure_headers from 7.1.0 to 7.2.0

Release notes

Sourced from secure_headers's releases.

v7.2.0

Release notes

What's Changed

• Remove non-lowercase headers in Rails default configuration by @​obrie github/secure_headers#551
• Fix compatibility with Rack 3 by @​deril github/secure_headers#555
• Normalize domains with trailing slashes by @​keithamus github/secure_headers#477
• Add tests for hash generation by @​rahearn github/secure_headers#485
• Add Configuration.disable! by @​fletchto99 github/secure_headers#568
• Don't set upgrade-insecure-requests-directive for HTTP requests by @​fletchto99 github/secure_headers#570
• Add cgi dependency for ruby 4.0 support by @​vcsjones github/secure_headers#560
• Update rubocop configuration for ruby 4.0 support by @​rei-moo github/secure_headers#561
• Fix code style by @​tmaier github/secure_headers#563
• Fix typos by @​myersg86 github/secure_headers#546

Full Changelog: github/secure_headers@v7.1.0...v7.2.0

Commits

• f224144 Bump Version to 7.2.0 (#581)
• 4111d49 fix
• 920e2ba Apply suggestions from code review
• 91bb8e3 update release workflow to publish ruby gem automatically
• 7f83b93 7.2 release (#566)
• b13d4b6 Bump ruby/setup-ruby from 1.287.0 to 1.288.0 (#579)
• 46e8335 Bump ruby/setup-ruby from 1.287.0 to 1.288.0
• 6788e52 Bump ruby/setup-ruby from 1.286.0 to 1.287.0 (#578)
• 72fbd02 Bump ruby/setup-ruby from 1.286.0 to 1.287.0
• bf06602 Bump ruby/setup-ruby from 1.281.0 to 1.286.0 (#577)
• Additional commits viewable in compare view

Updates honeybadger from 6.3.0 to 6.4.0

Release notes

Sourced from honeybadger's releases.

v6.4.0

6.4.0 (2026-02-18)

Features

• attach environment to Insights event payloads (#780) (97d1db1)

v6.3.1

6.3.1 (2026-02-12)

Bug Fixes

• prevent thread leak in EventsWorker#kill! (#778) (09ad0f7)

Changelog

Sourced from honeybadger's changelog.

6.4.0 (2026-02-18)

Features

• attach environment to Insights event payloads (#780) (97d1db1)

6.3.1 (2026-02-12)

Bug Fixes

• prevent thread leak in EventsWorker#kill! (#778) (09ad0f7)

Commits

• 75aa4d0 chore(master): release 6.4.0 (#781)
• 97d1db1 feat: attach environment to Insights event payloads (#780)
• e3f2a5a chore(master): release 6.3.1 (#779)
• 09ad0f7 fix: prevent thread leak in EventsWorker#kill! (#778)
• See full diff in compare view

Updates faraday from 2.14.0 to 2.14.1

Release notes

Sourced from faraday's releases.

v2.14.1

Security Note

This release contains a security fix, we recommend all users to upgrade as soon as possible. A Security Advisory with more details will be posted shortly.

What's Changed

• Add comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot by @​Copilot in lostisland/faraday#1642
• Add RFC document for Options architecture refactoring plan by @​Copilot in lostisland/faraday#1644
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in lostisland/faraday#1655
• Explicit top-level namespace reference by @​c960657 in lostisland/faraday#1657

New Contributors

• @​Copilot made their first contribution in lostisland/faraday#1642

Full Changelog: lostisland/faraday@v2.14.0...v2.14.1

Commits

• 16cbd38 Version bump to 2.14.1
• a6d3a3a Merge commit from fork
• b23f710 Explicit top-level namespace reference (#1657)
• 49ba4ac Bump actions/checkout from 5 to 6 (#1655)
• 51a49bc Ensure Claude reads the guidelines and allow to plan in a gitignored .ai/PLAN...
• 894f65c Add RFC document for Options architecture refactoring plan (#1644)
• 397e3de Add comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot ...
• d98c65c Update Faraday-specific AI agent guidelines
• 56c18ec Add AI agent guidelines specific to Faraday repository
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions