Bump carrierwave from 2.2.4 to 3.0.0

[dependabot]

Bumps carrierwave from 2.2.4 to 3.0.0.

Release notes

Sourced from carrierwave's releases.

3.0.0

Added

• Support adding suffix to filename on store when path collides with the existing ones (@​mshibuya 07a5632, #1855)
• Add image dimension validation (@​TsubasaYoshida #2592, 3b1f8b4)
• Provide validation error details via ActiveModel::Errors#details (@​mshibuya 9013999, #2150)
• Support clearing #remote_urls by assigning nil (@​mshibuya 8307f93, #2067)
• Support configuration of download retry wait time (@​tricknotes #2646)
• Support for ActiveRecord::Base#dup (@​mshibuya, @​BrianHawley 19b33b8, #2645, #1962)
• Add CarrierWave::Storage::Fog::File#to_file for interface consistency with SanitizedFile (@​mshibuya 68ce83a, #1960)
• Allow SanitizedFile to accept read with an optional length and output_buffer arguments (@​mshibuya 9096459, #1959)
• Add basename and fix extension value for fog file (@​leductienttkt #2587)
• Allow uploaders to accept unless conditions (@​Vpatel1093 #2588)
• Add retry option to download from remote url (@​tashirosota #2577)

Changed

• Stop relying on ActiveModel::Dirty change tracking for removal of unnecessary files (@​mshibuya aac25c1)
• Create versions lazily to reflect subclass configurations properly (@​mshibuya 1531a67, #1957, #2619)
• [BREAKING CHANGE] Use the resulting file extension on changing format by :convert (@​mshibuya #2659, #2125, #2126, #2254)
• Prioritize Magic-detected content type for spoof-tolerance (@​mshibuya a2ca59c, #2570)
• Handle assignments in an ActiveModel::Dirty-friendly way (@​mshibuya #2658, #2404, #2409, #2468)
• Give a stable name to classes created by the mount_uploader block (@​mshibuya f5b09b8, #2407, #2471)
• Give a stable name to version classes (@​mshibuya a9de756, #2407, #2471)
• Completely migrate to allowlist/denylist terminology (@​mshibuya 7a40ef7, #2536)
• Remove implementation-dependent information from an error message (@​akihikodaki #2499)
• Replace mini_mime with marcel (@​pjmartorell #2552)
• [BREAKING CHANGE] Change to store files on after_save hook instead of after_commit, with performing cleanup when transaction is rolled back (@​fsateler #2546)

Deprecated

• #denylist was deprecated to prefer explicitly opting-in (@​mshibuya 7a40ef7, #2536)

Removed

• Drop support for Ruby < 2.5 and Rails 5.x (@​mshibuya 229594f)
• Remove support for Merb (@​seuros #2566)

Fixed

• Fix CarrierWave::Storage::Fog::File#read breaking when the file doesn't exist (@​mshibuya 246eb01, #2524)
• Fix to preserve the original URI as much as possible on download (@​mshibuya 2f3afaf, #2631)
• Fix not to invoke content type detection on #copy_to as it's costly (@​mshibuya 6c6e2dc, #2465)
• Fix calling #=~ on non-String breaking in Ruby 3.2 (@​aubinlrx #2653, fd03ddd)
• Fix #clean_cache! to respect the uploader's root, not the global one (@​sawasaki-narumi #2652, 3cb9992, #2113)
• Fix to use helper method #fog_provider instead of checking #fog_credentials (@​joshuamsager #2660)
• Fix being unable to delete a file by assigning nil (@​mshibuya f8ea354, #2654, #2613)
• Fix to raise exception when ImageMagick is not installed (@​mshibuya d90c399, #2060)
• Fix to remove unnecessary floodfill in CarrierWave::RMagick#resize_and_pad (@​mshibuya f34a9bd)
• Fix #{column}_cache= fails to be stored when set as a nested attribute (@​mshibuya e84d11e, #2206)
• Fix to use AWS S3 regional endpoints when using virtual-hosted style (@​mshibuya 8dace34, #2523)
• Fix to respect condition on processing a derived version (@​mshibuya 1fecddc, #2516)
• Fix #recreate_versions! affecting the original file (@​mshibuya a67bfb6, 5f00715, #2480, #2655)
• Fix remove_#{column}! doesn't remove the file immediately (@​mshibuya b719fb3, #2540)
• Fix column value populated without a file when using filename override (@​mshibuya f1eff6e, #2284)

... (truncated)

Changelog

Sourced from carrierwave's changelog.

3.0.0 - 2023-07-02

No changes.

3.0.0.rc - 2023-06-11

Added

• Support adding suffix to filename on store when path collides with the existing ones (@​mshibuya 07a5632, #1855)
• Add image dimension validation (@​TsubasaYoshida #2592, 3b1f8b4)
• Provide validation error details via ActiveModel::Errors#details (@​mshibuya 9013999, #2150)
• Support clearing #remote_urls by assigning nil (@​mshibuya 8307f93, #2067)
• Support configuration of download retry wait time (@​tricknotes #2646)
• Support for ActiveRecord::Base#dup (@​mshibuya, @​BrianHawley 19b33b8, #2645, #1962)
• Add CarrierWave::Storage::Fog::File#to_file for interface consistency with SanitizedFile (@​mshibuya 68ce83a, #1960)
• Allow SanitizedFile to accept read with an optional length and output_buffer arguments (@​mshibuya 9096459, #1959)

Changed

• Stop relying on ActiveModel::Dirty change tracking for removal of unnecessary files (@​mshibuya aac25c1)
• Create versions lazily to reflect subclass configurations properly (@​mshibuya 1531a67, #1957, #2619)
• [BREAKING CHANGE] Use the resulting file extension on changing format by :convert (@​mshibuya #2659, #2125, #2126, #2254)
• Prioritize Magic-detected content type for spoof-tolerance (@​mshibuya a2ca59c, #2570)
• Handle assignments in an ActiveModel::Dirty-friendly way (@​mshibuya #2658, #2404, #2409, #2468)
• Give a stable name to classes created by the mount_uploader block (@​mshibuya f5b09b8, #2407, #2471)
• Give a stable name to version classes (@​mshibuya a9de756, #2407, #2471)

Fixed

• Fix CarrierWave::Storage::Fog::File#read breaking when the file doesn't exist (@​mshibuya 246eb01, #2524)
• Fix to preserve the original URI as much as possible on download (@​mshibuya 2f3afaf, #2631)
• Fix not to invoke content type detection on #copy_to as it's costly (@​mshibuya 6c6e2dc, #2465)
• Fix calling #=~ on non-String breaking in Ruby 3.2 (@​aubinlrx #2653, fd03ddd)
• Fix #clean_cache! to respect the uploader's root, not the global one (@​sawasaki-narumi #2652, 3cb9992, #2113)
• Fix to use helper method #fog_provider instead of checking #fog_credentials (@​joshuamsager #2660)
• Fix being unable to delete a file by assigning nil (@​mshibuya f8ea354, #2654, #2613)
• Fix to raise exception when ImageMagick is not installed (@​mshibuya d90c399, #2060)
• Fix to remove unnecessary floodfill in CarrierWave::RMagick#resize_and_pad (@​mshibuya f34a9bd)
• Fix #{column}_cache= fails to be stored when set as a nested attribute (@​mshibuya e84d11e, #2206)
• Fix to use AWS S3 regional endpoints when using virtual-hosted style (@​mshibuya 8dace34, #2523)
• Fix to respect condition on processing a derived version (@​mshibuya 1fecddc, #2516)
• Fix #recreate_versions! affecting the original file (@​mshibuya a67bfb6, 5f00715, #2480, #2655)
• Fix remove_#{column}! doesn't remove the file immediately (@​mshibuya b719fb3, #2540)
• Fix column value populated without a file when using filename override (@​mshibuya f1eff6e, #2284)
• Fix boolean configurations couldn't be set to false on a per-uploader basis (@​megane42 #2642)
• Fix #clean_cache! breaking with directories that doesn't conform to CarrierWave's cache_id format (@​BrianHawley #2641)

3.0.0.beta - 2022-11-19

Added

• Add basename and fix extension value for fog file (@​leductienttkt #2587)
• Allow uploaders to accept unless conditions (@​Vpatel1093 #2588)
• Add retry option to download from remote url (@​tashirosota #2577)

Deprecated

... (truncated)

Commits

• 269c37a Version 3.0.0 🚀
• 114d593 Version 3.0.0.rc
• 246eb01 Change CarrierWave::Storage::Fog::File#read to return nil when the file doesn...
• 07a5632 Add suffix to filename on store when path collides with the existing ones
• aac25c1 Stop relying on ActiveModel::Dirty change tracking for removal of unnecessary...
• 1531a67 Create versions lazily to reflect subclass configurations properly
• bbe0919 Merge pull request #2662 from ibrahima/patch-1
• 4c22006 Mention that size_range is in bytes
• 2f3afaf Try to preserve the original URI as much as possible
• 436f51e Merge pull request #2659 from carrierwaveuploader/use-converted-file-extension
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

⚠️ This repo is Continuously Deployed: make sure you follow the guidance ⚠️

Follow these steps if you are doing a Rails upgrade.

[ollietreend]

Due to the breaking changes introduced by Carrierwave 3.0.0, this PR is on hold while the #govuk-publishing-whitehall-asset-management consider upgrading the gem vs. using something else for file uploads in Whitehall.

cc. @tunylund

[beccapearce]

added some labels to make sure people on the dependabot rota don't look into this

[dependabot]

Superseded by #7999.