Build(deps): Bump puma from 4.3.5 to 4.3.6 (PR #10609)

Bumps puma from 4.3.5 to 4.3.6.

Release notes

Sourced from puma's releases.

v4.3.6

https://github.com/puma/puma/compare/v4.3.5...4.3.6

A quick fix for a build error on Mac OS and a JSON require fix for those using phased restart.

  • Explicitly include ctype.h to fix compilation warning and build error on macOS with Xcode 12 (#2304)
  • Don't require json at boot (#2269)
Changelog

Sourced from puma's changelog.

Master

  • Bugfixes
    • JRuby - Add Puma::MiniSSL::Engine#init? and #teardown methods, run all SSL tests (#2317)
    • Improve shutdown reliability (#2312)
    • Resolve issue with threadpool waiting counter decrement when thread is killed
    • Constrain rake-compiler version to 0.9.4 to fix ClassNotFound exception when using MiniSSL with Java8.
    • Fix recursive prune_bundler (#2319).
    • Ensure that TCP_CORK is usable
    • Fix corner case when request body is chunked (#2326)

5.0.0

  • Features

    • EXPERIMENTAL: Add fork_worker option and refork command for reduced memory usage by forking from a worker process instead of the master process. (#2099)
    • EXPERIMENTAL: Added wait_for_less_busy_worker config. This may reduce latency on MRI through inserting a small delay before re-listening on the socket if worker is busy (#2079).
    • EXPERIMENTAL: Added nakayoshi_fork option. Reduce memory usage in preloaded cluster-mode apps by GCing before fork and compacting, where available. (#2093, #2256)
    • Added pumactl thread-backtraces command to print thread backtraces (#2054)
    • Added incrementing requests_count to Puma.stats. (#2106)
    • Increased maximum URI path length from 2048 to 8192 bytes (#2167, #2344)
    • lowlevel_error_handler is now called during a forced threadpool shutdown, and if a callable with 3 arguments is set, we now also pass the status code (#2203)
    • Faster phased restart and worker timeout (#2220)
    • Added state_permission to config DSL to set state file permissions (#2238)
    • Added Puma.stats_hash, which returns a stats in Hash instead of a JSON string (#2086, #2253)
    • rack.multithread and rack.multiprocess now dynamically resolved by max_thread and workers respectively (#2288)
  • Deprecations, Removals and Breaking API Changes

    • --control has been removed. Use --control-url (#1487)
    • worker_directory has been removed. Use directory.
    • min_threads now set by environment variables PUMA_MIN_THREADS and MIN_THREADS. (#2143)
    • max_threads now set by environment variables PUMA_MAX_THREADS and MAX_THREADS. (#2143)
    • max_threads default to 5 in MRI or 16 for all other interpreters. (#2143)
    • preload by default if workers > 1 (#2143)
    • Puma::Plugin.workers_supported? has been removed. Use Puma.forkable? instead. (#2143)
    • tcp_mode has been removed without replacement. (#2169)
    • Daemonization has been removed without replacement. (#2170)
    • Changed #connected_port to #connected_ports (#2076)
    • Configuration: environment is read from RAILS_ENV, if RACK_ENV can't be found (#2022)
    • Log binding on http:// for TCP bindings to make it clickable
  • Bugfixes

    • Fix JSON loading issues on phased-restarts (#2269)
    • Improve shutdown reliability (#2312, #2338)
    • Close client http connections made to an ssl server with TLSv1.3 (#2116)
    • Do not set user_config to quiet by default to allow for file config (#2074)
    • Always close SSL connection in Puma::ControlCLI (#2211)
    • Windows update extconf.rb for use with ssp and varied Ruby/MSYS2 combinations (#2069)
    • Ensure control server Unix socket is closed on shutdown (#2112)
    • Preserve BUNDLE_GEMFILE env var when using prune_bundler (#1893)
    • Send 408 request timeout even when queue requests is disabled (#2119)
    • Rescue IO::WaitReadable instead of EAGAIN for blocking read (#2121)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don’t alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a “Dependabot enabled” badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

GitHub