Skip to content

build(deps): bump bcrypt from 3.1.20 to 3.1.22#14

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/bcrypt-3.1.22
Open

build(deps): bump bcrypt from 3.1.20 to 3.1.22#14
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/bcrypt-3.1.22

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 19, 2026
edited
Loading

Copy link
Copy Markdown

Bumps bcrypt from 3.1.20 to 3.1.22.

Release notes

Sourced from bcrypt's releases.

v3.1.22

What's Changed

Full Changelog: bcrypt-ruby/bcrypt-ruby@v3.1.21...v3.1.22

v3.1.21

What's Changed

New Contributors

Full Changelog: bcrypt-ruby/bcrypt-ruby@v3.1.20...v3.1.21

Changelog

Sourced from bcrypt's changelog.

3.1.22 Mar 18 2026

3.1.21 Dec 31 2025

  • Use constant time comparisons
  • Mark as Ractor safe
Commits
  • 831ce64 Merge commit from fork
  • 32e687e bump version update changelog
  • 5faa274 Fix integer overflow in JRuby BCrypt rounds calculation
  • aafc033 Merge pull request #294 from bcrypt-ruby/fix-publishing
  • 01f947a fix env url
  • 92ca1d6 Merge pull request #293 from bcrypt-ruby/truffleruby-ci-alt-implementation
  • 4d1d95b Add TruffleRuby in CI
  • 36a04a2 Merge pull request #291 from tenderlove/fix-publishing
  • 01cc688 Move compilation after bundle install
  • 82e6c4c Merge pull request #290 from tenderlove/bump
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Mar 19, 2026
@dependabot
build(deps): bump bcrypt from 3.1.20 to 3.1.22
d878e5f 
Bumps [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby) from 3.1.20 to 3.1.22.
- [Release notes](https://github.com/bcrypt-ruby/bcrypt-ruby/releases)
- [Changelog](https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG)
- [Commits](bcrypt-ruby/bcrypt-ruby@v3.1.20...v3.1.22)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-version: 3.1.22
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/bcrypt-3.1.22 branch from c4582d7 to d878e5f Compare March 31, 2026 11:00
@sonarqubecloud

sonarqubecloud Bot commented Mar 31, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants