chore: Bump devise-two-factor, rails, paranoia, labimotion, dotenv-rails, faraday, grape, grape-swagger and rqrcode

[dependabot]

Bumps devise-two-factor, rails, paranoia, labimotion, dotenv-rails, faraday, grape, grape-swagger and rqrcode. These dependencies needed to be updated together.
Updates devise-two-factor from 4.1.0 to 6.4.0

Release notes

Sourced from devise-two-factor's releases.

v6.4.0

What's Changed

• Drop support for EOL rails versions by @​mjankowski in devise-two-factor/devise-two-factor#319
• Add ruby 4.0 to CI matrix by @​mjankowski in devise-two-factor/devise-two-factor#320
• Add changelog entry for 6.3.1 by @​mjankowski in devise-two-factor/devise-two-factor#321
• Allow devise version five in gemspec by @​mjankowski in devise-two-factor/devise-two-factor#322

Full Changelog: devise-two-factor/devise-two-factor@v6.3.1...v6.4.0

Changelog

Sourced from devise-two-factor's changelog.

6.4.0

• Remove upper limit on Devise version (allows v5) from gemspec

6.3.1

• Fix DB-adapter-specific integration issue with backupable shared example
• Drop support for EOL Rails versions 7.0 and 7.1

6.3.0

• Fixed timing to be consistent when Devise paranoid mode is active.

6.2.0

• Rails 8.1 support

6.1.0

• Rails 8 support

6.0.0

Breaking Changes

• otp_secret_length and otp_backup_code_length options have changed to be the number of random bytes that are generated. See https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md.
• consume_otp! and invalidate_otp_backup_code! now call save! instead of save. See https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md.

5.1.0

• Remove faker dev dependency
• Insert two_factor_authenticatable at the top of the devise module list
• README and CI improvements

5.0.0

Breaking Changes

• attr_encrypted has been deprecated in favor of native Rails attribute encryption. See https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md for details on how to migrate your records. You must use or build a migration strategy (see examples in https://github.com/devise-two-factor/devise-two-factor/blob/main/UPGRADING.md) to use existing data!
• Rails 7 is now required.

Commits

• 33e41c6 Update version.rb
• d4767f3 Update CHANGELOG.md
• e7b528a Merge pull request #322 from mjankowski/devise-five
• 4615190 Update devise-two-factor.gemspec
• 749c430 Allow devise version five in gemspec
• aef75c2 Merge pull request #321 from mjankowski/typos-from-docs
• f731a91 Add changelog entry for 6.3.1
• cedace3 Fix typo in model lib
• a3ce9f5 Merge pull request #320 from mjankowski/ruby-version-4-0
• 43d9182 Merge branch 'main' into ruby-version-4-0
• Additional commits viewable in compare view

Updates rails from 6.1.7.10 to 7.2.3

Release notes

Sourced from rails's releases.

7.2.3

Active Support

• Fix Enumerable#sole to return the full tuple instead of just the first element of the tuple.

  Olivier Bellone

• Fix parallel tests hanging when worker processes die abruptly.

  Previously, if a worker process was killed (e.g., OOM killed, kill -9) during parallel test execution, the test suite would hang forever waiting for the dead worker.

  Joshua Young

• ActiveSupport::FileUpdateChecker does not depend on Time.now to prevent unnecessary reloads with time travel test helpers

  Jan Grodowski

• Fix ActiveSupport::BroadcastLogger from executing a block argument for each logger (tagged, info, etc.).

  Jared Armstrong

• Fix ActiveSupport::HashWithIndifferentAccess#transform_keys! removing defaults.

  Hartley McGuire

• Fix ActiveSupport::HashWithIndifferentAccess#tranform_keys! to handle collisions.

  If the transformation would result in a key equal to another not yet transformed one, it would result in keys being lost.

  Before:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1}

  After:

  >> {a: 1, b: 2}.with_indifferent_access.transform_keys!(&:succ)
  => {"c" => 1, "d" => 2}

  Jason T Johnson, Jean Boussier

• Fix ActiveSupport::Cache::MemCacheStore#read_multi to handle network errors.

  This method specifically wasn't handling network errors like other codepaths.

... (truncated)

Commits

• bb2bdef Preparing for 7.2.3 release
• fd7d30e Upgrade sigstore gem to 0.2.2
• 40e5415 Sync CHANGELOG
• 3245de1 Add sigstore-cli gem to the releaser toolset
• 35ad36a Merge pull request #55969 from rails/fix-explain-tests-mysql-9.5
• 3690a3a Merge pull request #55966 from alexanderadam/doc/remove_subclasses_documentat...
• 33f9043 Disable GCS tests in CI
• ebd0cfc Merge pull request #55947 from c0nspiracy/patch-1
• c4d7af0 Merge pull request #55948 from zzak/debug-rails-new-docker
• 1ed5ecc Use NPM trusted publishing for our NPM packages
• Additional commits viewable in compare view

Updates paranoia from 2.6.0 to 3.1.0

Release notes

Sourced from paranoia's releases.

v3.0.1

What's Changed

• Handle #delete_all by @​mohammednasser-32 in rubysherpas/paranoia#566
• feat: Trigger an after_commit callback when restoring a record by @​yoheimuta in rubysherpas/paranoia#559
• fix typo in newly added readme by @​mohammednasser-32 in rubysherpas/paranoia#567

New Contributors

• @​mohammednasser-32 made their first contribution in rubysherpas/paranoia#566
• @​yoheimuta made their first contribution in rubysherpas/paranoia#559

Full Changelog: rubysherpas/paranoia@v3.0.0...v3.0.1

v3.0.0

What's Changed

• Add support for Rails 7.2 by @​andrewhampton in rubysherpas/paranoia#563
• See what happens on Rails edge by @​radar in rubysherpas/paranoia#564

New Contributors

• @​andrewhampton made their first contribution in rubysherpas/paranoia#563

Full Changelog: rubysherpas/paranoia@v2.6.4...v3.0.0

v2.6.4

What's Changed

• Bump actions/checkout from v2 to v4 by @​mishina2228 in rubysherpas/paranoia#550
• Support prebuilt counter cache association list by @​JoeDupuis in rubysherpas/paranoia#554
• fix: restore has_one with scope by @​zygzagZ in rubysherpas/paranoia#551
• 📝 Add Yard documentation for Paranoia::Query by @​cprodhomme in rubysherpas/paranoia#555

New Contributors

• @​JoeDupuis made their first contribution in rubysherpas/paranoia#554
• @​zygzagZ made their first contribution in rubysherpas/paranoia#551
• @​cprodhomme made their first contribution in rubysherpas/paranoia#555

Full Changelog: rubysherpas/paranoia@v2.6.3...v2.6.4

v2.6.3

• [Update supported Rails version in paranoia.gemspec #547](rubysherpas/paranoia@3bdb553)
• [Use paranoia_destroyed? instead of deleted? #545](rubysherpas/paranoia@4db17c2)
• [Minor optimization, removing unneeded variables #546](rubysherpas/paranoia@1db8402)
• [Rails 7.1 Release 🚀 #548](rubysherpas/paranoia@72a03f1)

v2.6.2 - Recursive restore with has_many/one through assocs (#441)

.

v2.6.1

No release notes provided.

Changelog

Sourced from paranoia's changelog.

3.1.0 - November 7, 2025

• #580 Support Rails 8.0 and 8.1
• Update activerecord dependency to '>= 7', '< 8.2'
• Update minimum Ruby version to 3.1
• Drop support for Rails 6.x
• Drop support for Ruby 2.7 and 3.0
• Add Rails 8.0 and 8.1 to CI test matrix

3.0.1 - January 19, 2025

• #566 Handle #delete_all
• #559 Trigger an after_commit callback when restoring a record
• #567 Fix typo in newly added readme

3.0.0 - August 13, 2024

Tagged as 3.0 as Ruby + Rails version constraints have been modernised.

• #564 Support Rails edge
• #563 Support Rails 7.2

2.6.4 - July 20, 2024

• #554 Support prebuilt counter cache association list (#554) Joé Dupuis
• #551 Fix: restore has_one with scope (#551) Paweł Charyło
• #555 📝 Add Yard documentation for Paranoia::Query (#555) Clément Prod'homme

2.6.3 - Oct 12, 2023

• #548 Add support for Rails 7.1 (#548) Indyarocks

2.6.2 - Jun 6, 2023

• #441 Recursive restore with has_many/one through assocs (#441) Emil Ong

2.6.1 - Nov 16, 2022

• #535 Allow to skip updating paranoia_destroy_attributes for records while really_destroy! Anton Bogdanov

Commits

• See full diff in compare view

Updates labimotion from 2.2.0.rc5 to 2.2.0.rc6

Commits

• See full diff in compare view

Updates dotenv-rails from 2.8.1 to 3.2.0

Release notes

Sourced from dotenv-rails's releases.

v3.2.0

What's Changed

• Boost app startup time by removing to_sentence usage by @​ThomasCrambert in bkeepers/dotenv#534
• Handle parentheses in variables in commands by @​i7an in bkeepers/dotenv#540
• allow warning when a env var was not overwritten by @​grosser in bkeepers/dotenv#531
• fix a few small issues by @​grosser in bkeepers/dotenv#532

New Contributors

• @​ThomasCrambert made their first contribution in bkeepers/dotenv#534
• @​i7an made their first contribution in bkeepers/dotenv#540

Full Changelog: bkeepers/dotenv@v3.1.8...v3.2.0

v3.1.8

Thanks to Stoked Seagull Software for sponsoring this release of dotenv!
Need help with a software project but don't know where to begin? Stoked Seagull can help.

Interested in sponsoring dotenv?

What's Changed

• fix crash when .env is a folder by @​Roupiye in bkeepers/dotenv#527
• docs: Clarify order of configuration files for flag -f by @​webrails in bkeepers/dotenv#529
• docs: Provide a 'Changelog' link on rubygems.org/gems/dotenv-rails by @​mark-young-atg in bkeepers/dotenv#524

New Contributors

• @​webrails made their first contribution in bkeepers/dotenv#529
• @​Roupiye made their first contribution in bkeepers/dotenv#527

Full Changelog: bkeepers/dotenv@v3.1.7...v3.1.8

v3.1.7

What's Changed

• Fix issue with repeated linebreaks when normalizing line endings by @​bkeepers in bkeepers/dotenv#523
• Generate build matrix from endoflife.date by @​bkeepers in bkeepers/dotenv#521

Full Changelog: bkeepers/dotenv@v3.1.6...v3.1.7

3.1.6

What's Changed

• Fix: Restore previous parser behavior of returning existing variables by @​bkeepers in bkeepers/dotenv#519

Full Changelog: bkeepers/dotenv@v3.1.5...v3.1.6

v3.1.5

What's Changed

... (truncated)

Commits

• 34156bf Prepare for 3.2.0 release
• ab47820 Merge pull request #531 from grosser/grosser/warn
• fae6120 Merge branch 'main' into grosser/warn
• 4f510f4 Merge pull request #532 from grosser/grosser/fixes
• 959e1da Merge pull request #539 from bkeepers/dependabot/github_actions/actions/check...
• 041451e Update spec message
• b300f26 Bump actions/checkout from 4 to 6
• 5f4ca01 Merge branch 'main' into grosser/warn
• 209dca4 Merge pull request #540 from i7an/handle-parentheses
• 48c4956 Merge branch 'main' into handle-parentheses
• Additional commits viewable in compare view

Updates faraday from 2.8.1 to 2.14.1

Release notes

Sourced from faraday's releases.

v2.14.1

Security Note

This release contains a security fix, we recommend all users to upgrade as soon as possible. A Security Advisory with more details will be posted shortly.

What's Changed

• Add comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot by @​Copilot in lostisland/faraday#1642
• Add RFC document for Options architecture refactoring plan by @​Copilot in lostisland/faraday#1644
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in lostisland/faraday#1655
• Explicit top-level namespace reference by @​c960657 in lostisland/faraday#1657

New Contributors

• @​Copilot made their first contribution in lostisland/faraday#1642

Full Changelog: lostisland/faraday@v2.14.0...v2.14.1

v2.14.0

What's Changed

New features ✨

• Use newer UnprocessableContent naming for 422 by @​tylerhunt in lostisland/faraday#1638

Fixes 🐞

• Convert strings to UTF-8 by @​c960657 in lostisland/faraday#1624
• Fix Response#to_hash when response not finished yet by @​yykamei in lostisland/faraday#1639

Misc/Docs 📄

• Lint: use filter_map by @​olleolleolle in lostisland/faraday#1637
• Bump actions/checkout from v4 to v5 by @​dependabot[bot] in lostisland/faraday#1636
• Fixes documentation by @​dharamgollapudi in lostisland/faraday#1635

New Contributors

• @​c960657 made their first contribution in lostisland/faraday#1624
• @​dharamgollapudi made their first contribution in lostisland/faraday#1635
• @​tylerhunt made their first contribution in lostisland/faraday#1638

Full Changelog: lostisland/faraday@v2.13.4...v2.14.0

v2.13.4

What's Changed

• Improve error handling logic and add missing test coverage by @​iMacTia in lostisland/faraday#1633

Full Changelog: lostisland/faraday@v2.13.3...v2.13.4

v2.13.3

What's Changed

• Fix type assumption in Faraday::Error by @​iMacTia in lostisland/faraday#1630

... (truncated)

Commits

• 16cbd38 Version bump to 2.14.1
• a6d3a3a Merge commit from fork
• b23f710 Explicit top-level namespace reference (#1657)
• 49ba4ac Bump actions/checkout from 5 to 6 (#1655)
• 51a49bc Ensure Claude reads the guidelines and allow to plan in a gitignored .ai/PLAN...
• 894f65c Add RFC document for Options architecture refactoring plan (#1644)
• 397e3de Add comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot ...
• d98c65c Update Faraday-specific AI agent guidelines
• 56c18ec Add AI agent guidelines specific to Faraday repository
• 3201a42 Version bump to 2.14.0
• Additional commits viewable in compare view

Updates grape from 1.8.0 to 3.2.0

Changelog

Sourced from grape's changelog.

3.2.0 (2026-04-08)

Features

• #2662: Extract Grape::Util::Translation for shared I18n fallback logic - @​ericproulx.
• #2656: Remove useless instance_variable_defined? checks - @​ericproulx.
• #2619: Remove TOC from README.md and danger-toc check - @​alexanderadam.
• #2663: Refactor ParamsScope and Parameters DSL to use named kwargs - @​ericproulx.
• #2664: Drop test-prof dependency - @​ericproulx.
• #2665: Pass attrs directly to AttributesIterator instead of validator - @​ericproulx.
• #2657: Instantiate validators at definition time - @​ericproulx.
• #2667: Skip instrumentation in run_validators when no validators present - @​ericproulx.
• #2670: Added support for Rack 3.2.6 and better handling to rack exceptions - @​ericproulx.
• #2671: Use ruby 3.1 shorthand kwargs syntax - @​ericproulx.
• #2672: Minor ruby optimizations - @​ericproulx.
• #2675: Add AGENTS.md to please our future A.I. overlords - @​dblock.

Fixes

• #2670: Fix UnknownAuthStrategy raised when custom auth strategy class inherits from Grape::Middleware::Auth::Base - @​dblock.
• #2655: Fix before_each method to handle nil parameter correctly - @​ericproulx.
• #2660: Fix thread safety: move mutable ParamsScope state (index, params_meeting_dependency) into a per-request ParamScopeTracker stored in Fiber[] - @​ericproulx.
• #2666: Endpoint cleanup and minor optimizations - @​ericproulx.
• #2676: Exclude ruby 3.2 for rails_edge - @​ericproulx.
• #2677: Update actions/checkout to v6 - @​ericproulx.

3.1.0 (2026-01-25)

Features

• #2629: Refactor Router Architecture - @​ericproulx.
• #2633: Refactor API::Instance and reorganize DSL modules - @​ericproulx.
• #2636: Refactor router to simplify method signatures and reduce duplication - @​ericproulx.
• #2640: Compute available_media_types once - @​ericproulx.
• #2637: Refactor declared method - @​ericproulx.
• #2639: Refactor mime_types_for - @​ericproulx.
• #2638: Remove unnecessary path string duplication - @​ericproulx.
• #2643: Remove try method in codebase - @​ericproulx.
• #2646: Call valid_encoding? before scrub - @​ericproulx.
• #2644: Clean useless/not valuable dependencies - @​ericproulx.
• #2649: Drop support Ruby 3.0 and ActiveSupport 7.0 - @​ericproulx.
• #2648: Remove deprecated ParamsBuilders extensions - @​ericproulx.
• #2645: Endpoints are compiled when API is compiled - @​ericproulx.
• #2647: Explicit kwargs for namespace and route_param - @​ericproulx.
• #2651: Migrate Danger to use danger-pr-comment workflow - @​dblock.

Fixes

• #2633: Fix cascade reading - @​ericproulx.
• #2641: Restore support for return in endpoint blocks - @​ericproulx.

... (truncated)

Commits

• 82fd5da Preparing for release, 3.2.0
• 198db4d Update actions/checkout to v6. (#2677)
• 7175dfd Remove ruby 3.2 for rails_edge (#2676)
• 548baef Add AGENTS.md to please our future A.I. overlords (#2675)
• d0c0ea4 :with (#2672)
• 4638481 Fix UnknownAuthStrategy raised when custom auth strategy inherits from Grape:...
• fe3b4f8 Use Ruby 3.1 shorthand kwargs syntax across the codebase (#2671)
• 03e6d05 Merge pull request #2670 from ruby-grape/rack_request_error
• 08c9253 Wrap Rack parameter parsing errors in Grape::Exceptions::RequestError
• ec1b0fe Merge pull request #2667 from ruby-grape/skip_instrumentation_no_validators
• Additional commits viewable in compare view

Updates grape-swagger from 1.6.1 to 2.1.4

Changelog

Sourced from grape-swagger's changelog.

2.1.4 (2026-02-02)

Features

• #970: Migrate Danger to use danger-pr-comment workflow - @​dblock.
• #972: Add weekly scheduled workflow to test against Grape HEAD - @​numbata.

Fixes

• #972: Grape 3.1.0 and grape-swagger-entity 0.7.1 compatibility - @​numbata.

2.1.3 (2025-11-21)

Features

• #956: Add danger - @​numbata.
• #958: Drop ruby-head from test matrix - @​numbata.
• #953: Added super_diff - @​numbata.
• #951: Use x-example for non-body parameters - @​olivier-thatch.
• #963: Allow empty model definitions for swagger 2.0 - @​numbata.

Fixes

• #966: Grape 3.0 compatibility - @​numbata.
• #954: Ruby 3.5 compatibility: add cgi gem, drop runtime rack‑test - @​numbata.
• #948: Grape 2.3.0 and Ruby 3.5 compatibility - @​numbata.

2.1.2 (2025-01-07)

Features

• #945: Add support for primitive data types in responses - @​gregg-platogo.

Fixes

• #943: Fix route_param documentation and type - @​4ndv.
• #944: Amend a few typographic errors - @​pieterocp.

2.1.1 (2024-09-21)

Fixes

• #940: Grape 2.2.0 compatibility - @​padde.

2.1.0 (2024-05-14)

Features

... (truncated)

Commits

• edce505 Preparing for release, 2.1.4
• 4ec0cac Fix Grape 3.1.0 and grape-swagger-entity 0.7.1 compatibility (#972)
• 85dc847 Migrate Danger to use danger-pr-comment workflow (#970)
• ac9b723 Bump actions/checkout from 5 to 6
• 159aff8 Preparing for release, 2.1.3.
• 4a1983e Add Grape 3 compatibility (#966)
• 232baa5 Clarify README for overriding an Entity's documented name (#961)
• c76eac3 Bump actions/checkout from 4 to 5
• 58af6e2 Allow empty model definitions for Swagger 2.0 (#963)
• cb6962a Use x-example for non-body parameters (#951)
• Additional commits viewable in compare view

Updates rqrcode from 2.2.0 to 3.2.0

Release notes

Sourced from rqrcode's releases.

v3.2.0

What's Changed

• Release 3.1.1 mergeback by @​whomwah in whomwah/rqrcode#162
• Using AI Assistant to identity (and fix) performance bottlenecks by @​whomwah in whomwah/rqrcode#163
  • Updated minimum Ruby version requirement to >= 3.2.0
  • SVG rendering: Improved by +130% (from 184 i/s to 424 i/s) with 71% memory reduction
  • HTML rendering: Now the fastest export format at 1,876 i/s (rendering-only benchmark)
  • Memory efficiency: HTML now uses 6x less memory than SVG (previously 22x)
  • uses rqrcode_core 2.1 which also received performance improvements.
• Releases/3.2.0 by @​whomwah in whomwah/rqrcode#164

Full Changelog: whomwah/rqrcode@v3.1.1...v3.2.0

v3.1.1

What's Changed

• Release 3.1.0 mergeback by @​whomwah in whomwah/rqrcode#158
• Update required_ruby_version to allow Ruby 4.0 by @​k0kubun in whomwah/rqrcode#160
• Releases/v3.1.1 by @​whomwah in whomwah/rqrcode#161

New Contributors

• @​k0kubun made their first contribution in whomwah/rqrcode#160

Full Changelog: whomwah/rqrcode@v3.1.0...v3.1.1

v3.1.0

What's Changed

• Correct link and version of rqrcode_core in CHANGELOG.md by @​prognostikos in whomwah/rqrcode#154
• feat: Enhance SVG export with offset_x and offset_y options by @​whomwah in whomwah/rqrcode#153
• docs: Update README.md by @​whomwah in whomwah/rqrcode#155

New Contributors

• @​prognostikos made their first contribution in whomwah/rqrcode#154

Full Changelog: whomwah/rqrcode@v3.0.0...v3.1.0

v3.0.0

What's Changed

• Feat/updates sept 24 by @​whomwah in whomwah/rqrcode#146
• Update FUNDING.yml by @​whomwah in whomwah/rqrcode#147
• chore: Updating dependencies and drop Ruby < 3 by @​whomwah in whomwah/rqrcode#148

Full Changelog: whomwah/rqrcode@v2.2.0...v3.0.0

Changelog

Sourced from rqrcode's changelog.

[3.2.0] - 2026-01-08

Added

• Comprehensive benchmarking suite in benchmark/ directory for measuring performance and memory usage across all export formats (SVG, PNG, HTML, ANSI)
• benchmark_helper.rb providing shared utilities for IPS, memory, and stack profiling
• Rake tasks for running benchmarks individually or all at once
• benchmark/README.md explaining usage, metrics, and interpretation of results
• AGENTS.md as a development guide for AI agents

Changed

• SVG rendering: Improved by +130% (from 184 i/s to 424 i/s) with 71% memory reduction
• HTML rendering: Now the fastest export format at 1,876 i/s (rendering-only benchmark)
• Memory efficiency: HTML now uses 6x less memory than SVG (previously 22x)
• Updated minimum Ruby version requirement to >= 3.2.0
• Updated GitHub workflow Ruby matrix to test only supported versions (3.2, 3.3, 3.4, 4.0)
• Updated README.md with benchmark documentation and contribution guidelines

[3.1.1] - 2025-11-25

• Update required_ruby_version to support >= rather than ~> ready for Ruby 4

[3.1.0] - 2025-04-28

• Added support for offset_x and offset_y options in the as_svg method for independent x and y padding around QR codes #153

[3.0.0] - 2025-04-24

• Drop support for Ruby <3.0 in order to keep up with dev dependencies.
• Breaking Change: The rqrcode_core gem has been updated to version 2.0.0, which includes breaking changes. Please refer to the rqrcode_core changelog

Commits

• f0d6500 Merge pull request #164 from whomwah/releases/3.2.0
• e3f69d6 chore(release): bump version to 3.2.0 and update changelog
• ea5d9cd Merge pull request #163 from whomwah/feat/performance1
• 36917bf perf(svg): optimize SVG path export for speed and output size
• 4697d7d docs(benchmark): update benchmark results for 2026-01-08
• 12a395d chore: update ruby support to >= 3.2 and update dependencies
• ed9c3a4 refactor(html): optimize as_html for performance
• a051501 refactor(svg): move color prefix logic to top-level render method
• b4ef453 docs: add semantic commit message guidelines to AGENTS.md
• 8220716 chore(deps): update rqrcode_core to 2.1.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.