Update dependency annotate to v3

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
annotate	2.6.5 → 3.2.0

---

Release Notes

ctran/annotate_models (annotate)

v3.2.0

Compare Source

What's Changed

• Fix undefined method error when spatial column does not have srid (#​920) @​oieioi
• Fix: use klass.table_name instead of guessing from associated models (#​847) @​ocarta-l
• Bump nokogiri from 1.11.2 to 1.11.7 in /spec/integration/rails_6.0.2.1 (#​886) @​dependabot
• Bump puma from 4.3.7 to 5.3.2 in /spec/integration/rails_5.2.4.1 (#​887) @​dependabot
• get_loaded_model_by_path is supposed to be nil-safe (#​883) @​sato11
• Fix CI builds and update dependencies (#​884) @​ctran
• Fix ci: conflicts with removed gems (#​865) @​ocarta-l
• Allow get_loaded_model to succeed when $LOAD_PATH contains non-string values (#​848) @​Hamms
• Bump rack from 2.1.2 to 2.2.3 in /spec/integration/rails_5.2.4.1 (#​820) @​dependabot
• Bump rack from 2.1.2 to 2.2.3 in /spec/integration/rails_6.0.2.1 (#​819) @​dependabot
• Bump websocket-extensions from 0.1.4 to 0.1.5 in /spec/integration/rails_6.0.2.1 (#​813) @​dependabot
• Bump websocket-extensions from 0.1.4 to 0.1.5 in /spec/integration/rails_5.2.4.1 (#​812) @​dependabot
• Bump puma from 4.3.3 to 4.3.5 in /spec/integration/rails_5.2.4.1 (#​809) @​dependabot
• Bump puma from 4.3.3 to 4.3.5 in /spec/integration/rails_6.0.2.1 (#​808) @​dependabot
• Use ruby/setup-ruby since actions/ruby is deprecated (#​855) @​ctran
• Fix typo invlaid -> invalid (#​835) @​olleolleolle
• Enable bundler caching for travis (#​853) @​Taher-Ghaleb
• Automate release notes with release-drafter.yml (#​846) @​ctran
• Fix: RuntimeError: Don't know how to build task 'db:migrate' (#​844) @​onk
• Only return valid models from get_loaded_model_by_path (#​801) @​macobo
• load :set_annotation_options before running :annotate_routes (#​803) @​javawizard
• Add annotation hooks for db-specific migration tasks (#​686) @​paul-mannino
• ActiveAdmin: Allow for both singular and plural model names (#​776) @​vfonic
• Adding option to skip loading models from subdirectories (#​767) @​ethanbresler
• gemspec: Add metadata URIs (#​798) @​olleolleolle
• Move some code to AnnotateModels::FilePatterns (#​794) @​nard-tech
• Fix typos (#​795) @​henrik
• Add methods to AnnotateRoutes::HeaderGenerator and refactor methods (#​792) @​nard-tech
• Fix output for multiline column comments (#​779) @​tmr08c
• Reactors AnnotateModels.get_schema_info (#​791) @​tmr08c
• Refactor AnnotateRoutes by adding AnnotateRoutes::HeaderGenerator (#​790) @​nard-tech
• Fix "undefined method `<'" error message (#​774) @​erikkessler1
• Turn on integration tests in CI (#​788) @​drwl
• Add integration test for rails g annotate:install (#​783) @​drwl
• Some project clean up (#​786) @​drwl

What's Changed

• Factory Girl -> Factory Bot by @​henrik in #​759
• Refactor test cases of AnnotateRoutes - completed version by @​nard-tech in #​760
• Bump nokogiri from 1.10.7 to 1.10.8 in /spec/integration/rails_6.0.2.1 by @​dependabot in #​765
• Bump nokogiri from 1.10.7 to 1.10.8 in /spec/integration/rails_5.2.4.1 by @​dependabot in #​766
• Bump puma from 3.12.2 to 4.3.3 in /spec/integration/rails_5.2.4.1 by @​dependabot in #​769
• Bump puma from 4.3.1 to 4.3.3 in /spec/integration/rails_6.0.2.1 by @​dependabot in #​771
• [Revert #​677] Fix column default annotations by @​drwl in #​768
• Bump project required ruby version to >= 2.4 by @​drwl in #​772
• Refactor by adding AnnotateRoutes::Helpers by @​nard-tech in #​770
• Make travis.yml valid and to unblock gem releases by @​drwl in #​782
• Some project clean up by @​drwl in #​786
• Add integration test for rails g annotate:install by @​drwl in #​783
• Turn on integration tests in CI by @​drwl in #​788
• Fix "undefined method `<'" error message by @​erikkessler1 in #​774
• Refactor AnnotateRoutes by adding AnnotateRoutes::HeaderGenerator by @​nard-tech in #​790
• Reactors AnnotateModels.get_schema_info by @​tmr08c in #​791
• Fix output for multiline column comments by @​tmr08c in #​779
• Add methods to AnnotateRoutes::HeaderGenerator and refactor methods by @​nard-tech in #​792
• Fix typos by @​henrik in #​795
• Move some code to AnnotateModels::FilePatterns by @​nard-tech in #​794
• gemspec: Add metadata URIs by @​olleolleolle in #​798
• Adding option to skip loading models from subdirectories by @​ethanbresler in #​767
• ActiveAdmin: Allow for both singular and plural model names by @​vfonic in #​776
• Add annotation hooks for db-specific migration tasks by @​paul-mannino in #​686
• load :set_annotation_options before running :annotate_routes by @​javawizard in #​803
• Only return valid models from get_loaded_model_by_path by @​macobo in #​801
• Fix: RuntimeError: Don't know how to build task 'db:migrate' by @​onk in #​844
• Automate release notes with release-drafter.yml by @​ctran in #​846
• Enable bundler caching for travis by @​Taher-Ghaleb in #​853
• Fix typo invlaid -> invalid by @​olleolleolle in #​835
• Use ruby/setup-ruby since actions/ruby is deprecated by @​ctran in #​855
• Bump puma from 4.3.3 to 4.3.5 in /spec/integration/rails_6.0.2.1 by @​dependabot in #​808
• Bump puma from 4.3.3 to 4.3.5 in /spec/integration/rails_5.2.4.1 by @​dependabot in #​809
• Bump websocket-extensions from 0.1.4 to 0.1.5 in /spec/integration/rails_5.2.4.1 by @​dependabot in #​812
• Bump websocket-extensions from 0.1.4 to 0.1.5 in /spec/integration/rails_6.0.2.1 by @​dependabot in #​813
• Bump rack from 2.1.2 to 2.2.3 in /spec/integration/rails_6.0.2.1 by @​dependabot in #​819
• Bump rack from 2.1.2 to 2.2.3 in /spec/integration/rails_5.2.4.1 by @​dependabot in #​820
• Allow get_loaded_model to succeed when $LOAD_PATH contains non-string values by @​Hamms in #​848
• Fix ci: conflicts with removed gems by @​ocarta-l in #​865
• Fix CI builds and update dependencies by @​ctran in #​884
• get_loaded_model_by_path is supposed to be nil-safe by @​sato11 in #​883
• Bump puma from 4.3.7 to 5.3.2 in /spec/integration/rails_5.2.4.1 by @​dependabot in #​887
• Bump nokogiri from 1.11.2 to 1.11.7 in /spec/integration/rails_6.0.2.1 by @​dependabot in #​886
• Fix: use klass.table_name instead of guessing from associated models by @​ocarta-l in #​847
• Fix undefined method error when spatial column does not have srid by @​oieioi in #​920
• Loosen activerecord restriction to work with rails 7 by @​dabit in #​912
• Bump puma from 5.3.2 to 5.6.1 in /spec/integration/rails_5.2.4.1 by @​dependabot in #​925
• Bump addressable from 2.7.0 to 2.8.0 in /spec/integration/rails_6.0.2.1 by @​dependabot in #​889

New Contributors

• @​henrik made their first contribution in #​759
• @​erikkessler1 made their first contribution in #​774
• @​tmr08c made their first contribution in #​791
• @​ethanbresler made their first contribution in #​767
• @​vfonic made their first contribution in #​776
• @​paul-mannino made their first contribution in #​686
• @​javawizard made their first contribution in #​803
• @​macobo made their first contribution in #​801
• @​onk made their first contribution in #​844
• @​Taher-Ghaleb made their first contribution in #​853
• @​Hamms made their first contribution in #​848
• @​ocarta-l made their first contribution in #​865
• @​sato11 made their first contribution in #​883
• @​dabit made their first contribution in #​912

Full Changelog: ctran/annotate_models@v3.1.0...v3.2.0

v3.1.1

Compare Source

Changes

• Bump required ruby version to >= 2.4 #​772
• [Revert #​677] Fix column default annotations #​768

Project Improvements

• Refactor by adding AnnotateRoutes::Helpers #​770
• Bump puma from 4.3.1 to 4.3.3 in /spec/integration/rails_6.0.2.1 #​771
• Bump puma from 3.12.2 to 4.3.3 in /spec/integration/rails_5.2.4.1 #​769
• Bump nokogiri from 1.10.7 to 1.10.8 in /spec/integration/rails_5.2.4.1 #​766
• Bump nokogiri from 1.10.7 to 1.10.8 in /spec/integration/rails_6.0.2.1 #​765
• Refactor test cases of AnnotateRoutes #​760
• Rename FactoryGirl -> FactoryBot comment #​759

v3.1.0

Compare Source

Changes

• Fix new lines after comments for rubocop compatibility #​757
• Fix messages from AnnotateRoutes #​737
• Support YARD notation #​724
• Refactor AnnotateRoutes.routes_file_exist? #​716
• Refactor namespace Annotate #​719
• Add columns managed by Globalize gem #​602

Bug Fixes

• Fix additional_file_patterns parsing #​756
• Fix typo in README #​752
• Fix bin/annotate NoMethodError #​745
• Fix README for YARD format #​740
• Fix constant names that were not renamed in #​721 #​739
• Replace soft-deprecated constant HashWithIndifferentAccess to ActiveSupport::HashWithIndifferentAccess #​699
• Fix #​570 Change of foreign key should be considered as a column change
• Fix #​430 Handle columns from activerecord-postgis-adapter #​694
• Add ActiveAdmin option to template #​693
• Fix foreign key issue with Rails 6 and Sqlite3 #​695
• Fix Serializers Test Directory #​625
• Fix #​624 Correct default values for columns when ActiveRecord::Enum is used #​677
• Fix #​675 Correct indentation for double-byte characters #​676
• FIX: Ensure only one line is around the annotation #​669
• Fix shifted when format_markdown option enabled and used non-ascii #​650

Project improvements

• Refactor RSpec for AnnotateModels - structuralize test cases #​755
• Refactor test cases of AnnotateRoutes as for Rake versions #​754
• Add integration tests to project #​747
• Refactor test cases for AnnotateRoutes.remove_annotations #​748
• Refactor RSpec for AnnotateModels - with Globalize gem #​749
• Fixed CHANGELOG.md to add link to each PR #​751
• Delete integration test fixtures #​746
• Remove remaining integration test files #​744
• Remove unworking integration tests #​725
• Refactor Annotate::Parser #​742
• Refactor RSpec for AnnotateModels (4) - AnnotateModels.get_schema_info (without custom options) #​735
• Refactor RSpec for AnnotateRoutes (1) #​736
• Refactor AnnotateRoutes.rewrite_contents #​734
• AnnotateModels.get_schema_info (with custom options) #​732
• Fix typo in RSpec of AnnotateModels #​731
• Remove AnnotateRoutes.rewrite_contents_with_header #​730
• Refactor AnnotateRoutes.annotate_routes and .rewrite_contents_with_header #​729
• Refactor AnnotateModels::Parser #​728
• Remove invalid document of AnnotateRoutes.rewrite_contents #​727
• Refactor RSpec for AnnotateModels (1) #​726
• Refactor AnnotateModels::Helpers #​723
• Refactor AnnotateRoutes.remove_annotations #​715
• Fix AnnotateRoutes.extract_magic_comments_from_array #​712
• Rename FactoryGirl to FactoryBot #​721
• Refactor AnnotateRoutes.header #​714
• Freeze constant AnnotateRoutes::HEADER_ROW #​713
• Add constants MAGIC_COMMENT_MATCHER #​711
• Rename method and variable of AnnotateRoutes for readability #​709
• Refactor lib/annotate.rb #​707
• Delete TODO.md #​700
• Tidy README #​701
• Convert documentation files to Markdown #​697
• Upgrade and fix CI #​698
• Add upgrade instructions to README #​687
• Fix Github release action #​682

v3.0.3

Compare Source

• Use a less error-prone way of specifying gem files #​662
• Update rake requirement from >= 10.4, < 13.0 to >= 10.4, < 14.0 #​659
• Bump nokogiri from 1.6.6.2 to 1.10.4 in /spec/integration/rails_4.2.0 #​655
• Default annotate models to true in config generated by rails g annotate:install #​671
• Bump loofah from 2.3.0 to 2.3.1 in /spec/integration/rails_4.2.0 #​681

v3.0.2

Compare Source

• Fixes LoadError due to gemspec not referencing parser.rb, issue #​657 #​660
• Changes --additional_file_patterns to use dashes --additional-file-patterns for consistency #​649
• Refactor: moving constants into constants.rb #​653

v3.0.0

Compare Source

• Breaking: when option models is not set - models will not be annotated by default.

  Add 'models'=>'true' to your config manually or use --models option if using CLI.

• Added --models CLI option fixing issue #​563 #​647

• Added --additional_file_patterns option for additional file patterns #​633 #​636 #​637

• Refactored CLI parser #​646

• Fixed BigDecimal.new deprecation warning #​634

• Fixed annotations for columns with long data types #​622

• Made methods private in AnnotateRoutes #​598

See https://github.com/ctran/annotate_models/releases/tag/v3.0.0

v2.7.5

Compare Source

See https://github.com/ctran/annotate_models/releases/tag/v2.7.5

v2.7.4

Compare Source

• Fix with_comment format in annotate_models_rake #​560

v2.7.3

Compare Source

See https://github.com/ctran/annotate_models/releases/tag/v2.7.3

v2.7.2

Compare Source

See https://github.com/ctran/annotate_models/releases/tag/v2.7.2

v2.7.1

Compare Source

See https://github.com/ctran/annotate_models/releases/tag/v2.7.1

v2.7.0

Compare Source

See https://github.com/ctran/annotate_models/releases/tag/v2.7.0

v2.6.10: Revert incompatible change

Compare Source

Revert "Prefer SQL column type over normalized AR type"

v2.6.9

Compare Source

• Support foreigh key #​241
• Check if model has skip tag in annotate_model_file #​167
• Fix issue where serializer-related flags weren't being honored #​246
• Prefer SQL column type over normalized AR type #​231

v2.6.8

Compare Source

• Nothing annotated unless options[:model_dir] is specified, #​234

v2.6.7

Compare Source

• Nothing annotated unless options[:model_dir] is specified, #​234

v2.6.6

Compare Source

• Makes it possible to wrap annotations, #​225
• Fix single model generation, #​214
• Fix default value for Rails 4.2, #​212
• Don't crash on inherited models in subdirectories, #​232
• Process model_dir in rake task, #​197

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Container Scanning Status: ❌ Failure

NAME                     INSTALLED        FIXED IN          TYPE  VULNERABILITY        SEVERITY  EPSS           RISK   
net-imap                 0.4.19           0.4.20            gem   GHSA-j3g3-5qv5-52mj  Medium    0.5% (67th)    0.3    
resolv                   0.3.0            0.3.1             gem   GHSA-xh69-987w-hrp8  Medium    0.3% (50th)    0.1    
net-imap                 0.4.19           0.4.24            gem   GHSA-75xq-5h9v-w6px  Medium    0.2% (36th)    < 0.1  
net-imap                 0.6.2            0.6.4             gem   GHSA-75xq-5h9v-w6px  Medium    0.2% (36th)    < 0.1  
erb                      4.0.3            4.0.3.1           gem   GHSA-q339-8rmv-2mhv  High      0.1% (28th)    < 0.1  
erb                      6.0.1            6.0.1.1           gem   GHSA-q339-8rmv-2mhv  High      0.1% (28th)    < 0.1  
erb                      6.0.2            6.0.4             gem   GHSA-q339-8rmv-2mhv  High      0.1% (28th)    < 0.1  
libssl3t64               3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28389       High      < 0.1% (24th)  < 0.1  
libssl3t64               3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28390       High      < 0.1% (24th)  < 0.1  
openssl                  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28389       High      < 0.1% (24th)  < 0.1  
openssl                  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28390       High      < 0.1% (24th)  < 0.1  
openssl-provider-legacy  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28389       High      < 0.1% (24th)  < 0.1  
openssl-provider-legacy  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28390       High      < 0.1% (24th)  < 0.1  
libc-bin                 2.41-12+deb13u2  2.41-12+deb13u3   deb   CVE-2026-4437        High      < 0.1% (20th)  < 0.1  
libc6                    2.41-12+deb13u2  2.41-12+deb13u3   deb   CVE-2026-4437        High      < 0.1% (20th)  < 0.1  
net-imap                 0.4.19           0.4.24            gem   GHSA-vcgp-9326-pqcp  High      < 0.1% (20th)  < 0.1  
net-imap                 0.6.2            0.6.4             gem   GHSA-vcgp-9326-pqcp  High      < 0.1% (20th)  < 0.1  
libc-bin                 2.41-12+deb13u2  2.41-12+deb13u3   deb   CVE-2026-4046        High      < 0.1% (20th)  < 0.1  
libc6                    2.41-12+deb13u2  2.41-12+deb13u3   deb   CVE-2026-4046        High      < 0.1% (20th)  < 0.1  
addressable              2.8.10           2.9.0             gem   GHSA-h27x-rffw-24p4  High      < 0.1% (19th)  < 0.1  
net-imap                 0.4.19           0.4.24            gem   GHSA-87pf-fpwv-p7m7  Medium    < 0.1% (20th)  < 0.1  
net-imap                 0.6.2            0.6.4             gem   GHSA-87pf-fpwv-p7m7  Medium    < 0.1% (20th)  < 0.1  
libssl3t64               3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28387       High      < 0.1% (13th)  < 0.1  
openssl                  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28387       High      < 0.1% (13th)  < 0.1  
openssl-provider-legacy  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28387       High      < 0.1% (13th)  < 0.1  
picomatch                4.0.3            4.0.4             npm   GHSA-3v7f-55p6-f55p  Medium    < 0.1% (17th)  < 0.1  
json                     2.18.0           2.19.2            gem   GHSA-3m6g-2423-7cp3  High      < 0.1% (10th)  < 0.1  
libssl3t64               3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-31790       High      < 0.1% (10th)  < 0.1  
openssl                  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-31790       High      < 0.1% (10th)  < 0.1  
openssl-provider-legacy  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-31790       High      < 0.1% (10th)  < 0.1  
libsystemd0              257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-40225       Medium    < 0.1% (13th)  < 0.1  
libudev1                 257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-40225       Medium    < 0.1% (13th)  < 0.1  
libssl3t64               3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28388       High      < 0.1% (9th)   < 0.1  
openssl                  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28388       High      < 0.1% (9th)   < 0.1  
openssl-provider-legacy  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-28388       High      < 0.1% (9th)   < 0.1  
libc-bin                 2.41-12+deb13u2  2.41-12+deb13u3   deb   CVE-2026-4438        Medium    < 0.1% (13th)  < 0.1  
libc6                    2.41-12+deb13u2  2.41-12+deb13u3   deb   CVE-2026-4438        Medium    < 0.1% (13th)  < 0.1  
net-imap                 0.4.19           0.4.24            gem   GHSA-q2mw-fvj9-vvcw  Low       < 0.1% (23rd)  < 0.1  
net-imap                 0.6.2            0.6.4             gem   GHSA-q2mw-fvj9-vvcw  Low       < 0.1% (23rd)  < 0.1  
libssl3t64               3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-2673        High      < 0.1% (6th)   < 0.1  
openssl                  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-2673        High      < 0.1% (6th)   < 0.1  
openssl-provider-legacy  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-2673        High      < 0.1% (6th)   < 0.1  
net-imap                 0.4.19           0.4.24            gem   GHSA-hm49-wcqc-g2xg  Medium    < 0.1% (8th)   < 0.1  
net-imap                 0.6.2            0.6.4             gem   GHSA-hm49-wcqc-g2xg  Medium    < 0.1% (8th)   < 0.1  
picomatch                4.0.3            4.0.4             npm   GHSA-c2c7-rcm5-vvqj  High      < 0.1% (5th)   < 0.1  
libsystemd0              257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-29111       Medium    < 0.1% (6th)   < 0.1  
libudev1                 257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-29111       Medium    < 0.1% (6th)   < 0.1  
zlib                     3.1.1            3.1.2             gem   GHSA-g857-hhfv-j68w  Medium    < 0.1% (2nd)   < 0.1  
libsystemd0              257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-40226       Medium    < 0.1% (1st)   < 0.1  
libudev1                 257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-40226       Medium    < 0.1% (1st)   < 0.1  
libssl3t64               3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-31789       Critical  < 0.1% (0th)   < 0.1  
openssl                  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-31789       Critical  < 0.1% (0th)   < 0.1  
openssl-provider-legacy  3.5.5-1~deb13u1  3.5.5-1~deb13u2   deb   CVE-2026-31789       Critical  < 0.1% (0th)   < 0.1  
libsystemd0              257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-4105        Medium    < 0.1% (0th)   < 0.1  
libudev1                 257.9-1~deb13u1  257.13-1~deb13u1  deb   CVE-2026-4105        Medium    < 0.1% (0th)   < 0.1  
rexml                    3.3.9            3.4.2             gem   GHSA-c2f4-jgmc-q2r5  Low       < 0.1% (6th)   < 0.1  
bcrypt                   3.1.21           3.1.22            gem   GHSA-f27w-vcwj-c954  Medium    < 0.1% (0th)   < 0.1  
uri                      0.13.2           0.13.3            gem   GHSA-j4pr-3wm6-xx2r  Low       < 0.1% (0th)   < 0.1  
sed                      4.9-2            4.9-2+deb13u1     deb   CVE-2026-5958        Low       < 0.1% (0th)   < 0.1  
devise                   5.0.3            5.0.4             gem   GHSA-jp94-3292-c3xv  Medium    N/A            N/A