Skip to content

Bump puma from 7.2.0 to 8.0.1#164

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bundler/puma-8.0.1
Open

Bump puma from 7.2.0 to 8.0.1#164
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bundler/puma-8.0.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Bumps puma from 7.2.0 to 8.0.1.

Release notes

Sourced from puma's releases.

v8.0.1

  • Bugfixes

    • Fix prune_bundler stripping user-configured BUNDLE_* env vars (e.g. BUNDLE_WITHOUT) on re-exec, which caused workers to crash on boot (#3929)

  • Performance

    • Use blocks for debug logging to avoid creating log messages when debug is disabled (#3920)

  • Docs

    • Fix incorrect hook names in gRPC docs (#3923)
    • Reword v8 upgrade guide IPv6 bullet for clarity (#3928)

v8.0.0 - Into the Arena

Read our Version 8 Upgrade Guide.

  • Features

    • Add env["puma.mark_as_io_bound"] API and max_io_threads config to allow IO-bound requests to exceed the thread pool max, enabling better handling of mixed workloads (#3816, #3894)
    • Add single and cluster DSL hooks for mode-specific configuration (#3621)
    • Add on_force option to shutdown_debug to only dump thread backtraces on forced (non-graceful) shutdown (#3671)
    • Add API to dynamically update min and max thread counts at runtime via update_thread_pool_min_max and ServerPluginControl (#3658)
    • Use SIGPWR for thread backtrace dumps on Linux/JRuby where SIGINFO is unavailable (#3829)

  • Bugfixes

    • Fix phased restart for fork_worker to avoid forking from stale worker 0 when it has been replaced (#3853)

  • Performance

    • JRuby HTTP parser improvements: pre-allocated header keys, perfect hash lookup, reduced memory copies (#3838)
    • Cache downcased header key in str_headers to avoid redundant String#downcase calls, reducing allocations by ~50% per response (#3874)

  • Refactor

    • Collect env processing into dedicated client_env.rb module (#3582)
    • Move event to default configuration (#3872)

  • Docs

    • Add gRPC guide for configuring gRPC lifecycle hooks in clustered mode (#3885)
    • Add 7.0 upgrade guide, move 5.0/6.0 upgrade guides to docs directory (#3900)
    • Correct default values for persistent_timeout and worker_boot_timeout in DSL docs (#3912)
    • Add file descriptor limit warning in test helper for contributors (#3893)

  • Breaking changes

    • Default production bind address changed from 0.0.0.0 to :: (IPv6) when a non-loopback IPv6 interface is available; falls back to 0.0.0.0 if IPv6 is unavailable (#3847)
Changelog

Sourced from puma's changelog.

8.0.1 / 2026-04-27

  • Bugfixes

    • Fix prune_bundler stripping user-configured BUNDLE_* env vars (e.g. BUNDLE_WITHOUT) on re-exec, which caused workers to crash on boot (#3929)

  • Performance

    • Use blocks for debug logging to avoid creating log messages when debug is disabled (#3920)

  • Docs

    • Fix incorrect hook names in gRPC docs (#3923)
    • Reword v8 upgrade guide IPv6 bullet for clarity (#3928)

8.0.0 / 2026-03-27

  • Features

    • Add env["puma.mark_as_io_bound"] API and max_io_threads config to allow IO-bound requests to exceed the thread pool max, enabling better handling of mixed workloads (#3816, #3894)
    • Add single and cluster DSL hooks for mode-specific configuration (#3621)
    • Add on_force option to shutdown_debug to only dump thread backtraces on forced (non-graceful) shutdown (#3671)
    • Add API to dynamically update min and max thread counts at runtime via update_thread_pool_min_max and ServerPluginControl (#3658)
    • Use SIGPWR for thread backtrace dumps on Linux/JRuby where SIGINFO is unavailable (#3829)

  • Bugfixes

    • Fix phased restart for fork_worker to avoid forking from stale worker 0 when it has been replaced (#3853)

  • Performance

    • JRuby HTTP parser improvements: pre-allocated header keys, perfect hash lookup, reduced memory copies (#3838)
    • Cache downcased header key in str_headers to avoid redundant String#downcase calls, reducing allocations by ~50% per response (#3874)

  • Refactor

    • Collect env processing into dedicated client_env.rb module (#3582)
    • Move event to default configuration (#3872)

  • Docs

    • Add gRPC guide for configuring gRPC lifecycle hooks in clustered mode (#3885)
    • Add 7.0 upgrade guide, move 5.0/6.0 upgrade guides to docs directory (#3900)
    • Correct default values for persistent_timeout and worker_boot_timeout in DSL docs (#3912)
    • Add file descriptor limit warning in test helper for contributors (#3893)

  • Breaking changes

    • Default production bind address changed from 0.0.0.0 to :: (IPv6) when a non-loopback IPv6 interface is available; falls back to 0.0.0.0 if IPv6 is unavailable (#3847)
Commits
  • cee7e61 Release v8.0.1 (#3932)
  • f955caf Fix prune_bundler stripping user-configured BUNDLE_* env vars on re-exec (#3929)
  • 97996aa ci: test_error_logger.rb - fix TruffleRuby error (#3930)
  • 03825bc Build(deps): Bump actions/github-script from 8 to 9 (#3925)
  • 053efae Reword v8 upgrade guide ipv6 bullet (#3928)
  • b19f35a Fix incorrect hook names in gRPC docs (#3923)
  • eeabe4b Use blocks for debug logging to avoid creating messages if debug disabled (#3...
  • 08f63d4 Release v8.0.0 (#3914)
  • 7406cc1 Fix IPv4-mapped IPv6 addresses in REMOTE_ADDR and request logs (#3916)
  • e090243 Build(deps): Bump actions/checkout from 4 to 6 (#3915)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump puma from 7.2.0 to 8.0.1
ffd96e3 
Bumps [puma](https://github.com/puma/puma) from 7.2.0 to 8.0.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/main/History.md)
- [Commits](puma/puma@v7.2.0...v8.0.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Apr 27, 2026
@dependabot dependabot Bot mentioned this pull request Apr 27, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants