Skip to content

Update Ruby 4.0.1 → 4.0.5#157

Merged
nsommer merged 1 commit into
mainfrom
depfu/engine/ruby-4.0.5
Jun 3, 2026
Merged

Update Ruby 4.0.1 → 4.0.5#157
nsommer merged 1 commit into
mainfrom
depfu/engine/ruby-4.0.5

Conversation

@depfu

@depfu depfu Bot commented May 28, 2026

Copy link
Copy Markdown
Contributor

Here is everything you need to know about this upgrade. Please take a good look at what changed and the test results before merging this pull request.

What changed?

Release Notes

4.0.5

Posted by k0kubun on 20 May 2026

      <p>Ruby 4.0.5 has been released.</p>

This release only contains a security fix for CVE-2026-46727: Use-after-free in pthread-based getaddrinfo timeout handler and a build system regression in Ruby 4.0.4 under C locale [Bug #22065].

Please see the GitHub releases for further details.

Release Schedule

We intend to release the latest stable Ruby version (currently Ruby 4.0) every two months following the most recent regular release. Ruby 4.0.6 will be released in July, 4.0.7 in September, and 4.0.8 in November.

If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift accordingly.

4.0.4

Posted by k0kubun on 11 May 2026

      <p>Ruby 4.0.4 has been released.</p>

This is a routine update that includes bugfixes. Please see the GitHub Releases for further details.

Release Schedule

We intend to release the latest stable Ruby version (currently Ruby 4.0) every two months following the most recent regular release. Ruby 4.0.5 will be released in July, 4.0.6 in September, and 4.0.7 in November.

If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift accordingly.

4.0.3

Posted by k0kubun on 21 Apr 2026

      <p>Ruby 4.0.3 has been released.</p>

This release only contains ERB 6.0.1.1, which fixes CVE-2026-41316.

If your application calls Marshal.load on untrusted data AND has both erb and activesupport loaded, please update your ERB to 4.0.3.1, 4.0.4.1, 6.0.1.1, 6.0.4 or later. You may use this Ruby 4.0.3 release to do so.

Release Schedule

We intend to release the latest stable Ruby version (currently Ruby 4.0) every two months following the most recent regular release. Ruby 4.0.4 will be released in May, 4.0.5 in July, 4.0.6 in September, and 4.0.7 in November.

If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift accordingly.

4.0.2

Posted by k0kubun on 16 Mar 2026

      <p>Ruby 4.0.2 has been released.</p>

This is a routine update that includes a bugfix in YJIT for NoMethodError on Puma. Please see the GitHub Releases for further details.

Release Schedule

We intend to release the latest stable Ruby version (currently Ruby 4.0) every two months following the most recent release. Ruby 4.0.3 will be released in May, 4.0.4 in July, 4.0.5 in September, and 4.0.6 in November.

If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift accordingly.


All Depfu comment commands
@​depfu refresh
Rebases against your default branch and redoes this update
@​depfu recreate
Recreates this PR, overwriting any edits that you've made to it
@​depfu merge
Merges this PR once your tests are passing and conflicts are resolved
@​depfu close
Closes this PR and deletes the branch
@​depfu reopen
Restores the branch and reopens this PR (if it's closed)
@​depfu pause
Pauses all engine updates and closes this PR

@depfu depfu Bot added the depfu label May 28, 2026
@depfu depfu Bot mentioned this pull request May 28, 2026
@nsommer nsommer merged commit bc0aece into main Jun 3, 2026
3 checks passed
@depfu depfu Bot deleted the depfu/engine/ruby-4.0.5 branch June 3, 2026 16:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant