[bundler] Bump actionview from 8.0.3 to 8.1.0

[dependabot]

Bumps actionview from 8.0.3 to 8.1.0.

Release notes

Sourced from actionview's releases.

8.1.0

Active Support

• Remove deprecated passing a Time object to Time#since.

  Rafael Mendonça França

• Remove deprecated Benchmark.ms method. It is now defined in the benchmark gem.

  Rafael Mendonça França

• Remove deprecated addition for Time instances with ActiveSupport::TimeWithZone.

  Rafael Mendonça França

• Remove deprecated support for to_time to preserve the system local time. It will now always preserve the receiver timezone.

  Rafael Mendonça França

• Deprecate config.active_support.to_time_preserves_timezone.

  Rafael Mendonça França

• Standardize event name formatting in assert_event_reported error messages.

  The event name in failure messages now uses .inspect (e.g., name: "user.created") to match assert_events_reported and provide type clarity between strings and symbols. This only affects tests that assert on the failure message format itself.

  George Ma

• Fix Enumerable#sole to return the full tuple instead of just the first element of the tuple.

  Olivier Bellone

• Fix parallel tests hanging when worker processes die abruptly.

  Previously, if a worker process was killed (e.g., OOM killed, kill -9) during parallel test execution, the test suite would hang forever waiting for the dead worker.

  Joshua Young

• Add config.active_support.escape_js_separators_in_json.

  Introduce a new framework default to skip escaping LINE SEPARATOR (U+2028) and PARAGRAPH SEPARATOR (U+2029) in JSON.

  Historically these characters were not valid inside JavaScript literal strings but that changed in ECMAScript 2019. As such it's no longer a concern in modern browsers: https://caniuse.com/mdn-javascript_builtins_json_json_superset.

... (truncated)

Changelog

Sourced from actionview's changelog.

Rails 8.1.0 (October 22, 2025)

• The BEGIN template annotation/comment was previously printed on the same line as the following element. We now insert a newline inside the comment so it spans two lines without adding visible whitespace to the HTML output to enhance readability.

  Before:

  <!-- BEGIN /Users/siaw23/Desktop/rails/actionview/test/fixtures/actionpack/test/greeting.html.erb --><p>This is grand!</p> 

  After:

  <!-- BEGIN /Users/siaw23/Desktop/rails/actionview/test/fixtures/actionpack/test/greeting.html.erb --><p>This is grand!</p> 

  Emmanuel Hayford

• Add structured events for Action View:

  • action_view.render_template
  • action_view.render_partial
  • action_view.render_layout
  • action_view.render_collection
  • action_view.render_start

  Gannon McGibbon

• Fix label with for option not getting prefixed by form namespace value

  Abeid Ahmed, Hartley McGuire

• Add fetchpriority to Link headers to match HTML generated by preload_link_tag.

  Guillermo Iguaran

• Add CSP nonce to Link headers generated by preload_link_tag.

  Alexander Gitter

• Allow current_page? to match against specific HTTP method(s) with a method: option.

  Ben Sheldon

• Remove autocomplete="off" on hidden inputs generated by the following tags:

  • form_tag, token_tag, method_tag

  As well as the hidden parameter fields included in button_to, check_box, select (with multiple) and file_field forms.

  nkulway

... (truncated)

Commits

• 1cdd190 Preparing for 8.1.0 release
• 1ace683 Preparing for 8.1.0.rc1 release
• d6f9f62 Make the Structured Event Subscriber emit events in format that are useful fo...
• 4ae5bfc Place template annotation on a separate line
• 7d12071 Micro optimize ActiveRecord::RuntimeRegistry
• d2518fa Merge pull request #55748 from Shopify/event_with_debug_helper
• 1e77699 Make all framework log subscribers API private
• 78857a3 Introduce with_debug_event_reporting to enable event reporter debug mode
• ebb01c5 Emit only one structured event per notification event
• b8d8b55 Merge pull request #55738 from skipkayhil/hm-nkxzsnnrqqlyrotw
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	actionpack@​8.0.3 ⏵ 8.1.0

View full report

[dependabot]

Superseded by #131.