Bump the bundler group with 2 updates

[dependabot]

Bumps the bundler group with 2 updates: puma and importmap-rails.

Updates puma from 6.6.0 to 6.6.1

Release notes

Sourced from puma's releases.

v6.6.1

6.6.1 / 2025-07-30

• Bugfixes
  • Accept to_path to be nil on request bodies (#3635)
  • Fix single runner stats before the server start (#3572)
  • Fix incomplete worker boot state on refork (#3601)
  • Improve HttpParserError messages for better debugging (#3586)
  • Fix refork logs to distinguish from phased restarts (#3598)
  • Fix rack.after_reply so it doesn't interrupt chain on error (#3680)

Changelog

Sourced from puma's changelog.

6.6.1 / 2025-07-30

• Bugfixes
  • Accept to_path to be nil on request bodies (#3635)
  • Fix single runner stats before the server start (#3572)
  • Fix incomplete worker boot state on refork (#3601)
  • Improve HttpParserError messages for better debugging (#3586)
  • Fix refork logs to distinguish from phased restarts (#3598)
  • Fix rack.after_reply so it doesn't interrupt chain on error (#3680)

Commits

• 5f93ae6 v6.6.1 (#3679)
• c3884d1 rack.after_reply don't interrupt chain on error (#3680)
• 97c7d12 Fix variable typo: stategy > strategy (#3669)
• 231555c CI: make WEB_CONCURRENCY=auto test pass on single core systems (#3665)
• 3f90bc7 Add '# frozen_string_literal: true' to all test files (#3663)
• 640efa5 Address rubocop plugin warning (#3661)
• 0bf46db ci: Fix Gemfiles for cgi removal in ruby head (#3656)
• 979b9b0 bug: Accept to_path to be nil on request bodies (#3635)
• 9c1f89f Link to official Ruby documentation (#3653)
• 4daa213 Update docs to show correct default value for worker_shutdown_timeout (#3652)
• Additional commits viewable in compare view

Updates importmap-rails from 2.2.0 to 2.2.2

Release notes

Sourced from importmap-rails's releases.

v2.2.2

What's Changed

• Keep options when updating packages in importmap by @​rafaelfranca in rails/importmap-rails#310
• Make integrity calculation opt-in by @​rafaelfranca in rails/importmap-rails#312

Full Changelog: rails/importmap-rails@v2.2.1...v2.2.2

v2.2.1

What's Changed

• Improve SRI support by @​rafaelfranca in rails/importmap-rails#309

Integrity is now generated by default using the assets pipeline if it is properly configured. pin and update commands don't download the integrity from the npm repository anymore.

Full Changelog: rails/importmap-rails@v2.2.0...v2.2.1

Commits

• dcdb5fe Bump version for 2.2.2
• 40d0dc5 Fix update command adding extra new lines
• b51f709 Merge pull request #312 from rails/rm-opt-in-integrity
• 41339ab Make integrity calculation opt-in
• ae67187 Merge pull request #310 from rails/rm-update-keep-options
• 5e25781 Keep options when updating packages in importmap
• a151881 Fix character group for package target
• 56f84e7 Fix the scan when the pinned package has a version and has options after it
• af71ded Use each_with_object
• b5f5271 Extract common regexp to constants and methods
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.05%. Comparing base (e5425d8) to head (945510c).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #897   +/-   ##
=======================================
  Coverage   99.05%   99.05%           
=======================================
  Files          14       14           
  Lines         106      106           
=======================================
  Hits          105      105           
  Misses          1        1           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.