Bump bcrypt from 3.1.11 to 3.1.19

[dependabot]

Bumps bcrypt from 3.1.11 to 3.1.19.

Release notes

Sourced from bcrypt's releases.

v3.1.13

3.1.13 May 31 2019

• No longer include compiled binaries for Windows. See GH #173.
• Update C and Java implementations to latest versions [GH #182 by @​fonica]
• Bump default cost to 12 [GH #181 by @​bdewater]
• Remove explicit support for Rubies 1.8 and 1.9
• Start calibration from the minimum cost supported by the algorithm [GH #206 by @​sergey-alekseev]
• Remove explicit support for Rubies 1.8 and 1.9 [GH #185 by @​tjschuck]
• Define SKIP_GNU token when building extension (Fixes FreeBSD >= 12) [GH #189 by @​adam12]

v3.1.12

• Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
• Fix compatibility with libxcrypt [GH #164 by @​besser82]

v3.1.12.rc1

• Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
• Fix compatibility with libxcrypt [GH #164 by @​besser82]

Changelog

Sourced from bcrypt's changelog.

3.1.19 June 22 2023

• Deprecate passing the third argument to BCrypt::Engine.hash_secret [GH #207 by @​sergey-alekseev]
• Add GC guards so the C compiler won't optimize out references [GH #270]

3.1.18 May 16 2022

• Unlock GVL when calculating hashes and salts [GH #260]
• Fix compilation warnings in ext/mri/bcrypt_ext.c [GH #261]

3.1.17 Mar 14 2022

• Fix regex in validators to use \A and \z instead of ^ and $ [GH #121]
• Truncate secrets greater than 72 bytes in hash_secret [GH #255]
• Assorted test and doc improvements

3.1.16 Sep 3 2020

• Fix compilation on FreeBSD. [GH #234]

3.1.15 July 21 2020

• Remove GVL optimization. Apparently it breaks things [GH #230]

3.1.14 July 21 2020

• Start calibration from the minimum cost supported by the algorithm [GH #206 by @​sergey-alekseev]

3.1.13 May 31 2019

• No longer include compiled binaries for Windows. See GH #173.
• Update C and Java implementations to latest versions [GH #182 by @​fonica]
• Bump default cost to 12 [GH #181 by @​bdewater]
• Remove explicit support for Rubies 1.8 and 1.9
• Define SKIP_GNU token when building extension (Fixes FreeBSD >= 12) [GH #189 by @​adam12]

3.1.12 May 16 2018

• Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
• Fix compatibility with libxcrypt - Fixes hash errors in Fedora 28 and Ubuntu 20 [GH #164 by @​besser82]

Commits

• 863cfbd bumping Java version rake-compiler/rake-compiler#172
• 31458e7 bumping version / updating changelog
• d4e4813 Merge pull request #270 from itarato/bugfix/PA-missing-gc-guard
• 53ec1e1 Fixing a rare bug when calling BCrypt::Engine#hash_secret - which produces ni...
• e402d69 Merge pull request #168 from bcrypt-ruby/no-null-bytes
• 477f290 Add a test for passwords with null bytes
• 4268ac8 Merge pull request #207 from sergey-alekseev/deprecate-passing-the-third-argu...
• df27ee5 deprecate passing the third argument to BCrypt::Engine.hash_secret
• 667a136 Merge pull request #263 from nwjsmith/three-one-eighteen
• 98f5082 Merge pull request #261 from nwjsmith/ci-improvements
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)