From 137d079869b05086efd3838c5f468d730fccff51 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 19 Mar 2024 21:21:29 +0000
Subject: [PATCH 1/2] Bump audited from 5.4.0 to 5.4.3

Bumps [audited](https://github.com/collectiveidea/audited) from 5.4.0 to 5.4.3.
- [Changelog](https://github.com/collectiveidea/audited/blob/main/CHANGELOG.md)
- [Commits](https://github.com/collectiveidea/audited/compare/v5.4.0...v5.4.3)

---
updated-dependencies:
- dependency-name: audited
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Gemfile      | 2 +-
 Gemfile.lock | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Gemfile b/Gemfile
index ee844338d..725829a79 100644
--- a/Gemfile
+++ b/Gemfile
@@ -7,7 +7,7 @@ gem "acts_as_votable", "~> 0.14.0"
 gem "ahoy_matey", "~> 4.2.1"
 gem "airbrake", "~> 13.0.4"
 gem "ancestry", "~> 4.3.3"
-gem "audited", "~> 5.4.0"
+gem "audited", "~> 5.4.3"
 gem "autoprefixer-rails", "~> 8.2.0"
 gem "bing_translator", "~> 6.2.0"
 gem "cancancan", "~> 3.5.0"
diff --git a/Gemfile.lock b/Gemfile.lock
index bb075d7f1..4e7032f8e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
     ancestry (4.3.3)
       activerecord (>= 5.2.6)
     ast (2.4.2)
-    audited (5.4.0)
+    audited (5.4.3)
       activerecord (>= 5.0, < 7.2)
       request_store (~> 1.2)
     autoprefixer-rails (8.2.0)
@@ -706,7 +706,7 @@ DEPENDENCIES
   ahoy_matey (~> 4.2.1)
   airbrake (~> 13.0.4)
   ancestry (~> 4.3.3)
-  audited (~> 5.4.0)
+  audited (~> 5.4.3)
   autoprefixer-rails (~> 8.2.0)
   bing_translator (~> 6.2.0)
   bullet (~> 7.1.6)

From ec686a8d1adfeb7c63bba05dc46c2ea8d53164eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javi=20Mart=C3=ADn?= <javim@elretirao.net>
Date: Tue, 19 Mar 2024 22:32:20 +0100
Subject: [PATCH 2/2] Ignore touch audited callbacks globally

This is possible since audited 5.4.3, and IMHO it's useful because
audited has added a callback on touch, which could result in strange
behavior since we might use the `touch` method to expire the cache
without doing any changes.

While this doesn't affect our application because we're using the `on:`
option of the `audited` method in the budget investment model, it'll
make it easier to enable audited for other classes in custom
installations without having to worry about the (usually undesired)
touch callbacks.
---
 config/initializers/audited.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/initializers/audited.rb b/config/initializers/audited.rb
index 74ad9b5a3..14de509e8 100644
--- a/config/initializers/audited.rb
+++ b/config/initializers/audited.rb
@@ -1,3 +1,4 @@
 Audited.config do |config|
   config.audit_class = ::Audit
+  config.ignored_default_callbacks = [:touch]
 end