build(deps): bump sidekiq from 6.5.12 to 7.2.4

[dependabot]

Bumps sidekiq from 6.5.12 to 7.2.4.

Changelog

Sourced from sidekiq's changelog.

7.2.4

• Fix XSS in metrics filtering introduced in 7.2.0, CVE-2024-32887 Thanks to @​UmerAdeemCheema for the security report.

7.2.3

• Support Dragonfly.io as an alternative Redis implementation
• Fix error unpacking some compressed error backtraces #6241
• Fix potential heartbeat data leak #6227
• Add ability to find a currently running work by jid [#6212, fatkodima]

7.2.2

• Add Process.warmup call in Ruby 3.3+
• Batch jobs now skip transactional push #6160

7.2.1

• Add Sidekiq::Work type which replaces the raw Hash as the third parameter in Sidekiq::WorkSet#each { |pid, tid, hash| ... } #6145
• DEPRECATED: direct access to the attributes within the hash block parameter above. The Sidekiq::Work instance contains accessor methods to get at the same data, e.g.

work["queue"] # Old
work.queue # New

• Fix Ruby 3.3 warnings around base64 gem [#6151, earlopain]

7.2.0

• sidekiq_retries_exhausted can return :discard to avoid the deadset and all death handlers #6091
• Metrics filtering by job class in Web UI #5974
• Better readability and formatting for numbers within the Web UI #6080
• Add explicit error if user code tries to nest test modes #6078

Sidekiq::Testing.inline! # global setting
Sidekiq::Testing.fake! do # override within block
  # ok
  Sidekiq::Testing.inline! do # can't override the override
    # not ok, nested
  end
end

... (truncated)

Commits

• 30786e0 Fix for CVE-2024-32887
• 371884e changes
• 0787900 prep for release
• b554667 Fix Rack deprecation
• e57a47e Fix session secret error in tests with rails 71
• 33006ba Fix build, latest ent changes
• 79d254d Add **kwargs to dynamic redis client method definition (#6249)
• cee6f0e Fix typos (#6245)
• 56cab5f formatting
• 24e3f68 Use lax decoding, fixes #6241
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud