chore(deps): bump wicked_pdf from 2.6.3 to 2.7.0 #11447
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
|
There are a few specs failing: Looks like an loading issue. |
|
I'm re-running the build... let's see. I've read somewhere that wkhtmltopdf repo has been archived. This is probably not the reason for the failure, but we do use it and wickedpdf as well, which relies on it. I'm not sure we won't need to replace these soon. |
Maybe this is related to the webpacker failure |
|
I think that @sigmundpetersen is right and the failures come from this release and have nothing to do with wkhtmltopdf. Our options are:
Since we don't need this release at the moment, I'm in favour of just closing this PR. But the ideal process would be searching for an existing issue, raising one if it doesn't exist and add a workaround in the meantime. |
|
Since wkhtmltopdf was mentioned, I had a look at the project status. Yes, it's archived. The maintainer doesn't really see a future in it. Alternatives are: But as long as this works for us, we don't need to change. Maybe wicked_pdf will choose another software at some point? We just have to remember that we can only render sanitised input. If we allow stuff like |
Bumps [wicked_pdf](https://github.com/mileszs/wicked_pdf) from 2.6.3 to 2.7.0. - [Release notes](https://github.com/mileszs/wicked_pdf/releases) - [Changelog](https://github.com/mileszs/wicked_pdf/blob/master/CHANGELOG.md) - [Commits](https://github.com/mileszs/wicked_pdf/commits) --- updated-dependencies: - dependency-name: wicked_pdf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
rioug
force-pushed
the
dependabot/bundler/wicked_pdf-2.7.0
branch
from
b90af78
to
0361355
Compare
|
Open an issue here mileszs/wicked_pdf#1098 |
|
PR has been accepted : mileszs/wicked_pdf#1099. Closing this, we can upgrade when they release a version with the fix. |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Bumps wicked_pdf from 2.6.3 to 2.7.0.
Changelog
Sourced from wicked_pdf's changelog.
Commits
You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)