update dalli for CVE-2022-4064 #324

indirect · 2023-01-10T15:12:00Z

No description provided.

olleolleolle · 2023-01-11T11:57:18Z

jruby-92 can also be dropped, since it's a Ruby 2.5:

  Bundler found conflicting requirements for the Ruby� version:
    In Gemfile:
      gemstash was resolved to 2.1.0, which depends on
        Ruby� (>= 2.6)
  
    Current Ruby� version:
      Ruby� (= 2.5.8)

because webrick gets added/removed depending on the ruby version, we should probably only use the lockfile for the newest version of ruby? maybe?

removes the gemfile ci exception, too

simi · 2023-01-27T11:25:07Z

🥳 🎈

indirect mentioned this pull request Jan 11, 2023

Use JRuby 9.4 in CI #325

Closed

indirect added 10 commits January 26, 2023 17:44

add Ruby 3.2, drop 2.4-2.6

79622d1

update RuboCop target Ruby version to match

f30b2d4

add jruby 9.4

01c2534

remove jruby 9.2, since that's ruby 2.5

109ada8

persist rspec results

9f0340e

add dependabot

ffaa8af

update the CI environment

bdc6208

try updating rubygems on all 3.2

9676344

work around BUNDLER_SETUP for tests

0b22aff

update required_ruby_version to match CI

b4b632a

indirect force-pushed the update-dalli branch from 94261a8 to 6702ed1 Compare January 27, 2023 01:48

indirect added 9 commits January 26, 2023 19:28

update rubocop

8e6e409

commit lockfile

efb0444

bump rubocop ruby version to 2.7

2c34ccd

update rubocop config

5dbdd13

apply rubocop -a

4fb0b8c

apply rubocop -A

d7ce313

add a ruby version

997f098

update the lint CI versions

4071c42

resolve remaining rubocop offenses

194efed

indirect force-pushed the update-dalli branch from 4acf9dc to ca92c40 Compare January 27, 2023 03:29

indirect added 7 commits January 26, 2023 19:29

lock for linux/CI

7489f94

oh no, dalli locked too high

94a5faf

work around deployment mode across rubies

fd47065

because webrick gets added/removed depending on the ruby version, we should probably only use the lockfile for the newest version of ruby? maybe?

oh no that shouldn't have been checked in

bb499b9

require psych with the safe_load_file we use

555ba0a

enforce webrick across all rubies

dcde457

removes the gemfile ci exception, too

sort the dependencies

03637cb

indirect added 4 commits January 26, 2023 20:37

lock for java too

52f08c2

no single lock works for jruby+ruby

ff98b88

add lock back to gitignore

26c66ef

update dalli for CVE-2022-4064

14da0a5

indirect force-pushed the update-dalli branch from ca92c40 to 14da0a5 Compare January 27, 2023 06:41

indirect merged commit 137f387 into main Jan 27, 2023

indirect deleted the update-dalli branch January 27, 2023 06:46

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update dalli for CVE-2022-4064 #324

update dalli for CVE-2022-4064 #324

indirect commented Jan 10, 2023

olleolleolle commented Jan 11, 2023

simi commented Jan 27, 2023

update dalli for CVE-2022-4064 #324

update dalli for CVE-2022-4064 #324

Conversation

indirect commented Jan 10, 2023

olleolleolle commented Jan 11, 2023

simi commented Jan 27, 2023