Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump rails from 7.0.8.5 to 7.2.2.1 #1857

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump rails from 7.0.8.5 to 7.2.2.1 #1857

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 11, 2024
edited
Loading

Bumps rails from 7.0.8.5 to 7.2.2.1.

Release notes

Sourced from rails's releases.

7.2.2.1

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Add validation to content security policies to disallow spaces and semicolons. Developers should use multiple arguments, and different directive methods instead.

    [CVE-2024-54133]

    Gannon McGibbon

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

Active Storage

  • No changes.

... (truncated)

Commits
  • 33beb0a Preparing for 7.2.2.1 release
  • d4b2a61 Update vendored trix version to 2.1.10
  • 3da2479 Add CSP directive validation
  • d0dcb8f Preparing for 7.2.2 release
  • 9f24f75 Add yarn.lock allowed dirty files
  • ad485aa Merge pull request #52951 from Ridhwana/Ridhwana/active-record-validations [c...
  • f6916e7 Merge pull request #53494 from zzak/re-53492
  • a7858b5 Merge pull request #53472 from p8/activerecord/improve-attributes-for-inspect...
  • e6a8acd Merge pull request #53475 from p8/activerecord/show-all-attributes-in-console
  • 91aac4a Merge pull request #53484 from zzak/query_cache-config-disable
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Dec 11, 2024
@dependabot dependabot bot mentioned this pull request Dec 11, 2024
Closed
@cypress Cypress
Copy link

cypress bot commented Dec 11, 2024
edited
Loading

decide    Run #5129

Run Properties:  status check failed Failed #5129  •  git commit e0751660fe: Bump rails from 7.0.8.5 to 7.2.2.1
Project decide
Branch Review dependabot/bundler/rails-7.2.2.1
Run status status check failed Failed #5129
Run duration 07m 17s
Commit git commit e0751660fe: Bump rails from 7.0.8.5 to 7.2.2.1
Committer dependabot[bot]
View all properties for this run ↗︎
Test results
Tests that failed  Failures 8
Tests that were flaky  Flaky 0
Tests that did not run due to a developer annotating a test with .skip  Pending 0
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 22
View all changes introduced in this branch ↗︎

Tests for review

Failed  cypress/e2e/votings/vote.spec.js • 8 failed tests

View Output Video

Test Artifacts
Vote submission > empty vote submission Screenshots Video
Vote submission > submit extra votes Screenshots Video
Vote submission > submit less votes Screenshots Video
Vote submission > displays countdown timer before voting Screenshots Video
Vote submission > submit available votes Screenshots Video
Vote submission > displays countdown timer after voting Screenshots Video
Vote submission > shows results once voting is finished Screenshots Video
Vote submission > shows results once voting is archived Screenshots Video

@dependabot dependabot bot force-pushed the dependabot/bundler/rails-7.2.2.1 branch 7 times, most recently from 251e463 to 4f9e819 Compare December 18, 2024 01:32
@dependabot dependabot bot force-pushed the dependabot/bundler/rails-7.2.2.1 branch 2 times, most recently from aed2086 to 45f8105 Compare December 25, 2024 01:30
@dependabot
Bump rails from 7.0.8.5 to 7.2.2.1
e075166 
Bumps [rails](https://github.com/rails/rails) from 7.0.8.5 to 7.2.2.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v7.0.8.5...v7.2.2.1)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/bundler/rails-7.2.2.1 branch from 45f8105 to e075166 Compare January 6, 2025 01:20
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jan 6, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code size/L
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants