Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update puma, grpc, and commonmarker to include CVE fixes #6224

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

heliocola
Copy link

@heliocola heliocola commented Sep 22, 2023

In this PR

  • 1. Update puma, grpc, and commonmarker gems to include CVE fixes

@github-actions
Copy link

Hello. Thanks for opening a PR on Exercism. We are currently in a phase of our journey where we have paused community contributions to allow us to take a breather and redesign our community model. You can learn more in this blog post. As such, all issues and PRs in this repository are being automatically closed.

That doesn't mean we're not interested in your ideas, or that if you're stuck on something we don't want to help. The best place to discuss things is with our community on the Exercism Community Forum. You can use this link to copy this into a new topic there.


Note: If this PR has been pre-approved, please link back to this PR on the forum thread and a maintainer or staff member will reopen it.

@github-actions github-actions bot closed this Sep 22, 2023
Gemfile Show resolved Hide resolved
@heliocola
Copy link
Author

I just noticed the PR closed and the message.
The other 2 gems (grpc and commonmarker) had only minor version updated and I was planning on letting CI run with the PR as draft.

Anyway... if this gets opened for consideration I can review in more details if these gems update requires more tests or need any further code changes.

.gitignore Outdated Show resolved Hide resolved
@iHiD iHiD reopened this Sep 25, 2023
@heliocola heliocola force-pushed the bundler-audit-and-cves branch from 4e6938f to 8b1361d Compare September 27, 2023 05:42
Gemfile Outdated Show resolved Hide resolved
@heliocola heliocola force-pushed the bundler-audit-and-cves branch from 8b1361d to 6ae8f7a Compare September 29, 2023 03:35
@iHiD iHiD marked this pull request as ready for review October 5, 2023 14:29
@heliocola
Copy link
Author

@iHiD : do you know if the code that uses grpc and commonmarker are covered with automated tests?
They are both c code and the code changes doesn't help me much get an idea if they will break something, but CI run and it is all green.

@iHiD
Copy link
Member

iHiD commented Oct 20, 2023

I'll defer to @ErikSchierboom to get this tested/deployed.

@ErikSchierboom
Copy link
Member

Thanks for the PR! Testing this will take some time, so I'll come back to this later.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants