Upgrade Ruby to v3.2.4 - Githubissues

edgi-govdata-archiving / web-monitoring-db

An HTTP API for tracking and annotating changes to a set of web pages.

https://api.monitoring.envirodatagov.org/

GNU General Public License v3.0

17 stars 26 forks source link

Upgrade Ruby to v3.2.4 #1110

Closed Mr0grog closed 4 months ago

Mr0grog commented 4 months ago

This resolves some security vulnerabilities (see https://www.ruby-lang.org/en/news/2024/04/23/ruby-3-3-1-released/). Technically we should probably upgrade to v3.2.4 (same security patches, but for the 3.2 release line), but there's no obvious reason not to just move up to the 3.3 release line and no breaking changes.

Mr0grog commented 4 months ago

CircleCI has not yet released an image for this version of Ruby. Tests pass locally, so I don’t expect to see any failures once CircleCI updates, but I’ll still wait for CI before merging just in case.

Mr0grog commented 4 months ago

Welp, turns out Ruby 3.3.x requires a newer version of Rubocop, which wants us to make a lot of other code changes. Due to the maintenance status here, I’m switching to Ruby 3.2.4, which has the same security fixes.