renovate[bot]
commented
1 year ago β Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
β» Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: Gemfile.lock
installing v2 tool ruby v3.2.2
[12:22:41.333] INFO (9): Installing tool ruby v3.2.2...
linking tool ruby v3.2.2
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [x86_64-linux]
gem 3.4.10
RubyGems Environment:
- RUBYGEMS VERSION: 3.4.10
- RUBY VERSION: 3.2.2 (2023-03-30 patchlevel 53) [x86_64-linux]
- INSTALLATION DIRECTORY: /tmp/worker/2de8fc/fa4f88/cache/others/bundler
- USER INSTALLATION DIRECTORY: /home/ubuntu/.local/share/gem/ruby/3.2.0
- RUBY EXECUTABLE: /opt/containerbase/tools/ruby/3.2.2/bin/ruby
- GIT EXECUTABLE: /usr/bin/git
- EXECUTABLE DIRECTORY: /tmp/worker/2de8fc/fa4f88/cache/others/bundler/bin
- SPEC CACHE DIRECTORY: /home/ubuntu/.local/share/gem/specs
- SYSTEM CONFIGURATION DIRECTORY: /usr/local/ruby/3.2.2/etc
- RUBYGEMS PLATFORMS:
- ruby
- x86_64-linux
- GEM PATHS:
- /tmp/worker/2de8fc/fa4f88/cache/others/bundler
- /home/ubuntu/.local/share/gem/ruby/3.2.0
- /opt/containerbase/tools/ruby/3.2.2/lib/ruby/gems/3.2.0
- GEM CONFIGURATION:
- :update_sources => true
- :verbose => true
- :backtrace => false
- :bulk_threshold => 1000
- "gem" => "--bindir /home/ubuntu/bin --no-document"
- :benchmark => false
- REMOTE SOURCES:
- https://rubygems.org/
- SHELL PATH:
- /home/ubuntu/.cargo/bin
- /home/ubuntu/.local/bin
- /go/bin
- /home/ubuntu/bin
- /home/ubuntu/.cargo/bin
- /home/ubuntu/.local/bin
- /go/bin
- /home/ubuntu/bin
- /home/ubuntu/.cargo/bin
- /home/ubuntu/.local/bin
- /go/bin
- /home/ubuntu/bin
- /home/ubuntu/bin
- /home/ubuntu/.cargo/bin
- /home/ubuntu/.local/bin
- /go/bin
- /home/ubuntu/bin
- /home/ubuntu/bin
- /usr/local/sbin
- /usr/local/bin
- /usr/sbin
- /usr/bin
- /sbin
- /bin
[12:22:43.977] INFO (9): Installed tool ruby in 2.6s.
[12:22:44.598] INFO (104): Installing tool bundler v2.2.33...
Bundler version 2.2.33
[12:22:45.388] INFO (104): Installed tool bundler in 790ms.
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [x86_64-linux]
Fetching https://github.com/hmcts/et_gds_design_system.git
Fetching https://github.com/hmcts/et_test_helpers.git
Fetching https://github.com/hmcts/govuk_notify_rails.git
Fetching https://github.com/microsoft/ApplicationInsights-Ruby.git
Fetching https://github.com/hmcts/et-azure-insights.git
Fetching https://github.com/hmcts/azure_env_secrets.git
Fetching gem metadata from https://rubygems.org/.........
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Calling `DidYouMean::SPELL_CHECKERS.merge!(error_name => spell_checker)' has been deprecated. Please call `DidYouMean.correct_error(error_name, spell_checker)' instead.
Could not find gem 'et_gds_design_system' in
https://github.com/hmcts/et_gds_design_system.git (at v5.4.1@0878b3d).
The source contains the following versions of 'et_gds_design_system': 5.4.1
This PR contains the following updates:
6.5.9->6.5.10GitHub Vulnerability Alerts
CVE-2023-26141
Versions of the package sidekiq before 7.1.3 and 6.5.10 are vulnerable to Denial of Service (DoS) due to insufficient checks in the dashboard-charts.js file. An attacker can exploit this vulnerability by manipulating the localStorage value which will cause excessive polling requests.
Release Notes
sidekiq/sidekiq (sidekiq)
### [`v6.5.10`](https://togithub.com/sidekiq/sidekiq/compare/v6.5.9...v6.5.10) [Compare Source](https://togithub.com/sidekiq/sidekiq/compare/v6.5.9...v6.5.10)Configuration
π Schedule: Branch creation - "" in timezone Europe/London, Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.