search

indentlabs / notebook

Notebook.ai is a set of tools for writers, game designers, and roleplayers to create magnificent universes – and everything within them.
http://www.notebook.ai
MIT License
353 stars 72 forks source link

Bump sidekiq from 6.5.5 to 7.0.8 #1242

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps sidekiq from 6.5.5 to 7.0.8.

Changelog

Sourced from sidekiq's changelog.

7.0.8

  • SECURITY Sanitize period input parameter on Metrics pages. Specially crafted values can lead to XSS. This functionality was introduced in 7.0.4. Thank you to spercex @ huntr.dev #5694
  • Add job hash as 3rd parameter to the sidekiq_retry_in block.

7.0.7

  • Fix redis-client API usage which could result in stuck Redis connections #5823
  • Fix AS::Duration with sidekiq_retry_in #5806
  • Restore dumping config options on startup with -v #5822

7.0.5,7.0.6

  • More context for debugging json unsafe errors #5787

7.0.4

  • Performance and memory optimizations [#5768, fatkodima]
  • Add 1-8 hour period selector to Metrics pages #5694
  • Fix process display with sidekiqmon #5733

7.0.3

  • Don't warn about memory policy on Redis Enterprise #5712
  • Don't allow Quiet/Stop on embedded Sidekiq instances #5716
  • Fix size: X for configuring the default Redis pool size #5702
  • Improve the display of queue weights on Busy page #5642
  • Freeze CurrentAttributes on a job once initially set #5692

7.0.2

  • Improve compatibility with custom loggers #5673
  • Add queue weights on Busy page #5640
  • Add BID link on job_info page if job is part of a Batch #5623
  • Allow custom extensions to add rows/links within Job detail pages #5624
Sidekiq::Web.custom_job_info_rows << AddAccountLink.new

class AddAccountLink
include CGI::Util
def add_pair(job)
</tr></table>

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
drusepth commented 1 year ago

Had to revert this because of the bug detailed in https://github.com/sidekiq/sidekiq/issues/5594

After we move off Heroku Redis (or they add HELLO support), we can re-upgrade to Sidekiq 7+.