Build(deps): Bump redis and sidekiq

[dependabot[bot]]

Bumps redis and sidekiq. These dependencies needed to be updated together. Updates redis from 4.8.1 to 5.2.0

Changelog

Sourced from redis's changelog.

5.2.0

• Now require Ruby 2.6 because redis-client does.
• Eagerly close subscribed connection when using subscribe_with_timeout. See #1259.
• Add exception flag in pipelined allowing failed commands to be returned in the result array when set to false.

5.1.0

• multi now accept a watch keyword argument like redis-client. See #1236.
• bitcount and bitpos now accept a scale: argument on Redis 7+. See #1242
• Added expiretime and pexpiretime. See #1248.

5.0.8

• Fix Redis#without_reconnect for sentinel clients. Fix #1212.
• Add sentinel_username, sentinel_password for sentinel clients. Bump redis-client to >=0.17.0. See #1213

5.0.7

• Fix compatibility with redis-client 0.15.0 when using Redis Sentinel. Fix #1209.

5.0.6

• Wait for an extra config.read_timeout in blocking commands rather than an arbitrary 100ms. See #1175.
• Treat ReadOnlyError as ConnectionError. See #1168.

5.0.5

• Fix automatic disconnection when the process was forked. See #1157.

5.0.4

• Cast ttl argument to integer in expire, setex and a few others.

5.0.3

• Add OutOfMemoryError as a subclass of CommandError

5.0.2

• Fix Redis#close to properly reset the fork protection check.

5.0.1

• Added a fake Redis::Connections.drivers method to be compatible with older sidekiq versions.

5.0.0

• Default client timeout decreased from 5 seconds to 1 second.
• Eagerly and strictly cast Integer and Float parameters.

... (truncated)

Commits

• 7c0cde9 Release 5.2.0
• b2f9c28 Merge pull request #1263 from philippeboyd/feature/add-pipeline-raise_excepti...
• 609b6bc feat(pipeline): add flag to disable raising exceptions
• bce3f41 Merge pull request #1255 from supercaracal/fix-cluster-tx
• 8ab2753 Merge pull request #1260 from casperisfine/eagerly-close-subscription
• 905aae9 Add Ruby 3.3 to the CI matrix
• cbf965d Eagerly close subscribed connection
• 35a7e82 Merge pull request #1261 from casperisfine/update-redis-lcient
• 0060435 Drop Ruby 2.5 like redis-client
• 2775519 Update tests for latest redis-client
• Additional commits viewable in compare view

Updates sidekiq from 6.5.12 to 7.2.4

Changelog

Sourced from sidekiq's changelog.

7.2.4

• Fix XSS in metrics filtering introduced in 7.2.0, CVE-2024-32887 Thanks to @​UmerAdeemCheema for the security report.

7.2.3

• Support Dragonfly.io as an alternative Redis implementation
• Fix error unpacking some compressed error backtraces #6241
• Fix potential heartbeat data leak #6227
• Add ability to find a currently running work by jid [#6212, fatkodima]

7.2.2

• Add Process.warmup call in Ruby 3.3+
• Batch jobs now skip transactional push #6160

7.2.1

• Add Sidekiq::Work type which replaces the raw Hash as the third parameter in Sidekiq::WorkSet#each { |pid, tid, hash| ... } #6145
• DEPRECATED: direct access to the attributes within the hash block parameter above. The Sidekiq::Work instance contains accessor methods to get at the same data, e.g.

work["queue"] # Old
work.queue # New

• Fix Ruby 3.3 warnings around base64 gem [#6151, earlopain]

7.2.0

• sidekiq_retries_exhausted can return :discard to avoid the deadset and all death handlers #6091
• Metrics filtering by job class in Web UI #5974
• Better readability and formatting for numbers within the Web UI #6080
• Add explicit error if user code tries to nest test modes #6078

Sidekiq::Testing.inline! # global setting
Sidekiq::Testing.fake! do # override within block
  # ok
  Sidekiq::Testing.inline! do # can't override the override
    # not ok, nested
  end
end

... (truncated)

Commits

• 30786e0 Fix for CVE-2024-32887
• 371884e changes
• 0787900 prep for release
• b554667 Fix Rack deprecation
• e57a47e Fix session secret error in tests with rails 71
• 33006ba Fix build, latest ent changes
• 79d254d Add **kwargs to dynamic redis client method definition (#6249)
• cee6f0e Fix typos (#6245)
• 56cab5f formatting
• 24e3f68 Use lax decoding, fixes #6241
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

| Dependency Name | Ignore Conditions | | --- | --- | | sidekiq | [>= 7.a, < 8] |

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[gbp]

@dependabot ignore this major version

[dependabot[bot]]

This option is only available on single-dependency pull requests, as the versions in multi-dependency pull requests may differ.

If you'd like to ignore all updates for these dependencies just reply @dependabot ignore these dependencies.

[gbp]

@dependabot ignore these dependencies

[dependabot[bot]]

OK, I won't notify you about any of these dependencies again, unless you re-open this PR.