Bump webrick from 1.7.0 to 1.8.2 in /3.3/test/rack-test-app

dependabot[bot] commented 1 month ago

[!WARNING] Dependabot will stop supporting bundler v1!

Please upgrade to version v2.

Bumps webrick from 1.7.0 to 1.8.2.

Release notes

v1.8.2

What's Changed

Drop commented-out line by @olleolleolle in ruby/webrick#108

Add Ruby 3.1 & 3.2 to CI matrix by @tricknotes in ruby/webrick#109

Fix/redos by @ooooooo-q in ruby/webrick#114

Raise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by @jeremyevans in ruby/webrick#120

Bump actions/checkout from 3 to 4 by @dependabot in ruby/webrick#121

Improve CI by @hsbt in ruby/webrick#123

Fix WEBrick::TestFileHandler#test_short_filename test not working on mswin by @KJTsanaktsidis in ruby/webrick#128

Fix bug chunk extension detection by @jeremyevans in ruby/webrick#125

Fix CI. by @ioquatix in ruby/webrick#131

Merge multiple cookie headers, preserving semantic correctness. by @ioquatix in ruby/webrick#130

Test on macos-latest by @byroot in ruby/webrick#132

Require CRLF line endings in request line and headers by @jeremyevans in ruby/webrick#138

Prefer squigly heredocs. by @ioquatix in ruby/webrick#143

Only strip space and horizontal tab in headers by @jeremyevans in ruby/webrick#141

Treat missing CRLF separator after headers as an EOFError by @jeremyevans in ruby/webrick#142

Return 400 response for chunked requests with unexpected data after chunk by @jeremyevans in ruby/webrick#136

Fix reference to URI::REGEXP::PATTERN::HOST by @casperisfine in ruby/webrick#144

Prevent request smuggling by @jeremyevans in ruby/webrick#146

New Contributors

@tricknotes made their first contribution in ruby/webrick#109

@ooooooo-q made their first contribution in ruby/webrick#114

@KJTsanaktsidis made their first contribution in ruby/webrick#128

@byroot made their first contribution in ruby/webrick#132

@casperisfine made their first contribution in ruby/webrick#144

Full Changelog: https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2

v1.8.1

What's Changed

Body should be non-frozen by default. by @ioquatix in ruby/webrick#103

Join test thread. by @ioquatix in ruby/webrick#104

Fix several regexp warnings. by @ioquatix in ruby/webrick#105

Full Changelog: https://github.com/ruby/webrick/compare/v1.8.0...v1.8.1

v1.8.0

What's Changed

Use frozen strings by @kirs in ruby/webrick#65

Use test-unit by @hsbt in ruby/webrick#66

More rubies on CI, deprecating ruby 2.3 due to test failure by @mathieujobin in ruby/webrick#68

Adds common mime types by @gotoken in ruby/webrick#75

add mime type for .webmanifest extension by @olleolleolle in ruby/webrick#76

CI: use bundler-cache: true by @olleolleolle in ruby/webrick#79

Typo by @printfinn in ruby/webrick#78

s/RubyVM::JIT/RubyVM::MJIT/g by @k0kubun in ruby/webrick#82

Fix invalid use of IP addresses in SNI by @jeremyevans in ruby/webrick#83

... (truncated)

Commits

0fb9de6 Bump up v1.8.2
b9a4c81 Removed trailing spaces
f5faca9 Prevent request smuggling
0c600e1 Fix reference to URI::REGEXP::PATTERN::HOST
15a9391 Return 400 response for chunked requests with unexpected data after chunk
2b38d56 Treat missing CRLF separator after headers as an EOFError
e4efb4a Remove unnecessary gsub calls in test_httprequest.rb
426e214 Only strip space and horizontal tab in headers
e72cb69 Prefer squigly heredocs. (#143)
ee60354 Require CRLF line endings in request line and headers
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sclorg/s2i-ruby-container/network/alerts).

github-actions[bot] commented 1 month ago

Pull Request validation

Failed

🔴 Review - Missing review from a member (2 required)

Success

🟢 CI - All checks have passed

phracek commented 2 weeks ago

[test][test-openshift]

github-actions[bot] commented 2 weeks ago

Testing Farm results

name	compose	arch	status	started (UTC)	time	logs
CentOS Stream 10 - 3.3	CentOS-Stream-10	x86_64	✅ passed	31.10.2024 14:01:17	33min 5s	test pipeline
Fedora - 3.3	Fedora-latest	x86_64	✅ passed	31.10.2024 14:01:18	34min 18s	test pipeline
RHEL8 - 3.3	RHEL-8.10.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:26	42min 5s	test pipeline
RHEL9 - 3.3	RHEL-9.4.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:29	41min 53s	test pipeline
RHEL9 - 3.0	RHEL-9.4.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:18	44min 8s	test pipeline
RHEL9 - OpenShift 4 - 3.3	RHEL-9.4.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:46	43min 35s	test pipeline
RHEL8 - 2.5	RHEL-8.10.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:17	45min 5s	test pipeline
RHEL8 - OpenShift 4 - 3.3	RHEL-8.10.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:36	45min 8s	test pipeline
RHEL8 - 3.1	RHEL-8.10.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:18	45min 35s	test pipeline
RHEL8 - OpenShift 4 - 3.1	RHEL-8.10.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:38	57min 33s	test pipeline
RHEL8 - OpenShift 4 - 2.5	RHEL-8.10.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:36	1h 10s	test pipeline
RHEL9 - OpenShift 4 - 3.1	RHEL-9.4.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:39	1h 1min 14s	test pipeline
RHEL9 - OpenShift 4 - 3.0	RHEL-9.4.0-Nightly	x86_64	✅ passed	31.10.2024 14:01:38	1h 2min 6s	test pipeline

phracek commented 2 weeks ago

Closing this pull request. we do not plan to bump app

dependabot[bot] commented 2 weeks ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

sclorg / s2i-ruby-container