tildeverse
/
tilde.news
mirror of https://github.com/tildeverse/lobsters
5
3
Fork 3
Code Issues 2 Releases Wiki Activity
2,728 Commits 3 Branches 0 Tags 6.6 MiB
Commit Graph

165 Commits

Author SHA1 Message Date
Peter Bhat Harkins 2332d28022 bump gems except commonmarker (#1234) 
lot of irritating churn out of standardrb here
 2023-12-28 19:26:56 -06:00
Peter Bhat Harkins 9a9362f3bb bump to current brakeman 2023-12-26 10:28:33 -06:00
Peter Bhat Harkins 1caa4757d0 Rails 7.1 2023-12-23 22:41:35 -06:00
Peter Bhat Harkins b45d175083 add brakeman 
Wrote ignore notes and specs for the security assumptions implied.
Removed TZ from moderations table; everything is Chicago time, best time.
 2023-12-17 20:22:47 -06:00
Peter Bhat Harkins 8f65acd2dd add super_diff for better test output 2023-10-04 08:31:39 -05:00
Peter Bhat Harkins b767d9d6a9 add sidekiq 2023-09-18 16:00:53 -05:00
Peter Bhat Harkins d6c981f8d3 update sprockets for the Annual Asset Pipeline Breaks Prod festival 2023-09-15 21:20:58 -05:00
Peter Bhat Harkins 085f3be400 bump deps by removing old cve bump limitations 2023-09-15 13:13:55 -05:00
Peter Bhat Harkins 46c343a956 standardrb: add standard-performance 2023-09-14 08:45:21 -05:00
Peter Bhat Harkins 237e219116 standardrb: add standard-sorbet 2023-09-14 08:45:21 -05:00
Peter Bhat Harkins b3d6903f05 standardrb: standard-rails 2023-09-14 08:45:21 -05:00
Peter Bhat Harkins eb1d5ef728 rm transaction_retry and bump ActiveRecord 
Broken in Ruby 3, has been eating exceptions:
https://github.com/qertoip/transaction_retry/issues/12

Related to https://github.com/lobsters/lobsters-ansible/issues/39
which hopefully won't recur.
 2023-09-13 09:22:19 -05:00
Peter Bhat Harkins c3f8625788 standardrb 
I can't take Rubocop any more. Moving up to Ruby 3 forces us to update RuboCop,
and it comes with dozens of linters that I'd have to evaluate, none of which is
a marginal improvement. I'm done having opinions.
 2023-09-08 15:39:50 -05:00
dependabot[bot] 6c96457654
Bump puma from 6.2.2 to 6.3.1 
Bumps [puma](https://github.com/puma/puma) from 6.2.2 to 6.3.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v6.2.2...v6.3.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 12:37:17 +00:00
Peter Bhat Harkins ef571dfd31 integration perf test 2023-08-24 02:54:26 -05:00
dependabot[bot] d7e278213b
Bump commonmarker from 0.23.9 to 0.23.10 (#1191) 
Bumps [commonmarker](https://github.com/gjtorikian/commonmarker) from 0.23.9 to 0.23.10.
- [Release notes](https://github.com/gjtorikian/commonmarker/releases)
- [Changelog](https://github.com/gjtorikian/commonmarker/blob/v0.23.10/CHANGELOG.md)
- [Commits](https://github.com/gjtorikian/commonmarker/compare/v0.23.9...v0.23.10)

---
updated-dependencies:
- dependency-name: commonmarker
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-13 21:12:04 +00:00
Peter Bhat Harkins 8cb8dfdbb6 bump deps 2023-07-12 08:37:22 -05:00
Peter Bhat Harkins 463f826f6e bump rails for CVE-2023-28120 2023-04-05 07:42:18 -05:00
dependabot[bot] e0fe200d8a
Bump rack from 2.2.6.2 to 2.2.6.4 (#1170) 
Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.4.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.4)

---
updated-dependencies:
- dependency-name: rack
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-05 07:42:06 -05:00
Peter Bhat Harkins 73105f2934 bump for CVEs 2023-02-03 09:12:32 -06:00
Peter Bhat Harkins 893b0c5235 bump for CVEs 2022-10-26 07:29:19 -05:00
Peter Bhat Harkins cf9bb59333 bump Rails to 7.0.3.1 for CVE-2022-3224 2022-07-12 13:20:36 -05:00
Thomas Dziedzic 7a5fe3d7a9
Update to Rails 7.0 (#1100) 2022-07-06 14:01:46 +00:00
Peter Bhat Harkins 60e86da8cd bump for potential vulnerability 2022-06-01 06:04:06 -05:00
Peter Bhat Harkins fb9e436004 bump for CVE-2022-30122 and CVE-2022-30123 2022-06-01 06:02:48 -05:00
Peter Bhat Harkins aed68f34b5 bump to Rails 6.1.6 for cve 2022-05-18 21:11:36 -05:00
dependabot[bot] 091e49eab6 Bump nokogiri from 1.13.3 to 1.13.4 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.3 to 1.13.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.3...v1.13.4)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 22:47:26 +00:00
dependabot[bot] 70e187bd72 Bump puma from 5.6.2 to 5.6.4 
Bumps [puma](https://github.com/puma/puma) from 5.6.2 to 5.6.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.6.2...v5.6.4)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-06 02:35:45 +00:00
Peter Bhat Harkins e49e1672d7 bump deps for cve, rubocop 2022-03-23 09:35:50 -05:00
Peter Bhat Harkins dff910dda6 bump commonmarker; rubocop 2022-03-04 07:57:27 -06:00
Peter Bhat Harkins be2ccecca1 bump nokogiri for cve 2022-02-26 13:11:00 -06:00
Peter Bhat Harkins fa5e78646e bump puma for cve 2022-02-14 20:00:41 -06:00
Peter Bhat Harkins c543dd5ea6 bump rails for cve; note backup domain 2022-02-13 09:39:52 -06:00
Peter Bhat Harkins ece146bddd bump rails 2022-01-18 22:02:13 -06:00
Peter Bhat Harkins e797af2cb3 rm good_migrations 
My opinion has changed over the years; I don't see value in maintaining
migrations when prod must be the single source of truth on the schema. Better
to pull the schema from prod than maintain a brittle set of scripts to
reproduce it.
 2022-01-04 05:47:36 -06:00
Peter Bhat Harkins 431e67aec3 bump to Rails 6.1.4 2021-10-26 20:54:45 -05:00
Peter Bhat Harkins 666a90bd9c bump puma for CVE-2019-16770 2021-05-23 23:35:54 -05:00
Hunter Madison b8d91ca3c3 Configure Rack::Attack to block misbehaving clients 2021-05-23 23:32:18 -05:00
Peter Bhat Harkins 9341274bc4 bump oauth for CVE-2016-11086 2021-05-16 09:59:13 -05:00
Peter Bhat Harkins 5530adf3e1 bump rails 2021-05-16 09:57:44 -05:00
Peter Bhat Harkins 3b6b4eed80 bump nokogiri for GHSA-vr8q-g5c7-m54m 2021-01-16 12:19:55 -06:00
Peter Bhat Harkins b1048fa7c9 update for cve 2020-09-10 07:42:53 -05:00
Peter Bhat Harkins 3ee84d4a47 replace bullet with mini_profiler 2020-08-27 18:48:45 -05:00
Gabriel Baldão 36677b1d06
add simplecov (#862) 
100% test coverage is not a goal in and of itself.
 2020-08-19 23:24:04 +00:00
Alessandro Minali 142edb664e
Remove 'dynamic_form' (#888) 
Old, unmaintained dep for trivial code.
 2020-08-19 13:58:43 +00:00
Peter Bhat Harkins 8f2f91ab9a bump Rails version for CVE 2020-08-18 20:38:06 -05:00
Thomas Dziedzic 89d6d84f9c
Rails 6 (#723) 2020-08-19 01:24:25 +00:00
Peter Bhat Harkins 0a5b1b1023 add stats page 2020-07-03 18:29:24 -05:00
Peter Bhat Harkins 3f41dc300b bump rack for cve 2020-06-27 08:38:33 -05:00
Thomas Dziedzic b32bac90b4 fix keybase spec 2020-06-13 02:12:49 +00:00