Peter Bhat Harkins
2332d28022
bump gems except commonmarker ( #1234 )
...
lot of irritating churn out of standardrb here
2023-12-28 19:26:56 -06:00
Peter Bhat Harkins
9a9362f3bb
bump to current brakeman
2023-12-26 10:28:33 -06:00
Peter Bhat Harkins
1caa4757d0
Rails 7.1
2023-12-23 22:41:35 -06:00
Peter Bhat Harkins
b45d175083
add brakeman
...
Wrote ignore notes and specs for the security assumptions implied.
Removed TZ from moderations table; everything is Chicago time, best time.
2023-12-17 20:22:47 -06:00
Peter Bhat Harkins
8f65acd2dd
add super_diff for better test output
2023-10-04 08:31:39 -05:00
Peter Bhat Harkins
b767d9d6a9
add sidekiq
2023-09-18 16:00:53 -05:00
Peter Bhat Harkins
d6c981f8d3
update sprockets for the Annual Asset Pipeline Breaks Prod festival
2023-09-15 21:20:58 -05:00
Peter Bhat Harkins
085f3be400
bump deps by removing old cve bump limitations
2023-09-15 13:13:55 -05:00
Peter Bhat Harkins
46c343a956
standardrb: add standard-performance
2023-09-14 08:45:21 -05:00
Peter Bhat Harkins
237e219116
standardrb: add standard-sorbet
2023-09-14 08:45:21 -05:00
Peter Bhat Harkins
b3d6903f05
standardrb: standard-rails
2023-09-14 08:45:21 -05:00
Peter Bhat Harkins
eb1d5ef728
rm transaction_retry and bump ActiveRecord
...
Broken in Ruby 3, has been eating exceptions:
https://github.com/qertoip/transaction_retry/issues/12
Related to https://github.com/lobsters/lobsters-ansible/issues/39
which hopefully won't recur.
2023-09-13 09:22:19 -05:00
Peter Bhat Harkins
c3f8625788
standardrb
...
I can't take Rubocop any more. Moving up to Ruby 3 forces us to update RuboCop,
and it comes with dozens of linters that I'd have to evaluate, none of which is
a marginal improvement. I'm done having opinions.
2023-09-08 15:39:50 -05:00
dependabot[bot]
6c96457654
Bump puma from 6.2.2 to 6.3.1
...
Bumps [puma](https://github.com/puma/puma ) from 6.2.2 to 6.3.1.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v6.2.2...v6.3.1 )
---
updated-dependencies:
- dependency-name: puma
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-29 12:37:17 +00:00
Peter Bhat Harkins
ef571dfd31
integration perf test
2023-08-24 02:54:26 -05:00
dependabot[bot]
d7e278213b
Bump commonmarker from 0.23.9 to 0.23.10 ( #1191 )
...
Bumps [commonmarker](https://github.com/gjtorikian/commonmarker ) from 0.23.9 to 0.23.10.
- [Release notes](https://github.com/gjtorikian/commonmarker/releases )
- [Changelog](https://github.com/gjtorikian/commonmarker/blob/v0.23.10/CHANGELOG.md )
- [Commits](https://github.com/gjtorikian/commonmarker/compare/v0.23.9...v0.23.10 )
---
updated-dependencies:
- dependency-name: commonmarker
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-13 21:12:04 +00:00
Peter Bhat Harkins
8cb8dfdbb6
bump deps
2023-07-12 08:37:22 -05:00
Peter Bhat Harkins
463f826f6e
bump rails for CVE-2023-28120
2023-04-05 07:42:18 -05:00
dependabot[bot]
e0fe200d8a
Bump rack from 2.2.6.2 to 2.2.6.4 ( #1170 )
...
Bumps [rack](https://github.com/rack/rack ) from 2.2.6.2 to 2.2.6.4.
- [Release notes](https://github.com/rack/rack/releases )
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.4 )
---
updated-dependencies:
- dependency-name: rack
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-05 07:42:06 -05:00
Peter Bhat Harkins
73105f2934
bump for CVEs
2023-02-03 09:12:32 -06:00
Peter Bhat Harkins
893b0c5235
bump for CVEs
2022-10-26 07:29:19 -05:00
Peter Bhat Harkins
cf9bb59333
bump Rails to 7.0.3.1 for CVE-2022-3224
2022-07-12 13:20:36 -05:00
Thomas Dziedzic
7a5fe3d7a9
Update to Rails 7.0 ( #1100 )
2022-07-06 14:01:46 +00:00
Peter Bhat Harkins
60e86da8cd
bump for potential vulnerability
2022-06-01 06:04:06 -05:00
Peter Bhat Harkins
fb9e436004
bump for CVE-2022-30122 and CVE-2022-30123
2022-06-01 06:02:48 -05:00
Peter Bhat Harkins
aed68f34b5
bump to Rails 6.1.6 for cve
2022-05-18 21:11:36 -05:00
dependabot[bot]
091e49eab6
Bump nokogiri from 1.13.3 to 1.13.4
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.13.3 to 1.13.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.3...v1.13.4 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-19 22:47:26 +00:00
dependabot[bot]
70e187bd72
Bump puma from 5.6.2 to 5.6.4
...
Bumps [puma](https://github.com/puma/puma ) from 5.6.2 to 5.6.4.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v5.6.2...v5.6.4 )
---
updated-dependencies:
- dependency-name: puma
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-06 02:35:45 +00:00
Peter Bhat Harkins
e49e1672d7
bump deps for cve, rubocop
2022-03-23 09:35:50 -05:00
Peter Bhat Harkins
dff910dda6
bump commonmarker; rubocop
2022-03-04 07:57:27 -06:00
Peter Bhat Harkins
be2ccecca1
bump nokogiri for cve
2022-02-26 13:11:00 -06:00
Peter Bhat Harkins
fa5e78646e
bump puma for cve
2022-02-14 20:00:41 -06:00
Peter Bhat Harkins
c543dd5ea6
bump rails for cve; note backup domain
2022-02-13 09:39:52 -06:00
Peter Bhat Harkins
ece146bddd
bump rails
2022-01-18 22:02:13 -06:00
Peter Bhat Harkins
e797af2cb3
rm good_migrations
...
My opinion has changed over the years; I don't see value in maintaining
migrations when prod must be the single source of truth on the schema. Better
to pull the schema from prod than maintain a brittle set of scripts to
reproduce it.
2022-01-04 05:47:36 -06:00
Peter Bhat Harkins
431e67aec3
bump to Rails 6.1.4
2021-10-26 20:54:45 -05:00
Peter Bhat Harkins
666a90bd9c
bump puma for CVE-2019-16770
2021-05-23 23:35:54 -05:00
Hunter Madison
b8d91ca3c3
Configure Rack::Attack to block misbehaving clients
2021-05-23 23:32:18 -05:00
Peter Bhat Harkins
9341274bc4
bump oauth for CVE-2016-11086
2021-05-16 09:59:13 -05:00
Peter Bhat Harkins
5530adf3e1
bump rails
2021-05-16 09:57:44 -05:00
Peter Bhat Harkins
3b6b4eed80
bump nokogiri for GHSA-vr8q-g5c7-m54m
2021-01-16 12:19:55 -06:00
Peter Bhat Harkins
b1048fa7c9
update for cve
2020-09-10 07:42:53 -05:00
Peter Bhat Harkins
3ee84d4a47
replace bullet with mini_profiler
2020-08-27 18:48:45 -05:00
Gabriel Baldão
36677b1d06
add simplecov ( #862 )
...
100% test coverage is not a goal in and of itself.
2020-08-19 23:24:04 +00:00
Alessandro Minali
142edb664e
Remove 'dynamic_form' ( #888 )
...
Old, unmaintained dep for trivial code.
2020-08-19 13:58:43 +00:00
Peter Bhat Harkins
8f2f91ab9a
bump Rails version for CVE
2020-08-18 20:38:06 -05:00
Thomas Dziedzic
89d6d84f9c
Rails 6 ( #723 )
2020-08-19 01:24:25 +00:00
Peter Bhat Harkins
0a5b1b1023
add stats page
2020-07-03 18:29:24 -05:00
Peter Bhat Harkins
3f41dc300b
bump rack for cve
2020-06-27 08:38:33 -05:00
Thomas Dziedzic
b32bac90b4
fix keybase spec
2020-06-13 02:12:49 +00:00