Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rp/dependabot-fix #3219

Merged
merged 19 commits into from
Aug 13, 2024
Merged

Rp/dependabot-fix #3219

merged 19 commits into from
Aug 13, 2024

Conversation

RajeshPaul38
Copy link
Contributor

@RajeshPaul38 RajeshPaul38 commented Jul 26, 2024
edited
Loading

Description

Demo

https://progresssoftware.sharepoint.com/:v:/s/ChefCoreC/ESA9FpiHcIdIq-SS4QxicRIBUkN-D9Ycy3qwJR57bOKzNA?e=bgyxh8

Issues Resolved

[List any existing issues this PR resolves, or any Discourse or
StackOverflow discussions that are relevant]

Check List

dependabot bot and others added 4 commits July 26, 2024 13:08
@dependabot @RajeshPaul38
Bump puma from 5.6.4 to 5.6.8 in /src/supermarket
63ccd8e 
Bumps [puma](https://github.com/puma/puma) from 5.6.4 to 5.6.8.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](puma/puma@v5.6.4...v5.6.8)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @RajeshPaul38
Bump braces from 3.0.2 to 3.0.3 in /src/supermarket
ca3f0c2 
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @RajeshPaul38
Bump ws and socket.io in /src/supermarket
1bd0b61 
Bumps [ws](https://github.com/websockets/ws) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.

Updates `ws` from 8.11.0 to 8.17.1
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@8.11.0...8.17.1)

Updates `socket.io` from 4.6.0 to 4.7.5
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/4.7.5/CHANGELOG.md)
- [Commits](socketio/socket.io@4.6.0...4.7.5)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
- dependency-name: socket.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
upgrade chef gem version
1da1cda 
Signed-off-by: Ubuntu <[email protected]>
@RajeshPaul38 RajeshPaul38 requested review from a team as code owners July 26, 2024 08:35
@RajeshPaul38 RajeshPaul38 force-pushed the rp/dependabot-fix-26-jul-2024 branch from d66de60 to 24c69ee Compare July 26, 2024 11:39
@RajeshPaul38 RajeshPaul38 force-pushed the rp/dependabot-fix-26-jul-2024 branch from 24c69ee to 8efd53d Compare July 26, 2024 11:55
Ubuntu and others added 8 commits July 29, 2024 07:38
@RajeshPaul38 RajeshPaul38 force-pushed the rp/dependabot-fix-26-jul-2024 branch from bbcb2f9 to bddf11d Compare July 29, 2024 13:23
@RajeshPaul38
Copy link
Contributor Author

RajeshPaul38 commented Aug 1, 2024
edited
Loading

Successful build: https://buildkite.com/chef/chef-supermarket-main-omnibus-adhoc/builds/711
Successful build for openssl upgrade: https://buildkite.com/chef/chef-supermarket-main-omnibus-adhoc/builds/717#019121b3-8c2e-485c-9486-c661b1a850e6

@RajeshPaul38 RajeshPaul38 force-pushed the rp/dependabot-fix-26-jul-2024 branch from 9833cd1 to c8eb9d8 Compare August 5, 2024 08:28
@RajeshPaul38
openssl version upgrade to 1.0.2zi (#3248)
6dc4127 
* upgraded omnibus-software in omnibus gem lock

Signed-off-by: Ubuntu <[email protected]>

* upgraded all gem versions in omnibus gem lock

Signed-off-by: Ubuntu <[email protected]>

* upgraded openssl omnibus dependency version from 1.0.2za to 1.0.2zi

Signed-off-by: Ubuntu <[email protected]>

---------

Signed-off-by: Ubuntu <[email protected]>
Co-authored-by: Ubuntu <[email protected]>
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Aug 5, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@saghoshprogress saghoshprogress merged commit 3e36923 into main Aug 13, 2024
19 checks passed
@saghoshprogress saghoshprogress deleted the rp/dependabot-fix-26-jul-2024 branch August 13, 2024 06:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RoyShravani RoyShravani RoyShravani approved these changes

@saghoshprogress saghoshprogress saghoshprogress approved these changes

@sandhi18 sandhi18 Awaiting requested review from sandhi18

@karunesh-tech karunesh-tech Awaiting requested review from karunesh-tech

@ayush-billore ayush-billore Awaiting requested review from ayush-billore

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@RajeshPaul38 @saghoshprogress @RoyShravani