Skip to content

Update dependencies #273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
smortex merged 2 commits into from
Feb 20, 2025
Merged

Update dependencies #273

smortex merged 2 commits into from
Feb 20, 2025

Conversation

@smortex
Copy link
Member

@smortex smortex commented Feb 20, 2025

nokogiri has known vulnerabilities, and dependabot seems to be busy
doing PR for updating gem gratuitously rather than doing PR to fix
vulnerabilities when they occur.

Instruct dependabot to stop trying to update gems to reduce the
maintenance burden, and rely on our internal tooling (based on
bundle-audit) to notify us when an update is needed.

@smortex
Update dependencies
77ae351 
nokogiri has known vulnerabilities, and dependabot seems to be busy
doing PR for updating gem gratuitously rather than doing PR to fix
vulnerabilities when they occur.

Instruct dependabot to stop trying to update gems to reduce the
maintenance burden, and rely on our internal tooling (based on
bundle-audit) to notify us when an update is needed.
@smortex smortex requested a review from a team as a code owner February 20, 2025 19:21
@smortex smortex self-assigned this Feb 20, 2025
@smortex smortex added the dependencies Pull requests that update a dependency file label Feb 20, 2025
@smortex
Workaround regression in selenium-webdriver 4.29.0
3e0a475 
Skip this version as it breaks at least with Ruby 3.1 on Debian 12.

A PR was opened upstream to fix the issue:
SeleniumHQ/selenium#15315
@smortex smortex merged commit 53e3a59 into main Feb 20, 2025
1 check passed
@smortex smortex deleted the update branch February 20, 2025 21:14
@smortex smortex mentioned this pull request Feb 21, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@smortex smortex

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@smortex