Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade Ruby version to 3.2.2 #6

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Upgrade Ruby version to 3.2.2 #6

wants to merge 1 commit into from

Conversation

laicuRoot
Copy link

@laicuRoot laicuRoot commented Dec 16, 2023
edited

Bug fix

Description

Currently, the action is breaking.

 27.58 ERROR:  Error installing bundler:
  27.58 	The last version of bundler (>= 0) to support your
 Ruby & RubyGems was 2.4.22. Try installing it with `gem install
bundler -v 2.4.22`
  27.58 	bundler requires Ruby version >= 3.0.0. The current
ruby version is 2.7.0.0.

To fix this, we need to upgrade the version of Ruby.

@laicuRoot
Upgrade Ruby version to 3.2.2
f1163eb 
Currently the action is breaking.
```
 27.58 ERROR:  Error installing bundler:
  27.58 	The last version of bundler (>= 0) to support your
 Ruby & RubyGems was 2.4.22. Try installing it with `gem install
bundler -v 2.4.22`
  27.58 	bundler requires Ruby version >= 3.0.0. The current
ruby version is 2.7.0.0.
```

To fix this we need to upgrade the version of ruby.
smaboshe added a commit to thoughtbot/bundler-audit-action that referenced this pull request Dec 18, 2023
@smaboshe
Use Ruby 3.2.2-alpine in Dockerfile
c6317ef 
The Bundler Audit GitHub Action is currently failing in CI.

@laicuRoot has submitted a PR to the maintainer that fixes this by
updating the `Dockerfile` to use the latest available version of Ruby.

This commit applies the fix for us to use the action while waiting for
the upstream changes..

Ref:
- andrewmcodes#6
This was referenced Dec 18, 2023
Closed
Merged
smaboshe added a commit to thoughtbot/bundler-audit-action that referenced this pull request Dec 18, 2023
@smaboshe
Use Ruby 3.2.2-alpine in Dockerfile (#1)
2229a71 
The Bundler Audit GitHub Action is currently failing in CI.

@laicuRoot has submitted a PR to the maintainer that fixes this by
updating the `Dockerfile` to use the latest available version of Ruby.

This commit applies the fix for us to use the action while waiting for
the upstream changes..

Ref:
- andrewmcodes#6
@dorianmarie
Copy link

@andrewmcodes it would also be great if there was a new version

jgarber-cisco added a commit to KennaSecurity/toolkit that referenced this pull request Dec 18, 2023
@jgarber-cisco
Workaround until andrewmcodes/bundler-audit-action#6 is accepted
f9c07da
@smaboshe
Copy link

@laicuRoot thank you for this PR. Confirming that it is working for the projects I am on.

@jfi or @caius, is this something you might be able to help with? Thank you in advance.

@caius
Copy link
Contributor

caius commented Dec 20, 2023

@jfi or @caius, is this something you might be able to help with? Thank you in advance.

Nope sorry, we don't have commit access to the repo. I think @andrewmcodes is the only one that can help!

I don't have this running in GitHub Actions anywhere anymore, but I think I'd just pin to https://github.com/thoughtbot/bundler-audit-action until this gets merged personally. Ruby 3.2.2 and history suggests Thoughtbot maintain their forks fairly well. Or pin to your branch rather than a release in here until the PR is merged 😁

@smaboshe
Copy link

smaboshe commented Dec 20, 2023
edited

Nope sorry, we don't have commit access to the repo. I think @andrewmcodes is the only one that can help!

I don't have this running in GitHub Actions anywhere anymore, but I think I'd just pin to https://github.com/thoughtbot/bundler-audit-action until this gets merged personally. Ruby 3.2.2 and history suggests Thoughtbot maintain their forks fairly well. Or pin to your branch rather than a release in here until the PR is merged 😁

Sounds good, @caius. Thank you!

@smaboshe
Copy link

smaboshe commented Jan 2, 2024

Happy New Year, Folks! Adding this comment as a nudge to see if there is a possibility of this PR being merged. Thanks in advance.

@smaboshe
Copy link

smaboshe commented Jan 8, 2024

@laicuRoot now that Ruby 3.3.0 is available, do you think this PR needs to be updated?

@laicuRoot
Copy link
Author

@laicuRoot now that Ruby 3.3.0 is available, do you think this PR needs to be updated?

Thank you for the reminder @smaboshe 🙂 Done 🟢 in a separate PR.

@smaboshe
Copy link

Hello, @andrewmcodes. Hope you are well. Checking in to see if it will be possible to merge this or give some feedback.

@dorianmariecom
Copy link

dorianmariecom commented Feb 28, 2024
edited

You can also do your own action:

  bundler-audit:
    name: Bundler Audit
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: ruby/setup-ruby@v1
        with:
          bundler-cache: true
      - run: bin/bundler-audit check --update

@smaboshe
Copy link

smaboshe commented Apr 5, 2024

Hello, @andrewmcodes. How might we help or get your feedback on this PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewmcodes andrewmcodes Awaiting requested review from andrewmcodes andrewmcodes is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@laicuRoot @dorianmarie @smaboshe @caius @dorianmariecom