DEV: update low risk gems

DEV: update low risk gems

This follows up on 03376224 which reverted the redis update which is not supported, rest of the gems should be fine.(unicorn / nokogiri / sidekiq / pg)

diff --git a/Gemfile.lock b/Gemfile.lock
index 3632fe0..7eba484 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -197,7 +197,7 @@ GEM
     metaclass (0.0.4)
     method_source (0.8.2)
     mini_mime (1.0.1)
-    mini_portile2 (2.3.0)
+    mini_portile2 (2.4.0)
     mini_racer (0.2.4)
       libv8 (>= 6.3)
     mini_scheduler (0.9.1)
@@ -217,8 +217,8 @@ GEM
     mustache (1.0.5)
     nap (1.1.0)
     no_proxy_fix (0.1.2)
-    nokogiri (1.8.5)
-      mini_portile2 (~> 2.3.0)
+    nokogiri (1.10.1)
+      mini_portile2 (~> 2.4.0)
     nokogumbo (1.5.0)
       nokogiri
     oauth (0.5.4)
@@ -272,7 +272,7 @@ GEM
     parallel (1.13.0)
     parser (2.6.0.0)
       ast (~> 2.4.0)
-    pg (1.1.3)
+    pg (1.1.4)
     powerpack (0.1.2)
     progress (3.4.0)
     pry (0.10.4)
@@ -292,7 +292,7 @@ GEM
     rack-openid (1.3.1)
       rack (>= 1.1.0)
       ruby-openid (>= 2.1.8)
-    rack-protection (2.0.3)
+    rack-protection (2.0.5)
       rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
@@ -323,7 +323,7 @@ GEM
       msgpack (>= 0.4.3)
       trollop (>= 1.16.2)
     rchardet (1.8.0)
-    redis (4.0.1)
+    redis (4.1.0)
     redis-namespace (1.6.0)
       redis (>= 3.0.4)
     request_store (1.4.1)
@@ -398,9 +398,9 @@ GEM
     shoulda-context (1.2.2)
     shoulda-matchers (2.8.0)
       activesupport (>= 3.0.0)
-    sidekiq (5.1.3)
-      concurrent-ruby (~> 1.0)
-      connection_pool (~> 2.2, >= 2.2.0)
+    sidekiq (5.2.5)
+      connection_pool (~> 2.2, >= 2.2.2)
+      rack (>= 1.5.0)
       rack-protection (>= 1.5.0)
       redis (>= 3.3.5, < 5)
     slop (3.6.0)
@@ -427,7 +427,7 @@ GEM
       unf_ext
     unf_ext (0.0.7.5)
     unicode-display_width (1.4.1)
-    unicorn (5.4.0)
+    unicorn (5.4.1)
       kgio (~> 2.6)
       raindrops (~> 0.7)
     uniform_notifier (1.12.1)

GitHub sha: be24220e

I am confused … the commit message seems to imply that this shouldnt contain the redis update.

2 Likes

Oh my… woops … thanks for reviewing.

1 Like

Also I am curious what the symptoms are with the redis 4.1.0 gem.

Yeah doing a proper commit pinning it, which will explain shortly

@darix DEV: pin redis to version 4.0.1 here you go.

We are running on 4.1.0 for a while now. and I didnt notice any big issues. once you have your pinning commit I will review our logs for issues.

This basically breaks our backup redis option. There is a global setting that allows you to set failover readonly redis, on 4.1.0 this setting is broken.

Is this only triggered when using the backup code?

Yes… only happens if you set this setting

1 Like