Update to Rails 7.0.7.2 and Upgrade Other Dependencies to Clear Dependabot Alerts
As time has passed, new Dependabot Alerts have surfaced on our application's dependencies. In particular, Puma, Nokogiri, ActionPack, and ActiveSupport need to be updated to resolve security alerts. While we're at it, we'll update the entire bundle.
Before updating, we check the Rails releases since our last update, ensure that the patch version of Ruby we're running is the latest available, and ensure that the existing tests still pass before updating. It seems like there's always something when you upgrade dependencies, and this time it's the existing tests failing because the version of chromedriver running on the system is not recognized. This causes the test run to error out.
We attempt to update the local Aptitude packages and reboot the machine, but this doesn't resolve the issue. The error message mentions updating Browserlist: caniuse-lite, but that solution is not applicable because we don't have a package.json for our app.
Eventually we just try running `bundle update` and seeing if that resolves the issue. It does, and the tests now run and pass. The post install message notes that Selenium itself now manages drivers by default. We'll investigate that and deal with it in another video. We check for any new RuboCop violations, and there aren't any, so we can push the code to GitHub, ensure the build is passing, and merge the pull request.
This video covers:
00:00:00 Introduction and convert backlog item into issue
00:02:28 Review current version of Rails, Rails releases and latest patch version of Ruby
00:03:58 Check out a new branch and attempt to run existing test suite. Errors out due to unrecognized version of chromedriver
00:05:33 Update packages on local machine and reboot machine. (Does not solve problem)
00:07:38 Attempt to follow instructions about Browserlist: caniuse-lite. Not applicable because project is using import maps instead of a package.json
00:09:34 Just try running `bundle update` and it resolves the issue
00:12:20 Check for new RuboCop violations and discuss not adding rubocop-capybara
00:13:07 Review, commit, and push code to GitHub
00:14:34 Open pull request, ensure build passes, merge and close issue
#ruby #rails7 #rails #rubyonrails #rubygems #codecast #screencast #github #opensource #minitest #TDD #agile #NerdDice #DnD #roleplaying #softwaredevelopment #learntocode #tailwind #postgresql #rubocop #devise #turbo #controllers #views #selenium #capybara #systemtest #webdrivers #chromedriver #dependabot
See other related StatelessCode videos:
Update Rails to 7.0.4 and Update the Bundle • Update Rails to 7.0.4 and Update the ...
Upgrade a Rails 7.0 App to Ruby 3.1.3 • Upgrade a Rails 7.0 App to Ruby 3.1.3
Update a Rails 7 Application to use Ruby 3.2 • Update a Rails 7 Application to use R...
Update Bundle to Clear Dependabot Alerts and Troubleshoot Build Dependency Failures • Update Bundle to Clear Dependabot Ale...
Upgrade a Rails 7 Application to Ruby 3.2.2 • Upgrade a Rails 7 Application to Ruby...
Resources that we relied upon for this solution:
Rails Releases Page https://github.com/rails/rails/releases
This video is CC0 - No rights reserved. (YouTube doesn't allow this option when publishing.) All code is released under the UNLICENSE. Stateless Code denies the concept of "intellectual property". Copying is not stealing.
Смотрите видео Update to Rails 7.0.7.2 and Upgrade Other Dependencies to Clear Dependabot Alerts онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Stateless Code 02 Сентябрь 2023, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 104 раз и оно понравилось 0 людям.