AP-757: Update to Rails 8.1, Ruby 3.4, and other dependencies#42
Open
anarchivist wants to merge 1 commit into
Open
AP-757: Update to Rails 8.1, Ruby 3.4, and other dependencies#42anarchivist wants to merge 1 commit into
anarchivist wants to merge 1 commit into
Conversation
awilfox
reviewed
Jun 25, 2026
awilfox
left a comment
awilfox
left a comment
Member
There was a problem hiding this comment.
r+wc - Looks good to me, but we can move Puma further if we know Rack 3 is okay.
| gem 'omniauth-cas', '~> 3.0' | ||
| gem 'omniauth-rails_csrf_protection', '~> 1.0' | ||
| gem 'puma', '~> 5.6', '>= 5.6.8' | ||
| gem 'puma', '~> 6.0' |
Member
There was a problem hiding this comment.
If we're going to Rack 3 (which I still am not 100% sure is safe since it rewrites headers), we can go all the way to Puma 8 with no issues. The only blocker was Rack 2.x.
Member
Author
There was a problem hiding this comment.
i think we're unable to move to Puma 8 because of puma-plugin-delayed_stop, and I'm not sure how big of a lift is there. cc @danschmidt5189
Member
There was a problem hiding this comment.
At the very least, Framework and LAF are both on Puma 7.2, so I know that's safe to use. And I believe there's a single CVE (low priority) on Puma 6 that is a WONTFIX (but is fixed in 7).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.