Update dependency faraday to v2.10.1

This MR contains the following updates:

Package	Update	Change
faraday (source, changelog)	patch	2.10.0 -> 2.10.1

MR created with the help of gitlab-org/frontend/renovate-gitlab-bot

---

Release Notes

lostisland/faraday (faraday)

v2.10.1

Compare Source

What's Changed

• Update JS deps by @​olleolleolle in https://github.com/lostisland/faraday/pull/1574
• fix: Avoid lazy-initialized lock by @​olleolleolle in https://github.com/lostisland/faraday/pull/1577

Full Changelog: https://github.com/lostisland/faraday/compare/v2.10.0...v2.10.1

---

Configuration

Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.

Renovate Comment

What are the next steps?

If you have been assigned as a reviewer to this Merge Request, please review this Merge Request with the same scrutiny as any community contribution:

1. Ensure that the dependencies updated meet our standards:

   • Security: Dependencies do not contain malicious code
   • Performance: Dependencies do not bloat the application code or prolong CI times unnecessarily
   • Stability: Pipelines are passing

2. Review the changes introduced by the version upgrade. Consider using https://my.diffend.io to compare the two versions in case the updated dependency is either a Ruby Gem or a Node.js package, for example to compare pg_query 2.1.0 and 2.1.4.

3. Check if bundle install works locally, in the context of GDK.

4. If tests are passing and you've reviewed the updated dependencies, execute pipelines in the context of the main project

   This MR is created from a fork, therefore not all jobs (e.g. Danger) might have been executed. Instead of hitting MWPS right away, you might want to wait until the pipeline you've just triggered finished.

   Note: This might not be available in projects, in that case merging right away is an option

5. Assign the current milestone to the MR

6. Merge away!

Troubleshooting

We have assembled some FAQs to help reviewers of these kind of merge requests.

Improve this message – The JSON comment below is for automation purposes.

{"labels":["maintenance::dependency","type::maintenance","automation:bot-authored","backend","Engineering Productivity"],"assignees":["gitlab-dependency-update-bot"],"reviewers":["aakriti.gupta","abdwdd","acook.gitlab","ahmed.hemdan","alejandro","alexpooley","alipniagov","allison.browne","avielle","bmarjanovic","bwill","cablett","dskim_gitlab","dgruzd","dmeshcharakou","drew","dblessing","DylanGriffith","eduardobonet","eugielimpin","eurie","ebaque","egrieff","garyh","georgekoltsov","ghinfey","harsimarsandhu","engwan","hmehra","hfyngvason","hraghuvanshi","hustewart","j.seto","jprovaznik","jtapiab","jessieay","jnutt","johnmason","jpcyiza","ayufan","kassio","kerrizor","lma-git","maddievn","mksionek","mcelicalderonG","lulalala","mwoolf","mc_rocha","minac","mhamda","michold","mkozono","nbelokolodov","nicolasdular","partiaga","pskorupa","radbatnag","rymai","rkumar555","rutgerwessels","rzwambag","sashi_kumar","schin1","sdungarwal","sgarg_gitlab","stanhu","brytannia","tkuah","tianwenchen","vij","ck3g","wandering_person"]}

added 1 commit

• 593c83aa - Update dependency faraday to v2.10.1

Compare with previous version

mentioned in issue #365045

@gitlab-dependency-update-bot - please see the following guidance and update this merge request.

	1 Error
	Please add typebug typefeature, or typemaintenance label to this merge request.

added Engineering Productivity automation:bot-authored backend maintenancedependency typemaintenance labels

requested review from @jtapiab

assigned to @gitlab-dependency-update-bot

approved this merge request

added pipeline:mr-approved label

added pipelinetier-3 pipeline:run-e2e-omnibus-once labels

Merge request already approved.

Adding automation:bot-no-updates in order to prevent renovate from updating the MR.

If you want the MR to be updated again, please remove the label and check the "rebase checkbox" in the description.

added automation:bot-no-updates label

resolved all threads

Notes from the review process

1. Ensure that the dependencies updated meet our standards:

   • Security: Dependencies do not contain malicious code
   • Performance: Dependencies do not bloat the application code or prolong CI times unnecessarily
   • Stability: Pipelines are passing

2. Review the changes introduced by the version upgrade. Consider using https://my.diffend.io to compare the two versions in case the updated dependency is either a Ruby Gem or a Node.js package, for example to compare pg_query 2.1.0 and 2.1.4.

   • Compared versions: https://github.com/lostisland/faraday/compare/v2.10.0...v2.10.1 Changes:
     • rubygems-await gem removal: https://github.com/lostisland/faraday/commit/073faf75393fffb1ea50507f395e2d9810005a17
     • Update JS dependencies: https://github.com/lostisland/faraday/commit/4860f75372bdfac5612c76d76bd713e72b3f45b3
     • Avoid lazy-initialized lock: https://github.com/lostisland/faraday/commit/051a635f4bcaa094abdee4fe61a432ad2097df9f

The changes are small and seem non-risky

3. Check if bundle install works locally, in the context of GDK.

   • bundle install works locally

4. If tests are passing and you've reviewed the updated dependencies, execute pipelines in the context of the main project

   This MR is created from a fork, therefore not all jobs (e.g. Danger) might have been executed. Instead of hitting MWPS right away, you might want to wait until the pipeline you've just triggered finished.

   Note: This might not be available in projects, in that case merging right away is an option

5. Assign the current milestone to the MR

6. Merge away!

changed milestone to %17.3

Dependency change review report

Please wait to merge until below tasks are completed by @gitlab-com/gl-security/appsec

• Review metadata report and resolve this thread. Review guidelines are at handbook page

Click to view metadata analysis report

Modified Dependency: faraday (2.10.1) Location: Gemfile.lock Version diffs

Checks passed: 6/6

• ️ Latest version: 2.10.1 released on: 2024-07-31. URL: https://rubygems.org/gems/faraday
• Latest version is in use.
• Total downloads: 826073655
• Reverse dependencies: 4805
• Total number of releases: 143
• Latest version age (months): 0
• Source project in Github not archived.
• ️ Maintainer emails are private. Email domain check skipped.

This automation is under testing, please leave your feedback in the issue.

resolved all threads

	1 Message
	CHANGELOG missing: If this merge request needs a changelog entry, add the Changelog trailer to the commit message you want to add to the changelog. If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.

Reviewer roulette

Category	Reviewer	Maintainer
backend	@minahilnichols (UTC-4)	@dgruzd (UTC+2)

Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.

Rubygems

This merge request adds, or changes a Rubygems dependency. Please review the Gemfile guidelines.

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

enabled automatic add to merge train when checks pass

E2E Test Result Summary

allure-report-publisher generated test report!

e2e-test-on-gdk: test report for 593c83aa

expand test summary

+------------------------------------------------------------------+
|                          suites summary                          |
+-------------+--------+--------+---------+-------+-------+--------+
|             | passed | failed | skipped | flaky | total | result |
+-------------+--------+--------+---------+-------+-------+--------+
| Analytics   | 2      | 0      | 0       | 0     | 2     | ✅     |
| Release     | 5      | 0      | 0       | 0     | 5     | ✅     |
| Create      | 127    | 0      | 12      | 0     | 139   | ✅     |
| Plan        | 70     | 0      | 0       | 0     | 70    | ✅     |
| Verify      | 44     | 0      | 2       | 0     | 46    | ✅     |
| Package     | 16     | 0      | 15      | 0     | 31    | ✅     |
| Govern      | 71     | 0      | 0       | 0     | 71    | ✅     |
| Data Stores | 31     | 0      | 1       | 0     | 32    | ✅     |
| Monitor     | 8      | 0      | 0       | 0     | 8     | ✅     |
| Fulfillment | 2      | 0      | 0       | 0     | 2     | ✅     |
| Secure      | 2      | 0      | 0       | 0     | 2     | ✅     |
| Manage      | 0      | 0      | 1       | 0     | 1     | ➖     |
+-------------+--------+--------+---------+-------+-------+--------+
| Total       | 378    | 0      | 31      | 0     | 409   | ✅     |
+-------------+--------+--------+---------+-------+-------+--------+

e2e-package-and-test: test report for 593c83aa

expand test summary

+---------------------------------------------------------------------+
|                           suites summary                            |
+----------------+--------+--------+---------+-------+-------+--------+
|                | passed | failed | skipped | flaky | total | result |
+----------------+--------+--------+---------+-------+-------+--------+
| Data Stores    | 46     | 0      | 11      | 0     | 57    | ✅     |
| Create         | 417    | 0      | 51      | 0     | 468   | ✅     |
| Monitor        | 12     | 0      | 13      | 0     | 25    | ✅     |
| Systems        | 7      | 0      | 0       | 0     | 7     | ✅     |
| Govern         | 105    | 0      | 8       | 1     | 113   | ✅     |
| Verify         | 51     | 0      | 15      | 0     | 66    | ✅     |
| GitLab Metrics | 2      | 0      | 1       | 0     | 3     | ✅     |
| Manage         | 30     | 0      | 15      | 1     | 45    | ✅     |
| Secure         | 4      | 0      | 2       | 1     | 6     | ✅     |
| Analytics      | 3      | 0      | 0       | 0     | 3     | ✅     |
| Package        | 28     | 0      | 17      | 2     | 45    | ✅     |
| Plan           | 82     | 0      | 9       | 0     | 91    | ✅     |
| Fulfillment    | 4      | 0      | 7       | 0     | 11    | ✅     |
| Configure      | 1      | 0      | 3       | 0     | 4     | ✅     |
| Ai-powered     | 1      | 0      | 2       | 0     | 3     | ✅     |
| Release        | 5      | 0      | 1       | 0     | 6     | ✅     |
| ModelOps       | 0      | 0      | 1       | 0     | 1     | ➖     |
| Growth         | 0      | 0      | 2       | 0     | 2     | ➖     |
+----------------+--------+--------+---------+-------+-------+--------+
| Total          | 798    | 0      | 158     | 5     | 956   | ✅     |
+----------------+--------+--------+---------+-------+-------+--------+