Update rails-related gems in gems folder (!172257) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

Applying the step I'm trying to add to the rails update process in !172256 (merged) to our codebase.

In https://gitlab.com/gitlab-org/gitlab/-/security/vulnerability_report/?scanner=gitlab-sbom-vulnerability-scanner there are 22 action*-related vulnerabilities as of the creation of this MR.

Ultimately the gems that will be used in production are the ones in the root Gemfile.lock so the specific versions of the files under gems/**/Gemfile.lock are of little importance but this will reduce the noise from security scanners.

References

Please include cross links to any resources that are relevant to this MR This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

!172256 (merged)

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

N/A

How to set up and validate locally

N/A

Edited Nov 11, 2024 by Dominic Couture

Update rails-related gems in gems folder

What does this MR do and why?

References

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports