Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Ruby and Rails versions, refactor LHV payment processing #135

Merged
merged 2 commits into from
Nov 26, 2024

Conversation

OlegPhenomenon
Copy link
Contributor

  • Upgrade Ruby from 3.2.0 to 3.2.2
  • Upgrade Rails from 7.0.7.1 to 7.1.3
  • Update Dockerfile to use internetee/ruby:3.2.2-bullseye base image
  • Refactor PaymentLhvConnectJob:
    • Extract API initialization to separate method
    • Add transaction filtering for card payments, auction portal payments, and account interest entries
    • Improve SSL verification logic
    • Add comprehensive test coverage for transaction filtering
  • Update various gem dependencies

- Upgrade Ruby from 3.2.0 to 3.2.2
- Upgrade Rails from 7.0.7.1 to 7.1.3
- Update Dockerfile to use internetee/ruby:3.2.2-bullseye base image
- Refactor PaymentLhvConnectJob:
  - Extract API initialization to separate method
  - Add transaction filtering for card payments, auction portal payments, and account interest entries
  - Improve SSL verification logic
  - Add comprehensive test coverage for transaction filtering
- Update various gem dependencies
- Update Rails from 7.1.3 to 7.1.4.2 to fix:
  - CVE-2024-47889 in Action Mailer (ReDoS in block_format)
  - CVE-2024-41128 in Action Dispatch (ReDoS in query parameter filtering)
  - CVE-2024-47887 in Action Controller (ReDoS in HTTP Token authentication)
  - CVE-2024-47888 in Action Text (ReDoS in plain_text_for_blockquote_node)

- Update REXML from 3.3.8 to 3.3.9 to fix:
  - CVE-2024-49761 (High severity ReDoS vulnerability)

Dependencies updated via bundle update
@OlegPhenomenon OlegPhenomenon merged commit 2491dc1 into master Nov 26, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant