Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update open-sdg theme and gemlock file to resolve security issues #34

Merged
merged 3 commits into from
Sep 19, 2024
Merged

fix: update open-sdg theme and gemlock file to resolve security issues #34

merged 3 commits into from
Sep 19, 2024

Conversation

jaylenw
Copy link
Member

@jaylenw jaylenw commented Sep 19, 2024

What does this PR do?

This pull request includes a small but important update to the _config.yml file. The change updates the version of the open-sdg remote theme to ensure compatibility with the latest features and fixes.

  • _config.yml: Updated the remote_theme to open-sdg/[email protected] to use the latest version of the Open SDG platform.

  • Gemfile.lock has also been modified to resolve a Dependabot security alert.

Background info

This PR should address #32 and address open-sdg/open-sdg#2117.

How can this be tested (manually and/or automated test)?

Provide manual tests steps if applicable

I rebuilt the local dev container with the latest changes an confirmed all is well while browsing the site locally. I followed the instructions provided in the README.md. Webdevtools were opened on my browser on the Console tab and I no longer saw the call to polyfill.io.

Provide steps for running automated tests if applicable

N/A

Which issue(s) is/are related to this PR?

This PR is/are related to issue(s) #33 and #32

close #33
close #32

dependabot bot and others added 3 commits August 22, 2024 20:57
@dependabot
Bump rexml from 3.3.3 to 3.3.6
728934f 
Bumps [rexml](https://github.com/ruby/rexml) from 3.3.3 to 3.3.6.
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](ruby/rexml@v3.3.3...v3.3.6)

---
updated-dependencies:
- dependency-name: rexml
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@jaylenw
upgrade the open-sdg theme to resolve security issue
8afa2e8 
close #33
@jaylenw
Merge remote-tracking branch 'origin/dependabot/bundler/rexml-3.3.6' …
72b52c3 
…into ghi-33
@jaylenw jaylenw added the enhancement New feature or request label Sep 19, 2024
@jaylenw jaylenw requested a review from RV-LACity September 19, 2024 00:55
@jaylenw jaylenw self-assigned this Sep 19, 2024
@jaylenw jaylenw merged commit 8d923cf into development Sep 19, 2024
6 checks passed
@ita-devops-release-manager ita-devops-release-manager bot added the staged PRs that have been merged into the development branch containing changes yet to be pushed to prod label Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RV-LACity RV-LACity RV-LACity approved these changes

Assignees

@jaylenw jaylenw

Labels
enhancement New feature or request staged PRs that have been merged into the development branch containing changes yet to be pushed to prod
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update Open SDG theme dependency to the latest version
2 participants
@jaylenw @RV-LACity