Which problem is this PR solving?

While which is commonly present on systems, which is usually a standalone executable. command is built-in to POSIX shells.

• command is even more likely to be present than the very-likely which
• command avoids spawning a subprocess to check...

Update gemspecs

When dependabot is piecemealing a monorepo of gems, go Old School:

git ls-files \*.gemspec \
  | xargs \
    sed -i '' \
        -E "s/'rubocop', '~> [[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+'/'rubocop', '~> 1.54.1'/"

Rubocop Appeasements

Li...

Kayla and Josef are already Ruby contrib approvers! This brings the docs up-to-date with reality.

Which problem is this PR solving?

Updating network-agent chart to install latest version, v0.1.0-beta.

Short description of the changes

• bump the version of the network-agent installed by this chart

Changes

Removes spaces from the example exporter User-Agent string to conform to header field value component definition.

While this section about a User-Agent references RFC7231 for format, the example provided includes spac...

Which problem is this PR solving?

• Circle CI wouldn't run the new publish_github job.

Short description of the changes

• The "always match" filter needed to be added to the setup job else it wouldn't run for tagging events and thereby prevent publish_github from running.
• ...

Which problem is this PR solving?

• Releasery

Short description of the changes

• Changelog update

SIG meeting scribal duties.

Which problem is this PR solving?

Closes https://github.com/honeycombio/beeline-ruby/issues/180

Short description of the changes

This is a very simple replacement incoming trace parent propagator hook. It will by default process either a Honeycomb or a W3C trace propagation header....

Short description of the changes

• Version bump and changelog update for release.

Short description of the changes

• Bump version and update changelog for release.

Short description of the changes

• Bump the version and update the changelog for release.

Short description of the changes

• Version bump and changelog update for release.

Short description of the changes

• Version bump and update changelog for release.
• Noted new upstream OTel in README!

Short description of the changes

• Bump version and update changelog for release.

Short description of the changes

• Version bump and changelog update for release.

Which problem is this PR solving?

Publishing the spring-boot artifacts fails if these reference a version that isn't already published. TODO: resolve publishing these versions together.

This merge commit will get retagged as the v1.7.0 release.

Short description of the changes

• Version bump and changelog update.
• Update to RELEASING to update the beelineVersion tag in springy POMs, too.

Description

While following the current Auto-Instrumentation example, I had to install opentelemetry-distro (without any extras like [otlp]) to get the agent+server_uninstrumented process to emit spans, even as JSON to the console.

I've also included a rephrasing of the sentences abou...

This is enough docker and postgres to make the PG instrumentation tests happy(ier).

1.8.1 is oooooold and making other projects pin their nginx version to manually keep up with the latest leads to sadness.

Also, update the source URL to retrieve securely.

This reverts commit c1a4ceed261dfe368fda441af5343b0c4d43baa9.

Turns out, the recursive directory permission applied by Chef's directory resource was insufficient to fix .bundle/cache being created and populated with stuff by root. So, let's go back to executing a chmod which worked a treat.

Removes the version pin for nginx in omnibus project. Updates omnibus-software to the latest which includes the latest nginx and an nginx software definition that sets the default version to the latest nginx. No longer need to keep changing the pinned version to get a newer release, just need to ...

Banged on the convenience scripts for developers to setup and run the project with Bootjack on https://github.com/rubyforgood/terrastories/pull/110

Use the enterprise cookbook from public Supermarket. Remove it as a dependency from cookbooks that aren't actually using it!

With the enterprise cookbook getting updated for component_runit_service to be a custom resource, the notifications to 'runit_service[x]' would error in ChefSpec and -ct...

RFC072 Artifact Yanking

Pertinent thread recording thoughts about unsharing, permanent removal, and the disallowing of such.

TODO fo...

Includes a Habitat plan for building, a run hook for running and a blind conversion of Habitat TOML config into JSON for the config file.

Fixes to linkbot code:

• Error if the config has no connectors defined because what would be the point?
• Let Linkbot::Config do fetching, too.
• Set a...

Updates to redis-rails, redis, and redis-store.

Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis. CVE-2017-1000248

RubyGems 2.7.0-.3 seems to break the omnibus build with:

ERROR:  Error installing bundler:
"bundle" from bundler conflicts with /opt/supermarket/embedded/bin/bundle

Pinning to latest 2.6.x to fix the pipeline for release.

PEOPLE OF THE FUTURE, this pin should get revisited.

v1.12.1 addresses CVE-2017-7529 - cache file header with possibly sensitive info could be returned with crafted request. Went ahead and took it to 1.12.2.

Only used to generate docs, but quiets vulnerability scanners because this upgrade addresses CVE-2017-17042

Latest nginx stable. v1.12.1 addressed CVE-2017-7529

Upgrade openssl to 1.0.2n to address CVE-2017-3737.

Version published announcement. Security Advisory.

Upgrade openssl to 1.0.2n to address CVE-2017-3737.

Version published announcement. Security Advisory.

Move the fieri engine to a directory under the supermarket Rails root.

This is to admit that the fieri engine "service" is really an engine that runs within the running supermarket app itself. Until we want to run it separately, it will be better to place the gem source somewhere under the sup...

Addresses CVE-2016-4450 (and possibly others to be determined)

Closes #1705

This changes the git detection from checking for a .git/ directory in only the SRC_PATH to using git itself to determine whether the current working directory exists within a git work tree.

An example where looking for .git/ in SRC_PATH returns a false negative is git repositories with...

These are the strings that are accepted as license options in chef generate cookbook -I <license>. These short versions are also the strings that appear in the metadata of chef generate'd cookbooks.

TODO/CONSIDER:

• [ ] explicit fixtures and tests for these short version strings?
• [ ] a...

Link to the Chef Community Guidelines.

Words lifted liberally from @nathenharvey's reaffirmation of our beliefs.

This way, we only have to bump a version in one place.

Plopped this logic in a function and made it responsible for recomputing hab plan variables that are based on $pkg_version.

Labels will help a human know what these fields are when they come back to this form months after adding values that replaced the placeholder text.

Fixes #1485

• the gem build is kinda like stubbing out the download
• there is no verify, only zuul
• gem unpack jives well with do_unpack
• bundle install is kinda like a Ruby build
• do_install is now just about interpreter path fixing and coping the files over to the runtime directory

Because Adam'd be like, "You should talk to these folks about that bot!"

There is no chef_oauth2_app, only chef_oauth2_app_id.

The Chef community does not use JIRA to track issues anymore, so asking for and displaying a JIRA username is confusing.

Edit profile feature test changed to set the previously-untested Twitter username which is still a field on the form.

Living in your own private Supermarket.

We can't leave this, but it unblocked the pipeline while the problem is being worked.

TODO:

• [ ] tests pass with Ruby 2.3.1
• [ ] local omnibus build with 2.3.1 passes integration
• [ ] reach: upgrade rubygems (in omnibus and travis and ___?)

This change pulls in the nginx.conf template from the version of the nginx cookbook we've been pinned to for a long while. This lets us remove the dependency on the actual nginx cookbook because now we own our templates and we get our production nginx binaries from the omnibus build.

There i...

Some grammar corrections for the docs lie herein.

A signoff of "Signed-off-by: Julia Child <[email protected]>" is a sign that someone has followed the documentation a little too closely. We know Julia was not the author or committer of the commit, so mark it as failed.

Alternatively—or as a follow-on to this—we could consider validating ...

More rubies!

https://www.ruby-lang.org/en/news/2015/12/16/ruby-2-2-4-released/ https://www.ruby-lang.org/en/news/2015/12/16/ruby-2-1-8-released/

Fixes #1183 by reverting back to 2.1 series.

We needed to revert back to Ruby 2.1 because of trouble[1] with rails console, Ruby 2.2, and probably an unidentified dependency that's choking.

[1] Fixes chef/supermarket#1183

Currently only affects 2.1.7 and 2.2.3. This patch taken from the fix in Ruby trunk and expected to be included in future point releases.

https://redmine.ruby-lang.org/issues/11602

With some judicious application of firewall rules, hunted down the places where tests were still making calls to 3rd parties.

• Wrapped the search engine ping for the sitemap update in a VCR cassette.
• Wrapped the header CDN inclusions such that they are not loaded in the test environment

Allows Sidekiq worker running as service account to update sitemap.

• removed a few cookbooks not necessary for building from the build-level's Berksfile
• updated omnibus and omnibus-software
  • updated cacerts
  • updated openssl
• updated Ruby and RubyGems