From cf1a6e5a0ff43ddf693c076fa5dd0e73e46c61e9 Mon Sep 17 00:00:00 2001
From: Giuseppe Lobraico <Giuseppe.Lobraico@MoneyAdviceService.org.uk>
Date: Wed, 19 Dec 2018 09:03:07 +0100
Subject: [PATCH 1/3] Downgrade `redis` to 3.3.5

A too much generous version lock in the sidekiq gemspec would allow
redis versions >= 3.x to be bumped in and cause the following:

https://github.com/antirez/redis/issues/4272
---
 Gemfile      | 6 ++++++
 Gemfile.lock | 5 +++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/Gemfile b/Gemfile
index d9a2af47d..98e5706da 100644
--- a/Gemfile
+++ b/Gemfile
@@ -35,6 +35,12 @@ gem 'pg', '0.21.0'
 gem 'rails_email_validator'
 gem 'rake', '~> 11'
 gem 'ransack'
+# Adding `redis` as a direct dependency to highlight the fact that `sidekiq` in
+# version `3.3.4` has a very loose lock for `redis`, which causes the bug
+# described at: https://github.com/antirez/redis/issues/4272
+# N.B.: it will possibly need to be removed as soon as we bump `sidekiq` to the
+# latest version
+gem 'redis', '~> 3.3.5'
 gem 'rollbar'
 gem 'rubyzip'
 gem 'sass-rails'
diff --git a/Gemfile.lock b/Gemfile.lock
index 608d4035d..59068d97b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -315,7 +315,7 @@ GEM
       activesupport (>= 3.0)
       i18n
       polyamorous (~> 1.3.2)
-    redis (4.0.1)
+    redis (3.3.5)
     redis-namespace (1.6.0)
       redis (>= 3.0.4)
     responders (2.4.0)
@@ -473,6 +473,7 @@ DEPENDENCIES
   rails_email_validator
   rake (~> 11)
   ransack
+  redis (~> 3.3.5)
   rollbar
   rspec-collection_matchers
   rspec-rails
@@ -496,4 +497,4 @@ RUBY VERSION
    ruby 2.2.2p95
 
 BUNDLED WITH
-   1.16.1
+   1.17.1

From cff9e3a9db509b9bb989fe4cc694dbb4d5b3e391 Mon Sep 17 00:00:00 2001
From: Giuseppe Lobraico <Giuseppe.Lobraico@MoneyAdviceService.org.uk>
Date: Tue, 18 Dec 2018 14:04:06 +0100
Subject: [PATCH 2/3] Update gpg key for `rvm` in `Dockerfile`

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index fd0a78a99..9f5e7ac03 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -26,7 +26,7 @@ WORKDIR /tmp
 COPY .ruby-version .ruby-version
 
 #Download RVM as root
-RUN \curl -#LO https://rvm.io/mpapis.asc && gpg --import mpapis.asc && \
+RUN \gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB && \
   \curl -sSL https://get.rvm.io | bash -s stable
 
 #Install RVM requirements

From 7ce2f6235bf4e69bed76453b30a2bf9a0ea2b434 Mon Sep 17 00:00:00 2001
From: Giuseppe Lobraico <Giuseppe.Lobraico@MoneyAdviceService.org.uk>
Date: Thu, 20 Dec 2018 10:35:06 +0100
Subject: [PATCH 3/3] Specify bower registry

Legacy bower versions need to point to a new registry instead of the
old one hosted on heroku.

Ref: https://gist.github.com/sheerun/c04d856a7a368bad2896ff0c4958cb00
---
 .bowerrc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.bowerrc b/.bowerrc
index 70f980adc..5baf81a11 100644
--- a/.bowerrc
+++ b/.bowerrc
@@ -1,3 +1,4 @@
 {
-  "directory": "vendor/assets/bower_components"
+  "directory": "vendor/assets/bower_components",
+  "registry": "https://registry.bower.io"
 }