Skip to content

chore(deps-dev): bump kamal from 2.11.0 to 2.12.0#4166

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/kamal-2.12.0
Open

chore(deps-dev): bump kamal from 2.11.0 to 2.12.0#4166
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bundler/kamal-2.12.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps kamal from 2.11.0 to 2.12.0.

Release notes

Sourced from kamal's releases.

v2.12.0

What's Changed

New Contributors

Full Changelog: basecamp/kamal@v2.11.0...v2.12.0

Commits
  • bdefb89 Bump version for 2.12.0
  • 8eb9659 Fix doc formatting for 2.12.0 release
  • 62579aa Merge pull request #1844 from matthewbjones/lock-wait
  • def0eae Add --lock-wait to retry deploy lock acquisition
  • bf22a93 Expect git gc --auto step in push resetting clone test
  • 24d3dbb Merge pull request #1795 from leonvogt/kamal-secrets-path-default
  • bd3e227 Merge pull request #1833 from seeday/main
  • f2671a5 Merge pull request #1860 from creadone/non-ascii-deploy-lock
  • e71bab5 Merge pull request #1874 from basecamp/dependabot/bundler/bundler-f838d46215
  • 583beb8 Merge pull request #1875 from basecamp/fix-aws-secrets-test-stubs
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [kamal](https://github.com/basecamp/kamal) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/basecamp/kamal/releases)
- [Commits](basecamp/kamal@v2.11.0...v2.12.0)

---
updated-dependencies:
- dependency-name: kamal
  dependency-version: 2.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jun 22, 2026
@greptile-apps

greptile-apps Bot commented Jun 22, 2026

Copy link
Copy Markdown

Greptile Summary

This is a Dependabot-generated bump of the kamal dev dependency from 2.11.0 to 2.12.0 across Gemfile, Gemfile.lock, and the vendored gem cache.

  • The Gemfile previously carried a comment explicitly pinning kamal at 2.11.0 and warning that 2.12.0 introduced an intermittent Errno::ECONNRESET on the second back-to-back kamal app exec SSH connection in the pre-deploy hook. That comment was not removed or updated in this PR, leaving it in direct contradiction with the now-upgraded version.
  • The Gemfile.lock dependency resolution is correct and consistent with the version change.

Confidence Score: 3/5

The upgrade itself may be fine, but the retained comment explicitly warns that 2.12.0 carries a known SSH connection reset bug in the pre-deploy hook — if that bug is not fixed upstream, merging this will break deployments.

The original pin comment says 2.12.0 has an intermittent Errno::ECONNRESET on back-to-back kamal app exec calls in the pre-deploy hook. Since that comment was left intact, it is unclear whether the team verified the upstream fix or simply accepted an auto-generated bump without review. If the bug is still present, deploys will intermittently fail at the pre-deploy hook step.

Gemfile — the stale pin comment needs to be either removed (if the upstream bug is confirmed fixed in 2.12.0) or used as a reason to revert this bump.

Important Files Changed

Filename Overview
Gemfile Bumps kamal from 2.11.0 to 2.12.0, but retains the comment that explicitly says 2.12.0 has a known SSH connection reset bug (Errno::ECONNRESET) in the pre-deploy hook — the comment is now either stale or describes an active regression.
Gemfile.lock Lock file updated to reflect kamal 2.12.0 — no issues.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Dependabot bumps kamal 2.11.0 → 2.12.0] --> B[Gemfile version updated]
    B --> C{Stale pin comment\nstill present?}
    C -- Yes --> D[Comment claims 2.12.0 has\nErrno::ECONNRESET bug]
    D --> E{Was bug fixed\nin 2.12.0?}
    E -- Yes --> F[Remove stale comment]
    E -- No --> G[Revert upgrade until\nbug is confirmed fixed]
    C -- No --> H[Safe to merge]
    B --> I[Gemfile.lock updated correctly]
    B --> J[vendor/cache gem swapped]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[Dependabot bumps kamal 2.11.0 → 2.12.0] --> B[Gemfile version updated]
    B --> C{Stale pin comment\nstill present?}
    C -- Yes --> D[Comment claims 2.12.0 has\nErrno::ECONNRESET bug]
    D --> E{Was bug fixed\nin 2.12.0?}
    E -- Yes --> F[Remove stale comment]
    E -- No --> G[Revert upgrade until\nbug is confirmed fixed]
    C -- No --> H[Safe to merge]
    B --> I[Gemfile.lock updated correctly]
    B --> J[vendor/cache gem swapped]
Loading

Reviews (1): Last reviewed commit: "chore(deps-dev): bump kamal from 2.11.0 ..." | Re-trigger Greptile

Comment thread Gemfile
Comment on lines 130 to +132
# Pinned to 2.11.0: 2.12.0 intermittently resets the second back-to-back
# `kamal app exec` SSH connection in the pre-deploy hook (Errno::ECONNRESET).
gem "kamal", "2.11.0", require: false
gem "kamal", "2.12.0", require: false

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 The comment was written specifically to explain why the gem was pinned at 2.11.0, warning that 2.12.0 had the Errno::ECONNRESET bug. Now that the gem is 2.12.0, the comment either describes a live regression (if the bug wasn't fixed upstream) or is stale misleading documentation. Either the comment should be removed because the issue is resolved in 2.12.0, or this upgrade should be held until the upstream fix is confirmed.

Suggested change
# Pinned to 2.11.0: 2.12.0 intermittently resets the second back-to-back
# `kamal app exec` SSH connection in the pre-deploy hook (Errno::ECONNRESET).
gem "kamal", "2.11.0", require: false
gem "kamal", "2.12.0", require: false
gem "kamal", "2.12.0", require: false

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants