chore(deps-dev): bump htmlunit from 2.36.0 to 2.37.0 in /stackgres-k8s/src/api-web#3
Open
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [htmlunit](https://github.com/HtmlUnit/htmlunit) from 2.36.0 to 2.37.0. - [Release notes](https://github.com/HtmlUnit/htmlunit/releases) - [Commits](HtmlUnit/htmlunit@2.36.0...2.37.0) --- updated-dependencies: - dependency-name: net.sourceforge.htmlunit:htmlunit dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
J-ongres
pushed a commit
that referenced
this pull request
Jun 8, 2026
Switch the recommended BlockIO class glob from `/dev/dm-[0-9]*` to the underlying physical disks (`/dev/sd[a-z]*`, `/dev/nvme[0-9]n[0-9]*`). The kernel's blkcg propagates through device-mapper clone/split, so a throttle on the physical disk caps I/O that the workload submits via its LV. The previous revision's placeholder-seeding mitigation for the dm-glob case turned out to be broken in practice: when seeded dm minors are released, their `(major:minor)` entries remain in the runtime's BlockIO class. The kernel rejects writes to non-existent devices with ENODEV, and crun fails container creation with `write 'rbps': No such device`. The pod gets stuck in Init:CreateContainerError. Physical-disk globs avoid this entirely because physical devices are stable from boot and don't come or go in normal operation. Specific changes: - #3 example `Devices:` glob updated to physical disks. Added a callout explaining why this approach is preferred and citing the empirical validation numbers. Removed the now-obsolete "one-shot glob expansion" warning that argued for placeholder seeding. - #6 storage-class callout reworded: explains that the cap targets the physical disk and that the kernel propagates the cgroup tag through the dm layer. Links to the Limitations subsection for the underlying reasoning. - #6.1 expected-output discussion clarified: the matched major:minor is the physical disk (8:* or 259:*), not the LV's 252:* / 253:* dm-N. Major-numbers table annotated accordingly. - Limitations section restructured. The previous "One-shot device glob expansion" subsection is now "Why target physical disks and not dm devices" -- it explains both failure modes for the dm-glob case (cold-start blind spot and stale-entry ENODEV) and why physical-disk globs avoid both. The placeholder-seeding mitigation is removed entirely (it was incorrect). The nodeSelector-vs-nodeName footgun callout is also removed -- no longer applicable. - Static provisioning subsection demoted from "robust alternative" to "an alternative for unusual cases" (e.g. dm-multipath where the workload device is the multipath dm and underlying paths shouldn't be throttled individually). For the common LVM-CSI case, the physical-disk approach from #3 is now the recommended default. - Troubleshooting: "Annotation silently ignored" entry updated to point at the new Limitations heading. New entry for `Init:CreateContainerError` with `write 'rbps': No such device` documents the ENODEV failure mode explicitly.
J-ongres
pushed a commit
that referenced
this pull request
Jun 8, 2026
Switch the recommended BlockIO class glob from `/dev/dm-[0-9]*` to the underlying physical disks (`/dev/sd[a-z]*`, `/dev/nvme[0-9]n[0-9]*`). The kernel's blkcg propagates through device-mapper clone/split, so a throttle on the physical disk caps I/O that the workload submits via its LV. The previous revision's placeholder-seeding mitigation for the dm-glob case turned out to be broken in practice: when seeded dm minors are released, their `(major:minor)` entries remain in the runtime's BlockIO class. The kernel rejects writes to non-existent devices with ENODEV, and crun fails container creation with `write 'rbps': No such device`. The pod gets stuck in Init:CreateContainerError. Physical-disk globs avoid this entirely because physical devices are stable from boot and don't come or go in normal operation. Specific changes: - #3 example `Devices:` glob updated to physical disks. Added a callout explaining why this approach is preferred and citing the empirical validation numbers. Removed the now-obsolete "one-shot glob expansion" warning that argued for placeholder seeding. - #6 storage-class callout reworded: explains that the cap targets the physical disk and that the kernel propagates the cgroup tag through the dm layer. Links to the Limitations subsection for the underlying reasoning. - #6.1 expected-output discussion clarified: the matched major:minor is the physical disk (8:* or 259:*), not the LV's 252:* / 253:* dm-N. Major-numbers table annotated accordingly. - Limitations section restructured. The previous "One-shot device glob expansion" subsection is now "Why target physical disks and not dm devices" -- it explains both failure modes for the dm-glob case (cold-start blind spot and stale-entry ENODEV) and why physical-disk globs avoid both. The placeholder-seeding mitigation is removed entirely (it was incorrect). The nodeSelector-vs-nodeName footgun callout is also removed -- no longer applicable. - Static provisioning subsection demoted from "robust alternative" to "an alternative for unusual cases" (e.g. dm-multipath where the workload device is the multipath dm and underlying paths shouldn't be throttled individually). For the common LVM-CSI case, the physical-disk approach from #3 is now the recommended default. - Troubleshooting: "Annotation silently ignored" entry updated to point at the new Limitations heading. New entry for `Init:CreateContainerError` with `write 'rbps': No such device` documents the ENODEV failure mode explicitly.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps htmlunit from 2.36.0 to 2.37.0.
Release notes
Sourced from htmlunit's releases.
Commits
cb28621prepare release 2.37.02d6ec1cmove some methods upbc1f58dSecurity: prevent Rhinos access to Java resources; e.g. call java methods4237700checkstyle update814de74support activeX object mocker16aca54pmd update934390fdisable java access to avoid execution of arbitrary (java) code0ffc3f7use initSafeStandardObjects() instead of initStandardObjects() to avoid execu...dfa6ffcfix object-classid processing if the js engine is disabledfbc628cpgpverify-maven-plugin updateDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.