Skip to content

build(deps): bump activesupport from 6.1.2 to 6.1.2.1 in /Library/Homebrew#10592

Merged
Bo98 merged 3 commits intomasterfrom
dependabot/bundler/Library/Homebrew/activesupport-6.1.2.1
Feb 11, 2021
Merged

build(deps): bump activesupport from 6.1.2 to 6.1.2.1 in /Library/Homebrew#10592
Bo98 merged 3 commits intomasterfrom
dependabot/bundler/Library/Homebrew/activesupport-6.1.2.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 11, 2021

Bumps activesupport from 6.1.2 to 6.1.2.1.

Release notes

Sourced from activesupport's releases.

6.1.2.1

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • Fix possible DoS vector in PostgreSQL money type

    Carefully crafted input can cause a DoS via the regular expressions used for validating the money format in the PostgreSQL adapter. This patch fixes the regexp.

    Thanks to @dee-see from Hackerone for this patch!

    [CVE-2021-22880]

    Aaron Patterson

Action View

  • No changes.

Action Pack

Active Job

... (truncated)

Changelog

Sourced from activesupport's changelog.

Rails 6.1.2.1 (February 10, 2021)

  • No changes.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot
build(deps): bump activesupport in /Library/Homebrew
bcc9593 
Bumps [activesupport](https://github.com/rails/rails) from 6.1.2 to 6.1.2.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v6.1.2.1/activesupport/CHANGELOG.md)
- [Commits](rails/rails@v6.1.2...v6.1.2.1)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Bumping Gemfile dependencies ruby Pull requests that update Ruby code labels Feb 11, 2021
@Bo98 Bo98 merged commit 0211ae4 into master Feb 11, 2021
@Bo98 Bo98 deleted the dependabot/bundler/Library/Homebrew/activesupport-6.1.2.1 branch February 11, 2021 18:29
@BrewTestBot BrewTestBot added the outdated PR was locked due to age label Mar 14, 2021
@Homebrew Homebrew locked as resolved and limited conversation to collaborators Mar 14, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@Bo98 Bo98 Bo98 approved these changes

Assignees

No one assigned

Labels

dependencies Bumping Gemfile dependencies outdated PR was locked due to age ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Bo98 @BrewTestBot