chore(deps): update all patch dependencies #16
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/all-patch
branch
from
28e134c
to
e2b23f8
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/all-patch
branch
4 times, most recently
from
4a6e393
to
c904740
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
8 times, most recently
from
701c85c
to
6920a16
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
6 times, most recently
from
bcab086
to
e9437d8
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
6 times, most recently
from
36ef7f0
to
04f218d
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
2 times, most recently
from
0b7f7d5
to
d3a9ca2
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
2 times, most recently
from
c4abb0b
to
27673f7
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
5 times, most recently
from
25cb2d3
to
e5c1623
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
5 times, most recently
from
1db43b7
to
5f845f9
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
5 times, most recently
from
0b442ce
to
97af848
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
3 times, most recently
from
0e6a6c0
to
6543fdc
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
from
6543fdc
to
ff2e8d9
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
5 times, most recently
from
f1a8152
to
5b00d28
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
2 times, most recently
from
0b1e016
to
9ac08f9
Compare
renovate
bot
force-pushed
the
renovate/all-patch
branch
from
9ac08f9
to
bfd9122
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==1.4.49->==1.4.542.1.0->2.1.21.1.1->1.1.3==2.9.7->==2.9.96.1.6.1->6.1.7.8Review
Release Notes
omniauth/omniauth (omniauth)
v2.1.2Compare Source
v2.1.1Compare Source
zquestz/omniauth-google-oauth2 (omniauth-google-oauth2)
v1.1.3Compare Source
Added
Deprecated
Removed
Fixed
v1.1.2Compare Source
Added
Deprecated
Removed
Fixed
psycopg/psycopg2 (psycopg2-binary)
v2.9.9Compare Source
v2.9.8Compare Source
rails/rails (rails)
v6.1.7.8: 6.1.7.8Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
[CVE-2024-28103]
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v6.1.7.7: 6.1.7.7Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Disables the session in
ActiveStorage::Blobs::ProxyControllerand
ActiveStorage::Representations::ProxyControllerin order to allow caching by default in some CDNs as CloudFlare
Fixes #44136
Bruno Prieto
Action Mailbox
Action Text
Railties
v6.1.7.6Compare Source
No changes between this and 6.1.7.5. This release was just to fix file permissions in the previous release.
v6.1.7.5: 6.1.7.5 ReleaseCompare Source
Active Support
Use a temporary file for storing unencrypted files while editing
[CVE-2023-38037]
Active Model
Active Record
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v6.1.7.4Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Raise an exception if illegal characters are provide to redirect_to
[CVE-2023-28362]
Zack Deveau
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v6.1.7.3Compare Source
Active Support
Implement SafeBuffer#bytesplice
[CVE-2023-28120]
Active Model
Active Record
Action View
Ignore certain data-* attributes in rails-ujs when element is contenteditable
[CVE-2023-23913]
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v6.1.7.2Compare Source
Active Support
Active Model
Active Record
Action View
Action Pack
Fix
domain: :allfor two letter TLDThis fixes a compatibility issue introduced in our previous security
release when using
domain: :allwith a two letter but single level toplevel domain domain (like
.ca, rather than.co.uk).Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v6.1.7.1Compare Source
Active Support
Avoid regex backtracking in Inflector.underscore
[CVE-2023-22796]
Active Model
Active Record
Make sanitize_as_sql_comment more strict
Though this method was likely never meant to take user input, it was
attempting sanitization. That sanitization could be bypassed with
carefully crafted input.
This commit makes the sanitization more robust by replacing any
occurrances of "/" or "/" with "/ " or " /". It also performs a
first pass to remove one surrounding comment to avoid compatibility
issues for users relying on the existing removal.
This also clarifies in the documentation of annotate that it should not
be provided user input.
[CVE-2023-22794]
Added integer width check to PostgreSQL::Quoting
Given a value outside the range for a 64bit signed integer type
PostgreSQL will treat the column type as numeric. Comparing
integer values against numeric values can result in a slow
sequential scan.
This behavior is configurable via
ActiveRecord::Base.raise_int_wider_than_64bit which defaults to true.
[CVE-2022-44566]
Action View
Action Pack
Avoid regex backtracking on If-None-Match header
[CVE-2023-22795]
Use string#split instead of regex for domain parts
[CVE-2023-22792]
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v6.1.7Compare Source
Active Support
Active Model
Active Record
Symbol is allowed by default for YAML columns
Étienne Barrié
Fix
ActiveRecord::Storeto serialize as a regular HashPreviously it would serialize as an
ActiveSupport::HashWithIndifferentAccesswhich is wasteful and cause problem with YAML safe_load.
Jean Boussier
Fix PG.connect keyword arguments deprecation warning on ruby 2.7
Fixes #44307.
Nikita Vasilevsky
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Respect Active Record's primary_key_type in Active Storage migrations. Backported from 7.0.
fatkodima
Action Mailbox
Action Text
Railties
Configuration
📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.