fix(deps): update dependency @rails/ujs to v6.1.7 - autoclosed #77
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
6966366
to
d009089
Compare
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
d009089
to
b4d702a
Compare
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
b4d702a
to
ce1c955
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
ce1c955
to
cebd2a3
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
cebd2a3
to
291b1ce
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
291b1ce
to
24d9e21
Compare
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
24d9e21
to
53fa2a7
Compare
renovate
bot
force-pushed
the
renovate/rails-ujs-6.x
branch
from
53fa2a7
to
c20daa6
Compare
renovate
bot
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
6.1.4->6.1.7Release Notes
rails/rails (@rails/ujs)
v6.1.7Compare Source
Active Support
Active Model
Active Record
Symbol is allowed by default for YAML columns
Étienne Barrié
Fix
ActiveRecord::Storeto serialize as a regular HashPreviously it would serialize as an
ActiveSupport::HashWithIndifferentAccesswhich is wasteful and cause problem with YAML safe_load.
Jean Boussier
Fix PG.connect keyword arguments deprecation warning on ruby 2.7
Fixes #44307.
Nikita Vasilevsky
Action View
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Respect Active Record's primary_key_type in Active Storage migrations. Backported from 7.0.
fatkodima
Action Mailbox
Action Text
Railties
v6.1.6: 6.1.6Compare Source
Active Support
Fix and add protections for XSS in
ActionView::HelpersandERB::Util.Add the method
ERB::Util.xml_name_escapeto escape dangerous charactersin names of tags and names of attributes, following the specification of XML.
Álvaro Martín Fraguas
Active Model
Active Record
Action View
Fix and add protections for XSS in
ActionView::HelpersandERB::Util.Escape dangerous characters in names of tags and names of attributes in the
tag helpers, following the XML specification. Rename the option
:escape_attributesto:escape, to simplify by applying the option to thewhole tag.
Álvaro Martín Fraguas
Action Pack
Allow Content Security Policy DSL to generate for API responses.
Tim Wade
Active Job
Action Mailer
Action Cable
Active Storage
Action Mailbox
Action Text
Railties
v6.1.5: 6.1.5Compare Source
Active Support
Fix
ActiveSupport::Duration.buildto support negative values.The algorithm to collect the
partsof theActiveSupport::Durationignored the sign of the
valueand accumulated incorrect part values. Thisimpacted
ActiveSupport::Duration#sum(which is dependent onparts) butnot
ActiveSupport::Duration#eql?(which is dependent onvalue).Caleb Buxton, Braden Staudacher
Time#changeand methods that call it (eg.Time#advance) will nowreturn a
Timewith the timezone argument provided, if the caller wasinitialized with a timezone argument.
Fixes #42467.
Alex Ghiculescu
Clone to keep extended Logger methods for tagged logger.
Orhan Toy
assert_changesworks on includingActiveSupport::Assertionsmodule.Pedro Medeiros
Active Model
Clear secure password cache if password is set to
nilBefore:
user.password = 'something'
user.password = nil
user.password # => 'something'
Now:
user.password = 'something'
user.password = nil
user.password # => nil
Markus Doits
Fix delegation in
ActiveModel::Type::Registry#lookupandActiveModel::Type.lookupPassing a last positional argument
{}would be incorrectly considered as keyword argument.Benoit Daloze
Fix
to_jsonafterchanges_appliedforActiveModel::Dirtyobject.Ryuta Kamizono
Active Record
Fix
ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicatefor Ruby 2.6.Ruby 2.6 and 2.7 have slightly different implementations of the
String#@​-method.In Ruby 2.6, the receiver of the
String#@​-method is modified under certain circumstances.This was later identified as a bug (https://bugs.ruby-lang.org/issues/15926) and only
fixed in Ruby 2.7.
Before the changes in this commit, the
ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicatemethod, which internallycalls the
String#@​-method, could also modify an input string argument in Ruby 2.6 --changing a tainted, unfrozen string into a tainted, frozen string.
Fixes #43056
Eric O'Hanlon
Fix migration compatibility to create SQLite references/belongs_to column as integer when
migration version is 6.0.
reference/belongs_toin migrations with version 6.0 were creating columns asbigint instead of integer for the SQLite Adapter.
Marcelo Lauxen
Fix dbconsole for 3-tier config.
Eileen M. Uchitelle
Better handle SQL queries with invalid encoding.
Would cause all adapters to fail in a non controlled way in the code
responsible to detect write queries.
The query is now properly passed to the database connection, which might or might
not be able to handle it, but will either succeed or failed in a more correct way.
Jean Boussier
Ignore persisted in-memory records when merging target lists.
Kevin Sjöberg
Fix regression bug that caused ignoring additional conditions for preloading
has_manythrough relations.Fixes #43132
Alexander Pauly
Fix
ActiveRecord::InternalMetadatato not be broken byconfig.active_record.record_timestamps = falseSince the model always create the timestamp columns, it has to set them, otherwise it breaks
various DB management tasks.
Fixes #42983
Jean Boussier
Fix duplicate active record objects on
inverse_of.Justin Carvalho
Fix duplicate objects stored in has many association after save.
Fixes #42549.
Alex Ghiculescu
Fix performance regression in
CollectionAssocation#build.Alex Ghiculescu
Fix retrieving default value for text column for MariaDB.
fatkodima
Action View
preload_link_tagproperly insertsasattributes for files withimageMIMEtypes, such as JPG or SVG.
Nate Berkopec
Add
autocomplete="off"to all generated hidden fields.Fixes #42610.
Ryan Baumann
Fix
current_page?when URL has trailing slash.This fixes the
current_page?helper when the given URL has a trailing slash,and is an absolute URL or also has query params.
Fixes #33956.
Jonathan Hefner
Action Pack
Fix
content_security_policyreturning invalid directives.Directives such as
self,unsafe-evaland few others were notsingle quoted when the directive was the result of calling a lambda
returning an array.
With this fix the policy generated from above will now be valid.
Edouard Chin
Update
HostAuthorizationmiddleware to render debug info onlywhen
config.consider_all_requests_localis set to true.Also, blocked host info is always logged with level
error.Fixes #42813.
Nikita Vyrko
Dup arrays that get "converted".
Fixes #43681.
Aaron Patterson
Don't show deprecation warning for equal paths.
Anton Rieder
Fix crash in
ActionController::Instrumentationwith invalid HTTP formats.Fixes #43094.
Alex Ghiculescu
Add fallback host for SystemTestCase driven by RackTest.
Fixes #42780.
Petrik de Heus
Add more detail about what hosts are allowed.
Alex Ghiculescu
Active Job
Action Mailer
Action Cable
The Action Cable client now ensures successful channel subscriptions:
the server confirms the subscription or the channel is torn down.
by a subscribe (on the same channel identifier) and the requests are
handled out of order by the ActionCable server, thereby ignoring the
subscribe command.
Daniel Spinosa
Truncate broadcast logging messages.
J Smith
Active Storage
Attachments can be deleted after their association is no longer defined.
Fixes #42514
Don Sisco
Action Mailbox
Add
attachmentsto the list of permitted parameters for inbound emails conductor.When using the conductor to test inbound emails with attachments, this prevents an
unpermitted parameter warning in default configurations, and prevents errors for
applications that set:
David Jones, Dana Henke
Action Text
Fix Action Text extra trix content wrapper.
Alexandre Ruban
Railties
In
zeitwerkmode, setup theonceautoloader first, and themainautoloader after it.This order plays better with shared namespaces.
Xavier Noria
Handle paths with spaces when editing credentials.
Alex Ghiculescu
Support Psych 4 when loading secrets.
Nat Morcos
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.