diff --git a/Gemfile.lock b/Gemfile.lock index 92e1735fc0952..b54ba303ac9aa 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -24,88 +24,88 @@ GIT PATH remote: . specs: - actioncable (7.0.2.3) - actionpack (= 7.0.2.3) - activesupport (= 7.0.2.3) + actioncable (7.0.2.4) + actionpack (= 7.0.2.4) + activesupport (= 7.0.2.4) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.2.3) - actionpack (= 7.0.2.3) - activejob (= 7.0.2.3) - activerecord (= 7.0.2.3) - activestorage (= 7.0.2.3) - activesupport (= 7.0.2.3) + actionmailbox (7.0.2.4) + actionpack (= 7.0.2.4) + activejob (= 7.0.2.4) + activerecord (= 7.0.2.4) + activestorage (= 7.0.2.4) + activesupport (= 7.0.2.4) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.2.3) - actionpack (= 7.0.2.3) - actionview (= 7.0.2.3) - activejob (= 7.0.2.3) - activesupport (= 7.0.2.3) + actionmailer (7.0.2.4) + actionpack (= 7.0.2.4) + actionview (= 7.0.2.4) + activejob (= 7.0.2.4) + activesupport (= 7.0.2.4) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp rails-dom-testing (~> 2.0) - actionpack (7.0.2.3) - actionview (= 7.0.2.3) - activesupport (= 7.0.2.3) + actionpack (7.0.2.4) + actionview (= 7.0.2.4) + activesupport (= 7.0.2.4) rack (~> 2.0, >= 2.2.0) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.2.3) - actionpack (= 7.0.2.3) - activerecord (= 7.0.2.3) - activestorage (= 7.0.2.3) - activesupport (= 7.0.2.3) + actiontext (7.0.2.4) + actionpack (= 7.0.2.4) + activerecord (= 7.0.2.4) + activestorage (= 7.0.2.4) + activesupport (= 7.0.2.4) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.2.3) - activesupport (= 7.0.2.3) + actionview (7.0.2.4) + activesupport (= 7.0.2.4) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (7.0.2.3) - activesupport (= 7.0.2.3) + activejob (7.0.2.4) + activesupport (= 7.0.2.4) globalid (>= 0.3.6) - activemodel (7.0.2.3) - activesupport (= 7.0.2.3) - activerecord (7.0.2.3) - activemodel (= 7.0.2.3) - activesupport (= 7.0.2.3) - activestorage (7.0.2.3) - actionpack (= 7.0.2.3) - activejob (= 7.0.2.3) - activerecord (= 7.0.2.3) - activesupport (= 7.0.2.3) + activemodel (7.0.2.4) + activesupport (= 7.0.2.4) + activerecord (7.0.2.4) + activemodel (= 7.0.2.4) + activesupport (= 7.0.2.4) + activestorage (7.0.2.4) + actionpack (= 7.0.2.4) + activejob (= 7.0.2.4) + activerecord (= 7.0.2.4) + activesupport (= 7.0.2.4) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (7.0.2.3) + activesupport (7.0.2.4) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) - rails (7.0.2.3) - actioncable (= 7.0.2.3) - actionmailbox (= 7.0.2.3) - actionmailer (= 7.0.2.3) - actionpack (= 7.0.2.3) - actiontext (= 7.0.2.3) - actionview (= 7.0.2.3) - activejob (= 7.0.2.3) - activemodel (= 7.0.2.3) - activerecord (= 7.0.2.3) - activestorage (= 7.0.2.3) - activesupport (= 7.0.2.3) + rails (7.0.2.4) + actioncable (= 7.0.2.4) + actionmailbox (= 7.0.2.4) + actionmailer (= 7.0.2.4) + actionpack (= 7.0.2.4) + actiontext (= 7.0.2.4) + actionview (= 7.0.2.4) + activejob (= 7.0.2.4) + activemodel (= 7.0.2.4) + activerecord (= 7.0.2.4) + activestorage (= 7.0.2.4) + activesupport (= 7.0.2.4) bundler (>= 1.15.0) - railties (= 7.0.2.3) - railties (7.0.2.3) - actionpack (= 7.0.2.3) - activesupport (= 7.0.2.3) + railties (= 7.0.2.4) + railties (7.0.2.4) + actionpack (= 7.0.2.4) + activesupport (= 7.0.2.4) method_source rake (>= 12.2) thor (~> 1.0) @@ -303,7 +303,7 @@ GEM hiredis (0.6.3) http_parser.rb (0.8.0) httpclient (2.8.3) - i18n (1.9.1) + i18n (1.10.0) concurrent-ruby (~> 1.0) image_processing (1.12.1) mini_magick (>= 4.9.5, < 5) @@ -327,7 +327,7 @@ GEM listen (3.7.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.14.0) + loofah (2.16.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) diff --git a/RAILS_VERSION b/RAILS_VERSION index 5dd5443c56e99..a09ecc15f4c01 100644 --- a/RAILS_VERSION +++ b/RAILS_VERSION @@ -1 +1 @@ -7.0.2.3 +7.0.2.4 diff --git a/actioncable/CHANGELOG.md b/actioncable/CHANGELOG.md index 214057866aedf..2dcca7786653c 100644 --- a/actioncable/CHANGELOG.md +++ b/actioncable/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/actionmailbox/CHANGELOG.md b/actionmailbox/CHANGELOG.md index 989f550f5b268..e90c6a931fdfc 100644 --- a/actionmailbox/CHANGELOG.md +++ b/actionmailbox/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/actionmailer/CHANGELOG.md b/actionmailer/CHANGELOG.md index e08366e462156..70350de159f3f 100644 --- a/actionmailer/CHANGELOG.md +++ b/actionmailer/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index db19ebe19cc0b..a6c10f12953d0 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,5 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + * Allow Content Security Policy DSL to generate for API responses. *Tim Wade* diff --git a/actiontext/CHANGELOG.md b/actiontext/CHANGELOG.md index 62917c4cb6751..8c3a0bbb8907d 100644 --- a/actiontext/CHANGELOG.md +++ b/actiontext/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md index 3227e76a85d51..b90a77b6d403e 100644 --- a/actionview/CHANGELOG.md +++ b/actionview/CHANGELOG.md @@ -1,3 +1,5 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`. Escape dangerous characters in names of tags and names of attributes in the diff --git a/activejob/CHANGELOG.md b/activejob/CHANGELOG.md index b00f0a7f0b6a4..e70bdbfcce93b 100644 --- a/activejob/CHANGELOG.md +++ b/activejob/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md index f3ce5f57a9454..7540fda763b55 100644 --- a/activemodel/CHANGELOG.md +++ b/activemodel/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md index 3997f62a65ce3..deceea3e1ea72 100644 --- a/activerecord/CHANGELOG.md +++ b/activerecord/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/activestorage/CHANGELOG.md b/activestorage/CHANGELOG.md index ecfb1a62dc342..cab9dcef6e0fe 100644 --- a/activestorage/CHANGELOG.md +++ b/activestorage/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * Added image transformation validation via configurable allow-list. diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index 86016dd020774..e1169d287b67a 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,5 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`. Add the method `ERB::Util.xml_name_escape` to escape dangerous characters diff --git a/guides/CHANGELOG.md b/guides/CHANGELOG.md index c1eed808bb16f..e5d28afa3de66 100644 --- a/guides/CHANGELOG.md +++ b/guides/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes. diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md index 51eaaec1d8319..1576f6c9c89c4 100644 --- a/railties/CHANGELOG.md +++ b/railties/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 7.0.2.4 (April 26, 2022) ## + +* No changes. + + ## Rails 7.0.2.3 (March 08, 2022) ## * No changes.