Skip to content

WaboSign 1.3.2

Choose a tag to compare

View all tags
@wabolabs wabolabs released this 20 May 12:01
1.3.2
21a8bbf

CI green-up patch. No functional or security changes.

Fixed

  • app/models/user.rbStyle/RedundantRegexpEscape (Rubocop): removed unnecessary \- escapes inside the FULL_EMAIL_REGEXP character classes ([.'+\-][.'+-], [.\-][.-]). Semantics unchanged.
  • config/brakeman.ignore — added fingerprint for the LinkToHref XSS warning on submissions_filters/_filter_modal.html.erb: Brakeman tracks params[:path] taint through the filter_path conditional assignment introduced in 1.3.1; the start_with?('/') guard is the actual mitigation.
  • .github/workflows/ci.yml — replaced docusealco/pdfium-binaries (deleted repo, returns 404) with bblanchon/pdfium-binaries as the pdfium binary source for the RSpec job. Same tarball layout (lib/libpdfium.so), no other changes.

Notes

  • Released image: ghcr.io/wabolabs/wabosign:1.3.2 (also tagged :latest).
Assets 2
Loading