Log message:
Pullup ticket #6214 - requested by taca
www/ruby-rails60: security fix
Revisions pulled up:
- databases/ruby-activerecord60/PLIST 1.2
- databases/ruby-activerecord60/distinfo 1.2-1.3
- devel/ruby-activejob60/distinfo 1.2-1.3
- devel/ruby-activemodel60/distinfo 1.2-1.3
- devel/ruby-activestorage60/distinfo 1.2-1.3
- devel/ruby-activesupport60/distinfo 1.2-1.3
- devel/ruby-railties60/distinfo 1.2-1.3
- mail/ruby-actionmailbox60/distinfo 1.2-1.3
- mail/ruby-actionmailer60/distinfo 1.2-1.3
- textproc/ruby-actiontext60/distinfo 1.2-1.3
- www/ruby-actioncable60/distinfo 1.2-1.3
- www/ruby-actionpack60/distinfo 1.2-1.3
- www/ruby-actionview60/distinfo 1.2-1.3
- www/ruby-rails60/distinfo 1.2-1.3
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:15:25 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activesupport60: distinfo
Log message:
devel/ruby-activesupport60: update to 6.0.3
Update ruby-activesupport60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* `Array#to_sentence` no longer returns a frozen string.
Before:
['one', 'two'].to_sentence.frozen?
# => true
After:
['one', 'two'].to_sentence.frozen?
# => false
*Nicolas Dular*
* Update `ActiveSupport::Messages::Metadata#fresh?` to work for cookies \
with expiry set when
`ActiveSupport.parse_json_times = true`.
*Christian Gregg*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:16:16 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activemodel60: distinfo
Log message:
devel/ruby-activemodel60: updat to 6.0.3
Update ruby-activemodel60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:16:55 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activejob60: distinfo
Log message:
devel/ruby-activejob60: update to 6.0.3
Update ruby-activejob60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* While using `perform_enqueued_jobs` test helper enqueued jobs must be \
stored for the later check with
`assert_enqueued_with`.
*Dmitry Polushkin*
* Add queue name support to Que adapter
*Brad Nauta*, *Wojciech Wnętrzak*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:17:34 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionview60: distinfo
Log message:
www/ruby-actionview60: update to 6.0.3
Update ruby-actionview60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* annotated_source_code returns an empty array so TemplateErrors without a
template in the backtrace are surfaced properly by DebugExceptions.
*Guilherme Mansur*, *Kasper Timm Hansen*
* Add autoload for SyntaxErrorInTemplate so syntax errors are correctly \
raised by DebugExceptions.
*Guilherme Mansur*, *Gannon McGibbon*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:18:09 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionpack60: distinfo
Log message:
www/ruby-actionpack60: update to 6.0.3
Update ruby-actionpack60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Include child session assertion count in ActionDispatch::IntegrationTest
`IntegrationTest#open_session` uses `dup` to create the new session, which
meant it had its own copy of `@assertions`. This prevented the assertions
from being correctly counted and reported.
Child sessions now have their `attr_accessor` overriden to delegate to the
root session.
Fixes #32142
*Sam Bostock*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:18:56 UTC 2020
Modified Files:
pkgsrc/databases/ruby-activerecord60: PLIST distinfo
Log message:
databases/ruby-activerecord60: update to 6.0.3
Update ruby-activerecord60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Recommend applications don't use the `database` kwarg in `connected_to`
The database kwarg in `connected_to` was meant to be used for one-off \
scripts but is often used in requests. This is really dangerous because it \
re-establishes a connection every time. It's deprecated in 6.1 and will be \
removed in 6.2 without replacement. This change soft deprecates it in 6.0 by \
removing documentation.
*Eileen M. Uchitelle*
* Fix support for PostgreSQL 11+ partitioned indexes.
*Sebastián Palma*
* Add support for beginless ranges, introduced in Ruby 2.7.
*Josh Goodall*
* Fix insert_all with enum values
Fixes #38716.
*Joel Blum*
* Regexp-escape table name for MS SQL
Add `Regexp.escape` to one method in ActiveRecord, so that table names \
with regular expression characters in them work as expected. Since MS SQL Server \
uses "[" and "]" to quote table and column names, and those \
characters are regular expression characters, methods like `pluck` and `select` \
fail in certain cases when used with the MS SQL Server adapter.
*Larry Reid*
* Store advisory locks on their own named connection.
Previously advisory locks were taken out against a connection when a \
migration started. This works fine in single database applications but doesn't \
work well when migrations need to open new connections which results in the lock \
getting dropped.
In order to fix this we are storing the advisory lock on a new connection \
with the connection specification name `AdisoryLockBase`. The caveat is that we \
need to maintain at least 2 connections to a database while migrations are \
running in order to do this.
*Eileen M. Uchitelle*, *John Crepezzi*
* Ensure `:reading` connections always raise if a write is attempted.
Now Rails will raise an `ActiveRecord::ReadOnlyError` if any connection \
on the reading handler attempts to make a write. If your reading role needs to \
write you should name the role something other than `:reading`.
*Eileen M. Uchitelle*
* Enforce fresh ETag header after a collection's contents change by adding
ActiveRecord::Relation#cache_key_with_version. This method will be used by
ActionController::ConditionalGet to ensure that when collection cache \
versioning
is enabled, requests using ConditionalGet don't return the same ETag header
after a collection is modified. Fixes #38078.
*Aaron Lipman*
* A database URL can now contain a querystring value that contains an equal \
sign. This is needed to support passing PostgresSQL `options`.
*Joshua Flanagan*
* Retain explicit selections on the base model after applying `includes` \
and `joins`.
Resolves #34889.
*Patrick Rebsch*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:20:09 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailer60: distinfo
Log message:
mail/ruby-actionmailer60: update to 6.0.3
Update ruby-actionmailer60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:20:46 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailbox60: distinfo
Log message:
mail/ruby-actionmailbox60: update to 6.0.3
Update ruby-actionmailbox60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Update Mandrill inbound email route to respond appropriately to HEAD \
requests for URL health checks from Mandrill.
*Bill Cromie*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:21:24 UTC 2020
Modified Files:
pkgsrc/www/ruby-actioncable60: distinfo
Log message:
www/ruby-actioncable60: update to 6.0.3
Update to ruby-actioncable60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:22:16 UTC 2020
Modified Files:
pkgsrc/devel/ruby-railties60: distinfo
Log message:
devel/ruby-railties60: update to 6.0.3
Update ruby-railties60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* Cache compiled view templates when running tests by default
When generating a new app without `--skip-spring`, caching classes is
disabled in `environments/test.rb`. This implicitly disables caching
view templates too. This change will enable view template caching by
adding this to the generated `environments/test.rb`:
````ruby
config.action_view.cache_template_loading = true
````
*Jorge Manrubia*
* `Rails::Application#eager_load!` is available again to load application code
manually as it was possible in previous versions.
Please, note this is not integrated with the whole eager loading logic that
runs when Rails boots with eager loading enabled, you can think of this
method as a vanilla recursive code loader.
This ability has been restored because there are some use cases for it, such
as indexers that need to have all application classes and modules in memory.
*Xavier Noria*
* Generators that inherit from NamedBase respect `--force` option
*Josh Brody*
* Regression fix: The Rake task `zeitwerk:check` supports eager loaded
namespaces which do not have eager load paths, like the recently added
`i18n`. These namespaces are only required to respond to `eager_load!`.
*Xavier Noria*
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:22:55 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activestorage60: distinfo
Log message:
devel/ruby-activestorage60: update to 6.0.3
Update ruby-activestorage60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:23:36 UTC 2020
Modified Files:
pkgsrc/textproc/ruby-actiontext60: distinfo
Log message:
textproc/ruby-actiontext60: update to 6.0.3
Update ruby-actiontext60 to 6.0.3.
## Rails 6.0.3 (May 06, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 16 14:24:28 UTC 2020
Modified Files:
pkgsrc/www/ruby-rails60: distinfo
Log message:
www/ruby-rails60: update to 6.0.3
Finally, update ruby-rails60 to 6.0.3.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:10:27 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activesupport60: distinfo
Log message:
devel/ruby-activesupport60: update to 6.0.3.1
Update ruby-activesupport60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
* [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:11:10 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activemodel60: distinfo
Log message:
devel/ruby-activemodel60: update to 6.0.3.1
Update ruby-activemodel60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:11:43 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activejob60: distinfo
Log message:
devel/ruby-activejob60: update to 6.0.3.1
Update ruby-activejob60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:12:16 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionview60: distinfo
Log message:
www/ruby-actionview60: update to 6.0.3.1
Update ruby-actionview60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8167] Check that request is same-origin prior to including CSRF \
token in XHRs
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:12:50 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionpack60: distinfo
Log message:
www/ruby-actionpack60: update to 6.0.3.1
Update ruby-actionpack60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be \
used to reconstruct a per-form token
* [CVE-2020-8164] Return self when calling #each, #each_pair, and \
#each_value instead of the raw @parameters hash
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:13:24 UTC 2020
Modified Files:
pkgsrc/databases/ruby-activerecord60: distinfo
Log message:
databases/ruby-activerecord60: update to 6.0.3.1
Update ruby-activerecord60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:14:04 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailer60: distinfo
Log message:
mail/ruby-actionmailer60: update to 6.0.3.1
Update ruby-actionmailer60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:14:41 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailbox60: distinfo
Log message:
mail/ruby-actionmailbox60: update to 6.0.3.1
Update ruby-actionmailbox60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:15:14 UTC 2020
Modified Files:
pkgsrc/www/ruby-actioncable60: distinfo
Log message:
www/ruby-actioncable60: update to 6.0.3.1
Update ruby-actioncable60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:15:47 UTC 2020
Modified Files:
pkgsrc/devel/ruby-railties60: distinfo
Log message:
devel/ruby-railties60: update to 6.0.3.1
Update ruby-railties60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:16:26 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activestorage60: distinfo
Log message:
devel/ruby-activestorage60: update to 6.0.3.1
Update ruby-activestorage60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* [CVE-2020-8162] Include Content-Length in signature for ActiveStorage \
direct upload
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:17:01 UTC 2020
Modified Files:
pkgsrc/textproc/ruby-actiontext60: distinfo
Log message:
textproc/ruby-actiontext60: update to 6.0.3.1
Update ruby-actiontext60 to 6.0.3.1.
## Rails 6.0.3.1 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 17:17:45 UTC 2020
Modified Files:
pkgsrc/www/ruby-rails60: distinfo
Log message:
www/ruby-rails60: update to 6.0.3.1.
Finally, update ruby-rails60 to 6.0.3.1.
|
Log message:
Pullup ticket #6213 - requested by taca
www/ruby-rails52: security fix
Revisions pulled up:
- lang/ruby/rails.mk patch
- databases/ruby-activerecord52/distinfo 1.4
- devel/ruby-activejob52/distinfo 1.4
- devel/ruby-activemodel52/distinfo 1.4
- devel/ruby-activestorage52/distinfo 1.4
- devel/ruby-activesupport52/distinfo 1.4
- devel/ruby-railties52/distinfo 1.4
- mail/ruby-actionmailer52/distinfo 1.4
- www/ruby-actioncable52/distinfo 1.4
- www/ruby-actionpack52/distinfo 1.4
- www/ruby-actionview52/distinfo 1.4
- www/ruby-rails52/distinfo 1.4
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:33:41 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activesupport52: distinfo
Log message:
devel/ruby-activesupport52: update to 5.2.4.3
Update ruby-activesupport52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore
* [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:34:47 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activemodel52: distinfo
Log message:
devel/ruby-activemodel52: update to 5.2.4.3
Update ruby-activemodel52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:35:30 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activejob52: distinfo
Log message:
devel/ruby-activejob52: update to 5.2.4.3
Update ruby-activejob52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:36:18 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionview52: distinfo
Log message:
www/ruby-actionview52: update to 5.2.4.3
Update ruby-actionview52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8167] Check that request is same-origin prior to including CSRF \
token in XHRs
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:36:58 UTC 2020
Modified Files:
pkgsrc/www/ruby-actionpack52: distinfo
Log message:
www/ruby-actionpack52: update to 5.2.4.3
Update ruby-actionpack52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be \
used to reconstruct a per-form token
* [CVE-2020-8164] Return self when calling #each, #each_pair, and \
#each_value instead of the raw @parameters hash
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:37:46 UTC 2020
Modified Files:
pkgsrc/www/ruby-actioncable52: distinfo
Log message:
www/ruby-actioncable52: update to 5.2.4.3
Update ruby-actioncable52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:38:35 UTC 2020
Modified Files:
pkgsrc/databases/ruby-activerecord52: distinfo
Log message:
databases/ruby-activerecord52: update to 5.2.4.3
Update ruby-activerecord52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:39:12 UTC 2020
Modified Files:
pkgsrc/devel/ruby-activestorage52: distinfo
Log message:
devel/ruby-activestorage52: update to 5.2.4.3
Update ruby-activestorage52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* [CVE-2020-8162] Include Content-Length in signature for ActiveStorage \
direct upload
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:39:54 UTC 2020
Modified Files:
pkgsrc/mail/ruby-actionmailer52: distinfo
Log message:
mail/ruby-actionmailer52: update to 5.2.4.3
Update ruby-actionmailer52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:40:32 UTC 2020
Modified Files:
pkgsrc/devel/ruby-railties52: distinfo
Log message:
devel/ruby-railties52: update to 5.2.4.3
Update ruby-railties52 to 5.2.4.3.
## Rails 5.2.4.3 (May 18, 2020) ##
* No changes.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue May 19 15:41:07 UTC 2020
Modified Files:
pkgsrc/www/ruby-rails52: distinfo
Log message:
www/ruby-rails52: update to 5.2.4.3
Finally, update ruby-rails52 to 5.2.4.3.
|