Navigation:
Browse pkgsrc
(this page) 2022-06-07 17:05:23 by Takahiro Kambe | Files touched by this commit (15) |  |
Log message: www/ruby-rails61: update to 6.1.6 Ruby on Rails 6.1.6 (2022-05-12) Active Support * Fix and add protections for XSS in ActionView::Helpers and ERB::Util. Add the method ERB::Util.xml_name_escape to escape dangerous characters in names of tags and names of attributes, following the specification of XML. Action View * Fix and add protections for XSS in ActionView::Helpers and ERB::Util. Escape dangerous characters in names of tags and names of attributes in the tag helpers, following the XML specification. Rename the option :escape_attributes to :escape, to simplify by applying the option to the whole tag. Action Pack * Allow Content Security Policy DSL to generate for API responses. |
| 2022-05-05 05:28:21 by Takahiro Kambe | Files touched by this commit (2) | |
Log message:
devel/ruby-activesupport61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
in names of tags and names of attributes, following the specification of XML.
*Álvaro Martín Fraguas*
## Rails 6.1.5 (March 09, 2022) ##
* Fix `ActiveSupport::Duration.build` to support negative values.
The algorithm to collect the `parts` of the `ActiveSupport::Duration`
ignored the sign of the `value` and accumulated incorrect part values. This
impacted `ActiveSupport::Duration#sum` (which is dependent on `parts`) but
not `ActiveSupport::Duration#eql?` (which is dependent on `value`).
*Caleb Buxton*, *Braden Staudacher*
* `Time#change` and methods that call it (eg. `Time#advance`) will now
return a `Time` with the timezone argument provided, if the caller was
initialized with a timezone argument.
Fixes [#42467](https://github.com/rails/rails/issues/42467).
*Alex Ghiculescu*
* Clone to keep extended Logger methods for tagged logger.
*Orhan Toy*
* `assert_changes` works on including `ActiveSupport::Assertions` module.
*Pedro Medeiros*
|
| 2022-03-27 08:31:56 by Thomas Klausner | Files touched by this commit (4) |
Log message: *: fix typo in comment |
| 2022-03-27 08:30:00 by Thomas Klausner | Files touched by this commit (24) |
Log message: ruby*: fix rails version in COMMENT |
| 2022-03-13 16:11:52 by Takahiro Kambe | Files touched by this commit (14) | |
Log message: www/ruby-rails61: update to 6.1.4.7 Ruby on Rails 6.1.4.7 is not latest version but it should be easy to pull-up to pkgsrc-2021Q4. Changes are in devel/ruby-activestorage61 only. ## Rails 6.1.4.7 (March 08, 2022) ## * Added image transformation validation via configurable allow-list. Variant now offers a configurable allow-list for transformation methods in addition to a configurable deny-list for arguments. [CVE-2022-21831] |
| 2022-02-13 08:35:06 by Takahiro Kambe | Files touched by this commit (14) | |
Log message: www/ruby-rails61: update to 6.1.4.6 This update contains security fix for CVE-2022-23633 in ruby-actionpack61. Active Support 6.1.4.6 (2022-02-11) * Fix Reloader method signature to work with the new Executor signature. Action Pack 6.1.4.5 (2022-02-11) * Under certain circumstances, the middleware isn't informed that the response body has been fully closed which result in request state not being fully reset before the next request. [CVE-2022-23633] Other packages have no change. |
| 2021-12-19 06:23:00 by Takahiro Kambe | Files touched by this commit (1) | |
Log message: devel/ruby-activesupport61: update to 6.1.4.4 No change except version. |
| 2021-10-26 12:20:11 by Nia Alarie | Files touched by this commit (3016) |
Log message: archivers: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Could not be committed due to merge conflict: devel/py-traitlets/distinfo The following distfiles were unfetchable (note: some may be only fetched conditionally): ./devel/pvs/distinfo pvs-3.2-solaris.tgz ./devel/eclipse/distinfo eclipse-sourceBuild-srcIncluded-3.0.1.zip |
| 2021-10-07 15:44:44 by Nia Alarie | Files touched by this commit (3017) |
Log message: devel: Remove SHA1 hashes for distfiles |
| 2021-07-04 09:58:17 by Takahiro Kambe | Files touched by this commit (1) | |
Log message: devel/ruby-activesupport61: update to 6.0.4 Active Support * MemCacheStore: convert any underlying value (including false) to an Entry. See #42559. (Alex Ghiculescu) * Fix bug in number_with_precision when using large BigDecimal values. Fixes #42302. (Federico Aldunate, Zachary Scott) * Check byte size instead of length on secure_compare. (Tietew) * Fix Time.at to not lose :in option. (Ryuta Kamizono) * Require a path for config.cache_store = :file_store. (Alex Ghiculescu) * Avoid having to store complex object in the default translation file. (Rafael Mendonça França) |
New packages: