Navigation:
Browse pkgsrc
(this page)| 2011-12-15 15:39:10 by Takahiro Kambe | Files touched by this commit (1) |
Log message: * Change depending directories: devel/ruby-i18n => devel/ruby-i18n www/ruby-rack => www/ruby-rack12 www/erubis => ruby-erubis26 * Don't override gemspec for i18n (ruby-i18n). Bump PKGREVISION. |
| 2011-12-14 17:40:30 by Takahiro Kambe | Files touched by this commit (1) |
Log message: Change source directories; www/ruby-rack-mount to www/ruby-rack-mount06 www/ruby-rack-test to www/ruby-rack-test05 |
| 2011-12-13 17:02:39 by Takahiro Kambe | Files touched by this commit (1) |
Log message: * Switch to use RUBY_RAILS_SUPPORTED. * Relax dependency to ruby-i18n version. Bump PKGREVISION. |
| 2011-11-19 16:34:37 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Update ruby-actionpack3 package to 3.0.11.
*Rails 3.0.11 (unreleased)*
* Fix XSS security vulnerability in the `translate` helper method. When using
interpolation in combination with HTML-safe translations, the interpolated
input would not get HTML escaped. *GH 3664*
Before:
translate('foo_html', :something => '<script>') # => \
"...<script>..."
After:
translate('foo_html', :something => '<script>') # => \
"...<script>..."
*Sergey Nartimov*
* Implement a workaround for a bug in ruby-1.9.3p0 where an error would be
raised while attempting to convert a template from one encoding to another.
Please see http://redmine.ruby-lang.org/issues/5564 for details of the bug.
The workaround is to load all conversions into memory ahead of time, and will
only happen if the ruby version is exactly 1.9.3p0. The hope is obviously
that the underlying problem will be resolved in the next patchlevel release
of 1.9.3.
* Fix assert_select_email to work on multipart and non-multipart emails as the
method stopped working correctly in Rails 3.x due to changes in the new mail
gem.
* Fix url_for when passed a hash to prevent additional options (eg. :host,
:protocol) from being added to the hash after calling it.
|
| 2011-08-17 16:18:02 by Takahiro Kambe | Files touched by this commit (1) |
Log message: Update ruby-actionpack3 package to 3.0.10. Rails 3.0.10 * Fixes an issue where cache sweepers with only after filters would have no controller object, it would raise undefined method controller_name for nil [jeroenj] * Ensure status codes are logged when exceptions are raised. * Subclasses of OutputBuffer are respected. * Fixed ActionView::FormOptionsHelper#select with :multiple => false * Avoid extra call to Cache#read in case of a fragment cache hit |
| 2011-08-12 17:19:41 by Takahiro Kambe | Files touched by this commit (2) |
Log message: - Switch to use OVERRIDE_GEMSPEC. - A little clean up. |
| 2011-06-17 15:50:01 by Takahiro Kambe | Files touched by this commit (2) |
Log message: Update ruby-actionpack3 to 3.0.9. *Rails 3.0.9 (unreleased)* * json_escape will now return a SafeBuffer string if it receives SafeBuffer string [tenderlove] * Make sure escape_js returns SafeBuffer string if it receives SafeBuffer string [Prem Sichanugrist] * Fix text helpers to work correctly with the new SafeBuffer restriction [Paul Gallagher, Arun Agrawal, Prem Sichanugrist] |
| 2011-06-11 05:20:58 by Takahiro Kambe | Files touched by this commit (3) |
Log message: Update ruby-actionpack3 package to 3.0.8. *Rails 3.0.8 (unreleased)* * Fixed github issue #342 with asset paths and relative roots. |
2011-05-10 16:12:06 by Takahiro Kambe | Files touched by this commit (2) |  |
Log message: update ruby-actionpack3 to 3.0.7; no change but version. |
| 2011-04-06 15:26:04 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Update ruby-actionpack3 pacakge to 3.0.6.
*Rails 3.0.6 (April 5, 2011)
* Fixed XSS vulnerability in `auto_link`. `auto_link` no longer marks input as
html safe. Please make sure that calls to auto_link() are wrapped in a
sanitize(), or a raw() depending on the type of input passed to auto_link().
For example:
<%= sanitize(auto_link(some_user_input)) %>
Thanks to Torben Schulz for reporting this. The fix can be found here:
61ee3449674c591747db95f9b3472c5c3bd9e84d
* Fixes the output of `rake routes` to be correctly match to the
behavior of the application, as the regular expression used to match
the path is greedy and won't capture the format part by default
[Prem Sichanugrist]
* Fixes an issue with number_to_human when converting values which are
less than 1 but greater than -1 [Josh Kalderimis]
* Sensitive query string parameters (specified in
config.filter_parameters) will now be filtered out from the request
paths in the log file. [Prem Sichanugrist, fxn]
* URL parameters which return nil for to_param are now removed from
the query string [Andrew White]
* Don't allow i18n to change the minor version, version now set to ~>
0.5.0 [Santiago Pastorino]
* Make TranslationHelper#translate use the :rescue_format option in
I18n 0.5.0 [Sven Fuchs]
* Fix regression: javascript_include_tag shouldn't raise if you
register an expansion key with nil or [] value [Santiago Pastorino]
* Fix Action caching bug where an action that has a non-cacheable
response always renders a nil response body. It now correctly
renders the response body. [Cheah Chu Yeow]
|
New packages: