pkgsrc.se | The NetBSD package collection

./databases/ruby-activerecord71, Object-relational mapper framework (part of Rails 7.1)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 7.1.5.1, Package name: ruby32-activerecord71-7.1.5.1, Maintainer: pkgsrc-users

Active Record -- Object-relational mapping in Rails

Active Record connects classes to relational database tables to establish an
almost zero-configuration persistence layer for applications. The library
provides a base class that, when subclassed, sets up a mapping between the
new class and an existing table in the database. In the context of an
application, these classes are commonly referred to as *models*. Models can
also be connected to other models; this is done by defining *associations*.

Active Record relies heavily on naming in that it uses class and association
names to establish mappings between respective database tables and foreign
key columns. Although these mappings can be defined explicitly, it's
recommended to follow naming conventions, especially when getting started
with the library.

This is for Ruby on Rails 7.1.

Master sites:

https://rubygems.org/gems/ (Download)

Filesize: 535.5 KB

Version history: (Expand)

(2024-12-11) Updated to version: ruby32-activerecord71-7.1.5.1
(2024-12-01) Updated to version: ruby32-activerecord71-7.1.5
(2024-10-27) Updated to version: ruby32-activerecord71-7.1.4.2
(2024-10-21) Updated to version: ruby32-activerecord71-7.1.4.1
(2024-09-22) Updated to version: ruby32-activerecord71-7.1.4
(2024-06-05) Updated to version: ruby32-activerecord71-7.1.3.4

CVS history: (Expand)

2024-12-11 16:37:33 by Takahiro Kambe | Files touched by this commit (15) | Package updated

Log message:
www/ruby-rails71: update to 7.1.5.1

Update to Ruby on Rails 7.1.5.1.

Action Pack

* Add validation to content security policies to disallow spaces and
  semicolons.  Developers should use multiple arguments, and different
  directive methods instead.

  [CVE-2024-54133]

  Gannon McGibbon

Action Text

* Update vendored trix version to 2.1.10

  John Hawthorn

2024-12-11 16:27:35 by Takahiro Kambe | Files touched by this commit (1)

Log message:
databases/ruby-activerecord71: require ruby-timeout

Require ruby-timeout package before Ruby 3.3.

Bump PKGREVISION.

2024-12-01 16:47:47 by Takahiro Kambe | Files touched by this commit (14) | Package updated

Log message:
www/rails71: update to 7.1.5

Ruby on Rails 7.1.5 (2024-10-31)

Active Model

* Fix regression in alias_attribute to work with user defined methods.

   alias_attribute would wrongly assume the attribute accessor was generated
   by Active Model.

	class Person
	  include ActiveModel::AttributeMethods

	  define_attribute_methods :name
	  attr_accessor :name

	  alias_attribute :full_name, :name
	end

    person.full_name # => NoMethodError: undefined method `attribute' for an
    instance of Person

    Jean Boussier

Active Record

* Fix marshalling of unsaved associated records in 7.1 format.

  The 7.1 format would only marshal associated records if the association
  was loaded.  But associations that would only contain unsaved records
  would be skipped.

  Jean Boussier

* Fix an issue where .left_outer_joins used with multiple associations that
  have the same child association but different parents does not join all
  parents.

  Previously, using .left_outer_joins with the same child association would
  only join one of the parents.

  Now it will correctly join both parents.

    Fixes #41498.

    Garrett Blehm

* Ensure ActiveRecord::Encryption.config is always ready before access.

  Previously, ActiveRecord::Encryption configuration was deferred until
  ActiveRecord::Base was loaded. Therefore, accessing
  ActiveRecord::Encryption.config properties before ActiveRecord::Base was
  loaded would give incorrect results.

  ActiveRecord::Encryption now has its own loading hook so that its
  configuration is set as soon as needed.

  When ActiveRecord::Base is loaded, even lazily, it in turn triggers the
  loading of ActiveRecord::Encryption, thus preserving the original behavior
  of having its config ready before any use of ActiveRecord::Base.

  Maxime Réty

* Add TimeZoneConverter#== method, so objects will be properly compared by
  their type, scale, limit & precision.

  Address #52699.

  Ruy Rocha

2024-10-27 15:35:27 by Takahiro Kambe | Files touched by this commit (14) | Package updated

Log message:
www/ruby-rails71: update to 7.1.4.2

Security fix of ruby-action-mailer70.  Other packages have no change
except their version.

7.1.4.2 (2024-10-23)

Action Mailer

* Fix NoMethodError in block_format helper [Michael Leimstaedtner]

2024-10-21 17:07:30 by Takahiro Kambe | Files touched by this commit (14) | Package updated

Log message:
www/ruby-rails71: update to 7.1.4.1

Update Ruby on Rails 7.1 to 7.1.4.1.

Active Support

* No changes.

Active Model

* No changes.

Active Record

* No changes.

Action View

* No changes.

Action Pack

* Avoid regex backtracking in HTTP Token authentication [CVE-2024-47887]
* Avoid regex backtracking in query parameter filtering [CVE-2024-41128]

Active Job

* No changes.

Action Mailer

* Avoid regex backtracking in block_format helper [CVE-2024-47889]

Action Cable

* No changes.

Active Storage

* No changes.

Action Mailbox

* No changes.

Action Text

* Avoid backtracing in plain_text_for_blockquote_node [CVE-2024-47888]

Railties

* No changes.

2024-09-22 15:23:22 by Takahiro Kambe | Files touched by this commit (2) | Package updated

Log message:
databases/ruby-activerecord71: update to 7.1.4

Active Record 7.1.4 (2024-08-22)

Changes are too many to write here, please refer section of Active Record:
<https://github.com/rails/rails/releases/tag/v7.1.4>.

2024-06-05 18:44:18 by Takahiro Kambe | Files touched by this commit (14) | Package updated

Log message:
www/ruby-rails71: update to 7.1.3.4

Security fix for CVE-2024-32464 (textproc/ruby-actiontext70) and
CVE-2024-28103 (www/ruby-actionpack61 package).

Ruby on Rails 7.1.3.4 (2024-06-04)

Action Text

    * Sanitize ActionText HTML ContentAttachment in Trix edit view
      [CVE-2024-32464]

  Action Pack

    * Include the HTTP Permissions-Policy on non-HTML Content-Types
      [CVE-2024-28103]

2024-02-24 15:55:27 by Takahiro Kambe | Files touched by this commit (15) | Package updated

Log message:
www/ruby-rails71: update to 7.1.3.2

Update Ruby on Rails 7.1 and related pacakges to 7.1.3.2
This includes security fix:

	CVE-2024-26142 for www/ruby-actionpack71
	CVE-2024-26143 for www/ruby-actionpack71

Action Pack

* Fix possible XSS vulnerability with the translate method in controllers

  CVE-2024-26143

* Fix ReDoS in Accept header parsing

  CVE-2024-26142