Next | Query returned 25 messages, browsing 21 to 30 | previous

History of commit frequency

CVS Commit History:


   2021-07-04 10:05:52 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
www/ruby-rails61: update to 6.1.4

No change except version.
   2021-05-08 16:08:57 by Takahiro Kambe | Files touched by this commit (14) | Package updated
Log message:
www/ruby-rails61: update to 6.1.3.2

Real changes are in www/ruby-actionpack61 only.

## Rails 6.1.3.2 (May 05, 2021) ##

*   Prevent open redirects by correctly escaping the host allow list
    CVE-2021-22903

*   Prevent catastrophic backtracking during mime parsing
    CVE-2021-22902

*   Prevent regex DoS in HTTP token authentication
    CVE-2021-22904

*   Prevent string polymorphic route arguments.

    `url_for` supports building polymorphic URLs via an array
    of arguments (usually symbols and records). If a developer passes a
    user input array, strings can result in unwanted route helper calls.

    CVE-2021-22885

    *Gannon McGibbon*
   2021-04-11 15:28:02 by Takahiro Kambe | Files touched by this commit (15) | Package updated
Log message:
www/ruby-rails61: update to 6.1.3.1

Real changes are in devel/devel/ruby-activestorage61 only.

## Rails 6.1.3.1 (March 26, 2021) ##

*  Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
   mime types data.

   *George Claghorn*
   2021-02-28 16:42:41 by Takahiro Kambe | Files touched by this commit (13) | Package updated
Log message:
www/ruby-rails61: update to 6.1.3

Rails 6.1.3 (February 17, 2021)

[ActionPack]

* Re-define routes when not set correctly via inheritance.

    *John Hawthorn*

[ActiveRecord]

* Fix the MySQL adapter to always set the right collation and charset
  to the connection session.

    *Rafael Mendonça França*

* Fix MySQL adapter handling of time objects when prepared statements
  are enabled.

    *Rafael Mendonça França*

* Fix scoping in enum fields using conditions that would generate
  an IN clause.

    *Ryuta Kamizono*

* Skip optimised #exist? query when #include? is called on a relation
  with a having clause

  Relations that have aliased select values AND a having clause that
  references an aliased select value would generate an error when
  #include? was called, due to an optimisation that would generate
  call #exists? on the relation instead, which effectively alters
  the select values of the query (and thus removes the aliased select
  values), but leaves the having clause intact. Because the having
  clause is then referencing an aliased column that is no longer
  present in the simplified query, an ActiveRecord::InvalidStatement
  error was raised.

  An sample query affected by this problem:

    Author.select('COUNT(*) as total_posts', 'authors.*')
          .joins(:posts)
          .group(:id)
          .having('total_posts > 2')
          .include?(Author.first)

  This change adds an addition check to the condition that skips the
  simplified #exists? query, which simply checks for the presence of
  a having clause.

  Fixes #41417

    *Michael Smart*

* Increment postgres prepared statement counter before making a
  prepared statement, so if the statement is aborted without Rails
  knowledge (e.g., if app gets kill -9d during long-running query or
  due to Rack::Timeout), app won't end up in perpetual crash state for
  being inconsistent with Postgres.

    *wbharding*, *Martin Tepper*
   2021-02-14 15:10:02 by Takahiro Kambe | Files touched by this commit (4)
Log message:
www/ruby-rails61: add package version 6.1.2.1

Ruby on Rails is a full-stack web framework optimized for programmer
happiness and sustainable productivity.  It encourages beautiful code
by favoring convention over configuration.

This is for Ruby on Rails 6.1.

Next | Query returned 25 messages, browsing 21 to 30 | previous