Path to this page:
./
www/ruby-actioncable52,
Toolkit for building modeling frameworks (part of Rails 5.2)
Branch: CURRENT,
Version: 5.2.7.1,
Package name: ruby27-actioncable52-5.2.7.1,
Maintainer: pkgsrc-users# Action Cable – Integrated WebSockets for Rails
Action Cable seamlessly integrates WebSockets with the rest of your Rails
application. It allows for real-time features to be written in Ruby in the
same style and form as the rest of your Rails application, while still being
performant and scalable. It's a full-stack offering that provides both a
client-side JavaScript framework and a server-side Ruby framework. You have
access to your full domain model written with Active Record or your ORM of
choice.
This is for Ruby on Rails 5.2.
Required to run:[
www/ruby-websocket-driver] [
net/ruby-nio4r] [
lang/ruby26-base] [
www/ruby-actionpack52]
Required to build:[
pkgtools/cwrappers]
Master sites:
Filesize: 40.5 KB
Version history: (Expand)
- (2022-05-05) Updated to version: ruby27-actioncable52-5.2.7.1
- (2022-03-13) Updated to version: ruby27-actioncable52-5.2.6.3
- (2022-02-13) Updated to version: ruby27-actioncable52-5.2.6.2
- (2021-10-07) Updated to version: ruby27-actioncable52-5.2.6
- (2021-07-04) Updated to version: ruby26-actioncable52-5.2.6
- (2021-04-11) Updated to version: ruby26-actioncable52-5.2.5
CVS history: (Expand)
2022-05-05 05:08:16 by Takahiro Kambe | Files touched by this commit (7) |
Log message:
Update rest of Ruby on Rails 52 components.
No change except version.
|
2022-03-13 16:04:27 by Takahiro Kambe | Files touched by this commit (12) |  |
Log message:
www/ruby-rails52: update to 5.2.6.3
Ruby on Rails 5.2.6.3 is not latest version but it should be easy to pull-up
to pkgsrc-2021Q4.
Changes are in devel/ruby-activestorage52 only.
Rails 5.2.6.3 (March 08, 2022)
* Added image transformation validation via configurable allow-list.
Variant now offers a configurable allow-list for
transformation methods in addition to a configurable deny-list for arguments.
[CVE-2022-21831]
|
2022-02-13 08:26:07 by Takahiro Kambe | Files touched by this commit (12) |  |
Log message:
www/ruby-rails52: update to 5.2.6.2
This update contains security fix for CVE-2022-23633 in
Active Support 5.2.6.2 (2022-02-11)
* Fix Reloader method signature to work with the new Executor signature.
Action Pack 5.2.6.2 (2022-02-11)
* Under certain circumstances, the middleware isn't informed that the
response body has been fully closed which result in request state
not being fully reset before the next request.
[CVE-2022-23633]
|
2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030) |
Log message:
www: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts):
www/nghttp2/distinfo
Unfetchable distfiles (almost certainly fetched conditionally...):
./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx-devel/distinfo naxsi-1.3.tar.gz
./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx-devel/distinfo njs-0.5.0.tar.gz
./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz
./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx/distinfo naxsi-1.3.tar.gz
./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx/distinfo njs-0.5.0.tar.gz
./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz
|
2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033) |
Log message:
www: Remove SHA1 hashes for distfiles
|
2021-07-04 08:24:47 by Takahiro Kambe | Files touched by this commit (12) |  |
Log message:
www/ruby-rails52: update to 5.2.6
Ruby on Rails 5.2.6 (2021-05-05)
There are changes in www/ruby-actionpack52 only, including security fix.
Action Pack
* Accept base64_urlsafe CSRF tokens to make forward compatible.
Base64 strict-encoded CSRF tokens are not inherently websafe, which
makes them difficult to deal with. For example, the common practice
of sending the CSRF token to a browser in a client-readable cookie
does not work properly out of the box: the value has to be
url-encoded and decoded to survive transport.
In this version, we generate Base64 urlsafe-encoded CSRF tokens,
which are inherently safe to transport. Validation accepts both
urlsafe tokens, and strict-encoded tokens for backwards
compatibility.
How the tokes are encoded is controllr by the
action_controller.urlsafe_csrf_tokens config.
In Rails 5.2.5, the CSRF token format was accidentally changed to
urlsafe-encoded.
Atention: If you already upgraded your application to 5.2.5, set the
config urlsafe_csrf_tokens to true, otherwise your form submission
will start to fail during the deploy of this new version.
Rails.application.config.action_controller.urlsafe_csrf_tokens = true
If you are upgrading from 5.2.4.x, you don't need to change this
configuration.
Scott Blum, Étienne Barrié
|
2021-04-11 15:20:09 by Takahiro Kambe | Files touched by this commit (13) |  |
Log message:
www/ruby-rails52: update to 5.2.5
Real changes are in devel/ruby-activestorage52 only.
## Rails 5.2.5 (March 26, 2021) ##
* Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
mime types data.
*George Claghorn*
* The Poppler PDF previewer renders a preview image using the original
document's crop box rather than its media box, hiding print margins. This
matches the behavior of the MuPDF previewer.
*Vincent Robert*
|
2021-02-11 15:23:42 by Takahiro Kambe | Files touched by this commit (12) |  |
Log message:
www/rails52: update to 5.2.4.5
## Rails 5.2.4.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
|