./www/ruby-actionview61, Rendering framework putting the V in MVC (part of Rails 6.1)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 6.1.6, Package name: ruby27-actionview61-6.1.6, Maintainer: pkgsrc-users

Action View provides simple, battle-tested conventions and helpers for
building web pages.

This is for Ruby on Rails 6.1.


Master sites:

Filesize: 168 KB

Version history: (Expand)


CVS history: (Expand)


   2022-06-07 17:05:23 by Takahiro Kambe | Files touched by this commit (15) | Package updated
Log message:
www/ruby-rails61: update to 6.1.6

Ruby on Rails 6.1.6 (2022-05-12)

Active Support

* Fix and add protections for XSS in ActionView::Helpers and ERB::Util.

  Add the method ERB::Util.xml_name_escape to escape dangerous characters in
  names of tags and names of attributes, following the specification of XML.

Action View

* Fix and add protections for XSS in ActionView::Helpers and ERB::Util.

  Escape dangerous characters in names of tags and names of attributes in
  the tag helpers, following the XML specification. Rename the option
  :escape_attributes to :escape, to simplify by applying the option to the
  whole tag.

Action Pack

* Allow Content Security Policy DSL to generate for API responses.
   2022-05-05 05:29:32 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
www/ruby-actionview61: update to 6.1.5.1

## Rails 6.1.5.1 (April 26, 2022) ##

*   Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.

    Escape dangerous characters in names of tags and names of attributes in the
    tag helpers, following the XML specification. Rename the option
    `:escape_attributes` to `:escape`, to simplify by applying the option to the
    whole tag.

    *Álvaro Martín Fraguas*

## Rails 6.1.5 (March 09, 2022) ##

*   `preload_link_tag` properly inserts `as` attributes for files with `image` MIME
    types, such as JPG or SVG.

    *Nate Berkopec*

*   Add `autocomplete="off"` to all generated hidden fields.

    Fixes #42610.

    *Ryan Baumann*

*   Fix `current_page?` when URL has trailing slash.

    This fixes the `current_page?` helper when the given URL has a trailing slash,
    and is an absolute URL or also has query params.

    Fixes #33956.

    *Jonathan Hefner*
   2022-03-27 08:30:00 by Thomas Klausner | Files touched by this commit (24)
Log message:
ruby*: fix rails version in COMMENT
   2022-03-13 16:11:52 by Takahiro Kambe | Files touched by this commit (14) | Package updated
Log message:
www/ruby-rails61: update to 6.1.4.7

Ruby on Rails 6.1.4.7 is not latest version but it should be easy to pull-up
to pkgsrc-2021Q4.

Changes are in devel/ruby-activestorage61 only.

## Rails 6.1.4.7 (March 08, 2022) ##

* Added image transformation validation via configurable allow-list.

 Variant now offers a configurable allow-list for
 transformation methods in addition to a configurable deny-list for arguments.

 [CVE-2022-21831]
   2022-02-13 08:35:06 by Takahiro Kambe | Files touched by this commit (14) | Package updated
Log message:
www/ruby-rails61: update to 6.1.4.6

This update contains security fix for CVE-2022-23633 in ruby-actionpack61.

Active Support 6.1.4.6 (2022-02-11)

* Fix Reloader method signature to work with the new Executor signature.

Action Pack 6.1.4.5 (2022-02-11)

* Under certain circumstances, the middleware isn't informed that the
  response body has been fully closed which result in request state
  not being fully reset before the next request.

  [CVE-2022-23633]

Other packages have no change.
   2021-12-19 06:25:04 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
www/ruby-actionview61: update to 6.1.4.4

No change except version.
   2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030)
Log message:
www: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts):
www/nghttp2/distinfo

Unfetchable distfiles (almost certainly fetched conditionally...):
./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx-devel/distinfo naxsi-1.3.tar.gz
./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx-devel/distinfo njs-0.5.0.tar.gz
./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz
./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx/distinfo naxsi-1.3.tar.gz
./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx/distinfo njs-0.5.0.tar.gz
./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz
   2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033)
Log message:
www: Remove SHA1 hashes for distfiles