The NetBSD Project

CVS log for pkgsrc/databases/ruby-activerecord52/Attic/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / databases / ruby-activerecord52

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.16
Sun Sep 3 15:29:49 2023 UTC (15 months, 1 week ago) by taca
Branches: MAIN
CVS tags: HEAD
FILE REMOVED
Changes since revision 1.15: +1 -1 lines
Remove Ruby on Rails 5.2 packages.

Ruby on Rails 5.2 reached EOL.

Revision 1.14.2.1: download - view: text, markup, annotated - select for diffs
Sat Jul 23 17:05:52 2022 UTC (2 years, 4 months ago) by spz
Branches: pkgsrc-2022Q2
Diff to: previous 1.14: preferred, colored; next MAIN 1.15: preferred, colored
Changes since revision 1.14: +4 -4 lines
Pullup ticket #6653 - requested by taca
databases/ruby-activerecord52: security update
devel/ruby-activejob52: security update
devel/ruby-activemodel52: security update
devel/ruby-activestorage52: security update
devel/ruby-activesupport52: security update
devel/ruby-railties52: security update
mail/ruby-actionmailer52: security update
www/ruby-actioncable52: security update
www/ruby-actionpack52: security update
www/ruby-actionview52: security update
www/ruby-rails52: security update


Revisions pulled up:
- databases/ruby-activerecord52/distinfo                        1.15
- devel/ruby-activejob52/distinfo                               1.15
- devel/ruby-activemodel52/distinfo                             1.15
- devel/ruby-activestorage52/distinfo                           1.15
- devel/ruby-activesupport52/distinfo                           1.15
- devel/ruby-railties52/Makefile                                1.4
- devel/ruby-railties52/distinfo                                1.15
- lang/ruby/rails.mk                                            1.129
- mail/ruby-actionmailer52/distinfo                             1.15
- www/ruby-actioncable52/distinfo                               1.15
- www/ruby-actionpack52/distinfo                                1.15
- www/ruby-actionview52/distinfo                                1.15
- www/ruby-rails52/distinfo                                     1.15

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Jul 13 14:41:09 UTC 2022

   Modified Files:
   	pkgsrc/databases/ruby-activerecord52: distinfo
   	pkgsrc/devel/ruby-activejob52: distinfo
   	pkgsrc/devel/ruby-activemodel52: distinfo
   	pkgsrc/devel/ruby-activestorage52: distinfo
   	pkgsrc/devel/ruby-activesupport52: distinfo
   	pkgsrc/devel/ruby-railties52: Makefile distinfo
   	pkgsrc/lang/ruby: rails.mk
   	pkgsrc/mail/ruby-actionmailer52: distinfo
   	pkgsrc/www/ruby-actioncable52: distinfo
   	pkgsrc/www/ruby-actionpack52: distinfo
   	pkgsrc/www/ruby-actionview52: distinfo
   	pkgsrc/www/ruby-rails52: distinfo

   Log Message:
   www/ruby-rails52: update to 5.2.8.1

   Rails 5.2.8.1 (2022-07-12) updates databases/ruby-activerecord52 only.

   databases/ruby-activerecord52

   * Change ActiveRecord::Coders::YAMLColumn default to safe_load

     This adds two new configuration options The configuration options are as
     follows:

   	o config.active_storage.use_yaml_unsafe_load

     When set to true, this configuration option tells Rails to use the old
     "unsafe" YAML loading strategy, maintaining the existing behavior but
     leaving the possible escalation vulnerability in place.  Setting this
     option to true is *not* recommended, but can aid in upgrading.

   	o config.active_record.yaml_column_permitted_classes

     The "safe YAML" loading method does not allow all classes to be
     deserialized by default.  This option allows you to specify classes deemed
     "safe" in your application.  For example, if your application uses Symbol
     and Time in serialized data, you can add Symbol and Time to the allowed
     list as follows:

   	config.active_record.yaml_column_permitted_classes = [Symbol, Date, Time]

     [CVE-2022-32224]


   To generate a diff of this commit:
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/databases/ruby-activerecord52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/devel/ruby-activejob52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/devel/ruby-activemodel52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/devel/ruby-activestorage52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/devel/ruby-activesupport52/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/devel/ruby-railties52/Makefile
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/devel/ruby-railties52/distinfo
   cvs rdiff -u -r1.128 -r1.129 pkgsrc/lang/ruby/rails.mk
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/mail/ruby-actionmailer52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/ruby-actioncable52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/ruby-actionpack52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/ruby-actionview52/distinfo
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/ruby-rails52/distinfo

Revision 1.15: download - view: text, markup, annotated - select for diffs
Wed Jul 13 14:41:08 2022 UTC (2 years, 5 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +4 -4 lines
www/ruby-rails52: update to 5.2.8.1

Rails 5.2.8.1 (2022-07-12) updates databases/ruby-activerecord52 only.

databases/ruby-activerecord52

* Change ActiveRecord::Coders::YAMLColumn default to safe_load

  This adds two new configuration options The configuration options are as
  follows:

	o config.active_storage.use_yaml_unsafe_load

  When set to true, this configuration option tells Rails to use the old
  "unsafe" YAML loading strategy, maintaining the existing behavior but
  leaving the possible escalation vulnerability in place.  Setting this
  option to true is *not* recommended, but can aid in upgrading.

	o config.active_record.yaml_column_permitted_classes

  The "safe YAML" loading method does not allow all classes to be
  deserialized by default.  This option allows you to specify classes deemed
  "safe" in your application.  For example, if your application uses Symbol
  and Time in serialized data, you can add Symbol and Time to the allowed
  list as follows:


	config.active_record.yaml_column_permitted_classes = [Symbol, Date, Time]


  [CVE-2022-32224]

Revision 1.14: download - view: text, markup, annotated - select for diffs
Tue Jun 7 14:48:12 2022 UTC (2 years, 6 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base
Branch point for: pkgsrc-2022Q2
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +4 -4 lines
www/ruby-rails52: update to 5.2.8

Ruby on Rails 5.2.8 (2022-05-12)

Active Support

* Fix tag helper regression.

Action View

* Make `LoadInterlockAwareMonitor` work in Ruby 2.7.
* Retain Ruby 2.2 compatibility.

Revision 1.12.2.1: download - view: text, markup, annotated - select for diffs
Sat Jun 4 09:00:30 2022 UTC (2 years, 6 months ago) by spz
Branches: pkgsrc-2022Q1
Diff to: previous 1.12: preferred, colored; next MAIN 1.13: preferred, colored
Changes since revision 1.12: +4 -4 lines
Pullup ticket #6628 - requested by taca
databases/ruby-activerecord52: security update
devel/ruby-activejob52: security update
devel/ruby-activemodel52: security update
devel/ruby-activestorage52: security update
devel/ruby-activesupport52: security update
devel/ruby-railties52: security update
lang/ruby: version info update
mail/ruby-actionmailer52: security update
www/ruby-actioncable52: security update
www/ruby-actionpack52: security update
www/ruby-actionview52: security update
www/ruby-rails52: security update


Revisions pulled up:
- databases/ruby-activerecord52/distinfo                        1.13
- devel/ruby-activejob52/distinfo                               1.13
- devel/ruby-activemodel52/distinfo                             1.13
- devel/ruby-activestorage52/distinfo                           1.13
- devel/ruby-activesupport52/distinfo                           1.13
- devel/ruby-railties52/distinfo                                1.13
- lang/ruby/rails.mk                                            1.119
- mail/ruby-actionmailer52/distinfo                             1.13
- www/ruby-actioncable52/distinfo                               1.13
- www/ruby-actionpack52/Makefile                                1.2
- www/ruby-actionpack52/distinfo                                1.13
- www/ruby-actionview52/distinfo                                1.13
- www/ruby-rails52/distinfo                                     1.13

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:02:07 UTC 2022

   Modified Files:
   	pkgsrc/lang/ruby: rails.mk

   Log Message:
   lang/ruby/rails.mk: start update of Ruby on Rails to 5.2.7.1


   To generate a diff of this commit:
   cvs rdiff -u -r1.118 -r1.119 pkgsrc/lang/ruby/rails.mk

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:03:50 UTC 2022

   Modified Files:
   	pkgsrc/devel/ruby-activesupport52: distinfo

   Log Message:
   devel/ruby-activesupport52: update to 5.2.7.1

   ## Rails 5.2.7.1 (April 26, 2022) ##

   *   Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.

       Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
       in names of tags and names of attributes, following the specification of XML.

       *Álvaro Martín Fraguas*

   ## Rails 5.2.7 (March 10, 2022) ##

   *   Restore support to Ruby 2.2.

       *ojab*


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/devel/ruby-activesupport52/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:04:44 UTC 2022

   Modified Files:
   	pkgsrc/www/ruby-actionview52: distinfo

   Log Message:
   www/ruby-actionview52: update to 5.2.7.1

   ## Rails 5.2.7.1 (April 26, 2022) ##

   *   Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.

       Escape dangerous characters in names of tags and names of attributes in the
       tag helpers, following the XML specification. Rename the option
       `:escape_attributes` to `:escape`, to simplify by applying the option to the
       whole tag.

       *Álvaro Martín Fraguas*

   ## Rails 5.2.7 (March 10, 2022) ##

   *   No changes.


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/ruby-actionview52/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:05:24 UTC 2022

   Modified Files:
   	pkgsrc/www/ruby-actionpack52: Makefile distinfo

   Log Message:
   www/ruby-actionpack52: update to 5.2.7.1

   ## Rails 5.2.7.1 (April 26, 2022) ##

   *   Allow Content Security Policy DSL to generate for API responses.

       *Tim Wade*

   ## Rails 5.2.7 (March 10, 2022) ##

   *   No changes.


   To generate a diff of this commit:
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/ruby-actionpack52/Makefile
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/ruby-actionpack52/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:06:04 UTC 2022

   Modified Files:
   	pkgsrc/devel/ruby-activestorage52: distinfo

   Log Message:
   devel/ruby-activestorage52: update to 5.2.7.1

   ## Rails 5.2.7.1 (April 26, 2022) ##

   *   No changes.

   ## Rails 5.2.7 (March 10, 2022) ##

   *   Fix `ActiveStorage.supported_image_processing_methods` and
       `ActiveStorage.unsupported_image_processing_arguments` that were not being applied.

       *Rafael Mendonça França*


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/devel/ruby-activestorage52/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:08:16 UTC 2022

   Modified Files:
   	pkgsrc/databases/ruby-activerecord52: distinfo
   	pkgsrc/devel/ruby-activejob52: distinfo
   	pkgsrc/devel/ruby-activemodel52: distinfo
   	pkgsrc/devel/ruby-railties52: distinfo
   	pkgsrc/mail/ruby-actionmailer52: distinfo
   	pkgsrc/www/ruby-actioncable52: distinfo
   	pkgsrc/www/ruby-rails52: distinfo

   Log Message:
   Update rest of Ruby on Rails 52 components.

   No change except version.


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/ruby-activerecord52/distinfo
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/devel/ruby-activejob52/distinfo
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/devel/ruby-activemodel52/distinfo
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/devel/ruby-railties52/distinfo
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/mail/ruby-actionmailer52/distinfo
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/ruby-actioncable52/distinfo
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/ruby-rails52/distinfo

Revision 1.13: download - view: text, markup, annotated - select for diffs
Thu May 5 03:08:15 2022 UTC (2 years, 7 months ago) by taca
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +4 -4 lines
Update rest of Ruby on Rails 52 components.

No change except version.

Revision 1.12: download - view: text, markup, annotated - select for diffs
Sun Mar 13 15:04:27 2022 UTC (2 years, 9 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2022Q1-base
Branch point for: pkgsrc-2022Q1
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +4 -4 lines
www/ruby-rails52: update to 5.2.6.3

Ruby on Rails 5.2.6.3 is not latest version but it should be easy to pull-up
to pkgsrc-2021Q4.

Changes are in devel/ruby-activestorage52 only.


Rails 5.2.6.3 (March 08, 2022)

* Added image transformation validation via configurable allow-list.

  Variant now offers a configurable allow-list for
  transformation methods in addition to a configurable deny-list for arguments.

  [CVE-2022-21831]

Revision 1.10.2.1: download - view: text, markup, annotated - select for diffs
Thu Mar 3 19:00:06 2022 UTC (2 years, 9 months ago) by bsiegert
Branches: pkgsrc-2021Q4
Diff to: previous 1.10: preferred, colored; next MAIN 1.11: preferred, colored
Changes since revision 1.10: +4 -4 lines
Pullup ticket #6587 - requested by taca
www/ruby-rails52: security fix

Revisions pulled up:
- databases/ruby-activerecord52/distinfo                        1.11
- devel/ruby-activejob52/distinfo                               1.11
- devel/ruby-activemodel52/distinfo                             1.11
- devel/ruby-activestorage52/distinfo                           1.11
- devel/ruby-activesupport52/distinfo                           1.11
- devel/ruby-railties52/distinfo                                1.11
- lang/ruby/rails.mk                                            1.111
- mail/ruby-actionmailer52/distinfo                             1.11
- www/ruby-actioncable52/distinfo                               1.11
- www/ruby-actionpack52/distinfo                                1.11
- www/ruby-actionview52/distinfo                                1.11
- www/ruby-rails52/distinfo                                     1.11

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Feb 13 07:26:07 UTC 2022

   Modified Files:
   	pkgsrc/databases/ruby-activerecord52: distinfo
   	pkgsrc/devel/ruby-activejob52: distinfo
   	pkgsrc/devel/ruby-activemodel52: distinfo
   	pkgsrc/devel/ruby-activestorage52: distinfo
   	pkgsrc/devel/ruby-activesupport52: distinfo
   	pkgsrc/devel/ruby-railties52: distinfo
   	pkgsrc/lang/ruby: rails.mk
   	pkgsrc/mail/ruby-actionmailer52: distinfo
   	pkgsrc/www/ruby-actioncable52: distinfo
   	pkgsrc/www/ruby-actionpack52: distinfo
   	pkgsrc/www/ruby-actionview52: distinfo
   	pkgsrc/www/ruby-rails52: distinfo

   Log Message:
   www/ruby-rails52: update to 5.2.6.2

   This update contains security fix for CVE-2022-23633 in

   Active Support 5.2.6.2 (2022-02-11)

   * Fix Reloader method signature to work with the new Executor signature.

   Action Pack 5.2.6.2 (2022-02-11)

   * Under certain circumstances, the middleware isn't informed that the
     response body has been fully closed which result in request state
     not being fully reset before the next request.

     [CVE-2022-23633]

Revision 1.11: download - view: text, markup, annotated - select for diffs
Sun Feb 13 07:26:06 2022 UTC (2 years, 9 months ago) by taca
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +4 -4 lines
www/ruby-rails52: update to 5.2.6.2

This update contains security fix for CVE-2022-23633 in

Active Support 5.2.6.2 (2022-02-11)

* Fix Reloader method signature to work with the new Executor signature.

Action Pack 5.2.6.2 (2022-02-11)

* Under certain circumstances, the middleware isn't informed that the
  response body has been fully closed which result in request state
  not being fully reset before the next request.

  [CVE-2022-23633]

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue Oct 26 10:09:56 2021 UTC (3 years, 1 month ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2021Q4-base
Branch point for: pkgsrc-2021Q4
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +2 -2 lines
databases: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

The following distfiles could not be fetched (some may be only fetched
conditionally):

./databases/cstore/distinfo D6.data.ros.gz
./databases/cstore/distinfo cstore0.2.tar.gz
./databases/cstore/distinfo data4.tar.gz

Revision 1.9: download - view: text, markup, annotated - select for diffs
Thu Oct 7 13:35:43 2021 UTC (3 years, 2 months ago) by nia
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +1 -2 lines
databases: Remove SHA1 distfile hashes

Revision 1.8: download - view: text, markup, annotated - select for diffs
Sun Jul 4 06:24:46 2021 UTC (3 years, 5 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +5 -5 lines
www/ruby-rails52: update to 5.2.6

Ruby on Rails 5.2.6 (2021-05-05)

There are changes in www/ruby-actionpack52 only, including security fix.

Action Pack

* Accept base64_urlsafe CSRF tokens to make forward compatible.

  Base64 strict-encoded CSRF tokens are not inherently websafe, which
  makes them difficult to deal with.  For example, the common practice
  of sending the CSRF token to a browser in a client-readable cookie
  does not work properly out of the box: the value has to be
  url-encoded and decoded to survive transport.

  In this version, we generate Base64 urlsafe-encoded CSRF tokens,
  which are inherently safe to transport.  Validation accepts both
  urlsafe tokens, and strict-encoded tokens for backwards
  compatibility.

  How the tokes are encoded is controllr by the
  action_controller.urlsafe_csrf_tokens config.

  In Rails 5.2.5, the CSRF token format was accidentally changed to
  urlsafe-encoded.

  Atention: If you already upgraded your application to 5.2.5, set the
  config urlsafe_csrf_tokens to true, otherwise your form submission
  will start to fail during the deploy of this new version.

	Rails.application.config.action_controller.urlsafe_csrf_tokens = true

  If you are upgrading from 5.2.4.x, you don't need to change this
  configuration.

  Scott Blum, Étienne Barrié

Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Apr 11 13:20:08 2021 UTC (3 years, 8 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +5 -5 lines
www/ruby-rails52: update to 5.2.5

Real changes are in devel/ruby-activestorage52 only.


## Rails 5.2.5 (March 26, 2021) ##

*   Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
    mime types data.

    *George Claghorn*

*   The Poppler PDF previewer renders a preview image using the original
    document's crop box rather than its media box, hiding print margins. This
    matches the behavior of the MuPDF previewer.

    *Vincent Robert*

Revision 1.6: download - view: text, markup, annotated - select for diffs
Thu Feb 11 14:23:42 2021 UTC (3 years, 10 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +5 -5 lines
www/rails52: update to 5.2.4.5

## Rails 5.2.4.5 (February 10, 2021) ##

*   Fix possible DoS vector in PostgreSQL money type

    Carefully crafted input can cause a DoS via the regular expressions used
    for validating the money format in the PostgreSQL adapter.  This patch
    fixes the regexp.

    Thanks to @dee-see from Hackerone for this patch!

    [CVE-2021-22880]

    *Aaron Patterson*

Revision 1.5: download - view: text, markup, annotated - select for diffs
Thu Sep 10 14:13:12 2020 UTC (4 years, 3 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +5 -5 lines
www/ruby-rails52: update to  5.2.4.4

Update Ruby on Rails 52 to 5.2.4.4.

Security fix in ruby-actionview52.


## Rails 5.2.4.4 (September 09, 2020) ##

*   [CVE-2020-15169] Fix potential XSS vulnerability in the `translate`/`t` helper

    *Jonathan Hefner*

Revision 1.3.2.1: download - view: text, markup, annotated - select for diffs
Mon Jun 1 19:15:21 2020 UTC (4 years, 6 months ago) by bsiegert
Branches: pkgsrc-2020Q1
Diff to: previous 1.3: preferred, colored; next MAIN 1.4: preferred, colored
Changes since revision 1.3: +5 -5 lines
Pullup ticket #6213 - requested by taca
www/ruby-rails52: security fix

Revisions pulled up:
- lang/ruby/rails.mk                                            patch
- databases/ruby-activerecord52/distinfo                        1.4
- devel/ruby-activejob52/distinfo                               1.4
- devel/ruby-activemodel52/distinfo                             1.4
- devel/ruby-activestorage52/distinfo                           1.4
- devel/ruby-activesupport52/distinfo                           1.4
- devel/ruby-railties52/distinfo                                1.4
- mail/ruby-actionmailer52/distinfo                             1.4
- www/ruby-actioncable52/distinfo                               1.4
- www/ruby-actionpack52/distinfo                                1.4
- www/ruby-actionview52/distinfo                                1.4
- www/ruby-rails52/distinfo                                     1.4

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:33:41 UTC 2020

   Modified Files:
   	pkgsrc/devel/ruby-activesupport52: distinfo

   Log Message:
   devel/ruby-activesupport52: update to 5.2.4.3

   Update ruby-activesupport52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore

   *   [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:34:47 UTC 2020

   Modified Files:
   	pkgsrc/devel/ruby-activemodel52: distinfo

   Log Message:
   devel/ruby-activemodel52: update to 5.2.4.3

   Update ruby-activemodel52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:35:30 UTC 2020

   Modified Files:
   	pkgsrc/devel/ruby-activejob52: distinfo

   Log Message:
   devel/ruby-activejob52: update to 5.2.4.3

   Update ruby-activejob52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:36:18 UTC 2020

   Modified Files:
   	pkgsrc/www/ruby-actionview52: distinfo

   Log Message:
   www/ruby-actionview52: update to 5.2.4.3

   Update ruby-actionview52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:36:58 UTC 2020

   Modified Files:
   	pkgsrc/www/ruby-actionpack52: distinfo

   Log Message:
   www/ruby-actionpack52: update to 5.2.4.3

   Update ruby-actionpack52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   [CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be used to reconstruct a per-form token

   *   [CVE-2020-8164] Return self when calling #each, #each_pair, and #each_value instead of the raw @parameters hash

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:37:46 UTC 2020

   Modified Files:
   	pkgsrc/www/ruby-actioncable52: distinfo

   Log Message:
   www/ruby-actioncable52: update to 5.2.4.3

   Update ruby-actioncable52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:38:35 UTC 2020

   Modified Files:
   	pkgsrc/databases/ruby-activerecord52: distinfo

   Log Message:
   databases/ruby-activerecord52: update to 5.2.4.3

   Update ruby-activerecord52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:39:12 UTC 2020

   Modified Files:
   	pkgsrc/devel/ruby-activestorage52: distinfo

   Log Message:
   devel/ruby-activestorage52: update to 5.2.4.3

   Update ruby-activestorage52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:39:54 UTC 2020

   Modified Files:
   	pkgsrc/mail/ruby-actionmailer52: distinfo

   Log Message:
   mail/ruby-actionmailer52: update to 5.2.4.3

   Update ruby-actionmailer52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:40:32 UTC 2020

   Modified Files:
   	pkgsrc/devel/ruby-railties52: distinfo

   Log Message:
   devel/ruby-railties52: update to 5.2.4.3

   Update ruby-railties52 to 5.2.4.3.

   ## Rails 5.2.4.3 (May 18, 2020) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue May 19 15:41:07 UTC 2020

   Modified Files:
   	pkgsrc/www/ruby-rails52: distinfo

   Log Message:
   www/ruby-rails52: update to 5.2.4.3

   Finally, update ruby-rails52 to 5.2.4.3.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Tue May 19 15:38:35 2020 UTC (4 years, 6 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +5 -5 lines
databases/ruby-activerecord52: update to 5.2.4.3

Update ruby-activerecord52 to 5.2.4.3.


## Rails 5.2.4.3 (May 18, 2020) ##

*   No changes.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Fri Mar 20 15:41:33 2020 UTC (4 years, 8 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base
Branch point for: pkgsrc-2020Q1
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +5 -5 lines
databases/ruby-activerecord52: update to 5.2.4.2

Update ruby-activerecord52 to 5.2.4.2.


## Rails 5.2.4.1 (December 18, 2019) ##

*   No changes.


## Rails 5.2.4 (November 27, 2019) ##

*   Fix circular `autosave: true` causes invalid records to be saved.

    Prior to the fix, when there was a circular series of `autosave: true`
    associations, the callback for a `has_many` association was run while
    another instance of the same callback on the same association hadn't
    finished running. When control returned to the first instance of the
    callback, the instance variable had changed, and subsequent associated
    records weren't saved correctly. Specifically, the ID field for the
    `belongs_to` corresponding to the `has_many` was `nil`.

    Fixes #28080.

    *Larry Reid*

*   PostgreSQL: Fix GROUP BY with ORDER BY virtual count attribute.

    Fixes #36022.

    *Ryuta Kamizono*

*   Fix sqlite3 collation parsing when using decimal columns.

    *Martin R. Schuster*

*   Make ActiveRecord `ConnectionPool.connections` method thread-safe.

    Fixes #36465.

    *Jeff Doering*

*   Assign all attributes before calling `build` to ensure the child record is visible in
    `before_add` and `after_add` callbacks for `has_many :through` associations.

    Fixes #33249.

    *Ryan H. Kerr*

Revision 1.1.2.1: download - view: text, markup, annotated - select for diffs
Sun May 5 18:18:16 2019 UTC (5 years, 7 months ago) by bsiegert
Branches: pkgsrc-2019Q1
Diff to: previous 1.1: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1: +4 -4 lines
Pullup ticket #5954 - requested by taca
www/ruby-rails52: security fix

Revisions pulled up:
- databases/ruby-activerecord52/distinfo                        1.2
- devel/ruby-activejob52/distinfo                               1.2
- devel/ruby-activemodel52/PLIST                                1.2
- devel/ruby-activemodel52/distinfo                             1.2
- devel/ruby-activestorage52/distinfo                           1.2
- devel/ruby-activesupport52/PLIST                              1.2
- devel/ruby-activesupport52/distinfo                           1.2
- devel/ruby-railties52/PLIST                                   1.2
- devel/ruby-railties52/distinfo                                1.2
- lang/ruby/rails.mk                                            1.77
- mail/ruby-actionmailer52/distinfo                             1.2
- www/ruby-actioncable52/distinfo                               1.2
- www/ruby-actionpack52/distinfo                                1.2
- www/ruby-actionview52/distinfo                                1.2
- www/ruby-rails52/distinfo                                     1.2

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:29:39 UTC 2019

   Modified Files:
   	pkgsrc/lang/ruby: rails.mk

   Log Message:
   lang/ruby: start update rails52 to 5.2.3

   Start update of ruby-rails52.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:30:26 UTC 2019

   Modified Files:
   	pkgsrc/devel/ruby-activesupport52: PLIST distinfo

   Log Message:
   devel/ruby-activesupport52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   Add `ActiveSupport::HashWithIndifferentAccess#assoc`.

       `assoc` can now be called with either a string or a symbol.

       *Stefan Sch=FC=DFler*

   *   Fix `String#safe_constantize` throwing a `LoadError` for incorrectl=
   y cased constant references.

       *Keenan Brock*

   *   Allow Range#=3D=3D=3D and Range#cover? on Range

       `Range#cover?` can now accept a range argument like `Range#include?=
   ` and
       `Range#=3D=3D=3D`. `Range#=3D=3D=3D` works correctly on Ruby 2.6. `=
   Range#include?` is moved
       into a new file, with these two methods.

       *utilum*

   *   If the same block is `included` multiple times for a Concern, an ex=
   ception is no longer raised.

       *Mark J. Titorenko*, *Vlad Bokov*

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:30:59 UTC 2019

   Modified Files:
   	pkgsrc/devel/ruby-activemodel52: PLIST distinfo

   Log Message:
   devel/ruby-activemodel52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   Fix date value when casting a multiparameter date hash to not conve=
   rt
       from Gregorian date to Julian date.

       Before:

           Day.new({"day(1i)"=3D>"1", "day(2i)"=3D>"1", "day(3i)"=3D>"1"})=

           =3D> #<Day id: nil, day: "0001-01-03", created_at: nil, updated=
   _at: nil>

       After:

           Day.new({"day(1i)"=3D>"1", "day(2i)"=3D>"1", "day(3i)"=3D>"1"})=

           =3D> #<Day id: nil, day: "0001-01-01", created_at: nil, updated=
   _at: nil>

       Fixes #28521.

       *Sayan Chakraborty*

   *   Fix numericality equality validation of `BigDecimal` and `Float`
       by casting to `BigDecimal` on both ends of the validation.

       *Gannon McGibbon*

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:31:25 UTC 2019

   Modified Files:
   	pkgsrc/devel/ruby-activejob52: distinfo

   Log Message:
   devel/ruby-activejob52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   No changes.

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:31:52 UTC 2019

   Modified Files:
   	pkgsrc/www/ruby-actionview52: distinfo

   Log Message:
   www/ruby-actionview52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   Prevent non-primary mouse keys from triggering Rails UJS click hand=
   lers.
       Firefox fires click events even if the click was triggered by non-p=
   rimary mouse keys such as right- or scroll-wheel-clicks.
       For example, right-clicking a link such as the one described below =
   (with an underlying ajax request registered on click) should not cause =
   that request to occur.

       ```
       <%=3D link_to 'Remote', remote_path, class: 'remote', remote: true,=
    data: { type: :json } %>
       ```

       Fixes #34541

       *Wolfgang Hobmaier*

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:32:37 UTC 2019

   Modified Files:
   	pkgsrc/www/ruby-actionpack52: distinfo

   Log Message:
   www/ruby-actionpack52: update to 5.2.3

   * 5.2.2.2 fixes these security problems:

   	CVE-2019-5418
   	CVE-2019-5419
   	CVE-2019-5420

   ## Rails 5.2.3 (March 27, 2019) ##

   *   Allow using combine the Cache Control `public` and `no-cache` heade=
   rs.

       Before this change, even if `public` was specified for Cache Contro=
   l header,
       it was excluded when `no-cache` was included. This fixed to keep `p=
   ublic`
       header as is.

       Fixes #34780.

       *Yuji Yaginuma*

   *   Allow `nil` params for `ActionController::TestCase`.

       *Ryo Nakamura*

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:33:01 UTC 2019

   Modified Files:
   	pkgsrc/www/ruby-actioncable52: distinfo

   Log Message:
   www/ruby-actioncable52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   No changes.

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:33:31 UTC 2019

   Modified Files:
   	pkgsrc/databases/ruby-activerecord52: distinfo

   Log Message:
   databases/ruby-activerecord52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   Fix different `count` calculation when using `size` with manual `se=
   lect` with DISTINCT.

       Fixes #35214.

       *Juani Villarejo*

   *   Fix prepared statements caching to be enabled even when query cachi=
   ng is enabled.

       *Ryuta Kamizono*

   *   Don't allow `where` with invalid value matches to nil values.

       Fixes #33624.

       *Ryuta Kamizono*

   *   Restore an ability that class level `update` without giving ids.

       Fixes #34743.

       *Ryuta Kamizono*

   *   Fix join table column quoting with SQLite.

       *Gannon McGibbon*

   *   Ensure that `delete_all` on collection proxy returns affected count=
   .=


       *Ryuta Kamizono*

   *   Reset scope after delete on collection association to clear stale o=
   ffsets of removed records.

       *Gannon McGibbon*

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:33:55 UTC 2019

   Modified Files:
   	pkgsrc/devel/ruby-activestorage52: distinfo

   Log Message:
   devel/ruby-activestorage52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   No changes.

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:34:27 UTC 2019

   Modified Files:
   	pkgsrc/mail/ruby-actionmailer52: distinfo

   Log Message:
   mail/ruby-actionmailer52: update to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   No changes.

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:34:57 UTC 2019

   Modified Files:
   	pkgsrc/devel/ruby-railties52: PLIST distinfo

   Log Message:
   devel/ruby-railties52: updateo to 5.2.3

   ## Rails 5.2.3 (March 27, 2019) ##

   *   Seed database with inline ActiveJob job adapter.

       *Gannon McGibbon*

   *   Fix boolean interaction in scaffold system tests.

       *Gannon McGibbon*

   ## Rails 5.2.2.1 (March 11, 2019) ##

   *   No changes.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Apr 14 10:36:34 UTC 2019

   Modified Files:
   	pkgsrc/www/ruby-rails52: distinfo

   Log Message:
   www/ruby-rails52: update to 5.2.3

   Update ruby-rails52 to 5.2.3 which contains security fix of actionpack =
   in
   5.2.2.2.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Sun Apr 14 10:33:31 2019 UTC (5 years, 8 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +5 -5 lines
databases/ruby-activerecord52: update to 5.2.3

## Rails 5.2.3 (March 27, 2019) ##

*   Fix different `count` calculation when using `size` with manual `select` with DISTINCT.

    Fixes #35214.

    *Juani Villarejo*

*   Fix prepared statements caching to be enabled even when query caching is enabled.

    *Ryuta Kamizono*

*   Don't allow `where` with invalid value matches to nil values.

    Fixes #33624.

    *Ryuta Kamizono*

*   Restore an ability that class level `update` without giving ids.

    Fixes #34743.

    *Ryuta Kamizono*

*   Fix join table column quoting with SQLite.

    *Gannon McGibbon*

*   Ensure that `delete_all` on collection proxy returns affected count.

    *Ryuta Kamizono*

*   Reset scope after delete on collection association to clear stale offsets of removed records.

    *Gannon McGibbon*


## Rails 5.2.2.1 (March 11, 2019) ##

*   No changes.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sun Mar 3 14:55:02 2019 UTC (5 years, 9 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2019Q1-base
Branch point for: pkgsrc-2019Q1
databases/ruby-activerecord52: add version 5.2.2 package

Add ruby-activerecord52 version 5.2.2 package.

= Active Record -- Object-relational mapping put on rails

Active Record connects classes to relational database tables to establish an
almost zero-configuration persistence layer for applications. The library
provides a base class that, when subclassed, sets up a mapping between the new
class and an existing table in the database. In context of an application,
these classes are commonly referred to as *models*. Models can also be
connected to other models; this is done by defining *associations*.

This is for Ruby on Rails 5.2.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>