The NetBSD Project

CVS log for pkgsrc/databases/ruby-activerecord60/Attic/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / databases / ruby-activerecord60

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.22
Sun Sep 3 15:50:52 2023 UTC (15 months ago) by taca
Branches: MAIN
CVS tags: HEAD
FILE REMOVED
Changes since revision 1.21: +1 -1 lines
Remove Ruby on Rails 6.0 packages.

Ruby on Rails 6.0 reached EOL.

Revision 1.20.4.1: download - view: text, markup, annotated - select for diffs
Sat Mar 4 13:58:15 2023 UTC (21 months ago) by spz
Branches: pkgsrc-2022Q4
Diff to: previous 1.20: preferred, colored; next MAIN 1.21: preferred, colored
Changes since revision 1.20: +4 -4 lines
Pullup ticket #6732 - requested by taca
databases/ruby-activerecord60: security update
devel/ruby-activejob60: distinfo update
devel/ruby-activemodel60: distinfo update
devel/ruby-activestorage60: distinfo update
devel/ruby-activesupport60: distinfo update
devel/ruby-railties60: distinfo update
mail/ruby-actionmailbox60: distinfo update
mail/ruby-actionmailer60: distinfo update
textproc/ruby-actiontext60: distinfo update
www/ruby-actioncable60: distinfo update
www/ruby-actionpack60: distinfo update
www/ruby-actionpack60: distinfo update
www/ruby-actionview60: distinfo update
www/ruby-rails60: distinfo update


Revisions pulled up:
- databases/ruby-activerecord60/distinfo                        1.21
- devel/ruby-activejob60/distinfo                               1.21
- devel/ruby-activemodel60/distinfo                             1.21
- devel/ruby-activestorage60/distinfo                           1.21
- devel/ruby-activesupport60/distinfo                           1.21
- devel/ruby-railties60/distinfo                                1.21
- lang/ruby/rails.mk                                            1.138
- mail/ruby-actionmailbox60/distinfo                            1.21
- mail/ruby-actionmailer60/distinfo                             1.21
- textproc/ruby-actiontext60/distinfo                           1.21
- www/ruby-actioncable60/distinfo                               1.21
- www/ruby-actionpack60/Makefile                                1.5
- www/ruby-actionpack60/distinfo                                1.21
- www/ruby-actionview60/distinfo                                1.21
- www/ruby-rails60/distinfo                                     1.21

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Jan 19 14:27:26 UTC 2023

   Modified Files:
   	pkgsrc/databases/ruby-activerecord60: distinfo
   	pkgsrc/devel/ruby-activejob60: distinfo
   	pkgsrc/devel/ruby-activemodel60: distinfo
   	pkgsrc/devel/ruby-activestorage60: distinfo
   	pkgsrc/devel/ruby-activesupport60: distinfo
   	pkgsrc/devel/ruby-railties60: distinfo
   	pkgsrc/lang/ruby: rails.mk
   	pkgsrc/mail/ruby-actionmailbox60: distinfo
   	pkgsrc/mail/ruby-actionmailer60: distinfo
   	pkgsrc/textproc/ruby-actiontext60: distinfo
   	pkgsrc/www/ruby-actioncable60: distinfo
   	pkgsrc/www/ruby-actionpack60: Makefile distinfo
   	pkgsrc/www/ruby-actionview60: distinfo
   	pkgsrc/www/ruby-rails60: distinfo

   Log Message:
   www/ruby-rails60: update to 6.0.6.1

   Only databases/ruby-activerecord61 has updated.

   Rails 6.0.6.1 (2023-01-17)

   * Make `sanitize_as_sql_comment` more strict

     Though this method was likely never meant to take user input, it was
     attempting sanitization. That sanitization could be bypassed with
     carefully crafted input.

     This commit makes the sanitization more robust by replacing any
     occurrances of "/*" or "*/" with "/ *" or "* /". It also performs a
     first pass to remove one surrounding comment to avoid compatibility
     issues for users relying on the existing removal.

     This also clarifies in the documentation of annotate that it should not
     be provided user input.

     [CVE-2023-22794]


   To generate a diff of this commit:
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/databases/ruby-activerecord60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activejob60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activemodel60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activestorage60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-activesupport60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/devel/ruby-railties60/distinfo
   cvs rdiff -u -r1.137 -r1.138 pkgsrc/lang/ruby/rails.mk
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/mail/ruby-actionmailbox60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/mail/ruby-actionmailer60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/textproc/ruby-actiontext60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-actioncable60/distinfo
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/ruby-actionpack60/Makefile
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-actionpack60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-actionview60/distinfo
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/ruby-rails60/distinfo

Revision 1.21: download - view: text, markup, annotated - select for diffs
Thu Jan 19 14:27:25 2023 UTC (22 months, 2 weeks ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +4 -4 lines
www/ruby-rails60: update to 6.0.6.1

Only databases/ruby-activerecord61 has updated.

Rails 6.0.6.1 (2023-01-17)

* Make `sanitize_as_sql_comment` more strict

  Though this method was likely never meant to take user input, it was
  attempting sanitization. That sanitization could be bypassed with
  carefully crafted input.

  This commit makes the sanitization more robust by replacing any
  occurrances of "/*" or "*/" with "/ *" or "* /". It also performs a
  first pass to remove one surrounding comment to avoid compatibility
  issues for users relying on the existing removal.

  This also clarifies in the documentation of annotate that it should not
  be provided user input.

  [CVE-2023-22794]

Revision 1.20: download - view: text, markup, annotated - select for diffs
Sat Sep 10 08:19:00 2022 UTC (2 years, 2 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2022Q4-base, pkgsrc-2022Q3-base, pkgsrc-2022Q3
Branch point for: pkgsrc-2022Q4
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +4 -4 lines
www/ruby-rails60: update to 6.0.6

Ruby on Rails 6.0.6 release on 9th September 2022 and
Active Record is only updated.

databases/ruby-activerecord60

* Symbol is allowed by default for YAML columns

  Étienne Barrié

Revision 1.18.2.1: download - view: text, markup, annotated - select for diffs
Sat Jul 23 19:15:50 2022 UTC (2 years, 4 months ago) by spz
Branches: pkgsrc-2022Q2
Diff to: previous 1.18: preferred, colored; next MAIN 1.19: preferred, colored
Changes since revision 1.18: +4 -4 lines
Pullup ticket #6654 - requested by taca
databases/ruby-activerecord60: security update
devel/ruby-activejob60: security update
devel/ruby-activemodel60: security update
devel/ruby-activestorage60: security update
devel/ruby-activesupport60: security update
devel/ruby-railties60: security update
mail/ruby-actionmailbox60: security update
mail/ruby-actionmailer60: security update
textproc/ruby-actiontext60: security update
www/ruby-actioncable60: security update
www/ruby-actionpack60: security update
www/ruby-actionview60: security update
www/ruby-rails60: security update


Revisions pulled up:
- databases/ruby-activerecord60/distinfo                        1.19
- devel/ruby-activejob60/distinfo                               1.19
- devel/ruby-activemodel60/distinfo                             1.19
- devel/ruby-activestorage60/distinfo                           1.19
- devel/ruby-activesupport60/distinfo                           1.19
- devel/ruby-railties60/Makefile                                1.5
- devel/ruby-railties60/distinfo                                1.19
- lang/ruby/rails.mk                                            1.130
- mail/ruby-actionmailbox60/distinfo                            1.19
- mail/ruby-actionmailer60/distinfo                             1.19
- textproc/ruby-actiontext60/distinfo                           1.19
- www/ruby-actioncable60/distinfo                               1.19
- www/ruby-actionpack60/distinfo                                1.19
- www/ruby-actionview60/distinfo                                1.19
- www/ruby-rails60/distinfo                                     1.19

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Jul 13 14:44:10 UTC 2022

   Modified Files:
   	pkgsrc/databases/ruby-activerecord60: distinfo
   	pkgsrc/devel/ruby-activejob60: distinfo
   	pkgsrc/devel/ruby-activemodel60: distinfo
   	pkgsrc/devel/ruby-activestorage60: distinfo
   	pkgsrc/devel/ruby-activesupport60: distinfo
   	pkgsrc/devel/ruby-railties60: Makefile distinfo
   	pkgsrc/lang/ruby: rails.mk
   	pkgsrc/mail/ruby-actionmailbox60: distinfo
   	pkgsrc/mail/ruby-actionmailer60: distinfo
   	pkgsrc/textproc/ruby-actiontext60: distinfo
   	pkgsrc/www/ruby-actioncable60: distinfo
   	pkgsrc/www/ruby-actionpack60: distinfo
   	pkgsrc/www/ruby-actionview60: distinfo
   	pkgsrc/www/ruby-rails60: distinfo

   Log Message:
   www/ruby-rails60: update to 6.0.5.1

   Rails 6.0.5.1 (2022-07-12) updates databases/ruby-activerecord60 only.

   databases/ruby-activerecord60

   * Change ActiveRecord::Coders::YAMLColumn default to safe_load

     This adds two new configuration options The configuration options are as
     follows:

   	o config.active_storage.use_yaml_unsafe_load

     When set to true, this configuration option tells Rails to use the old
     "unsafe" YAML loading strategy, maintaining the existing behavior but
     leaving the possible escalation vulnerability in place.  Setting this
     option to true is *not* recommended, but can aid in upgrading.

   	o config.active_record.yaml_column_permitted_classes

     The "safe YAML" loading method does not allow all classes to be
     deserialized by default.  This option allows you to specify classes deemed
     "safe" in your application.  For example, if your application uses Symbol
     and Time in serialized data, you can add Symbol and Time to the allowed
     list as follows:

   	config.active_record.yaml_column_permitted_classes = [Symbol, Date, Time]

     [CVE-2022-32224]


   To generate a diff of this commit:
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/databases/ruby-activerecord60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/devel/ruby-activejob60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/devel/ruby-activemodel60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/devel/ruby-activestorage60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/devel/ruby-activesupport60/distinfo
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/devel/ruby-railties60/Makefile
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/devel/ruby-railties60/distinfo
   cvs rdiff -u -r1.129 -r1.130 pkgsrc/lang/ruby/rails.mk
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/mail/ruby-actionmailbox60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/mail/ruby-actionmailer60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/textproc/ruby-actiontext60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/ruby-actioncable60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/ruby-actionpack60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/ruby-actionview60/distinfo
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/ruby-rails60/distinfo

Revision 1.19: download - view: text, markup, annotated - select for diffs
Wed Jul 13 14:44:09 2022 UTC (2 years, 4 months ago) by taca
Branches: MAIN
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +4 -4 lines
www/ruby-rails60: update to 6.0.5.1

Rails 6.0.5.1 (2022-07-12) updates databases/ruby-activerecord60 only.

databases/ruby-activerecord60

* Change ActiveRecord::Coders::YAMLColumn default to safe_load

  This adds two new configuration options The configuration options are as
  follows:

	o config.active_storage.use_yaml_unsafe_load

  When set to true, this configuration option tells Rails to use the old
  "unsafe" YAML loading strategy, maintaining the existing behavior but
  leaving the possible escalation vulnerability in place.  Setting this
  option to true is *not* recommended, but can aid in upgrading.

	o config.active_record.yaml_column_permitted_classes

  The "safe YAML" loading method does not allow all classes to be
  deserialized by default.  This option allows you to specify classes deemed
  "safe" in your application.  For example, if your application uses Symbol
  and Time in serialized data, you can add Symbol and Time to the allowed
  list as follows:


	config.active_record.yaml_column_permitted_classes = [Symbol, Date, Time]


  [CVE-2022-32224]

Revision 1.18: download - view: text, markup, annotated - select for diffs
Tue Jun 7 14:59:21 2022 UTC (2 years, 6 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base
Branch point for: pkgsrc-2022Q2
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +4 -4 lines
www/ruby-rails60: update to 6.0.5

Ruby on Rails 6.0.5 (2022-05-12)

Active Support

* Fix tag helper regression.

Action Text

* Disentangle Action Text from ApplicationController

  Allow Action Text to be used without having an ApplicationController
  defined.

  This makes sure:

    - Action Text attachments render the correct URL host in mailers.
    - an ActionController::Renderer isn't allocated per request.
    - Sidekiq doesn't hang with the "classic" autoloader.

Revision 1.16.2.1: download - view: text, markup, annotated - select for diffs
Sat Jun 4 09:17:02 2022 UTC (2 years, 6 months ago) by spz
Branches: pkgsrc-2022Q1
Diff to: previous 1.16: preferred, colored; next MAIN 1.17: preferred, colored
Changes since revision 1.16: +4 -4 lines
Pullup ticket #6629 - requested by taca
databases/ruby-activerecord60: security update
devel/ruby-activejob60: security update
devel/ruby-activemodel60: security update
devel/ruby-activestorage60: security update
devel/ruby-activesupport60: security update
devel/ruby-railties60: security update
lang/ruby: version info update
mail/ruby-actionmailbox60: security update
mail/ruby-actionmailer60: security update
textproc/ruby-actiontext60: security update
www/ruby-actioncable60: security update
www/ruby-actionpack60: security update
www/ruby-actionview60: security update
www/ruby-rails60: security update


Revisions pulled up:
- databases/ruby-activerecord60/distinfo                        1.17
- devel/ruby-activejob60/distinfo                               1.17
- devel/ruby-activemodel60/distinfo                             1.17
- devel/ruby-activestorage60/distinfo                           1.17
- devel/ruby-activesupport60/distinfo                           1.17
- devel/ruby-railties60/distinfo                                1.17
- lang/ruby/rails.mk                                            1.120
- mail/ruby-actionmailbox60/distinfo                            1.17
- mail/ruby-actionmailer60/distinfo                             1.17
- textproc/ruby-actiontext60/distinfo                           1.17
- www/ruby-actioncable60/distinfo                               1.17
- www/ruby-actionpack60/distinfo                                1.17
- www/ruby-actionview60/distinfo                                1.17
- www/ruby-rails60/distinfo                                     1.17

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:20:39 UTC 2022

   Modified Files:
   	pkgsrc/lang/ruby: rails.mk

   Log Message:
   lang/ruby/rails.mk: start update of Ruby on Rails to 6.0.4.8


   To generate a diff of this commit:
   cvs rdiff -u -r1.119 -r1.120 pkgsrc/lang/ruby/rails.mk

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:21:25 UTC 2022

   Modified Files:
   	pkgsrc/devel/ruby-activesupport60: distinfo

   Log Message:
   devel/ruby-activesupport60: update to 6.0.4.8

   ## Rails 6.0.4.8 (April 26, 2022) ##

   *   Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.

       Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
       in names of tags and names of attributes, following the specification of XML.

       *Álvaro Martín Fraguas*


   To generate a diff of this commit:
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/ruby-activesupport60/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:23:12 UTC 2022

   Modified Files:
   	pkgsrc/www/ruby-actionview60: distinfo

   Log Message:
   www/ruby-actionview60: update to 6.0.4.8

   ## Rails 6.0.4.8 (April 26, 2022) ##

   *   Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.

       Escape dangerous characters in names of tags and names of attributes in the
       tag helpers, following the XML specification. Rename the option
       `:escape_attributes` to `:escape`, to simplify by applying the option to the
       whole tag.

       *Álvaro Martín Fraguas*


   To generate a diff of this commit:
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/ruby-actionview60/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:23:48 UTC 2022

   Modified Files:
   	pkgsrc/www/ruby-actionpack60: distinfo

   Log Message:
   www/ruby-actionpack60: update to 6.0.4.8

   ## Rails 6.0.4.8 (April 26, 2022) ##

   *   Allow Content Security Policy DSL to generate for API responses.

       *Tim Wade*


   To generate a diff of this commit:
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/ruby-actionpack60/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu May  5 03:24:55 UTC 2022

   Modified Files:
   	pkgsrc/databases/ruby-activerecord60: distinfo
   	pkgsrc/devel/ruby-activejob60: distinfo
   	pkgsrc/devel/ruby-activemodel60: distinfo
   	pkgsrc/devel/ruby-activestorage60: distinfo
   	pkgsrc/devel/ruby-railties60: distinfo
   	pkgsrc/mail/ruby-actionmailbox60: distinfo
   	pkgsrc/mail/ruby-actionmailer60: distinfo
   	pkgsrc/textproc/ruby-actiontext60: distinfo
   	pkgsrc/www/ruby-actioncable60: distinfo
   	pkgsrc/www/ruby-rails60: distinfo

   Log Message:
   Update rest of Ruby on Rails 60 components.

   No change except version.


   To generate a diff of this commit:
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/databases/ruby-activerecord60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/ruby-activejob60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/ruby-activemodel60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/ruby-activestorage60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/ruby-railties60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/mail/ruby-actionmailbox60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/mail/ruby-actionmailer60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/textproc/ruby-actiontext60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/ruby-actioncable60/distinfo
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/ruby-rails60/distinfo

Revision 1.17: download - view: text, markup, annotated - select for diffs
Thu May 5 03:24:54 2022 UTC (2 years, 7 months ago) by taca
Branches: MAIN
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +4 -4 lines
Update rest of Ruby on Rails 60 components.

No change except version.

Revision 1.16: download - view: text, markup, annotated - select for diffs
Sun Mar 13 15:08:22 2022 UTC (2 years, 8 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2022Q1-base
Branch point for: pkgsrc-2022Q1
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +4 -4 lines
www/ruby-rails60: update to 6.0.4.7

Changes are in devel/ruby-activestorage60 only.


## Rails 6.0.4.7 (March 08, 2022) ##

* Added image transformation validation via configurable allow-list.

  Variant now offers a configurable allow-list for
  transformation methods in addition to a configurable deny-list for arguments.

  [CVE-2022-21831]

Revision 1.14.2.1: download - view: text, markup, annotated - select for diffs
Thu Mar 3 19:06:02 2022 UTC (2 years, 9 months ago) by bsiegert
Branches: pkgsrc-2021Q4
Diff to: previous 1.14: preferred, colored; next MAIN 1.15: preferred, colored
Changes since revision 1.14: +4 -4 lines
Pullup ticket #6588 - requested by taca
www/ruby-rails60: security fix

Revisions pulled up:
- databases/ruby-activerecord60/distinfo                        1.15
- devel/ruby-activejob60/distinfo                               1.15
- devel/ruby-activemodel60/distinfo                             1.15
- devel/ruby-activestorage60/distinfo                           1.15
- devel/ruby-activesupport60/distinfo                           1.15
- devel/ruby-railties60/distinfo                                1.15
- lang/ruby/rails.mk                                            1.112
- mail/ruby-actionmailbox60/distinfo                            1.15
- mail/ruby-actionmailer60/distinfo                             1.15
- textproc/ruby-actiontext60/distinfo                           1.15
- www/ruby-actioncable60/distinfo                               1.15
- www/ruby-actionpack60/distinfo                                1.15
- www/ruby-actionview60/distinfo                                1.15
- www/ruby-rails60/distinfo                                     1.15

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Feb 13 07:31:23 UTC 2022

   Modified Files:
   	pkgsrc/databases/ruby-activerecord60: distinfo
   	pkgsrc/devel/ruby-activejob60: distinfo
   	pkgsrc/devel/ruby-activemodel60: distinfo
   	pkgsrc/devel/ruby-activestorage60: distinfo
   	pkgsrc/devel/ruby-activesupport60: distinfo
   	pkgsrc/devel/ruby-railties60: distinfo
   	pkgsrc/lang/ruby: rails.mk
   	pkgsrc/mail/ruby-actionmailbox60: distinfo
   	pkgsrc/mail/ruby-actionmailer60: distinfo
   	pkgsrc/textproc/ruby-actiontext60: distinfo
   	pkgsrc/www/ruby-actioncable60: distinfo
   	pkgsrc/www/ruby-actionpack60: distinfo
   	pkgsrc/www/ruby-actionview60: distinfo
   	pkgsrc/www/ruby-rails60: distinfo

   Log Message:
   www/ruby-rails60: update to  6.0.4.6

   This update contains security fix for CVE-2022-23633 in ruby-actionpack60.

   Active Support 6.0.4.6 (2022-02-11)

   * Fix Reloader method signature to work with the new Executor signature.

   Action Pack 6.0.4.6

   6.0.4.5 (2022-02-11)

   * Under certain circumstances, the middleware isn't informed that the
     response body has been fully closed which result in request state
     not being fully reset before the next request.

     [CVE-2022-23633]

   Other packages have no change.

Revision 1.15: download - view: text, markup, annotated - select for diffs
Sun Feb 13 07:31:22 2022 UTC (2 years, 9 months ago) by taca
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +4 -4 lines
www/ruby-rails60: update to  6.0.4.6

This update contains security fix for CVE-2022-23633 in ruby-actionpack60.

Active Support 6.0.4.6 (2022-02-11)

* Fix Reloader method signature to work with the new Executor signature.

Action Pack 6.0.4.6

6.0.4.5 (2022-02-11)

* Under certain circumstances, the middleware isn't informed that the
  response body has been fully closed which result in request state
  not being fully reset before the next request.

  [CVE-2022-23633]

Other packages have no change.

Revision 1.14: download - view: text, markup, annotated - select for diffs
Sun Dec 19 05:13:37 2021 UTC (2 years, 11 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2021Q4-base
Branch point for: pkgsrc-2021Q4
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +4 -4 lines
databases/ruby-activerecord60: update to 6.0.4.4

No change except version.

Revision 1.13: download - view: text, markup, annotated - select for diffs
Tue Oct 26 10:09:56 2021 UTC (3 years, 1 month ago) by nia
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +2 -2 lines
databases: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

The following distfiles could not be fetched (some may be only fetched
conditionally):

./databases/cstore/distinfo D6.data.ros.gz
./databases/cstore/distinfo cstore0.2.tar.gz
./databases/cstore/distinfo data4.tar.gz

Revision 1.12: download - view: text, markup, annotated - select for diffs
Thu Oct 7 13:35:43 2021 UTC (3 years, 2 months ago) by nia
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +1 -2 lines
databases: Remove SHA1 distfile hashes

Revision 1.11: download - view: text, markup, annotated - select for diffs
Sun Aug 22 07:12:50 2021 UTC (3 years, 3 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +5 -5 lines
www/ruby-rails60: update to 6.0.4.1

Update Ruby on Rails 6.0 pacakges to 6.0.4.1.

Real changes are in Action Pack (www/ruby-actionpack60).

## Rails 6.0.4.1 (August 19, 2021) ##

* [CVE-2021-22942] Fix possible open redirect in Host Authorization middleware.

  Specially crafted "X-Forwarded-Host" headers in combination with certain
  "allowed host" formats can cause the Host Authorization middleware in Action
  Pack to redirect users to a malicious website.

Revision 1.10: download - view: text, markup, annotated - select for diffs
Sun Jul 4 06:58:37 2021 UTC (3 years, 5 months ago) by taca
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +5 -5 lines
www/ruby-rails60: update to 6.0.4

Ruby on Rails 6.0.4 (2021-06-15), including security fixes.

Active Support

* Fixed issue in ActiveSupport::Cache::RedisCacheStore not passing
  options to read_multi causing fetch_multi to not work properly.
  (Rajesh Sharma)

* with_options copies its options hash again to avoid leaking mutations.
  Fixes #39343.  (Eugene Kenny)

Active Record

* Only warn about negative enums if a positive form that would cause
  conflicts exists.  Fixes #39065.  (Alex Ghiculescu)

* Allow the inverse of a has_one association that was previously
  autosaved to be loaded.  Fixes #34255.  (Steven Weber)

* Reset statement cache for association if table_name is changed.
  Fixes #36453.  (Ryuta Kamizono)

* Type cast extra select for eager loading.  (Ryuta Kamizono)

* Prevent collection associations from being autosaved multiple times.
  Fixes #39173.  (Eugene Kenny)

* Resolve issue with insert_all unique_by option when used with
  expression index.

  When the :unique_by option of ActiveRecord::Persistence.insert_all
  and ActiveRecord::Persistence.upsert_all was used with the name of
  an expression index, an error was raised.  Adding a guard around the
  formatting behavior for the :unique_by corrects this.

  Usage:

	create_table :books, id: :integer, force: true do |t|
	  t.column :name, :string
	  t.index "lower(name)", unique: true
	end

  	Book.insert_all [{ name: "MyTest" }], unique_by: :index_books_on_lower_name

  Fixes #39516.  (Austen Madden)

* Fix preloading for polymorphic association with custom scope.
  (Ryuta Kamizono)

* Allow relations with different SQL comments in the or method.
  (Takumi Shotoku)

* Resolve conflict between counter cache and optimistic locking.

  Bump an Active Record instance's lock version after updating its
  counter cache.  This avoids raising an unnecessary
  ActiveRecord::StaleObjectError upon subsequent transactions by
  maintaining parity with the corresponding database record's
  lock_version column.  Fixes #16449.  (Aaron Lipman)

* Fix through association with source/through scope which has joins.
  (Ryuta Kamizono)

* Fix through association to respect source scope for includes/preload.
  (Ryuta Kamizono)

* Fix eager load with Arel joins to maintain the original joins order.
  (Ryuta Kamizono)

* Fix group by count with eager loading + order + limit/offset.
  (Ryuta Kamizono)

* Fix left joins order when merging multiple left joins from different
  associations.  (Ryuta Kamizono)

* Fix index creation to preserve index comment in bulk change table on
  MySQL.  (Ryuta Kamizono)

* Change remove_foreign_key to not check :validate option if database
  doesn't support the feature.  (Ryuta Kamizono)

* Fix the result of aggregations to maintain duplicated "group by"
  fields.  (Ryuta Kamizono)

* Do not return duplicated records when using preload.  (Bogdan Gusiev)

Action View

* SanitizeHelper.sanitized_allowed_attributes and
  SanitizeHelper.sanitized_allowed_tags call safe_list_sanitizer's
  class method.  Fixes #39586.  (Taufiq Muhammadi)

Action Pack

* Accept base64_urlsafe CSRF tokens to make forward compatible.

* Base64 strict-encoded CSRF tokens are not inherently websafe, which
  makes them difficult to deal with.  For example, the common practice
  of sending the CSRF token to a browser in a client-readable cookie
  does not work properly out of the box: the value has to be
  url-encoded and decoded to survive transport.

  In Rails 6.1, we generate Base64 urlsafe-encoded CSRF tokens, which
  are inherently safe to transport.  Validation accepts both urlsafe
  tokens, and strict-encoded tokens for backwards compatibility.

  In Rails 5.2.5, the CSRF token format is accidentally changed to
  urlsafe-encoded.  If you upgrade apps from 5.2.5, set the config
  urlsafe_csrf_tokens = true.

	Rails.application.config.action_controller.urlsafe_csrf_tokens = true

  (Scott Blum, Étienne Barrié)

* Signed and encrypted cookies can now store false as their value when
  action_dispatch.use_cookies_with_metadata is enabled.  (Rolandas
  Barysas)

Active Storage

* The Poppler PDF previewer renders a preview image using the original
  document's crop box rather than its media box, hiding print
  margins. This matches the behavior of the MuPDF previewer.  (Vincent
  Robert)

Railties

* Allow relative paths with trailing slashes to be passed to rails
  test.  (Eugene Kenny)

* Return a 405 Method Not Allowed response when a request uses an
  unknown HTTP method.  Fixes #38998.  (Loren Norman)

Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat May 8 14:02:34 2021 UTC (3 years, 7 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +5 -5 lines
www/ruby-rails60: update to 6.0.3.7

Real changes are in www/ruby-actionpack60 only.

## Rails 6.0.3.7 (May 05, 2021) ##

*   Prevent catastrophic backtracking during mime parsing
    CVE-2021-22902

*   Prevent regex DoS in HTTP token authentication
    CVE-2021-22904

*   Prevent string polymorphic route arguments.

    `url_for` supports building polymorphic URLs via an array
    of arguments (usually symbols and records). If a developer passes a
    user input array, strings can result in unwanted route helper calls.

    CVE-2021-22885

    *Gannon McGibbon*

Revision 1.8: download - view: text, markup, annotated - select for diffs
Sun Apr 11 13:24:57 2021 UTC (3 years, 7 months ago) by taca
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +5 -5 lines
www/ruby-rails60: update to 6.0.3.6

Real changes are in devel/ruby-activestorage60 only.

## Rails 6.0.3.6 (March 26, 2021) ##

*   Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
    mime types data.

    *George Claghorn*

Revision 1.7: download - view: text, markup, annotated - select for diffs
Thu Feb 11 14:30:07 2021 UTC (3 years, 9 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +5 -5 lines
www/ruby-rails60: update to 6.0.3.5

databases/ruby-activerecord60:

## Rails 6.0.3.5 (February 10, 2021) ##

*   Fix possible DoS vector in PostgreSQL money type

    Carefully crafted input can cause a DoS via the regular expressions used
    for validating the money format in the PostgreSQL adapter.  This patch
    fixes the regexp.

    Thanks to @dee-see from Hackerone for this patch!

    [CVE-2021-22880]

    *Aaron Patterson*

www/ruby-actionpack60

## Rails 6.0.3.5 (February 10, 2021) ##

*   Prevent open redirect when allowed host starts with a dot

    [CVE-2021-22881]

    Thanks to @tktech (https://hackerone.com/tktech) for reporting this
    issue and the patch!

    *Aaron Patterson*

Revision 1.5.2.1: download - view: text, markup, annotated - select for diffs
Fri Oct 23 16:25:00 2020 UTC (4 years, 1 month ago) by bsiegert
Branches: pkgsrc-2020Q3
Diff to: previous 1.5: preferred, colored; next MAIN 1.6: preferred, colored
Changes since revision 1.5: +5 -5 lines
Pullup ticket #6344 - requested by taca
www/ruby-rails60: security fix

Revisions pulled up:
- databases/ruby-activerecord60/distinfo                        1.6
- devel/ruby-activejob60/distinfo                               1.6
- devel/ruby-activemodel60/distinfo                             1.6
- devel/ruby-activestorage60/distinfo                           1.6
- devel/ruby-activesupport60/distinfo                           1.6
- devel/ruby-railties60/distinfo                                1.6
- lang/ruby/rails.mk                                            1.91
- mail/ruby-actionmailbox60/distinfo                            1.6
- mail/ruby-actionmailer60/distinfo                             1.6
- textproc/ruby-actiontext60/distinfo                           1.6
- www/ruby-actioncable60/distinfo                               1.6
- www/ruby-actionpack60/distinfo                                1.6
- www/ruby-actionview60/distinfo                                1.6
- www/ruby-rails60/Makefile                                     1.5
- www/ruby-rails60/distinfo                                     1.6

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Oct 19 14:50:32 UTC 2020

   Modified Files:
   	pkgsrc/databases/ruby-activerecord60: distinfo
   	pkgsrc/devel/ruby-activejob60: distinfo
   	pkgsrc/devel/ruby-activemodel60: distinfo
   	pkgsrc/devel/ruby-activestorage60: distinfo
   	pkgsrc/devel/ruby-activesupport60: distinfo
   	pkgsrc/devel/ruby-railties60: distinfo
   	pkgsrc/lang/ruby: rails.mk
   	pkgsrc/mail/ruby-actionmailbox60: distinfo
   	pkgsrc/mail/ruby-actionmailer60: distinfo
   	pkgsrc/textproc/ruby-actiontext60: distinfo
   	pkgsrc/www/ruby-actioncable60: distinfo
   	pkgsrc/www/ruby-actionpack60: distinfo
   	pkgsrc/www/ruby-actionview60: distinfo
   	pkgsrc/www/ruby-rails60: Makefile distinfo

   Log Message:
   www/ruby-rails60: update to 6.0.3.4

   Update Ruby on Rails 6.0 related packages to 6.0.3.4.
   This is security fix for ruby-actionpack60.

   ## Rails 6.0.3.4 (October 07, 2020) ##

   *   [CVE-2020-8264] Prevent XSS in Actionable Exceptions

Revision 1.6: download - view: text, markup, annotated - select for diffs
Mon Oct 19 14:50:30 2020 UTC (4 years, 1 month ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +5 -5 lines
www/ruby-rails60: update to 6.0.3.4

Update Ruby on Rails 6.0 related packages to 6.0.3.4.
This is security fix for ruby-actionpack60.

## Rails 6.0.3.4 (October 07, 2020) ##

*   [CVE-2020-8264] Prevent XSS in Actionable Exceptions

Revision 1.5: download - view: text, markup, annotated - select for diffs
Thu Sep 10 14:30:02 2020 UTC (4 years, 2 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2020Q3-base
Branch point for: pkgsrc-2020Q3
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +5 -5 lines
www/ruby-rails60: update to 6.0.3.3

Update Ruby on Rails 60 to 6.0.3.3.

Security fix in ruby-actionview60.


## Rails 6.0.3.3 (September 09, 2020) ##

*   [CVE-2020-8185] Fix potential XSS vulnerability in the `translate`/`t` helper.

    *Jonathan Hefner*

Revision 1.4: download - view: text, markup, annotated - select for diffs
Thu Jun 18 13:38:45 2020 UTC (4 years, 5 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +5 -5 lines
lang/rails60: update to 6.0.3.2

Update Ruby on Rails to 6.0.3.2.

www/ruby-actionpack60 is the really updated package and other packages
have no change except version.

CHANGELOG of www/ruby-actionpack60 is here:

## Rails 6.0.3.2 (June 17, 2020) ##

* [CVE-2020-8185] Only allow ActionableErrors if
  show_detailed_exceptions is enabled

Revision 1.1.2.1: download - view: text, markup, annotated - select for diffs
Thu Jun 4 08:51:16 2020 UTC (4 years, 6 months ago) by bsiegert
Branches: pkgsrc-2020Q1
Diff to: previous 1.1: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1: +5 -5 lines
Pullup ticket #6214 - requested by taca
www/ruby-rails60: security fix

Revisions pulled up:
- databases/ruby-activerecord60/PLIST                           1.2
- databases/ruby-activerecord60/distinfo                        1.2-1.3
- devel/ruby-activejob60/distinfo                               1.2-1.3
- devel/ruby-activemodel60/distinfo                             1.2-1.3
- devel/ruby-activestorage60/distinfo                           1.2-1.3
- devel/ruby-activesupport60/distinfo                           1.2-1.3
- devel/ruby-railties60/distinfo                                1.2-1.3
- mail/ruby-actionmailbox60/distinfo                            1.2-1.3
- mail/ruby-actionmailer60/distinfo                             1.2-1.3
- textproc/ruby-actiontext60/distinfo                           1.2-1.3
- www/ruby-actioncable60/distinfo                               1.2-1.3
- www/ruby-actionpack60/distinfo                                1.2-1.3
- www/ruby-actionview60/distinfo                                1.2-1.3
- www/ruby-rails60/distinfo                                     1.2-1.3

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:15:25 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activesupport60: distinfo

   Log Message:
   devel/ruby-activesupport60: update to 6.0.3

   Update ruby-activesupport60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   `Array#to_sentence` no longer returns a frozen string.

       Before:

           ['one', 'two'].to_sentence.frozen?
           # => true

       After:

           ['one', 'two'].to_sentence.frozen?
           # => false

       *Nicolas Dular*

   *   Update `ActiveSupport::Messages::Metadata#fresh?` to work for cookies with expiry set when
       `ActiveSupport.parse_json_times = true`.

       *Christian Gregg*

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:16:16 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activemodel60: distinfo

   Log Message:
   devel/ruby-activemodel60: updat to 6.0.3

   Update ruby-activemodel60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:16:55 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activejob60: distinfo

   Log Message:
   devel/ruby-activejob60: update to 6.0.3

   Update ruby-activejob60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   While using `perform_enqueued_jobs` test helper enqueued jobs must be stored for the later check with
       `assert_enqueued_with`.

       *Dmitry Polushkin*

   *   Add queue name support to Que adapter

       *Brad Nauta*, *Wojciech Wnętrzak*

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:17:34 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-actionview60: distinfo

   Log Message:
   www/ruby-actionview60: update to 6.0.3

   Update ruby-actionview60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   annotated_source_code returns an empty array so TemplateErrors without a
       template in the backtrace are surfaced properly by DebugExceptions.

       *Guilherme Mansur*, *Kasper Timm Hansen*

   *   Add autoload for SyntaxErrorInTemplate so syntax errors are correctly raised by DebugExceptions.

       *Guilherme Mansur*, *Gannon McGibbon*

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:18:09 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-actionpack60: distinfo

   Log Message:
   www/ruby-actionpack60: update to 6.0.3

   Update ruby-actionpack60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   Include child session assertion count in ActionDispatch::IntegrationTest

       `IntegrationTest#open_session` uses `dup` to create the new session, which
       meant it had its own copy of `@assertions`. This prevented the assertions
       from being correctly counted and reported.

       Child sessions now have their `attr_accessor` overriden to delegate to the
       root session.

       Fixes #32142

       *Sam Bostock*

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:18:56 UTC 2020

   Modified Files:
           pkgsrc/databases/ruby-activerecord60: PLIST distinfo

   Log Message:
   databases/ruby-activerecord60: update to 6.0.3

   Update ruby-activerecord60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   Recommend applications don't use the `database` kwarg in `connected_to`

       The database kwarg in `connected_to` was meant to be used for one-off scripts but is often used in requests. This is really dangerous because it re-establishes a connection every time. It's deprecated in 6.1 and will be removed in 6.2 without replacement. This change soft deprecates it in 6.0 by removing documentation.

       *Eileen M. Uchitelle*

   *   Fix support for PostgreSQL 11+ partitioned indexes.

       *Sebastián Palma*

   *   Add support for beginless ranges, introduced in Ruby 2.7.

       *Josh Goodall*

   *   Fix insert_all with enum values

       Fixes #38716.

       *Joel Blum*

   *   Regexp-escape table name for MS SQL

       Add `Regexp.escape` to one method in ActiveRecord, so that table names with regular expression characters in them work as expected. Since MS SQL Server uses "[" and "]" to quote table and column names, and those characters are regular expression characters, methods like `pluck` and `select` fail in certain cases when used with the MS SQL Server adapter.

       *Larry Reid*

   *   Store advisory locks on their own named connection.

       Previously advisory locks were taken out against a connection when a migration started. This works fine in single database applications but doesn't work well when migrations need to open new connections which results in the lock getting dropped.

       In order to fix this we are storing the advisory lock on a new connection with the connection specification name `AdisoryLockBase`. The caveat is that we need to maintain at least 2 connections to a database while migrations are running in order to do this.

       *Eileen M. Uchitelle*, *John Crepezzi*

   *   Ensure `:reading` connections always raise if a write is attempted.

       Now Rails will raise an `ActiveRecord::ReadOnlyError` if any connection on the reading handler attempts to make a write. If your reading role needs to write you should name the role something other than `:reading`.

       *Eileen M. Uchitelle*

   *   Enforce fresh ETag header after a collection's contents change by adding
       ActiveRecord::Relation#cache_key_with_version. This method will be used by
       ActionController::ConditionalGet to ensure that when collection cache versioning
       is enabled, requests using ConditionalGet don't return the same ETag header
       after a collection is modified. Fixes #38078.

       *Aaron Lipman*

   *   A database URL can now contain a querystring value that contains an equal sign. This is needed to support passing PostgresSQL `options`.

        *Joshua Flanagan*

   *   Retain explicit selections on the base model after applying `includes` and `joins`.

       Resolves #34889.

       *Patrick Rebsch*

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:20:09 UTC 2020

   Modified Files:
           pkgsrc/mail/ruby-actionmailer60: distinfo

   Log Message:
   mail/ruby-actionmailer60: update to 6.0.3

   Update ruby-actionmailer60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:20:46 UTC 2020

   Modified Files:
           pkgsrc/mail/ruby-actionmailbox60: distinfo

   Log Message:
   mail/ruby-actionmailbox60: update to 6.0.3

   Update ruby-actionmailbox60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   Update Mandrill inbound email route to respond appropriately to HEAD requests for URL health checks from Mandrill.

       *Bill Cromie*

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:21:24 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-actioncable60: distinfo

   Log Message:
   www/ruby-actioncable60: update to 6.0.3

   Update to ruby-actioncable60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:22:16 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-railties60: distinfo

   Log Message:
   devel/ruby-railties60: update to 6.0.3

   Update ruby-railties60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   Cache compiled view templates when running tests by default

       When generating a new app without `--skip-spring`, caching classes is
       disabled in `environments/test.rb`. This implicitly disables caching
       view templates too. This change will enable view template caching by
       adding this to the generated `environments/test.rb`:

       ````ruby
       config.action_view.cache_template_loading = true
       ````

       *Jorge Manrubia*

   *   `Rails::Application#eager_load!` is available again to load application code
       manually as it was possible in previous versions.

       Please, note this is not integrated with the whole eager loading logic that
       runs when Rails boots with eager loading enabled, you can think of this
       method as a vanilla recursive code loader.

       This ability has been restored because there are some use cases for it, such
       as indexers that need to have all application classes and modules in memory.

       *Xavier Noria*

   *   Generators that inherit from NamedBase respect `--force` option

       *Josh Brody*

   *   Regression fix: The Rake task `zeitwerk:check` supports eager loaded
       namespaces which do not have eager load paths, like the recently added
       `i18n`. These namespaces are only required to respond to `eager_load!`.

       *Xavier Noria*

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:22:55 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activestorage60: distinfo

   Log Message:
   devel/ruby-activestorage60: update to 6.0.3

   Update ruby-activestorage60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:23:36 UTC 2020

   Modified Files:
           pkgsrc/textproc/ruby-actiontext60: distinfo

   Log Message:
   textproc/ruby-actiontext60: update to 6.0.3

   Update ruby-actiontext60 to 6.0.3.

   ## Rails 6.0.3 (May 06, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat May 16 14:24:28 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-rails60: distinfo

   Log Message:
   www/ruby-rails60: update to 6.0.3

   Finally, update ruby-rails60 to 6.0.3.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:10:27 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activesupport60: distinfo

   Log Message:
   devel/ruby-activesupport60: update to 6.0.3.1

   Update ruby-activesupport60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   [CVE-2020-8165] Deprecate Marshal.load on raw cache read in RedisCacheStore

   *   [CVE-2020-8165] Avoid Marshal.load on raw cache value in MemCacheStore

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:11:10 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activemodel60: distinfo

   Log Message:
   devel/ruby-activemodel60: update to 6.0.3.1

   Update ruby-activemodel60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:11:43 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activejob60: distinfo

   Log Message:
   devel/ruby-activejob60: update to 6.0.3.1

   Update ruby-activejob60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:12:16 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-actionview60: distinfo

   Log Message:
   www/ruby-actionview60: update to 6.0.3.1

   Update ruby-actionview60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   [CVE-2020-8167] Check that request is same-origin prior to including CSRF token in XHRs

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:12:50 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-actionpack60: distinfo

   Log Message:
   www/ruby-actionpack60: update to 6.0.3.1

   Update ruby-actionpack60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   [CVE-2020-8166] HMAC raw CSRF token before masking it, so it cannot be used to reconstruct a per-form token

   *   [CVE-2020-8164] Return self when calling #each, #each_pair, and #each_value instead of the raw @parameters hash

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:13:24 UTC 2020

   Modified Files:
           pkgsrc/databases/ruby-activerecord60: distinfo

   Log Message:
   databases/ruby-activerecord60: update to 6.0.3.1

   Update ruby-activerecord60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:14:04 UTC 2020

   Modified Files:
           pkgsrc/mail/ruby-actionmailer60: distinfo

   Log Message:
   mail/ruby-actionmailer60: update to 6.0.3.1

   Update ruby-actionmailer60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:14:41 UTC 2020

   Modified Files:
           pkgsrc/mail/ruby-actionmailbox60: distinfo

   Log Message:
   mail/ruby-actionmailbox60: update to 6.0.3.1

   Update ruby-actionmailbox60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:15:14 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-actioncable60: distinfo

   Log Message:
   www/ruby-actioncable60: update to 6.0.3.1

   Update ruby-actioncable60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:15:47 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-railties60: distinfo

   Log Message:
   devel/ruby-railties60: update to 6.0.3.1

   Update ruby-railties60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:16:26 UTC 2020

   Modified Files:
           pkgsrc/devel/ruby-activestorage60: distinfo

   Log Message:
   devel/ruby-activestorage60: update to 6.0.3.1

   Update ruby-activestorage60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:17:01 UTC 2020

   Modified Files:
           pkgsrc/textproc/ruby-actiontext60: distinfo

   Log Message:
   textproc/ruby-actiontext60: update to 6.0.3.1

   Update ruby-actiontext60 to 6.0.3.1.

   ## Rails 6.0.3.1 (May 18, 2020) ##

   *   No changes.

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue May 19 17:17:45 UTC 2020

   Modified Files:
           pkgsrc/www/ruby-rails60: distinfo

   Log Message:
   www/ruby-rails60: update to 6.0.3.1.

   Finally, update ruby-rails60 to 6.0.3.1.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Tue May 19 17:13:24 2020 UTC (4 years, 6 months ago) by taca
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +5 -5 lines
databases/ruby-activerecord60: update to 6.0.3.1

Update ruby-activerecord60 to 6.0.3.1.


## Rails 6.0.3.1 (May 18, 2020) ##

*   No changes.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Sat May 16 14:18:56 2020 UTC (4 years, 6 months ago) by taca
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +5 -5 lines
databases/ruby-activerecord60: update to 6.0.3

Update ruby-activerecord60 to 6.0.3.


## Rails 6.0.3 (May 06, 2020) ##

*   Recommend applications don't use the `database` kwarg in `connected_to`

    The database kwarg in `connected_to` was meant to be used for one-off scripts but is often used in requests. This is really dangerous because it re-establishes a connection every time. It's deprecated in 6.1 and will be removed in 6.2 without replacement. This change soft deprecates it in 6.0 by removing documentation.

    *Eileen M. Uchitelle*

*   Fix support for PostgreSQL 11+ partitioned indexes.

    *Sebastián Palma*

*   Add support for beginless ranges, introduced in Ruby 2.7.

    *Josh Goodall*

*   Fix insert_all with enum values

    Fixes #38716.

    *Joel Blum*

*   Regexp-escape table name for MS SQL

    Add `Regexp.escape` to one method in ActiveRecord, so that table names with regular expression characters in them work as expected. Since MS SQL Server uses "[" and "]" to quote table and column names, and those characters are regular expression characters, methods like `pluck` and `select` fail in certain cases when used with the MS SQL Server adapter.

    *Larry Reid*

*   Store advisory locks on their own named connection.

    Previously advisory locks were taken out against a connection when a migration started. This works fine in single database applications but doesn't work well when migrations need to open new connections which results in the lock getting dropped.

    In order to fix this we are storing the advisory lock on a new connection with the connection specification name `AdisoryLockBase`. The caveat is that we need to maintain at least 2 connections to a database while migrations are running in order to do this.

    *Eileen M. Uchitelle*, *John Crepezzi*

*   Ensure `:reading` connections always raise if a write is attempted.

    Now Rails will raise an `ActiveRecord::ReadOnlyError` if any connection on the reading handler attempts to make a write. If your reading role needs to write you should name the role something other than `:reading`.

    *Eileen M. Uchitelle*

*   Enforce fresh ETag header after a collection's contents change by adding
    ActiveRecord::Relation#cache_key_with_version. This method will be used by
    ActionController::ConditionalGet to ensure that when collection cache versioning
    is enabled, requests using ConditionalGet don't return the same ETag header
    after a collection is modified. Fixes #38078.

    *Aaron Lipman*

*   A database URL can now contain a querystring value that contains an equal sign. This is needed to support passing PostgresSQL `options`.

     *Joshua Flanagan*

*   Retain explicit selections on the base model after applying `includes` and `joins`.

    Resolves #34889.

    *Patrick Rebsch*

Revision 1.1: download - view: text, markup, annotated - select for diffs
Fri Mar 20 16:55:38 2020 UTC (4 years, 8 months ago) by taca
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base
Branch point for: pkgsrc-2020Q1
databases/ruby-activerecord60: add package version 6.0.2.2

Add ruby-activerecord60 package version 6.0.2.2.


= Active Record -- Object-relational mapping put on rails

Active Record connects classes to relational database tables to establish an
almost zero-configuration persistence layer for applications. The library
provides a base class that, when subclassed, sets up a mapping between the new
class and an existing table in the database. In context of an application,
these classes are commonly referred to as *models*. Models can also be
connected to other models; this is done by defining *associations*.

This is for Ruby on Rails 6.0.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>