![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / devel / ruby-activesupport61
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.7 / (download) - annotate - [select for diffs], Wed Mar 15 13:31:47 2023 UTC (13 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2024Q1-base,
pkgsrc-2024Q1,
pkgsrc-2023Q4-base,
pkgsrc-2023Q4,
pkgsrc-2023Q3-base,
pkgsrc-2023Q3,
pkgsrc-2023Q2-base,
pkgsrc-2023Q2,
pkgsrc-2023Q1-base,
pkgsrc-2023Q1,
HEAD
Changes since 1.6: +1 -2
lines
Diff to previous 1.6 (colored)
www/ruby-rails61: update to 6.1.7.3 6.1.7.3 (2023-03-13) Active Support * Implement SafeBuffer#bytesplice [CVE-2023-28120] Action View * Ignore certain data-* attributes in rails-ujs when element is contenteditable [CVE-2023-23913]
Revision 1.6 / (download) - annotate - [select for diffs], Mon Feb 20 13:30:43 2023 UTC (13 months, 4 weeks ago) by taca
Branch: MAIN
Changes since 1.5: +3 -3
lines
Diff to previous 1.5 (colored)
devel/ruby-activesupport*: more strict dependency to ruby-concurrent-ruby Restrict dependency for ruby-concurrent-ruby to below 1.2. Reflects a report from wiz@, thanks much.
Revision 1.5 / (download) - annotate - [select for diffs], Sat Feb 11 13:18:50 2023 UTC (14 months, 1 week ago) by taca
Branch: MAIN
Changes since 1.4: +2 -1
lines
Diff to previous 1.4 (colored)
Bump PKGREVISION reflects ruby-concurrent-ruby's downgrade.
Revision 1.3.2.1 / (download) - annotate - [select for diffs], Sat Jun 4 09:31:41 2022 UTC (22 months, 2 weeks ago) by spz
Branch: pkgsrc-2022Q1
Changes since 1.3: +2 -2
lines
Diff to previous 1.3 (colored) next main 1.4 (colored)
Pullup ticket #6630 - requested by taca
databases/ruby-activerecord61: security update
devel/ruby-activejob61: security update
devel/ruby-activemodel61: security update
devel/ruby-activestorage61: security update
devel/ruby-activesupport61: security update
devel/ruby-railties61: security update
lang/ruby: version info update
mail/ruby-actionmailbox61: security update
mail/ruby-actionmailer61: security update
textproc/ruby-actiontext61: security update
www/ruby-actioncable61: security update
www/ruby-actionpack61: security update
www/ruby-actionview61: security update
www/ruby-rails61: security update
Revisions pulled up:
- databases/ruby-activerecord61/distinfo 1.12
- devel/ruby-activejob61/distinfo 1.12
- devel/ruby-activemodel61/distinfo 1.12
- devel/ruby-activestorage61/Makefile 1.5
- devel/ruby-activestorage61/distinfo 1.12
- devel/ruby-activesupport61/Makefile 1.4
- devel/ruby-activesupport61/distinfo 1.12
- devel/ruby-railties61/distinfo 1.12
- lang/ruby/rails.mk 1.121
- mail/ruby-actionmailbox61/PLIST 1.2
- mail/ruby-actionmailbox61/distinfo 1.12
- mail/ruby-actionmailer61/PLIST 1.2
- mail/ruby-actionmailer61/distinfo 1.12
- textproc/ruby-actiontext61/distinfo 1.12
- www/ruby-actioncable61/distinfo 1.12
- www/ruby-actionpack61/distinfo 1.12
- www/ruby-actionview61/distinfo 1.12
- www/ruby-rails61/distinfo 1.12
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:38:25 UTC 2022
Modified Files:
pkgsrc/lang/ruby: rails.mk
Log Message:
lang/ruby/rails.mk: Really update of Ruby on Rails to 6.1.5.1
To generate a diff of this commit:
cvs rdiff -u -r1.120 -r1.121 pkgsrc/lang/ruby/rails.mk
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:28:21 UTC 2022
Modified Files:
pkgsrc/devel/ruby-activesupport61: Makefile distinfo
Log Message:
devel/ruby-activesupport61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
in names of tags and names of attributes, following the specification of XML.
*Áìvaro Martíî Fraguas*
## Rails 6.1.5 (March 09, 2022) ##
* Fix `ActiveSupport::Duration.build` to support negative values.
The algorithm to collect the `parts` of the `ActiveSupport::Duration`
ignored the sign of the `value` and accumulated incorrect part values. This
impacted `ActiveSupport::Duration#sum` (which is dependent on `parts`) but
not `ActiveSupport::Duration#eql?` (which is dependent on `value`).
*Caleb Buxton*, *Braden Staudacher*
* `Time#change` and methods that call it (eg. `Time#advance`) will now
return a `Time` with the timezone argument provided, if the caller was
initialized with a timezone argument.
Fixes [#42467](https://github.com/rails/rails/issues/42467).
*Alex Ghiculescu*
* Clone to keep extended Logger methods for tagged logger.
*Orhan Toy*
* `assert_changes` works on including `ActiveSupport::Assertions` module.
*Pedro Medeiros*
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/devel/ruby-activesupport61/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activesupport61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:28:57 UTC 2022
Modified Files:
pkgsrc/devel/ruby-activemodel61: distinfo
Log Message:
devel/ruby-activemodel61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* Clear secure password cache if password is set to `nil`
Before:
user.password = 'something'
user.password = nil
user.password # => 'something'
Now:
user.password = 'something'
user.password = nil
user.password # => nil
*Markus Doits*
* Fix delegation in `ActiveModel::Type::Registry#lookup` and `ActiveModel::Type.lookup`
Passing a last positional argument `{}` would be incorrectly considered as keyword argument.
*Benoit Daloze*
* Fix `to_json` after `changes_applied` for `ActiveModel::Dirty` object.
*Ryuta Kamizono*
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activemodel61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:29:32 UTC 2022
Modified Files:
pkgsrc/www/ruby-actionview61: distinfo
Log Message:
www/ruby-actionview61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
Escape dangerous characters in names of tags and names of attributes in the
tag helpers, following the XML specification. Rename the option
`:escape_attributes` to `:escape`, to simplify by applying the option to the
whole tag.
*Áìvaro Martíî Fraguas*
## Rails 6.1.5 (March 09, 2022) ##
* `preload_link_tag` properly inserts `as` attributes for files with `image` MIME
types, such as JPG or SVG.
*Nate Berkopec*
* Add `autocomplete="off"` to all generated hidden fields.
Fixes #42610.
*Ryan Baumann*
* Fix `current_page?` when URL has trailing slash.
This fixes the `current_page?` helper when the given URL has a trailing slash,
and is an absolute URL or also has query params.
Fixes #33956.
*Jonathan Hefner*
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-actionview61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:30:02 UTC 2022
Modified Files:
pkgsrc/www/ruby-actionpack61: distinfo
Log Message:
www/ruby-actionpack61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* Allow Content Security Policy DSL to generate for API responses.
*Tim Wade*
## Rails 6.1.5 (March 09, 2022) ##
* Fix `content_security_policy` returning invalid directives.
Directives such as `self`, `unsafe-eval` and few others were not
single quoted when the directive was the result of calling a lambda
returning an array.
```ruby
content_security_policy do |policy|
policy.frame_ancestors lambda { [:self, "https://example.com"] }
end
```
With this fix the policy generated from above will now be valid.
*Edouard Chin*
* Update `HostAuthorization` middleware to render debug info only
when `config.consider_all_requests_local` is set to true.
Also, blocked host info is always logged with level `error`.
Fixes #42813.
*Nikita Vyrko*
* Dup arrays that get "converted".
Fixes #43681.
*Aaron Patterson*
* Don't show deprecation warning for equal paths.
*Anton Rieder*
* Fix crash in `ActionController::Instrumentation` with invalid HTTP formats.
Fixes #43094.
*Alex Ghiculescu*
* Add fallback host for SystemTestCase driven by RackTest.
Fixes #42780.
*Petrik de Heus*
* Add more detail about what hosts are allowed.
*Alex Ghiculescu*
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-actionpack61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:30:33 UTC 2022
Modified Files:
pkgsrc/databases/ruby-activerecord61: distinfo
Log Message:
databases/ruby-activerecord61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* Fix `ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicate` for Ruby 2.6.
Ruby 2.6 and 2.7 have slightly different implementations of the `String#@-` method.
In Ruby 2.6, the receiver of the `String#@-` method is modified under certain circumstances.
This was later identified as a bug (https://bugs.ruby-lang.org/issues/15926) and only
fixed in Ruby 2.7.
Before the changes in this commit, the
`ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicate` method, which internally
calls the `String#@-` method, could also modify an input string argument in Ruby 2.6 --
changing a tainted, unfrozen string into a tainted, frozen string.
Fixes #43056
*Eric O'Hanlon*
* Fix migration compatibility to create SQLite references/belongs_to column as integer when
migration version is 6.0.
`reference`/`belongs_to` in migrations with version 6.0 were creating columns as
bigint instead of integer for the SQLite Adapter.
*Marcelo Lauxen*
* Fix dbconsole for 3-tier config.
*Eileen M. Uchitelle*
* Better handle SQL queries with invalid encoding.
```ruby
Post.create(name: "broken \xC8 UTF-8")
```
Would cause all adapters to fail in a non controlled way in the code
responsible to detect write queries.
The query is now properly passed to the database connection, which might or might
not be able to handle it, but will either succeed or failed in a more correct way.
*Jean Boussier*
* Ignore persisted in-memory records when merging target lists.
*Kevin Sjöâerg*
* Fix regression bug that caused ignoring additional conditions for preloading
`has_many` through relations.
Fixes #43132
*Alexander Pauly*
* Fix `ActiveRecord::InternalMetadata` to not be broken by
`config.active_record.record_timestamps = false`
Since the model always create the timestamp columns, it has to set them, otherwise it breaks
various DB management tasks.
Fixes #42983
*Jean Boussier*
* Fix duplicate active record objects on `inverse_of`.
*Justin Carvalho*
* Fix duplicate objects stored in has many association after save.
Fixes #42549.
*Alex Ghiculescu*
* Fix performance regression in `CollectionAssocation#build`.
*Alex Ghiculescu*
* Fix retrieving default value for text column for MariaDB.
*fatkodima*
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/ruby-activerecord61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:31:02 UTC 2022
Modified Files:
pkgsrc/devel/ruby-activestorage61: Makefile distinfo
Log Message:
devel/ruby-activestorage61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* Attachments can be deleted after their association is no longer defined.
Fixes #42514
*Don Sisco*
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/devel/ruby-activestorage61/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activestorage61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:31:47 UTC 2022
Modified Files:
pkgsrc/mail/ruby-actionmailbox61: PLIST distinfo
Log Message:
mail/ruby-actionmailbox61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* Add `attachments` to the list of permitted parameters for inbound emails conductor.
When using the conductor to test inbound emails with attachments, this prevents an
unpermitted parameter warning in default configurations, and prevents errors for
applications that set:
```ruby
config.action_controller.action_on_unpermitted_parameters = :raise
```
*David Jones*, *Dana Henke*
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/ruby-actionmailbox61/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/mail/ruby-actionmailbox61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:32:28 UTC 2022
Modified Files:
pkgsrc/www/ruby-actioncable61: distinfo
Log Message:
www/ruby-actioncable61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* The Action Cable client now ensures successful channel subscriptions:
* The client maintains a set of pending subscriptions until either
the server confirms the subscription or the channel is torn down.
* Rectifies the race condition where an unsubscribe is rapidly followed
by a subscribe (on the same channel identifier) and the requests are
handled out of order by the ActionCable server, thereby ignoring the
subscribe command.
*Daniel Spinosa*
* Truncate broadcast logging messages.
*J Smith*
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-actioncable61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:32:59 UTC 2022
Modified Files:
pkgsrc/devel/ruby-railties61: distinfo
Log Message:
devel/ruby-railties61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* In `zeitwerk` mode, setup the `once` autoloader first, and the `main` autoloader after it.
This order plays better with shared namespaces.
*Xavier Noria*
* Handle paths with spaces when editing credentials.
*Alex Ghiculescu*
* Support Psych 4 when loading secrets.
*Nat Morcos*
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-railties61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:33:27 UTC 2022
Modified Files:
pkgsrc/textproc/ruby-actiontext61: distinfo
Log Message:
textproc/ruby-actiontext61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* Fix Action Text extra trix content wrapper.
*Alexandre Ruban*
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/textproc/ruby-actiontext61/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 5 03:34:37 UTC 2022
Modified Files:
pkgsrc/devel/ruby-activejob61: distinfo
pkgsrc/mail/ruby-actionmailer61: PLIST distinfo
pkgsrc/www/ruby-rails61: distinfo
Log Message:
Update rest of Ruby on Rails 61 components.
No change except version.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activejob61/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/ruby-actionmailer61/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/mail/ruby-actionmailer61/distinfo
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-rails61/distinfo
Revision 1.4 / (download) - annotate - [select for diffs], Thu May 5 03:28:21 2022 UTC (23 months, 2 weeks ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4,
pkgsrc-2022Q3-base,
pkgsrc-2022Q3,
pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.3: +2 -2
lines
Diff to previous 1.3 (colored)
devel/ruby-activesupport61: update to 6.1.5.1
## Rails 6.1.5.1 (April 26, 2022) ##
* Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
in names of tags and names of attributes, following the specification of XML.
*lvaro MartÃn Fraguas*
## Rails 6.1.5 (March 09, 2022) ##
* Fix `ActiveSupport::Duration.build` to support negative values.
The algorithm to collect the `parts` of the `ActiveSupport::Duration`
ignored the sign of the `value` and accumulated incorrect part values. This
impacted `ActiveSupport::Duration#sum` (which is dependent on `parts`) but
not `ActiveSupport::Duration#eql?` (which is dependent on `value`).
*Caleb Buxton*, *Braden Staudacher*
* `Time#change` and methods that call it (eg. `Time#advance`) will now
return a `Time` with the timezone argument provided, if the caller was
initialized with a timezone argument.
Fixes [#42467](https://github.com/rails/rails/issues/42467).
*Alex Ghiculescu*
* Clone to keep extended Logger methods for tagged logger.
*Orhan Toy*
* `assert_changes` works on including `ActiveSupport::Assertions` module.
*Pedro Medeiros*
Revision 1.3 / (download) - annotate - [select for diffs], Sun Mar 27 06:31:56 2022 UTC (2 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base
Branch point for: pkgsrc-2022Q1
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored)
*: fix typo in comment
Revision 1.2 / (download) - annotate - [select for diffs], Sun Mar 27 06:29:57 2022 UTC (2 years ago) by wiz
Branch: MAIN
Changes since 1.1: +2 -2
lines
Diff to previous 1.1 (colored)
ruby*: fix rails version in COMMENT
Revision 1.1 / (download) - annotate - [select for diffs], Sun Feb 14 13:53:25 2021 UTC (3 years, 2 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base,
pkgsrc-2021Q4,
pkgsrc-2021Q3-base,
pkgsrc-2021Q3,
pkgsrc-2021Q2-base,
pkgsrc-2021Q2,
pkgsrc-2021Q1-base,
pkgsrc-2021Q1
devel/ruby-activesupport61: add package version 6.1.2.1 A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. This is for Ruby on Rails 6.1.