🚨 [security] [ruby] Update rails 7.1.3.2 → 7.1.3.3 (patch) #2955
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this upgrade. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ rails (7.1.3.2 → 7.1.3.3) · Repo
Release Notes
7.1.3.3
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
✳️ nokogiri (1.16.4 → 1.16.5) · Repo · Changelog
Security Advisories 🚨
🚨 Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459
Release Notes
1.16.5
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 4 commits:
version bump to v1.16.5
dep: update vendored libxml2 to v2.12.7 (#3191)
ci: add arm64-darwin coverage using macos-14
dep: update libxml2 to v2.12.7
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
5.23.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 13 commits:
Branching minitest to version 5.23.0
+ Added -Werror to raise on any warning output. (byroot)
Added testW0 rake task.
Fixed specs task for pattern_match expectation mapping.
OMG... Rake.verbose returns Object.new if unset. Fixed by ruby/rake#567, but until then, compare against true.
Updated versions/EOL for ruby/rails in readme
+ Added minitest/manual_plugins.rb w/ new Minitest.load method. (tenderlove)
- Make test task verbose using either rake's -v or -t (was just -t).
- Allow empty_run! and reporter to display summary for empty runs. (zzak)
Ignore unused block. (ko1)
Make the test suite compatible with --enable-frozen-string-literal. (casperisfine)
oops
Bump ci.yml to include ruby 3.3, singularize macos, and clean up deprecations on the checkout action (should I remove the version?!? so annoying)
Release Notes
0.4.11
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 11 commits:
🔖 Bump version to 0.4.11
🔧🔒 Configure RubyGem Trusted Publishing
🔀 Merge pull request #271 from gaynetdinov/consider-extra-empty-space-in-bodystructure
Add a comment section to the extra space test
Update lib/net/imap/response_parser.rb
Consider extra empty space in BODYSTRUCTURE
⬆️ Bump actions/configure-pages from 4 to 5 (#270)
✅ Update Github test workflow name
🔀 Merge pull request #264 from nevans/change-my-email-address
✅ Add basic test for SEARCH / UID SEARCH command
🐛 Fix parser benchmarks generation
Release Notes
0.5.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
2.7.2 (from changelog)
2.7.1
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 16 commits:
Bump patch version.
Don't build extensions twice :(
Add tea.xyz constitution file.
Fix JRuby release process.
Bump patch version.
Update changes.
Remove 2.4 support from readme.
Drop testing Ruby 2.4.
Modernize gem.
Relax dependency on `rake-compiler`.
Update to `--release=9` for compiling java code.
Bump patch version.
Update release instructions.
Convert license to array of identifiers (#312)
fix jruby warnings (#313)
Update changes.md
Release Notes
7.1.3.3 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 2 commits:
Preparing for 7.1.3.3 release
Upgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
Release Notes
0.5.7
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 3 commits:
Bump version to 0.5.7 (#704)
Implement the undo command (#701)
Avoid STDIN.winsize called in `require "reline"` (#703)
Release Notes
2.6.14 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 13 commits:
Ready for 2.6.14
Restore the original Zeitwerk::NameError message
Documentation tweaks
Document Zeitwerk::Loader#all_expected_cpaths
Exclude macOS/2.5 from CI matrix
Standardize breadth-first loops
Let the ls helper yield the file type too
Implements Zeitwerk::Loader#all_expected_paths
Fix indentation
Add a test for Zeitwerk::NameError
Further revise the Zeitwerk::NameError message
Reword Zeitwerk::NameError message again
Polish Zeitwerk::NameError message
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase
.All Depfu comment commands