🚨 [security] Update activejob: 5.1.1 → 5.1.6.1 (minor)
**Welcome to Depfu** 👋
This is one of the first three pull requests with dependency updates we've sent your way. We tried to start with a few easy patch-level updates. Hopefully your tests will pass and you can merge this pull request without too much risk. This should give you an idea how Depfu works in general.
After you merge your first pull request, we'll send you a few more. We'll never open more than seven PRs at the same time so you're not getting overwhelmed with updates.
[Let us know](mailto:hi@depfu.com) if you have any questions. Thanks so much for giving Depfu a try!
Advisory: CVE-2018-16476 Disclosed: November 27, 2018 URL: https://groups.google.com/forum/#!topic/rubyonrails-security/FL4dSdzr2zw
Broken Access Control vulnerability in Active Job
There is a vulnerability in Active Job. This vulnerability has been
assigned the CVE identifier CVE-2018-16476.Versions Affected: >= 4.2.0
Not affected: < 4.2.0
Fixed Versions: 4.2.11, 5.0.7.1, 5.1.6.1, 5.2.1.1Impact
Carefully crafted user input can cause Active Job to deserialize it using GlobalId
and allow an attacker to have access to information that they should not have.Vulnerable code will look something like this:
MyJob.perform_later(user_input)
All users running an affected release should either upgrade or use one of the
workarounds immediately.
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
↗ ️ activejob (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 20 commits:
Preparing for 5.1.6.1 release
Do not deserialize GlobalID objects that were not generated by Active Job
Preparing for 5.1.6 release
Fix changelog entries of `5-1-stable` [ci skip]
Preparing for 5.1.5 release
Preparing for 5.1.5.rc1 release
Backport #30748 for redis-rb 4.0 support
Merge pull request #30468 from greysteil/backport-changelog-links
Preparing for 5.1.4 release
Add source code and changelog links to gemspecs
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Preparing for 5.1.3 release
Preparing for 5.1.3.rc3 release
Preparing for 5.1.3.rc2 release
Preparing for 5.1.3.rc1 release
Merge pull request #26587 from utilum/active_job_serialize_provider_job_id
Preparing for 5.1.2 release
Preparing for 5.1.2.rc1 release
Fix the changelogs.
✳ ️ jbuilder (2.7.0 → 2.8.0) · Repo · Changelog
✳ ️ rails (5.1.1 → 5.1.6.1) · Repo
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ actioncable (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 19 commits:
Preparing for 5.1.6.1 release
Preparing for 5.1.6 release
Fix changelog entries of `5-1-stable` [ci skip]
Preparing for 5.1.5 release
Preparing for 5.1.5.rc1 release
Merge pull request #31671 from larskanis/pg-1.0
Backport #30748 for redis-rb 4.0 support
Merge pull request #30468 from greysteil/backport-changelog-links
Preparing for 5.1.4 release
Add source code and changelog links to gemspecs
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Preparing for 5.1.3 release
Preparing for 5.1.3.rc3 release
Preparing for 5.1.3.rc2 release
Preparing for 5.1.3.rc1 release
Preparing for 5.1.2 release
Preparing for 5.1.2.rc1 release
Fix the changelogs.
↗ ️ actionmailer (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 18 commits:
Preparing for 5.1.6.1 release
Preparing for 5.1.6 release
Preparing for 5.1.5 release
Preparing for 5.1.5.rc1 release
Merge pull request #30391 from jbourassa/fix-actionmailer-lambda-default
Merge pull request #30468 from greysteil/backport-changelog-links
Fix tests on Mail 2.7
Preparing for 5.1.4 release
Add source code and changelog links to gemspecs
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Preparing for 5.1.3 release
Preparing for 5.1.3.rc3 release
Preparing for 5.1.3.rc2 release
Preparing for 5.1.3.rc1 release
Preparing for 5.1.2 release
Preparing for 5.1.2.rc1 release
Fix the changelogs.
↗ ️ actionpack (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 57 commits:
Preparing for 5.1.6.1 release
Preparing for 5.1.6 release
Cache url helpers module
Check exclude before flagging cookies as secure in ActionDispatch::SSL (#32262)
Preparing for 5.1.5 release
Preparing for 5.1.5.rc1 release
Merge pull request #31099 from nobu/patch-1
Generate tmpname on its own
Backport fix `test_session_store_with_expire_after`
Fix optimized url helpers when using relative url root
Merge pull request #30468 from greysteil/backport-changelog-links
Merge pull request #30959 from lostapathy/capybara_version
Ensure local dev and prod puma configs do not clobber ActionDispatch::SystemTesting defaults
Merge branch '5-1-4' into 5-1-stable
Preparing for 5.1.4 release
Update CHANGELOG.md
Add source code and changelog links to gemspecs
Merge pull request #30421 from y-yagi/fix_30405
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Merge pull request #30045 from albertoalmagro/fix-raise-unpermitted-parameters-regression
Merge pull request #29859 from dwightwatson/feature/rack-test
Merge branch '5.1.3' into 5-1-stable
Preparing for 5.1.3 release
Remove extranouoououous end.
Revert "Load the Parameters configurations on the right time"
Maintain original encoding from path
Merge pull request #29561 from samphippen/samphippen/add-option-to-silence-puma-in-system-test
Clarify route encoding test
Path parameters should default to UTF8
Preparing for 5.1.3.rc3 release
Preparing for 5.1.3.rc2 release
Merge pull request #29898 from deivid-rodriguez/follow_up_to_multiple_location_engine_mounting
Preparing for 5.1.3.rc1 release
Merge pull request #29793 from arthurnn/arthurnn/param_encoding_error_msg
Don't call register on custom drivers
Merge pull request #29662 from deivid-rodriguez/engine_multiple_mount_points
Fix end
Load the Parameters configurations on the right time
Fix the class name --> ActionController::Parameters [ci skip]
Add CHANGELOG entry for #29630 [ci skip]
Merge pull request #29630 from kirs/fallback-tos_parameters
Merge pull request #29533 from jdelStrother/missing_url_formats
Merge pull request #29551 from Edouard-chin/integration-test-follow-redirect
Merge branch '5-1-2' into 5-1-stable
Preparing for 5.1.2 release
Merge pull request #29549 from Edouard-chin/integration-testing-deprecated-methods
Merge pull request #29553 from eugeneius/wrap_parameters_nil
Fix changelog
Fix changelog
Preparing for 5.1.2.rc1 release
Merge pull request #27990 from leonelgalan/bug/filtered_parameters_class
Merge pull request #29451 from vipulnsward/29441-flatten-default
Merge pull request #29315 from mariochavez/driven_by_support_headless_drivers
Merge pull request #28644 from mtsmfm/set-capybara-app-host
Merge pull request #29063 from sepehr500/master
Fix the changelogs.
↗ ️ actionview (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 38 commits:
Preparing for 5.1.6.1 release
Preparing for 5.1.6 release
Merge pull request #32282 from javan/fix-digesting-mixed-formats
Preparing for 5.1.5 release
Preparing for 5.1.5.rc1 release
Merge pull request #29127 from DmytroVasin/rails-ujs-remote-callbacks
Merge pull request #30468 from greysteil/backport-changelog-links
Merge pull request #30513 from y-yagi/fix_30444
Fix `test_should_sanitize_illegal_style_properties` failure
Preparing for 5.1.4 release
Add source code and changelog links to gemspecs
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Merge pull request #28912 from kaspth/getting-started-form-with
Merge pull request #29918 from xtina-starr/suppress-warning-from-actionview-controller-helper
Merge branch '5.1.3' into 5-1-stable
Preparing for 5.1.3 release
Merge pull request #29984 from colorfulfool/form-helpers-unicode-sanitization
Merge branch '5.1.3' into 5-1-stable
Preparing for 5.1.3.rc3 release
Preparing for 5.1.3.rc2 release
Merge pull request #29792 from lugray/delegate_respond_to
Merge pull request #29884 from padi/update_rails_5_upgrade_guide
Preparing for 5.1.3.rc1 release
Merge pull request #29630 from kirs/fallback-tos_parameters
Ensure input to distance_of_time_in_words is not nil
Preparing for 5.1.2 release
Preparing for 5.1.2.rc1 release
Merge pull request #29503 from savroff/fix_current_page_engine_issue
Merge pull request #29412 from y-yagi/fix_29014
Add templates left over from 8daef52.
Don't rely on the @view_renderer being defined.
Merge pull request https://github.com/rails/rails/pull/28637 from st0012/fix-partial-cache-logging
Merge pull request #29187 from robin850/remove-mathn
ERB::Util.url_encode no longer escapes ~ since ruby 2.5
Merge pull request #29151 from onemanstartup/jquery_slim_fix
Merge pull request #29152 from djforth/master
Fix the changelogs.
↗ ️ activemodel (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 19 commits:
Preparing for 5.1.6.1 release
Preparing for 5.1.6 release
Merge pull request #32220 from rails/fix-time-columns-on-sqlite3
Preparing for 5.1.5 release
Preparing for 5.1.5.rc1 release
Backport `Fix to working before/after validation callbacks on multiple contexts.`
Merge pull request #30468 from greysteil/backport-changelog-links
Preparing for 5.1.4 release
Add source code and changelog links to gemspecs
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Preparing for 5.1.3 release
Preparing for 5.1.3.rc3 release
Preparing for 5.1.3.rc2 release
Preparing for 5.1.3.rc1 release
Preparing for 5.1.2 release
Preparing for 5.1.2.rc1 release
Merge pull request #29249 from bradleypriest/numericality-precision-regression
Fix the changelogs.
↗ ️ activerecord (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ activesupport (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 48 commits:
Preparing for 5.1.6.1 release
Preparing for 5.1.6 release
Return all mappings for a timezone id in `country_zones`
Merge branch '5-1-5' into 5-1-stable
Preparing for 5.1.5 release
Don't force people to upgrade i18n gem
Add missing require
Merge pull request #31991 from radar/bump-i18n-to-one-dot-oh
Merge pull request #31923 from jdelStrother/duration-deserialization
Preparing for 5.1.5.rc1 release
Merge pull request #31803 from rmosolgo/rm-dependencies
Merge pull request #31624 from y-yagi/fix_minitest_511
Handle `FrozenError` if it is available
Revert "Fix test for change to circular loading message"
Revert "Add more info to the circular dependency error"
Fix test for change to circular loading message
Merge pull request #31433 from jordan-brough/preserve-deprecated-method-visibility
Add more info to the circular dependency error
Merge pull request #30468 from greysteil/backport-changelog-links
Prevent deadlocks with load interlock and DB lock.
Hash#transform_keys is in Ruby 2.5+
Preparing for 5.1.4 release
Add source code and changelog links to gemspecs
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Merge pull request #30285 from albertoalmagro/pass-missing-name-attribute
Merge pull request #30045 from albertoalmagro/fix-raise-unpermitted-parameters-regression
Revert "Merge pull request #15446 from akshay-vishnoi/doc_changes"
Preparing for 5.1.3 release
Preparing for 5.1.3.rc3 release
Add missing support for modulo operations on durations
Merge pull request #29971 from rails/fix-duration-division
Preparing for 5.1.3.rc2 release
Preparing for 5.1.3.rc1 release
Merge pull request #29757 from lugray/hash_with_indifferent_access_default
Merge pull request #29572 from kaspth/test-runner-no-eager-require
Merge pull request #29598 from y-yagi/fix_typo_in_callback_deprecation_msg
Merge pull request #29518 from ragesoss/master
Preparing for 5.1.2 release
Preparing for 5.1.2.rc1 release
Merge pull request #29140 from notEthan/log_subscribed_avoid_rescuing
Bump changelog for 04b6e71d8f45a5436da8206a9e09ea0017091111 [ci skip]
Revert #25628. Incomplete change + needs a deprecation cycle.
Fix duplicable? for Ratiional and Complex on ruby master, since they are now duplicable
Merge pull request #26628 from mjhoy/fix-number-to-human-25742
Merge pull request #29163 from rails/fix-scalar-duration-calculation
Merge pull request #29086 from mikeycgto/message-encryptor-auth-tag-check
Fix the changelogs.
↗ ️ concurrent-ruby (indirect, 1.0.5 → 1.1.3) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ erubi (indirect, 1.6.0 → 1.7.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 16 commits:
Bump version to 1.7.1
Remove one difference from README
Minor tweak to README
Bump copyright year
Make whitespace handling for <%# %> tags more compatible with Erubis (Fixes #14)
Test on ruby 2.5 on Travis
remove unnecessary ternary operation
Bump version to 1.7.0
Fix escaping in erubi/capture_end, the setting was previously inverted (Fixes #10)
Make use of <%| more clear in README (Fixes #10)
Remove gemspec line from travis.gemfile
Drop tiny ruby versions from Travis, so Travis installs latest
Bump version to 1.6.1
Fix usage on newer versions of JRuby 9.1
Drop jruby-18mode from Travis
Update .travis.yml
↗ ️ globalid (indirect, 0.4.0 → 0.4.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 7 commits:
↗ ️ i18n (indirect, 0.8.6 → 1.1.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ loofah (indirect, 2.0.3 → 2.2.3) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ mail (indirect, 2.6.6 → 2.7.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ method_source (indirect, 0.8.2 → 0.9.2) · Repo
Commits
See the full diff on Github. The new version differs by 30 commits:
Merge pull request #55 from banister/release-0-9-2
Release v0.9.2
Merge pull request #54 from banister/52-jruby-patch-removal
Revert "method_source: fix broken Procs on JRuby 9.2.0.0"
bump version number to 0.9.1
Merge pull request #51 from kyrylo/jruby-9200-fix
method_source: fix broken Procs on JRuby 9.2.0.0
Merge pull request #50 from mensfeld/master
remove gemfile lock
license for the gemspec
tweaks to .travis.yml
Run rake gemspec task to bump gemspec data (incl version number)
Version 0.9.0 release
Merge pull request #35 from mlarraz/patch-1
Merge pull request #46 from petems/patch-1
Merge pull request #45 from junaruga/feature/rspec
Add MIT License to Gemfile
Replace Bacon to RSpec 3.
Merge pull request #42 from junaruga/feature/travis-ruby-head
Update .travis.yml
Merge pull request #40 from koic/use_latest_rubies
Merge pull request #39 from koic/integer_unification
CI against Ruby 2.4.0
CI against Ruby 2.3
Integer Unification for Ruby 2.4.0+
Add Travis CI status badge
Merge pull request #29 from nicolasleger/add_ruby_2_1_and_2_2
Add new Ruby 2.1 and 2.2 versions
Merge pull request #24 from petergoldstein/feature/add_ruby_2_to_travis
Add Ruby 2 to Travis CI matrix. Eliminate warning.
↗ ️ mime-types (indirect, 3.1 → 3.2.2) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 17 commits:
Finalize 3.2.2 hotfix
Merge pull request #137 from bary822/remove_debugger
Remove unintentional debugging code
v3.2.1: An encoding bugfix release
MIME::Types::Container is still an internal
Update Travis CI test matrix
Resolve #136 and control growth of containers
Resolve a bug related to the switch to Sets
Perform some maintenance for v3.2
Add .gemspec back in with bundle exec rake gemsepc
Remove gemspec based on PR feedback
Hardcode common argument results to prevent dup string allocations
Calculate priority from MIME types of same family
[CI] Test against Ruby 2.5
correct spelling mistake
Add Ruby 2.3, 2.4 to Travis CI.
Add __instances__ entry when loading from cache (#126)
↗ ️ mime-types-data (indirect, 3.2016.0521 → 3.2018.0812) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 8 commits:
Fix the manifest for release
v3.2018.0812 Data Update, with tooling updates
Fix a hoe bug
Move Markdown extensions from text/plain (#13)
Added ipa extention to application/octet-stream mime type definition (#12)
Update JS MIME type file extensions (#11)
Add .xsd extension to XML mime (#10)
Adds more extensions for the video/MTS mime type (#7)
↗ ️ mini_portile2 (indirect, 2.2.0 → 2.3.0) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 6 commits:
↗ ️ minitest (indirect, 5.10.3 → 5.11.3) · Repo · Changelog
↗ ️ multi_json (indirect, 1.12.1 → 1.13.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 27 commits:
Version 1.13.1
Fix missing stdlib set dependency in oj adapter
Merge pull request #184 from josephpage/patch-1
add changelog history for 0.13.0 release
Version 0.13.0
Fix copyright year in README
Fix README typo
Make Oj adapter handle JSON::ParseError correctly
Sort out the README a bit
Make CI utilize fresh rubygems and bundler
Update CI rubies
Merge pull request #180 from 284km/update_travis
CI against Ruby 2.2.8/2.3.5/2.4.2
Version 1.12.2
Update bundler before running specs in CI
Bump up some ruby versions for CI
Renew my cert
Tidy up gemspec a bit
Merge pull request #177 from aried3r/patch-1
Update README.md
Specify different versions of json gem
Add ruby 2.4 to travis
Update some development dependencies
Merge pull request #173 from jorgebraz/master
Check if read IO object value is `blank?`
Merge pull request #169 from app2641/typo
Fix typo [ci skip]
↗ ️ nio4r (indirect, 2.1.0 → 2.3.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 63 commits:
v2.3.1
Merge pull request #188 from socketry/fix-remove-interests
Bump version.
Don't preemptively update monitor->interests. Fixes #187.
Merge pull request #186 from olleolleolle/patch-4
Travis: use jruby-9.1.17.0
v2.3.0
2018
Merge pull request #183 from socketry/allow-interests-nil
Fix trailing whitespace.
Fix C implementation.
Also handle nil interests in JRuby implementation.
Allow Monitor#interests=nil in pure Ruby implementation.
Only update interests if they have changed.
Handle Monitor#interests = nil
v2.2.0
Merge pull request #181 from socketry/rubocop-0-52-1
Update to RuboCop 0.52.1
Merge pull request #180 from socketry/better-port-h-check
ext/nio4r/extconf.rb: check for port_event_t in port.h (fixes #178)
Merge pull request #179 from tompng/rb_funcall_fix
gem update --system before install
add 2.5.0 to .travis.yml
fix rb_funcall argument(when argc=0)
Merge pull request #177 from socketry/fix-jruby-bytebuffer-string-conversions
Fix ByteBuffer string conversions on JRuby
Merge pull request #175 from olleolleolle/patch-4
udp_socket_spec: Not on JRuby
Travis: jruby-9.1.15.0
Merge pull request #174 from socketry/rubocop-0-51
Update RuboCop to 0.51
Remove .ruby-version
Merge pull request #170 from HoneyryderChuck/cancelled_key
call SelectionKey#isValid before readyOps, to prevent CancelledKeyException
test inconsistency of readiness when the selectable has been closed
added first draft of test
reverted changes
preventing CancelledKeyException, which randomly happens when selector selects an already closed key
Merge pull request #173 from socketry/fix-ci
spec: Use 127.0.0.1 instead of localhost (fixes #172)
Merge pull request #171 from olleolleolle/patch-3
Travis: latest JRuby
Merge pull request #165 from olleolleolle/patch-3
Travis: jruby-9.1.13.0
Merge pull request #164 from HoneyryderChuck/bufferleak
moved buffer initialization to allocate
initialize buffer, as initialization may fail to mallocate the buffer
free char buffer when cleaning up ByteBuffer object
Merge pull request #162 from larskanis/dont-build-ext-on-windows
Don't build the extension on Windows
Merge pull request #157 from MSP-Greg/mingw_tests_1
Windows / MinGW test failure - fix spec_helper.rb
Merge pull request #155 from olleolleolle/patch-3
Travis: jruby-9.1.12.0
Add Appveyor badge
Merge pull request #153 from unak/patch-1
Merge branch 'master' into patch-1
Merge pull request #154 from socketry/appveyor
appveyor.yml: Initial configuration
Support mswin
Support mswin
Merge pull request #151 from socketry/configurable-backends
NIO::Selector: Support for enumerating and configuring backend
↗ ️ nokogiri (indirect, 1.8.0 → 1.8.5) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ rack (indirect, 2.0.3 → 2.0.6) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 19 commits:
Bumping version for release
Whitelist http/https schemes
Reduce buffer size to avoid pathological parsing
Merge tag '2.0.5' into 2-0-stable
Merge pull request #1296 from tomelm/fix-prefers-plaintext
Bump version for release
Merge pull request #1268 from eileencodes/forwardport-pr-1249-to-2-0-stable
Merge pull request #1249 from mclark/handle-invalid-method-parameters
Stick with a passing version of Rubygems and bundler
Leahize
Bumping version
webrick: remove concurrent-ruby dev dependency
Merge pull request #1190 from hugoabonizio/master
Merge pull request #1193 from tompng/multipart_less_memory
Merge pull request #1192 from jkowens/master
Merge pull request #1179 from tompng/master
Merge pull request #1151 from cremno/simplify-some-string-creations
Merge pull request #1189 from lugray/fix_rack_lock
Require the right file for the digest we're using
↗ ️ rack-test (indirect, 0.6.3 → 1.1.0) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ rails-html-sanitizer (indirect, 1.0.3 → 1.0.4) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 16 commits:
Prepare to 1.0.4 release
Make sure we address CVE-2018-8048
Remove rbx since it doesn't seem to install.
Merge pull request #66 from fschwahn/improve-tests
Fix deprecation warning from Minitest
Make tests pass again with recent nokogiri versions
Rename test to better reflect what is actually tested
typos
We're still testing against ruby 1.9 and 2.0 that aren't supported by nokogiri 1.7
activesupport 5 doesn't support ruby < 2.2.2 that are still tested in this repo
bundle with the newest released bundler
Test against newer released rubies
[ci skip] Remove faulty overrides in scrubber example.
[ci skip] Change override method in PermitScrubber.
Merge pull request #47 from pvalena/patch-1
Correct license filename
↗ ️ railties (indirect, 5.1.1 → 5.1.6.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 59 commits:
Preparing for 5.1.6.1 release
Preparing for 5.1.6 release
Add CHANGELOG entry for minimum ruby version check
Merge pull request #32252 from bogdanvlviv/fix-changelogs-of-5-1-stable-30748
Compare ruby version with correct way
Fix `test_config_another_database` failure
Merge pull request #32310 from sodabrew/mysql2-0.4-0.5
Fix changelog entries of `5-1-stable` [ci skip]
Merge pull request #31901 from Kevinrob/patch-1
Preparing for 5.1.5 release
Preparing for 5.1.5.rc1 release
`Minitest::Result` can't use in 5-1-stable
Merge pull request #31624 from y-yagi/fix_minitest_511
Merge pull request #31671 from larskanis/pg-1.0
Handle `FrozenError` if it is available
Merge pull request #31355 from rails/fix-rails-env-with-ruby
Backport #30748 for redis-rb 4.0 support
Merge pull request #30468 from greysteil/backport-changelog-links
Backport #30579
Merge pull request #29146 from y-yagi/fix_29138
Preparing for 5.1.4 release
Add source code and changelog link to railties.gemspec
Update changelog headers for 5.1.4.rc1
Preparing for 5.1.4.rc1 release
Add test case to make sure Parameters configuration are executed once
Merge pull request #29010 from y-yagi/fix_28988
Merge pull request #30115 from intrip/30049-application-controller-renderer-defaults-automatic-reload-in-dev
Merge branch '5.1.3' into 5-1-stable
Preparing for 5.1.3 release
Merge branch '5.1.3' into 5-1-stable
Preparing for 5.1.3.rc3 release
Preparing for 5.1.3.rc2 release
[ci skip] Add regression changelog entry for #29926.
Merge pull request #29926 from pawandubey:fix-test-with-absolute-paths
Merge pull request #29926 from pawandubey:fix-test-with-absolute-paths
Merge pull request #29898 from deivid-rodriguez/follow_up_to_multiple_location_engine_mounting
Merge pull request #29898 from deivid-rodriguez/follow_up_to_multiple_location_engine_mounting
Merge pull request #29902 from y-yagi/fix_29880
Preparing for 5.1.3.rc1 release
Merge pull request #29821 from y-yagi/set_rails_env_before_load_application_file
Merge pull request #29772 from y-yagi/allow_to_edit_secrets_in_mutiple_applications_at_the_same_time
Fix template format check.
Fix root not being defined on Travis.
Fix mattr_reader usage to 5.1 style.
Merge pull request #29572 from kaspth/test-runner-no-eager-require
Merge pull request #29705 from y-yagi/do_not_update_secrets_yml_enc
Merge pull request #29721 from y-yagi/fix_29696
Merge pull request #29725 from y-yagi/fix_29717
Merge pull request #29662 from deivid-rodriguez/engine_multiple_mount_points
Force ActionController::Base lazy laod hooks to run
Preparing for 5.1.2 release
Preparing for 5.1.2.rc1 release
Merge pull request #29482 from Edouard-chin/test-load-path
[ci skip] Add changelog entry for ff7ec79.
Access EDITOR through Ruby's cross-platform ENV.
Merge pull request #29238 from ashishg-qburst/generator
Merge pull request #29195 from kaspth/rails-secrets-better-edit-exception
Update system test runner docs
Fix the changelogs.
↗ ️ rake (indirect, 12.0.0 → 12.3.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ sprockets (indirect, 3.7.1 → 3.7.2) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 5 commits:
↗ ️ sprockets-rails (indirect, 3.2.0 → 3.2.1) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 16 commits:
Only use caller_locations in Rails 5
Check if the method exists in the right module
Test with Rails 5.1 and Ruby 2.4.1
Use compatible version of sass in old rubies
Always use the supported version of nokogiri in that ruby
Merge pull request #394 from rails/schneems/fix-tests
Prepare to 3.2.1 release
Merge pull request #409 from junaruga/hotfix/undefined-metohd-split-for-nil-class
Fix a test failure for undefined method `split' for nil:NilClass.
Merge pull request #404 from junaruga/feature/readme-badge-master
Specify master branch for Travis build status image.
Fix tests
Merge pull request #383 from EiNSTeiN-/patch-1
Be more specific with required file
Merge pull request #380 from dreyks/patch-1
fix changelog entry about unknown_asset_fallback
↗ ️ thor (indirect, 0.19.4 → 0.20.3) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
↗ ️ tzinfo (indirect, 1.2.3 → 1.2.5) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 16 commits:
Preparing v1.2.5.
Update copyright years.
Use Ruby 1.8 compatible syntax.
Document that utc_offset and std_offset may be inaccurate with zoneinfo.
Allow zoneinfo offset derivation to pick a negative std_offset.
Don't store lazily-evaluated results if the object has been frozen.
Remove unnecessary calls to Country.get in tests.
Restore $SAFE after running a safe mode test (if possible).
Disable Minitest's use of external diff tools during safe mode tests.
Add Ruby 2.5.0 and update to the latest Ruby, JRuby and Rbx releases.
Replace expired gem signing certificate.
Preparing v1.2.4.
Update bundler before installing gems.
Use the Trusty build environment.
Update to Ruby 2.2.8, 2.3.5, 2.4.2, JRuby 1.7.27, 9.1.13.0 and rbx 3.86.
Ignore the leapseconds file included in v2017c+ zoneinfo directories.
↗ ️ websocket-extensions (indirect, 0.1.2 → 0.1.3) · Repo · Changelog
Commits
See the full diff on Github. The new version differs by 20 commits:
Bump version to 0.1.3.
Bump Ruby versions on Travis.
Header parser should accept uppercase letters.
Fix the version of Rubygems that Travis is using on Ruby 1.9.
Use an https: link to github in the gemspec.
Merge pull request #4 from EdwardBetts/spelling
correct spelling mistake
Update Ruby versions in Travis config.
Merge pull request #3 from junaruga/feature/travis-ruby-head
Add Ruby 2.4.1 to .travis.yml
Bump Ruby versions 2.2 and 2.3 on Travis.
Remove Rubinius from the build as it hasn't worked on Travis for weeks.
Update Ruby versions for Travis.
Update the Ruby versions used on Travis.
Separate the license text
Create CODE_OF_CONDUCT.md.
Update Rubies for Travis: 2.1.7, 2.2.3, jruby-9, rbx-2.5.
Test on Ruby 2.2.1.
Reversing the previous commit; generateResponse() should throw on invalid heders (as should activate()), because the server should fail the connection in this event.
If the header from the client is invalid, just ignore it and build a pipeline with no sessions.
🆕 crass (added, 1.0.4)
🆕 mini_mime (added, 1.0.1)
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase
.
All Depfu comment commands
- @depfu rebase
- Rebases against your default branch and redoes this update
- @depfu merge
- Merges this PR once your tests are passing and conflicts are resolved
- @depfu reopen
- Restores the branch and reopens this PR (if it's closed)
- @depfu pause
- Ignores all future updates for this dependency and closes this PR
- @depfu pause [minor|major]
- Ignores all future minor/major updates for this dependency and closes this PR
- @depfu resume
- Future versions of this dependency will create PRs again (leaves this PR as is)