actionpack 7.0.5 → 7.0.6

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionpack might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 53861f74b1eb42d6f13153c1cd5956f16e3eaa2277a18caff284b95e7f8ebde2
4
- data.tar.gz: 1605a5742f7ea7e147e3771f2af1a8eb122d8debd0a263eda224d299f3dd31af
3
+ metadata.gz: b0ea4a26c00b3b19a208967d2242c623ff9f9a884accfe9f41f4d6098487348a
4
+ data.tar.gz: 48bf5d01180d6de383f32cd5a45156e8492cdd5776d9d6a5056339b0214795c1
5
5
  SHA512:
6
- metadata.gz: 1e20f00481154c15e9ac839df3c4d370734f18297b0dbfc2d6c111abe7dd55adefd1f5fbce2ca6ea698b23fbb0100463df862e26e9bfdc033a6bd87c0ac7e58a
7
- data.tar.gz: d0b75b79e9021ffea2dc7debcbd3381d8b20ad2eed1460d64b026ceeb89cf639748ff9f52d8140875f8ee88a3403e015b02f45d16f21ad2dc221f62ef1fe6c70
6
+ metadata.gz: faf60bcb1528e9ac4714f2419a183b459d882d7ca18341b3a8a9638a38d3d7b5aabb26bd523ebc2e45e1e566f94230cfa37140f46016cb6fb6dd3cb0d4e3bbc8
7
+ data.tar.gz: 2f66b9539d4df88e3fa3ae268947959395627886b188249e46b661f2d79cb0440624fe60546c5f5e4c6fb0dca36ad20dd36c1daa5796a92e2ede58fd1b5ec2e5
data/CHANGELOG.md CHANGED
@@ -1,3 +1,15 @@
1
+ ## Rails 7.0.6 (June 29, 2023) ##
2
+
3
+ * No changes.
4
+
5
+
6
+ ## Rails 7.0.5.1 (June 26, 2023) ##
7
+
8
+ * Raise an exception if illegal characters are provide to redirect_to
9
+ [CVE-2023-28362]
10
+
11
+ *Zack Deveau*
12
+
1
13
  ## Rails 7.0.5 (May 24, 2023) ##
2
14
 
3
15
  * Do not return CSP headers for 304 Not Modified responses.
data/README.rdoc CHANGED
@@ -30,7 +30,7 @@ The latest version of Action Pack can be installed with RubyGems:
30
30
 
31
31
  $ gem install actionpack
32
32
 
33
- Source code can be downloaded as part of the Rails project on GitHub:
33
+ Source code can be downloaded as part of the \Rails project on GitHub:
34
34
 
35
35
  * https://github.com/rails/rails/tree/main/actionpack
36
36
 
@@ -48,7 +48,7 @@ API documentation is at:
48
48
 
49
49
  * https://api.rubyonrails.org
50
50
 
51
- Bug reports for the Ruby on Rails project can be filed here:
51
+ Bug reports for the Ruby on \Rails project can be filed here:
52
52
 
53
53
  * https://github.com/rails/rails/issues
54
54
 
@@ -6,7 +6,7 @@ module AbstractController
6
6
  module Translation
7
7
  mattr_accessor :raise_on_missing_translations, default: false
8
8
 
9
- # Delegates to <tt>I18n.translate</tt>. Also aliased as <tt>t</tt>.
9
+ # Delegates to <tt>I18n.translate</tt>.
10
10
  #
11
11
  # When the given key starts with a period, it will be scoped by the current
12
12
  # controller and action. So if you call <tt>translate(".foo")</tt> from
@@ -29,7 +29,7 @@ module AbstractController
29
29
  end
30
30
  alias :t :translate
31
31
 
32
- # Delegates to <tt>I18n.localize</tt>. Also aliased as <tt>l</tt>.
32
+ # Delegates to <tt>I18n.localize</tt>.
33
33
  def localize(object, **options)
34
34
  I18n.localize(object, **options)
35
35
  end
@@ -4,6 +4,8 @@ module ActionController
4
4
  module Redirecting
5
5
  extend ActiveSupport::Concern
6
6
 
7
+ ILLEGAL_HEADER_VALUE_REGEX = /[\x00-\x08\x0A-\x1F]/.freeze
8
+
7
9
  include AbstractController::Logger
8
10
  include ActionController::UrlFor
9
11
 
@@ -85,8 +87,12 @@ module ActionController
85
87
 
86
88
  allow_other_host = response_options.delete(:allow_other_host) { _allow_other_host }
87
89
 
88
- self.status = _extract_redirect_to_status(options, response_options)
89
- self.location = _enforce_open_redirect_protection(_compute_redirect_to_location(request, options), allow_other_host: allow_other_host)
90
+ self.status = _extract_redirect_to_status(options, response_options)
91
+
92
+ redirect_to_location = _compute_redirect_to_location(request, options)
93
+ _ensure_url_is_http_header_safe(redirect_to_location)
94
+
95
+ self.location = _enforce_open_redirect_protection(redirect_to_location, allow_other_host: allow_other_host)
90
96
  self.response_body = "<html><body>You are being <a href=\"#{ERB::Util.unwrapped_html_escape(response.location)}\">redirected</a>.</body></html>"
91
97
  end
92
98
 
@@ -204,5 +210,16 @@ module ActionController
204
210
  rescue ArgumentError, URI::Error
205
211
  false
206
212
  end
213
+
214
+ def _ensure_url_is_http_header_safe(url)
215
+ # Attempt to comply with the set of valid token characters
216
+ # defined for an HTTP header value in
217
+ # https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6
218
+ if url.match?(ILLEGAL_HEADER_VALUE_REGEX)
219
+ msg = "The redirect URL #{url} contains one or more illegal HTTP header field character. " \
220
+ "Set of legal characters defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6"
221
+ raise UnsafeRedirectError, msg
222
+ end
223
+ end
207
224
  end
208
225
  end
@@ -3,12 +3,12 @@
3
3
  require "set"
4
4
 
5
5
  module ActionController
6
- # See <tt>Renderers.add</tt>
6
+ # See Renderers.add
7
7
  def self.add_renderer(key, &block)
8
8
  Renderers.add(key, &block)
9
9
  end
10
10
 
11
- # See <tt>Renderers.remove</tt>
11
+ # See Renderers.remove
12
12
  def self.remove_renderer(key)
13
13
  Renderers.remove(key)
14
14
  end
@@ -1,9 +1,10 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module ActionController # :nodoc:
4
- # This module is responsible for providing +rescue_from+ helpers
5
- # to controllers and configuring when detailed exceptions must be
6
- # shown.
4
+ # This module is responsible for providing
5
+ # {rescue_from}[rdoc-ref:ActiveSupport::Rescuable::ClassMethods#rescue_from]
6
+ # to controllers, wrapping actions to handle configured errors, and
7
+ # configuring when detailed exceptions must be shown.
7
8
  module Rescue
8
9
  extend ActiveSupport::Concern
9
10
  include ActiveSupport::Rescuable
@@ -97,7 +97,7 @@ module ActionController
97
97
  # * +false+ to take no action.
98
98
  # * <tt>:log</tt> to emit an <tt>ActiveSupport::Notifications.instrument</tt> event on the
99
99
  # <tt>unpermitted_parameters.action_controller</tt> topic and log at the DEBUG level.
100
- # * <tt>:raise</tt> to raise a <tt>ActionController::UnpermittedParameters</tt> exception.
100
+ # * <tt>:raise</tt> to raise an ActionController::UnpermittedParameters exception.
101
101
  #
102
102
  # Examples:
103
103
  #
@@ -146,7 +146,7 @@ module ActionController
146
146
  # :method: each_key
147
147
  #
148
148
  # :call-seq:
149
- # each_key()
149
+ # each_key(&block)
150
150
  #
151
151
  # Calls block once for each key in the parameters, passing the key.
152
152
  # If no block is given, an enumerator is returned instead.
@@ -159,14 +159,6 @@ module ActionController
159
159
  #
160
160
  # Returns true if the parameters have no key/value pairs.
161
161
 
162
- ##
163
- # :method: has_key?
164
- #
165
- # :call-seq:
166
- # has_key?(key)
167
- #
168
- # Returns true if the given key is present in the parameters.
169
-
170
162
  ##
171
163
  # :method: has_value?
172
164
  #
@@ -183,22 +175,6 @@ module ActionController
183
175
  #
184
176
  # Returns true if the given key is present in the parameters.
185
177
 
186
- ##
187
- # :method: key?
188
- #
189
- # :call-seq:
190
- # key?(key)
191
- #
192
- # Returns true if the given key is present in the parameters.
193
-
194
- ##
195
- # :method: member?
196
- #
197
- # :call-seq:
198
- # member?(key)
199
- #
200
- # Returns true if the given key is present in the parameters.
201
-
202
178
  ##
203
179
  # :method: keys
204
180
  #
@@ -230,9 +206,13 @@ module ActionController
230
206
  # values()
231
207
  #
232
208
  # Returns a new array of the values of the parameters.
233
- delegate :keys, :key?, :has_key?, :member?, :values, :has_value?, :value?, :empty?, :include?,
209
+ delegate :keys, :values, :has_value?, :value?, :empty?, :include?,
234
210
  :as_json, :to_s, :each_key, to: :@parameters
235
211
 
212
+ alias_method :has_key?, :include?
213
+ alias_method :key?, :include?
214
+ alias_method :member?, :include?
215
+
236
216
  # By default, never raise an UnpermittedParameters exception if these
237
217
  # params are present. The default includes both 'controller' and 'action'
238
218
  # because they are added by Rails and should be of no concern. One way
@@ -248,7 +228,7 @@ module ActionController
248
228
  end
249
229
  end
250
230
 
251
- # Returns a new instance of <tt>ActionController::Parameters</tt>.
231
+ # Returns a new <tt>ActionController::Parameters</tt> instance.
252
232
  # Also, sets the +permitted+ attribute to the default value of
253
233
  # <tt>ActionController::Parameters.permit_all_parameters</tt>.
254
234
  #
@@ -290,7 +270,7 @@ module ActionController
290
270
  [self.class, @parameters, @permitted].hash
291
271
  end
292
272
 
293
- # Returns a safe <tt>ActiveSupport::HashWithIndifferentAccess</tt>
273
+ # Returns a safe ActiveSupport::HashWithIndifferentAccess
294
274
  # representation of the parameters with all unpermitted keys removed.
295
275
  #
296
276
  # params = ActionController::Parameters.new({
@@ -350,18 +330,15 @@ module ActionController
350
330
  # safe_params.to_query("user")
351
331
  # # => "user%5Bname%5D=David&user%5Bnationality%5D=Danish"
352
332
  #
353
- # The string pairs "key=value" that conform the query string
333
+ # The string pairs <tt>"key=value"</tt> that conform the query string
354
334
  # are sorted lexicographically in ascending order.
355
- #
356
- # This method is also aliased as +to_param+.
357
335
  def to_query(*args)
358
336
  to_h.to_query(*args)
359
337
  end
360
338
  alias_method :to_param, :to_query
361
339
 
362
- # Returns an unsafe, unfiltered
363
- # <tt>ActiveSupport::HashWithIndifferentAccess</tt> representation of the
364
- # parameters.
340
+ # Returns an unsafe, unfiltered ActiveSupport::HashWithIndifferentAccess
341
+ # representation of the parameters.
365
342
  #
366
343
  # params = ActionController::Parameters.new({
367
344
  # name: "Senjougahara Hitagi",
@@ -401,7 +378,7 @@ module ActionController
401
378
  # looping in the common use case permit + mass-assignment. Defined in a
402
379
  # method to instantiate it only if needed.
403
380
  #
404
- # Testing membership still loops, but it's going to be faster than our own
381
+ # \Testing membership still loops, but it's going to be faster than our own
405
382
  # loop that converts values. Also, we are not going to build a new array
406
383
  # object per fetch.
407
384
  def converted_arrays
@@ -449,7 +426,7 @@ module ActionController
449
426
  # ActionController::Parameters.new(person: { name: "Francesco" }).require(:person)
450
427
  # # => #<ActionController::Parameters {"name"=>"Francesco"} permitted: false>
451
428
  #
452
- # Otherwise raises <tt>ActionController::ParameterMissing</tt>:
429
+ # Otherwise raises ActionController::ParameterMissing:
453
430
  #
454
431
  # ActionController::Parameters.new.require(:person)
455
432
  # # ActionController::ParameterMissing: param is missing or the value is empty: person
@@ -501,7 +478,6 @@ module ActionController
501
478
  end
502
479
  end
503
480
 
504
- # Alias of #require.
505
481
  alias :required :require
506
482
 
507
483
  # Returns a new <tt>ActionController::Parameters</tt> instance that
@@ -523,7 +499,7 @@ module ActionController
523
499
  # +:name+ passes if it is a key of +params+ whose associated value is of type
524
500
  # +String+, +Symbol+, +NilClass+, +Numeric+, +TrueClass+, +FalseClass+,
525
501
  # +Date+, +Time+, +DateTime+, +StringIO+, +IO+,
526
- # +ActionDispatch::Http::UploadedFile+ or +Rack::Test::UploadedFile+.
502
+ # ActionDispatch::Http::UploadedFile or +Rack::Test::UploadedFile+.
527
503
  # Otherwise, the key +:name+ is filtered out.
528
504
  #
529
505
  # You may declare that the parameter should be an array of permitted scalars
@@ -645,16 +621,16 @@ module ActionController
645
621
  end
646
622
 
647
623
  # Assigns a value to a given +key+. The given key may still get filtered out
648
- # when +permit+ is called.
624
+ # when #permit is called.
649
625
  def []=(key, value)
650
626
  @parameters[key] = value
651
627
  end
652
628
 
653
629
  # Returns a parameter for the given +key+. If the +key+
654
630
  # can't be found, there are several options: With no other arguments,
655
- # it will raise an <tt>ActionController::ParameterMissing</tt> error;
631
+ # it will raise an ActionController::ParameterMissing error;
656
632
  # if a second argument is given, then that is returned (converted to an
657
- # instance of ActionController::Parameters if possible); if a block
633
+ # instance of +ActionController::Parameters+ if possible); if a block
658
634
  # is given, then that will be run and its result returned.
659
635
  #
660
636
  # params = ActionController::Parameters.new(person: { name: "Francesco" })
@@ -700,7 +676,7 @@ module ActionController
700
676
  new_instance_with_inherited_permitted_status(@parameters.slice(*keys))
701
677
  end
702
678
 
703
- # Returns current <tt>ActionController::Parameters</tt> instance which
679
+ # Returns the current <tt>ActionController::Parameters</tt> instance which
704
680
  # contains only the given +keys+.
705
681
  def slice!(*keys)
706
682
  @parameters.slice!(*keys)
@@ -726,7 +702,7 @@ module ActionController
726
702
  new_instance_with_inherited_permitted_status(@parameters.extract!(*keys))
727
703
  end
728
704
 
729
- # Returns a new <tt>ActionController::Parameters</tt> with the results of
705
+ # Returns a new <tt>ActionController::Parameters</tt> instance with the results of
730
706
  # running +block+ once for every value. The keys are unchanged.
731
707
  #
732
708
  # params = ActionController::Parameters.new(a: 1, b: 2, c: 3)
@@ -773,9 +749,9 @@ module ActionController
773
749
  )
774
750
  end
775
751
 
776
- # Returns the <tt>ActionController::Parameters</tt> instance changing its keys.
777
- # This includes the keys from the root hash and from all nested hashes and arrays.
778
- # The values are unchanged.
752
+ # Returns the same <tt>ActionController::Parameters</tt> instance with
753
+ # changed keys. This includes the keys from the root hash and from all
754
+ # nested hashes and arrays. The values are unchanged.
779
755
  def deep_transform_keys!(&block)
780
756
  @parameters.deep_transform_keys!(&block)
781
757
  self
@@ -783,13 +759,13 @@ module ActionController
783
759
 
784
760
  # Deletes a key-value pair from +Parameters+ and returns the value. If
785
761
  # +key+ is not found, returns +nil+ (or, with optional code block, yields
786
- # +key+ and returns the result). Cf. #extract!, which returns the
787
- # corresponding +ActionController::Parameters+ object.
762
+ # +key+ and returns the result). This method is similar to #extract!, which
763
+ # returns the corresponding +ActionController::Parameters+ object.
788
764
  def delete(key, &block)
789
765
  convert_value_to_parameters(@parameters.delete(key, &block))
790
766
  end
791
767
 
792
- # Returns a new instance of <tt>ActionController::Parameters</tt> with only
768
+ # Returns a new <tt>ActionController::Parameters</tt> instance with only
793
769
  # items that the block evaluates to true.
794
770
  def select(&block)
795
771
  new_instance_with_inherited_permitted_status(@parameters.select(&block))
@@ -802,7 +778,7 @@ module ActionController
802
778
  end
803
779
  alias_method :keep_if, :select!
804
780
 
805
- # Returns a new instance of <tt>ActionController::Parameters</tt> with items
781
+ # Returns a new <tt>ActionController::Parameters</tt> instance with items
806
782
  # that the block evaluates to true removed.
807
783
  def reject(&block)
808
784
  new_instance_with_inherited_permitted_status(@parameters.reject(&block))
@@ -815,7 +791,7 @@ module ActionController
815
791
  end
816
792
  alias_method :delete_if, :reject!
817
793
 
818
- # Returns a new instance of <tt>ActionController::Parameters</tt> with +nil+ values removed.
794
+ # Returns a new <tt>ActionController::Parameters</tt> instance with +nil+ values removed.
819
795
  def compact
820
796
  new_instance_with_inherited_permitted_status(@parameters.compact)
821
797
  end
@@ -825,7 +801,7 @@ module ActionController
825
801
  self if @parameters.compact!
826
802
  end
827
803
 
828
- # Returns a new instance of <tt>ActionController::Parameters</tt> without the blank values.
804
+ # Returns a new <tt>ActionController::Parameters</tt> instance without the blank values.
829
805
  # Uses Object#blank? for determining if a value is blank.
830
806
  def compact_blank
831
807
  reject { |_k, v| v.blank? }
@@ -843,7 +819,7 @@ module ActionController
843
819
  convert_value_to_parameters(@parameters.values_at(*keys))
844
820
  end
845
821
 
846
- # Returns a new <tt>ActionController::Parameters</tt> with all keys from
822
+ # Returns a new <tt>ActionController::Parameters</tt> instance with all keys from
847
823
  # +other_hash+ merged into current hash.
848
824
  def merge(other_hash)
849
825
  new_instance_with_inherited_permitted_status(
@@ -851,15 +827,15 @@ module ActionController
851
827
  )
852
828
  end
853
829
 
854
- # Returns current <tt>ActionController::Parameters</tt> instance with
830
+ # Returns the current <tt>ActionController::Parameters</tt> instance with
855
831
  # +other_hash+ merged into current hash.
856
832
  def merge!(other_hash)
857
833
  @parameters.merge!(other_hash.to_h)
858
834
  self
859
835
  end
860
836
 
861
- # Returns a new <tt>ActionController::Parameters</tt> with all keys from
862
- # current hash merged into +other_hash+.
837
+ # Returns a new <tt>ActionController::Parameters</tt> instance with all keys
838
+ # from current hash merged into +other_hash+.
863
839
  def reverse_merge(other_hash)
864
840
  new_instance_with_inherited_permitted_status(
865
841
  other_hash.to_h.merge(@parameters)
@@ -867,7 +843,7 @@ module ActionController
867
843
  end
868
844
  alias_method :with_defaults, :reverse_merge
869
845
 
870
- # Returns current <tt>ActionController::Parameters</tt> instance with
846
+ # Returns the current <tt>ActionController::Parameters</tt> instance with
871
847
  # current hash merged into +other_hash+.
872
848
  def reverse_merge!(other_hash)
873
849
  @parameters.merge!(other_hash.to_h) { |key, left, right| left }
@@ -917,7 +893,7 @@ module ActionController
917
893
  coder.map = { "parameters" => @parameters, "permitted" => @permitted }
918
894
  end
919
895
 
920
- # Returns duplicate of object including all parameters.
896
+ # Returns a duplicate +ActionController::Parameters+ instance with the same permitted parameters.
921
897
  def deep_dup
922
898
  self.class.new(@parameters.deep_dup, @logging_context).tap do |duplicate|
923
899
  duplicate.permitted = @permitted
@@ -1024,10 +1000,11 @@ module ActionController
1024
1000
  # This is a list of permitted scalar types that includes the ones
1025
1001
  # supported in XML and JSON requests.
1026
1002
  #
1027
- # This list is in particular used to filter ordinary requests, String goes
1003
+ # This list is in particular used to filter ordinary requests, \String goes
1028
1004
  # as first element to quickly short-circuit the common case.
1029
1005
  #
1030
- # If you modify this collection please update the API of +permit+ above.
1006
+ # If you modify this collection please update the one in the #permit doc
1007
+ # as well.
1031
1008
  PERMITTED_SCALAR_TYPES = [
1032
1009
  String,
1033
1010
  Symbol,
@@ -1083,8 +1060,8 @@ module ActionController
1083
1060
  value.is_a?(Array) || value.is_a?(Parameters)
1084
1061
  end
1085
1062
 
1086
- EMPTY_ARRAY = []
1087
- EMPTY_HASH = {}
1063
+ EMPTY_ARRAY = [] # :nodoc:
1064
+ EMPTY_HASH = {} # :nodoc:
1088
1065
  def hash_filter(params, filter)
1089
1066
  filter = filter.with_indifferent_access
1090
1067
 
@@ -6,14 +6,17 @@ module ActionDispatch
6
6
  # This middleware rescues any exception returned by the application
7
7
  # and calls an exceptions app that will wrap it in a format for the end user.
8
8
  #
9
- # The exceptions app should be passed as parameter on initialization
10
- # of ShowExceptions. Every time there is an exception, ShowExceptions will
11
- # store the exception in env["action_dispatch.exception"], rewrite the
12
- # PATH_INFO to the exception status code and call the Rack app.
9
+ # The exceptions app should be passed as a parameter on initialization of
10
+ # +ShowExceptions+. Every time there is an exception, +ShowExceptions+ will
11
+ # store the exception in <tt>env["action_dispatch.exception"]</tt>, rewrite
12
+ # the +PATH_INFO+ to the exception status code and call the Rack app.
13
13
  #
14
- # If the application returns a "X-Cascade" pass response, this middleware
15
- # will send an empty response as result with the correct status code.
16
- # If any exception happens inside the exceptions app, this middleware
14
+ # In \Rails applications, the exceptions app can be configured with
15
+ # +config.exceptions_app+, which defaults to ActionDispatch::PublicExceptions.
16
+ #
17
+ # If the application returns an <tt>"X-Cascade" => "pass"</tt> response, this
18
+ # middleware will send an empty response as a result with the correct status
19
+ # code. If any exception happens inside the exceptions app, this middleware
17
20
  # catches the exceptions and returns a failsafe response.
18
21
  class ShowExceptions
19
22
  def initialize(app, exceptions_app)
@@ -9,7 +9,7 @@ module ActionPack
9
9
  module VERSION
10
10
  MAJOR = 7
11
11
  MINOR = 0
12
- TINY = 5
12
+ TINY = 6
13
13
  PRE = nil
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actionpack
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.0.5
4
+ version: 7.0.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-05-24 00:00:00.000000000 Z
11
+ date: 2023-06-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 7.0.5
19
+ version: 7.0.6
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 7.0.5
26
+ version: 7.0.6
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rack
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -98,28 +98,28 @@ dependencies:
98
98
  requirements:
99
99
  - - '='
100
100
  - !ruby/object:Gem::Version
101
- version: 7.0.5
101
+ version: 7.0.6
102
102
  type: :runtime
103
103
  prerelease: false
104
104
  version_requirements: !ruby/object:Gem::Requirement
105
105
  requirements:
106
106
  - - '='
107
107
  - !ruby/object:Gem::Version
108
- version: 7.0.5
108
+ version: 7.0.6
109
109
  - !ruby/object:Gem::Dependency
110
110
  name: activemodel
111
111
  requirement: !ruby/object:Gem::Requirement
112
112
  requirements:
113
113
  - - '='
114
114
  - !ruby/object:Gem::Version
115
- version: 7.0.5
115
+ version: 7.0.6
116
116
  type: :development
117
117
  prerelease: false
118
118
  version_requirements: !ruby/object:Gem::Requirement
119
119
  requirements:
120
120
  - - '='
121
121
  - !ruby/object:Gem::Version
122
- version: 7.0.5
122
+ version: 7.0.6
123
123
  description: Web apps on Rails. Simple, battle-tested conventions for building and
124
124
  testing MVC web applications. Works with any Rack-compatible server.
125
125
  email: david@loudthinking.com
@@ -310,10 +310,10 @@ licenses:
310
310
  - MIT
311
311
  metadata:
312
312
  bug_tracker_uri: https://github.com/rails/rails/issues
313
- changelog_uri: https://github.com/rails/rails/blob/v7.0.5/actionpack/CHANGELOG.md
314
- documentation_uri: https://api.rubyonrails.org/v7.0.5/
313
+ changelog_uri: https://github.com/rails/rails/blob/v7.0.6/actionpack/CHANGELOG.md
314
+ documentation_uri: https://api.rubyonrails.org/v7.0.6/
315
315
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
316
- source_code_uri: https://github.com/rails/rails/tree/v7.0.5/actionpack
316
+ source_code_uri: https://github.com/rails/rails/tree/v7.0.6/actionpack
317
317
  rubygems_mfa_required: 'true'
318
318
  post_install_message:
319
319
  rdoc_options: []
@@ -331,7 +331,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
331
331
  version: '0'
332
332
  requirements:
333
333
  - none
334
- rubygems_version: 3.4.10
334
+ rubygems_version: 3.4.13
335
335
  signing_key:
336
336
  specification_version: 4
337
337
  summary: Web-flow and rendering framework putting the VC in MVC (part of Rails).