actiontext 7.0.8.6 → 7.1.0.beta1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actiontext might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f110270f6a1d8bc6884a1ca74d873f4db714649c83f3da2e24eed87f9cf4cd4a
4
- data.tar.gz: 6d854c254c3afbb5a81eece396a17f34e1c5913949de16a18a7ebabc75dbb2fd
3
+ metadata.gz: ff6d3d54018c8afe0b6ac198891859f46c6123de79c1e8c9e1b96eff64b089c5
4
+ data.tar.gz: 9699239744fc76adf7e245610dcdd36dd964ab8805dda53846144e0193b56242
5
5
  SHA512:
6
- metadata.gz: 9c5a2268925f16f858eb5eb627850d18bf8a69cb18b278a80a6f4f786d39a932e05022e673a8201544ed227bffa80ae5f993514cac05b35857fcd6b3d90984f9
7
- data.tar.gz: 5c142369ba42840575269b969f19eedeed810a55dd8c4ac41d06244fcf2fa0ebc8be429dd316d29d1dccc41a24fc42ce05d7e568dff3a819681b8a97b2cc2d1f
6
+ metadata.gz: 37ff95258403ed1acbc72509381b2a35d6a2e74362451fce7f413625faf06bb94947a6923e6dab7b29c8d707dbd2cc89790628354f2d3f70dfcc515f8c247669
7
+ data.tar.gz: 9fe3dead550cf29b88c4eff21f19de3f520594833052d7c9a79699511c50b3888200d03651023f78850abed0af5e0c3b5c57992945944d165762f6bb5c97af7b
data/CHANGELOG.md CHANGED
@@ -1,196 +1,58 @@
1
- ## Rails 7.0.8.6 (October 23, 2024) ##
1
+ ## Rails 7.1.0.beta1 (September 13, 2023) ##
2
2
 
3
- * No changes.
3
+ * Use `Rails::HTML5::SafeListSanitizer` by default in the Rails 7.1 configuration if it is
4
+ supported.
4
5
 
6
+ Action Text's sanitizer can be configured by setting
7
+ `config.action_text.sanitizer_vendor`. Supported values are `Rails::HTML4::Sanitizer` or
8
+ `Rails::HTML5::Sanitizer`.
5
9
 
6
- ## Rails 7.0.8.5 (October 15, 2024) ##
10
+ The Rails 7.1 configuration will set this to `Rails::HTML5::Sanitizer` when it is supported, and
11
+ fall back to `Rails::HTML4::Sanitizer`. Previous configurations default to
12
+ `Rails::HTML4::Sanitizer`.
7
13
 
8
- * Avoid backtracing in plain_text_for_blockquote_node
14
+ As a result of this change, the defaults for `ActionText::ContentHelper.allowed_tags` and
15
+ `.allowed_attributes` are applied at runtime, so the value of these attributes is now 'nil'
16
+ unless set by the application. You may call `sanitizer_allowed_tags` or
17
+ `sanitizer_allowed_attributes` to inspect the tags and attributes being allowed by the
18
+ sanitizer.
9
19
 
10
- [CVE-2024-47888]
20
+ *Mike Dalessio*
11
21
 
22
+ * Attachables now can override default attachment missing template.
12
23
 
13
- ## Rails 7.0.8.4 (June 04, 2024) ##
24
+ When rendering Action Text attachments where the underlying attachable model has
25
+ been removed, a fallback template is used. You now can override this template on
26
+ a per-model basis. For example, you could render a placeholder image for a file
27
+ attachment or the text "Deleted User" for a User attachment.
14
28
 
15
- * No changes.
29
+ *Matt Swanson*, *Joel Drapper*
16
30
 
31
+ * Update bundled Trix version from `1.3.1` to `2.0.4`.
17
32
 
18
- ## Rails 7.0.8.3 (May 17, 2024) ##
33
+ *Sarah Ridge*, *Sean Doyle*
19
34
 
20
- * Fix vendored trix.css to be correct file.
35
+ * Apply `field_error_proc` to `rich_text_area` form fields.
21
36
 
22
- *Hartley McGuire*
37
+ *Kaíque Kandy Koga*
23
38
 
24
- ## Rails 7.0.8.2 (May 16, 2024) ##
39
+ * Action Text attachment URLs rendered in a background job (a la Turbo
40
+ Streams) now use `Rails.application.default_url_options` and
41
+ `Rails.application.config.force_ssl` instead of `http://example.org`.
25
42
 
26
- * Upgrade Trix to 1.3.2 to fix [CVE-2024-34341](https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99).
43
+ *Jonathan Hefner*
27
44
 
28
- *Rafael Mendonça França*
29
-
30
-
31
- ## Rails 7.0.8.1 (February 21, 2024) ##
32
-
33
- * No changes.
34
-
35
-
36
- ## Rails 7.0.8 (September 09, 2023) ##
37
-
38
- * No changes.
39
-
40
-
41
- ## Rails 7.0.7.2 (August 22, 2023) ##
42
-
43
- * No changes.
44
-
45
-
46
- ## Rails 7.0.7.1 (August 22, 2023) ##
47
-
48
- * No changes.
49
-
50
-
51
- ## Rails 7.0.7 (August 09, 2023) ##
52
-
53
- * No changes.
54
-
55
-
56
- ## Rails 7.0.6 (June 29, 2023) ##
57
-
58
- * No changes.
59
-
60
-
61
- ## Rails 7.0.5.1 (June 26, 2023) ##
62
-
63
- * No changes.
64
-
65
-
66
- ## Rails 7.0.5 (May 24, 2023) ##
67
-
68
- * Fix `ActionText::Attachable#as_json`.
69
-
70
- *Alexandre Ruban*
71
-
72
-
73
- ## Rails 7.0.4.3 (March 13, 2023) ##
74
-
75
- * No changes.
76
-
77
-
78
- ## Rails 7.0.4.2 (January 24, 2023) ##
79
-
80
- * No changes.
81
-
82
-
83
- ## Rails 7.0.4.1 (January 17, 2023) ##
84
-
85
- * No changes.
86
-
87
-
88
- ## Rails 7.0.4 (September 09, 2022) ##
89
-
90
- * No changes.
91
-
92
-
93
- ## Rails 7.0.3.1 (July 12, 2022) ##
94
-
95
- * No changes.
96
-
97
-
98
- ## Rails 7.0.3 (May 09, 2022) ##
99
-
100
- * No changes.
101
-
102
-
103
- ## Rails 7.0.2.4 (April 26, 2022) ##
104
-
105
- * No changes.
106
-
107
-
108
- ## Rails 7.0.2.3 (March 08, 2022) ##
109
-
110
- * No changes.
111
-
112
-
113
- ## Rails 7.0.2.2 (February 11, 2022) ##
114
-
115
- * No changes.
116
-
117
-
118
- ## Rails 7.0.2.1 (February 11, 2022) ##
119
-
120
- * No changes.
121
-
122
-
123
- ## Rails 7.0.2 (February 08, 2022) ##
124
-
125
- * No changes.
126
-
127
-
128
- ## Rails 7.0.1 (January 06, 2022) ##
129
-
130
- * No changes.
131
-
132
-
133
- ## Rails 7.0.0 (December 15, 2021) ##
134
-
135
- * No changes.
136
-
137
-
138
- ## Rails 7.0.0.rc3 (December 14, 2021) ##
139
-
140
- * No changes.
141
-
142
-
143
- ## Rails 7.0.0.rc2 (December 14, 2021) ##
144
-
145
- * No changes.
146
-
147
- ## Rails 7.0.0.rc1 (December 06, 2021) ##
148
-
149
- * Fix an issue with how nested lists were displayed when converting to plain text
150
-
151
- *Matt Swanson*
152
-
153
- * Allow passing in a custom `direct_upload_url` or `blob_url_template` to `rich_text_area_tag`.
154
-
155
- *Lucas Mansur*
156
-
157
-
158
- ## Rails 7.0.0.alpha2 (September 15, 2021) ##
159
-
160
- * No changes.
161
-
162
-
163
- ## Rails 7.0.0.alpha1 (September 15, 2021) ##
164
-
165
- * Make the Action Text + Trix JavaScript and CSS available through the asset pipeline.
166
-
167
- *DHH*
168
-
169
- * OpenSSL constants are now used for Digest computations.
170
-
171
- *Dirkjan Bussink*
172
-
173
- * Add support for passing `form:` option to `rich_text_area_tag` and
174
- `rich_text_area` helpers to specify the `<input type="hidden" form="...">`
175
- value.
45
+ * Support `strict_loading:` option for `has_rich_text` declaration
176
46
 
177
47
  *Sean Doyle*
178
48
 
179
- * Add `config.action_text.attachment_tag_name`, to specify the HTML tag that contains attachments.
180
-
181
- *Mark VanLandingham*
182
-
183
- * Expose how we render the HTML _surrounding_ rich text content as an
184
- extensible `layouts/action_view/contents/_content.html.erb` template to
185
- encourage user-land customizations, while retaining private API control over how
186
- the rich text itself is rendered by `action_text/contents/_content.html.erb`
187
- partial.
188
-
189
- *Sean Doyle*
49
+ * Update ContentAttachment so that it can encapsulate arbitrary HTML content in a document.
190
50
 
191
- * Add `with_all_rich_text` method to eager load all rich text associations on a model at once.
51
+ *Jamis Buck*
192
52
 
193
- *Matt Swanson*, *DHH*
53
+ * Fix an issue that caused the content layout to render multiple times when a
54
+ rich_text field was updated.
194
55
 
56
+ *Jacob Herrington*
195
57
 
196
- Please check [6-1-stable](https://github.com/rails/rails/blob/6-1-stable/actiontext/CHANGELOG.md) for previous changes.
58
+ Please check [7-0-stable](https://github.com/rails/rails/blob/7-0-stable/actiontext/CHANGELOG.md) for previous changes.
data/MIT-LICENSE CHANGED
@@ -1,6 +1,6 @@
1
1
  MIT License
2
2
 
3
- Copyright (c) 2020-2022 Basecamp, LLC
3
+ Copyright (c) 37signals LLC
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining a copy
6
6
  of this software and associated documentation files (the "Software"), to deal
data/README.md CHANGED
@@ -1,8 +1,8 @@
1
1
  # Action Text
2
2
 
3
- Action Text brings rich text content and editing to Rails. It includes the [Trix editor](https://trix-editor.org) that handles everything from formatting to links to quotes to lists to embedded images and galleries. The rich text content generated by the Trix editor is saved in its own RichText model that's associated with any existing Active Record model in the application. Any embedded images (or other attachments) are automatically stored using Active Storage and associated with the included RichText model.
3
+ Action Text brings rich text content and editing to \Rails. It includes the [Trix editor](https://trix-editor.org) that handles everything from formatting to links to quotes to lists to embedded images and galleries. The rich text content generated by the Trix editor is saved in its own RichText model that's associated with any existing Active Record model in the application. Any embedded images (or other attachments) are automatically stored using Active Storage and associated with the included RichText model.
4
4
 
5
- You can read more about Action Text in the [Action Text Overview](https://edgeguides.rubyonrails.org/action_text_overview.html) guide.
5
+ You can read more about Action Text in the [Action Text Overview](https://guides.rubyonrails.org/action_text_overview.html) guide.
6
6
 
7
7
  ## Development
8
8