actiontext 7.1.3.4 → 7.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of actiontext might be problematic. Click here for more details.

Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +13 -1
  3. data/lib/action_text/content.rb +4 -1
  4. data/lib/action_text/gem_version.rb +2 -2
  5. data/lib/action_text.rb +1 -1
  6. data/package.json +1 -1
  7. metadata +14 -14
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d51a41ff03b550ac428a52ce89ee785539d2ac0b386c5597f4c06b763070d054
4
- data.tar.gz: 85028cdc38e4448c321e17190924c602f7bd940588307ef42206c7e0842ba31a
3
+ metadata.gz: a46c8b0cd1b2be3d1a882600d4879c8fdb39a3fb453d76107db9180d14961f96
4
+ data.tar.gz: ef742721e408cf74ce53d7a97a875afe2859afdbd9234cd19dafb45a9ca802aa
5
5
  SHA512:
6
- metadata.gz: 417dec3ad3e197b566e52b5b42356481d6a5f54e1a792b5f16c7eeaa45137b2a4bdeeb32e83fd890d884fc60864e7d6062ebe25115710a40de06df3c93812c95
7
- data.tar.gz: ab1691bf97b79a8f2b644b6bf324c06fc663fd8ca2ba4641a906fcf7062a4c4acb4103b25b405561fc21e81198ce7b7541a9d02921d137ae14de6eb75d01b1c7
6
+ metadata.gz: 388397f9d738efe9a872d06c7f63aac7d880b31835559f21a3a18783d8eee5009dac7d725faaa90bfe842807049f8abdd8e3b51276f5ab041711d88b07239161
7
+ data.tar.gz: 0eccc5b5bdfbeb05724d050e8c6324abe1e8706cad0dd6f228582bf97b0ec5946f5ffa205e1d98ed9be73dc831b351560e4c5884881f090dd226d2b8f5bd784f
data/CHANGELOG.md CHANGED
@@ -1,12 +1,24 @@
1
+ ## Rails 7.1.4 (August 22, 2024) ##
2
+
3
+ * Strip `content` attribute if the key is present but the value is empty
4
+
5
+ *Jeremy Green*
6
+
7
+ * Only sanitize `content` attribute when present in attachments.
8
+
9
+ *Petrik de Heus*
10
+
11
+
1
12
  ## Rails 7.1.3.4 (June 04, 2024) ##
2
13
 
3
14
  * Sanitize ActionText HTML ContentAttachment in Trix edit view
4
15
  [CVE-2024-32464]
5
16
 
17
+ *Aaron Patterson*
6
18
 
7
19
  ## Rails 7.1.3.3 (May 16, 2024) ##
8
20
 
9
- * Upgrade Trix to 1.3.2 to fix [CVE-2024-34341](https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99).
21
+ * Upgrade Trix to 2.1.1 to fix [CVE-2024-34341](https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99).
10
22
 
11
23
  *Rafael Mendonça França*
12
24
 
data/lib/action_text/content.rb CHANGED
@@ -94,7 +94,10 @@ module ActionText
94
94
 
95
95
  def render_attachments(**options, &block)
96
96
  content = fragment.replace(ActionText::Attachment.tag_name) do |node|
97
- node["content"] = sanitize_content_attachment(node["content"])
97
+ if node.key?("content")
98
+ sanitized_content = sanitize_content_attachment(node.remove_attribute("content").to_s)
99
+ node["content"] = sanitized_content if sanitized_content.present?
100
+ end
98
101
  block.call(attachment_for_node(node, **options))
99
102
  end
100
103
  self.class.new(content, canonicalize: false)
data/lib/action_text/gem_version.rb CHANGED
@@ -9,8 +9,8 @@ module ActionText
9
9
  module VERSION
10
10
  MAJOR = 7
11
11
  MINOR = 1
12
- TINY = 3
13
- PRE = "4"
12
+ TINY = 4
13
+ PRE = nil
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
data/lib/action_text.rb CHANGED
@@ -9,7 +9,7 @@ require "action_text/deprecator"
9
9
  require "nokogiri"
10
10
 
11
11
  # :markup: markdown
12
- # :include: actiontext/README.md
12
+ # :include: ../README.md
13
13
  module ActionText
14
14
  extend ActiveSupport::Autoload
15
15
 
data/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@rails/actiontext",
3
- "version": "7.1.3-4",
3
+ "version": "7.1.400",
4
4
  "description": "Edit and display rich text in Rails applications",
5
5
  "module": "app/assets/javascripts/actiontext.esm.js",
6
6
  "main": "app/assets/javascripts/actiontext.js",
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actiontext
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.1.3.4
4
+ version: 7.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Javan Makhmali
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2024-06-04 00:00:00.000000000 Z
13
+ date: 2024-08-22 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: activesupport
@@ -18,56 +18,56 @@ dependencies:
18
18
  requirements:
19
19
  - - '='
20
20
  - !ruby/object:Gem::Version
21
- version: 7.1.3.4
21
+ version: 7.1.4
22
22
  type: :runtime
23
23
  prerelease: false
24
24
  version_requirements: !ruby/object:Gem::Requirement
25
25
  requirements:
26
26
  - - '='
27
27
  - !ruby/object:Gem::Version
28
- version: 7.1.3.4
28
+ version: 7.1.4
29
29
  - !ruby/object:Gem::Dependency
30
30
  name: activerecord
31
31
  requirement: !ruby/object:Gem::Requirement
32
32
  requirements:
33
33
  - - '='
34
34
  - !ruby/object:Gem::Version
35
- version: 7.1.3.4
35
+ version: 7.1.4
36
36
  type: :runtime
37
37
  prerelease: false
38
38
  version_requirements: !ruby/object:Gem::Requirement
39
39
  requirements:
40
40
  - - '='
41
41
  - !ruby/object:Gem::Version
42
- version: 7.1.3.4
42
+ version: 7.1.4
43
43
  - !ruby/object:Gem::Dependency
44
44
  name: activestorage
45
45
  requirement: !ruby/object:Gem::Requirement
46
46
  requirements:
47
47
  - - '='
48
48
  - !ruby/object:Gem::Version
49
- version: 7.1.3.4
49
+ version: 7.1.4
50
50
  type: :runtime
51
51
  prerelease: false
52
52
  version_requirements: !ruby/object:Gem::Requirement
53
53
  requirements:
54
54
  - - '='
55
55
  - !ruby/object:Gem::Version
56
- version: 7.1.3.4
56
+ version: 7.1.4
57
57
  - !ruby/object:Gem::Dependency
58
58
  name: actionpack
59
59
  requirement: !ruby/object:Gem::Requirement
60
60
  requirements:
61
61
  - - '='
62
62
  - !ruby/object:Gem::Version
63
- version: 7.1.3.4
63
+ version: 7.1.4
64
64
  type: :runtime
65
65
  prerelease: false
66
66
  version_requirements: !ruby/object:Gem::Requirement
67
67
  requirements:
68
68
  - - '='
69
69
  - !ruby/object:Gem::Version
70
- version: 7.1.3.4
70
+ version: 7.1.4
71
71
  - !ruby/object:Gem::Dependency
72
72
  name: nokogiri
73
73
  requirement: !ruby/object:Gem::Requirement
@@ -163,10 +163,10 @@ licenses:
163
163
  - MIT
164
164
  metadata:
165
165
  bug_tracker_uri: https://github.com/rails/rails/issues
166
- changelog_uri: https://github.com/rails/rails/blob/v7.1.3.4/actiontext/CHANGELOG.md
167
- documentation_uri: https://api.rubyonrails.org/v7.1.3.4/
166
+ changelog_uri: https://github.com/rails/rails/blob/v7.1.4/actiontext/CHANGELOG.md
167
+ documentation_uri: https://api.rubyonrails.org/v7.1.4/
168
168
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
169
- source_code_uri: https://github.com/rails/rails/tree/v7.1.3.4/actiontext
169
+ source_code_uri: https://github.com/rails/rails/tree/v7.1.4/actiontext
170
170
  rubygems_mfa_required: 'true'
171
171
  post_install_message:
172
172
  rdoc_options: []
@@ -183,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
183
183
  - !ruby/object:Gem::Version
184
184
  version: '0'
185
185
  requirements: []
186
- rubygems_version: 3.3.27
186
+ rubygems_version: 3.5.11
187
187
  signing_key:
188
188
  specification_version: 4
189
189
  summary: Rich text framework.