RubyGems - actiontext - Versions diffs - 6.1.7.8 → 6.1.7.9 - Mend

actiontext 6.1.7.8 → 6.1.7.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/lib/action_text/gem_version.rb +1 -1
data/lib/action_text/plain_text_conversion.rb +6 -1
data/package.json +1 -1
metadata +17 -17

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fd25d6d80912cb5b0457abece4c29eb123b2723d7a82a7a7034e8aa7d8b809eb
-  data.tar.gz: 14b5e74568cb790a062de5a63d8c8d3cb8c3ef57769c170d696ed9c3b987cae7
+  metadata.gz: e242e4dbf0b95791c07ed12c9a78d566bcb5ff02829943a9126a282b81bce57b
+  data.tar.gz: 41c09d4735e64c21297c0607db082c5d1456b29da02a3558db1ea80499a51f3e
 SHA512:
-  metadata.gz: dc6be8a996d667a3963a389f1a8918b241d6ee8b5f6bcb6f464583cfa095f573d443203fd27e13d04e7af7c912bf8156e4ab074ca0672339f9451b0df685af93
-  data.tar.gz: 5281076370a5eeac282c93d6a41a415dd9c69464797787213154afcd39b67e46579e45da65d6b318b350896d94c92a508fbf0b1f61a6651c33c17728a8998c92
+  metadata.gz: c55c11da7f8209e12a98b3965296fa80def359dce7fa698c62558b5dbeccbc2049824e7e5a622c2f6a3fa2d9f8afac6ddb54906e799d1708798c812a3aef4bed
+  data.tar.gz: e8168f6394e028d1b814ac4a6052da8215844f8e48530a4f2d23aecd76ce31e8f8909053caafce92e204dd44226de17cf150c296658fd5980a18aa505f89a229

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,10 @@
+## Rails 6.1.7.9 (October 15, 2024) ##
+*   Avoid backtracing in plain_text_for_blockquote_node
+    [CVE-2024-47888]
 ## Rails 6.1.7.8 (June 04, 2024) ##
 *   No changes.

data/lib/action_text/gem_version.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module ActionText
     MAJOR = 6
     MINOR = 1
     TINY  = 7
-    PRE   = "8"
+    PRE   = "9"
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/action_text/plain_text_conversion.rb CHANGED Viewed

@@ -55,7 +55,12 @@ module ActionText
       def plain_text_for_blockquote_node(node, index)
         text = plain_text_for_block(node)
-        text.sub(/\A(\s*)(.+?)(\s*)\Z/m, '\1“\2”\3')
+        return "“”" if text.blank?
+        text = text.dup
+        text.insert(text.rindex(/\S/) + 1, "”")
+        text.insert(text.index(/\S/), "“")
+        text
       end
       def plain_text_for_li_node(node, index)

data/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@rails/actiontext",
-  "version": "6.1.7-8",
+  "version": "6.1.709",
   "description": "Edit and display rich text in Rails applications",
   "main": "app/javascript/actiontext/index.js",
   "files": [

metadata CHANGED Viewed

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: actiontext
 version: !ruby/object:Gem::Version
-  version: 6.1.7.8
+  version: 6.1.7.9
 platform: ruby
 authors:
 - Javan Makhmali
 - Sam Stephenson
 - David Heinemeier Hansson
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-04 00:00:00.000000000 Z
+date: 2024-10-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -18,56 +18,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
 - !ruby/object:Gem::Dependency
   name: activestorage
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
 - !ruby/object:Gem::Dependency
   name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.1.7.8
+        version: 6.1.7.9
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
@@ -140,12 +140,12 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: https://github.com/rails/rails/blob/v6.1.7.8/actiontext/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v6.1.7.8/
+  changelog_uri: https://github.com/rails/rails/blob/v6.1.7.9/actiontext/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v6.1.7.9/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v6.1.7.8/actiontext
+  source_code_uri: https://github.com/rails/rails/tree/v6.1.7.9/actiontext
   rubygems_mfa_required: 'true'
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -160,8 +160,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.27
-signing_key:
+rubygems_version: 3.5.16
+signing_key:
 specification_version: 4
 summary: Rich text framework.
 test_files: []