actiontext 7.1.3.4 → 7.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d51a41ff03b550ac428a52ce89ee785539d2ac0b386c5597f4c06b763070d054
-  data.tar.gz: 85028cdc38e4448c321e17190924c602f7bd940588307ef42206c7e0842ba31a
+  metadata.gz: a46c8b0cd1b2be3d1a882600d4879c8fdb39a3fb453d76107db9180d14961f96
+  data.tar.gz: ef742721e408cf74ce53d7a97a875afe2859afdbd9234cd19dafb45a9ca802aa
 SHA512:
-  metadata.gz: 417dec3ad3e197b566e52b5b42356481d6a5f54e1a792b5f16c7eeaa45137b2a4bdeeb32e83fd890d884fc60864e7d6062ebe25115710a40de06df3c93812c95
-  data.tar.gz: ab1691bf97b79a8f2b644b6bf324c06fc663fd8ca2ba4641a906fcf7062a4c4acb4103b25b405561fc21e81198ce7b7541a9d02921d137ae14de6eb75d01b1c7
+  metadata.gz: 388397f9d738efe9a872d06c7f63aac7d880b31835559f21a3a18783d8eee5009dac7d725faaa90bfe842807049f8abdd8e3b51276f5ab041711d88b07239161
+  data.tar.gz: 0eccc5b5bdfbeb05724d050e8c6324abe1e8706cad0dd6f228582bf97b0ec5946f5ffa205e1d98ed9be73dc831b351560e4c5884881f090dd226d2b8f5bd784f

data/CHANGELOG.md

@@ -1,12 +1,24 @@
+## Rails 7.1.4 (August 22, 2024) ##
+
+*   Strip `content` attribute if the key is present but the value is empty
+
+    *Jeremy Green*
+
+*   Only sanitize `content` attribute when present in attachments.
+
+    *Petrik de Heus*
+
+
 ## Rails 7.1.3.4 (June 04, 2024) ##
 
 *   Sanitize ActionText HTML ContentAttachment in Trix edit view
     [CVE-2024-32464]
 
+    *Aaron Patterson*
 
 ## Rails 7.1.3.3 (May 16, 2024) ##
 
-*   Upgrade Trix to 1.3.2 to fix [CVE-2024-34341](https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99).
+*   Upgrade Trix to 2.1.1 to fix [CVE-2024-34341](https://github.com/basecamp/trix/security/advisories/GHSA-qjqp-xr96-cj99).
 
     *Rafael Mendonça França*
 

data/lib/action_text/content.rb

@@ -94,7 +94,10 @@ module ActionText
 
     def render_attachments(**options, &block)
       content = fragment.replace(ActionText::Attachment.tag_name) do |node|
-        node["content"] = sanitize_content_attachment(node["content"])
+        if node.key?("content")
+          sanitized_content = sanitize_content_attachment(node.remove_attribute("content").to_s)
+          node["content"] = sanitized_content if sanitized_content.present?
+        end
         block.call(attachment_for_node(node, **options))
       end
       self.class.new(content, canonicalize: false)

data/lib/action_text/gem_version.rb

@@ -9,8 +9,8 @@ module ActionText
   module VERSION
     MAJOR = 7
     MINOR = 1
-    TINY  = 3
-    PRE   = "4"
+    TINY  = 4
+    PRE   = nil
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/action_text.rb

@@ -9,7 +9,7 @@ require "action_text/deprecator"
 require "nokogiri"
 
 # :markup: markdown
-# :include: actiontext/README.md
+# :include: ../README.md
 module ActionText
   extend ActiveSupport::Autoload
 

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rails/actiontext",
-  "version": "7.1.3-4",
+  "version": "7.1.400",
   "description": "Edit and display rich text in Rails applications",
   "module": "app/assets/javascripts/actiontext.esm.js",
   "main": "app/assets/javascripts/actiontext.js",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: actiontext
 version: !ruby/object:Gem::Version
-  version: 7.1.3.4
+  version: 7.1.4
 platform: ruby
 authors:
 - Javan Makhmali
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-04 00:00:00.000000000 Z
+date: 2024-08-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -18,56 +18,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
 - !ruby/object:Gem::Dependency
   name: activestorage
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
 - !ruby/object:Gem::Dependency
   name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.1.3.4
+        version: 7.1.4
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
@@ -163,10 +163,10 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: https://github.com/rails/rails/blob/v7.1.3.4/actiontext/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v7.1.3.4/
+  changelog_uri: https://github.com/rails/rails/blob/v7.1.4/actiontext/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v7.1.4/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v7.1.3.4/actiontext
+  source_code_uri: https://github.com/rails/rails/tree/v7.1.4/actiontext
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
@@ -183,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.27
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
 summary: Rich text framework.