actiontext 7.2.0.beta2 → 7.2.0.beta3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '038e42b13d583f9db670ee6dc104ef802f4c9c77920037b38a95fb28e9a625b4'
-  data.tar.gz: 31ee1edbf17eebb4ff96b83a4af0a296d80ea55244c5301e940f939ecaee4921
+  metadata.gz: 65724c998d6b019bb85d677b268775d32c2186626222f56a3020f832adb8927f
+  data.tar.gz: 365d4797f49ba681aefd35e8326e88b1aa1a06b1d8809c1f7d52baa7a8fd8708
 SHA512:
-  metadata.gz: d8b926161af97aa1f62f17f6c775b045184af218452fb38243f0ca58713af6b313a51d6015651c8c9199ea148bf0ba80a825d0fb2e4cb9c17b1edc863efb6dc1
-  data.tar.gz: 2be0ecf3329ce40edf0e365082efb993c053a6d359877bc75ea9b953d569ed85730def05e950f03ffb644375004c4795067838a3240d4b6bfd102e622288c958
+  metadata.gz: 19644ed4010376665015b5ac97079d66e23f520be347f5e763b78b24633b8be564f26ab5a99443467d6996c20933791be5c433d8bcce13e75182433f47b26057
+  data.tar.gz: fd5ad4003f16c44430f2bf320f1b2dc666a063d3e6fd7bba2e81be7b9c672988260f1de1a2a03ee3a0b55ed024a67e4353d53d067dfb4f703dcfc1dd3ec3fdf4

data/CHANGELOG.md

@@ -1,8 +1,17 @@
+## Rails 7.2.0.beta3 (July 11, 2024) ##
+
+*   Only sanitize `content` attribute when present in attachments.
+
+    *Petrik de Heus*
+
+
 ## Rails 7.2.0.beta2 (June 04, 2024) ##
 
 *   Sanitize ActionText HTML ContentAttachment in Trix edit view
     [CVE-2024-32464]
 
+    *Aaron Patterson*, *Zack Deveau*
+
 
 ## Rails 7.2.0.beta1 (May 29, 2024) ##
 

data/lib/action_text/content.rb

@@ -97,7 +97,9 @@ module ActionText
 
     def render_attachments(**options, &block)
       content = fragment.replace(ActionText::Attachment.tag_name) do |node|
-        node["content"] = sanitize_content_attachment(node["content"])
+        if node.key? "content"
+          node["content"] = sanitize_content_attachment(node["content"])
+        end
         block.call(attachment_for_node(node, **options))
       end
       self.class.new(content, canonicalize: false)

data/lib/action_text/gem_version.rb

@@ -12,7 +12,7 @@ module ActionText
     MAJOR = 7
     MINOR = 2
     TINY  = 0
-    PRE   = "beta2"
+    PRE   = "beta3"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rails/actiontext",
-  "version": "7.2.0-beta2",
+  "version": "7.2.0-beta3",
   "description": "Edit and display rich text in Rails applications",
   "module": "app/assets/javascripts/actiontext.esm.js",
   "main": "app/assets/javascripts/actiontext.js",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: actiontext
 version: !ruby/object:Gem::Version
-  version: 7.2.0.beta2
+  version: 7.2.0.beta3
 platform: ruby
 authors:
 - Javan Makhmali
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-04 00:00:00.000000000 Z
+date: 2024-07-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -18,56 +18,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
 - !ruby/object:Gem::Dependency
   name: activestorage
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
 - !ruby/object:Gem::Dependency
   name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.0.beta2
+        version: 7.2.0.beta3
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
@@ -163,10 +163,10 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: https://github.com/rails/rails/blob/v7.2.0.beta2/actiontext/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v7.2.0.beta2/
+  changelog_uri: https://github.com/rails/rails/blob/v7.2.0.beta3/actiontext/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v7.2.0.beta3/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v7.2.0.beta2/actiontext
+  source_code_uri: https://github.com/rails/rails/tree/v7.2.0.beta3/actiontext
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
@@ -179,11 +179,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
-rubygems_version: 3.3.27
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
 summary: Rich text framework.