actionview 6.0.3.2 → 6.0.3.7

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionview might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 60266b7d1f108c429f1a44c662b1ee37852d87a40208e7e24e8c69a581709ca7
4
- data.tar.gz: b96dbf43106ac6046f45fe141e821fc5c22d0fd8f867382f1dc9d9c39136b87e
3
+ metadata.gz: '0901467d038615517c4bb844ada76405c5881b51faf764c6620b593c33cdc32d'
4
+ data.tar.gz: 511ca67c07b8a6a900c4e124cc810b5d83c9b7fda92c401058a974aecf4653ec
5
5
  SHA512:
6
- metadata.gz: ae70597cc8c0c4a8b036921477ef4a105571c5f996c5941689b511b7c3efc827d3d4c4095dd3fd1e5cc91116d76e4be46bfd212f9f3b2140d058d031833121c1
7
- data.tar.gz: 84a325b4f9816c31edff2298897ebe4af7a03bd5f0d7375b941c9bbd0dc991467c1f459e00b79b241e82457a817a541761f4ebd02fd3bf5bd6ab77615e75107c
6
+ metadata.gz: 77ca182510ca79fc7de26c58a5a86790938eec97cbea0f69d7ad374e3910017181e533ad4925752407f765f7d9db2c4d51725cac1b6d7aff09d0abcd29533d04
7
+ data.tar.gz: 1c987532210718e9d512c14c143418c378cf9ce1e7e83b87b79876899e3ae9bb1baa13931efdbf17f29100b7d1f70e03f9ffb702fe6536271d1bf8c6964c7e4a
data/CHANGELOG.md CHANGED
@@ -1,3 +1,30 @@
1
+ ## Rails 6.0.3.7 (May 05, 2021) ##
2
+
3
+ * No changes.
4
+
5
+
6
+ ## Rails 6.0.3.6 (March 26, 2021) ##
7
+
8
+ * No changes.
9
+
10
+
11
+ ## Rails 6.0.3.5 (February 10, 2021) ##
12
+
13
+ * No changes.
14
+
15
+
16
+ ## Rails 6.0.3.4 (October 07, 2020) ##
17
+
18
+ * No changes.
19
+
20
+
21
+ ## Rails 6.0.3.3 (September 09, 2020) ##
22
+
23
+ * [CVE-2020-8185] Fix potential XSS vulnerability in the `translate`/`t` helper.
24
+
25
+ *Jonathan Hefner*
26
+
27
+
1
28
  ## Rails 6.0.3.2 (June 17, 2020) ##
2
29
 
3
30
  * No changes.
@@ -10,7 +10,7 @@ module ActionView
10
10
  MAJOR = 6
11
11
  MINOR = 0
12
12
  TINY = 3
13
- PRE = "2"
13
+ PRE = "7"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
@@ -76,13 +76,20 @@ module ActionView
76
76
 
77
77
  if html_safe_translation_key?(key)
78
78
  html_safe_options = options.dup
79
+
79
80
  options.except(*I18n::RESERVED_KEYS).each do |name, value|
80
81
  unless name == :count && value.is_a?(Numeric)
81
82
  html_safe_options[name] = ERB::Util.html_escape(value.to_s)
82
83
  end
83
84
  end
85
+
86
+ html_safe_options[:default] = MISSING_TRANSLATION unless html_safe_options[:default].blank?
87
+
84
88
  translation = I18n.translate(scope_key_by_partial(key), **html_safe_options.merge(raise: i18n_raise))
85
- if translation.respond_to?(:map)
89
+
90
+ if translation.equal?(MISSING_TRANSLATION)
91
+ options[:default].first
92
+ elsif translation.respond_to?(:map)
86
93
  translation.map { |element| element.respond_to?(:html_safe) ? element.html_safe : element }
87
94
  else
88
95
  translation.respond_to?(:html_safe) ? translation.html_safe : translation
@@ -121,6 +128,9 @@ module ActionView
121
128
  alias :l :localize
122
129
 
123
130
  private
131
+ MISSING_TRANSLATION = Object.new
132
+ private_constant :MISSING_TRANSLATION
133
+
124
134
  def scope_key_by_partial(key)
125
135
  stringified_key = key.to_s
126
136
  if stringified_key.first == "."
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actionview
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.3.2
4
+ version: 6.0.3.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-17 00:00:00.000000000 Z
11
+ date: 2021-05-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 6.0.3.2
19
+ version: 6.0.3.7
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 6.0.3.2
26
+ version: 6.0.3.7
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: builder
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -92,28 +92,28 @@ dependencies:
92
92
  requirements:
93
93
  - - '='
94
94
  - !ruby/object:Gem::Version
95
- version: 6.0.3.2
95
+ version: 6.0.3.7
96
96
  type: :development
97
97
  prerelease: false
98
98
  version_requirements: !ruby/object:Gem::Requirement
99
99
  requirements:
100
100
  - - '='
101
101
  - !ruby/object:Gem::Version
102
- version: 6.0.3.2
102
+ version: 6.0.3.7
103
103
  - !ruby/object:Gem::Dependency
104
104
  name: activemodel
105
105
  requirement: !ruby/object:Gem::Requirement
106
106
  requirements:
107
107
  - - '='
108
108
  - !ruby/object:Gem::Version
109
- version: 6.0.3.2
109
+ version: 6.0.3.7
110
110
  type: :development
111
111
  prerelease: false
112
112
  version_requirements: !ruby/object:Gem::Requirement
113
113
  requirements:
114
114
  - - '='
115
115
  - !ruby/object:Gem::Version
116
- version: 6.0.3.2
116
+ version: 6.0.3.7
117
117
  description: Simple, battle-tested conventions and helpers for building web pages.
118
118
  email: david@loudthinking.com
119
119
  executables: []
@@ -236,10 +236,10 @@ licenses:
236
236
  - MIT
237
237
  metadata:
238
238
  bug_tracker_uri: https://github.com/rails/rails/issues
239
- changelog_uri: https://github.com/rails/rails/blob/v6.0.3.2/actionview/CHANGELOG.md
240
- documentation_uri: https://api.rubyonrails.org/v6.0.3.2/
239
+ changelog_uri: https://github.com/rails/rails/blob/v6.0.3.7/actionview/CHANGELOG.md
240
+ documentation_uri: https://api.rubyonrails.org/v6.0.3.7/
241
241
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
242
- source_code_uri: https://github.com/rails/rails/tree/v6.0.3.2/actionview
242
+ source_code_uri: https://github.com/rails/rails/tree/v6.0.3.7/actionview
243
243
  post_install_message:
244
244
  rdoc_options: []
245
245
  require_paths: