activesupport 6.1.7.2 → 6.1.7.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +29 -0
  3. data/lib/active_support/core_ext/string/output_safety.rb +4 -0
  4. data/lib/active_support/encrypted_file.rb +8 -9
  5. data/lib/active_support/gem_version.rb +1 -1
  6. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 28ca70c38f67026955b1161ed6b18e7baa7764f972a65fcfb98045d92ae36b21
4
- data.tar.gz: a3338be243c6e5ba5c90cafd07b33d964ab0a07b1501555c21385827bedd1f2c
3
+ metadata.gz: 90c1e1ac6c0b5064de76fbc6bdf516d85f2b7339a082841ed3d96d314acadd95
4
+ data.tar.gz: 505167362a4d007a7e88a0b3f0cead94944d33a56a5ce5d77791ecf619a0b28c
5
5
  SHA512:
6
- metadata.gz: f3ecf8f53514da55a4de9fdbd5acca109477ad01fdc8d19de3b90a7488a0799d22edba09f6aaaf70e85e8900235d1545d41c3adeb183186271e2d9195f5056e7
7
- data.tar.gz: ad99b075680358ff999d6a7483b17960248934075dd8b11da56b7f35e9a6f94a013f2cdf60c380e952b5a6c440008065dae8b10cd28180e517340d43667c7964
6
+ metadata.gz: a360ad74604b0a82b416e90883dbdd0f2f90de338b025cab43a0e43428d1421c90d4fe8631b9a6cfa8c55fc746036ec8432baeb19883099ff5d992d7cd4c54a7
7
+ data.tar.gz: c6527296af9e7b0fcc56ee3eee03ff02b761959d4fe9c11774ecb1818d7ae642820a582bd346970ec1b0837cacff1e9e429179934a7d3a54f99f6a5d4b66c098
data/CHANGELOG.md CHANGED
@@ -1,3 +1,32 @@
1
+ ## Rails 6.1.7.7 (February 21, 2024) ##
2
+
3
+ * No changes.
4
+
5
+
6
+ ## Rails 6.1.7.6 (August 22, 2023) ##
7
+
8
+ * No changes.
9
+
10
+
11
+ ## Rails 6.1.7.5 (August 22, 2023) ##
12
+
13
+ * Use a temporary file for storing unencrypted files while editing
14
+
15
+ [CVE-2023-38037]
16
+
17
+
18
+ ## Rails 6.1.7.4 (June 26, 2023) ##
19
+
20
+ * No changes.
21
+
22
+
23
+ ## Rails 6.1.7.3 (March 13, 2023) ##
24
+
25
+ * Implement SafeBuffer#bytesplice
26
+
27
+ [CVE-2023-28120]
28
+
29
+
1
30
  ## Rails 6.1.7.2 (January 24, 2023) ##
2
31
 
3
32
  * No changes.
data/lib/active_support/core_ext/string/output_safety.rb CHANGED
@@ -216,6 +216,10 @@ module ActiveSupport #:nodoc:
216
216
  end
217
217
  alias << concat
218
218
 
219
+ def bytesplice(*args, value)
220
+ super(*args, implicit_html_escape_interpolated_argument(value))
221
+ end
222
+
219
223
  def insert(index, value)
220
224
  super(index, html_escape_interpolated_argument(value))
221
225
  end
data/lib/active_support/encrypted_file.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "pathname"
4
- require "tmpdir"
4
+ require "tempfile"
5
5
  require "active_support/message_encryptor"
6
6
 
7
7
  module ActiveSupport
@@ -69,17 +69,16 @@ module ActiveSupport
69
69
 
70
70
  private
71
71
  def writing(contents)
72
- tmp_file = "#{Process.pid}.#{content_path.basename.to_s.chomp('.enc')}"
73
- tmp_path = Pathname.new File.join(Dir.tmpdir, tmp_file)
74
- tmp_path.binwrite contents
72
+ Tempfile.create(["", "-" + content_path.basename.to_s.chomp(".enc")]) do |tmp_file|
73
+ tmp_path = Pathname.new(tmp_file)
74
+ tmp_path.binwrite contents
75
75
 
76
- yield tmp_path
76
+ yield tmp_path
77
77
 
78
- updated_contents = tmp_path.binread
78
+ updated_contents = tmp_path.binread
79
79
 
80
- write(updated_contents) if updated_contents != contents
81
- ensure
82
- FileUtils.rm(tmp_path) if tmp_path&.exist?
80
+ write(updated_contents) if updated_contents != contents
81
+ end
83
82
  end
84
83
 
85
84
 
data/lib/active_support/gem_version.rb CHANGED
@@ -10,7 +10,7 @@ module ActiveSupport
10
10
  MAJOR = 6
11
11
  MINOR = 1
12
12
  TINY = 7
13
- PRE = "2"
13
+ PRE = "7"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.1.7.2
4
+ version: 6.1.7.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-25 00:00:00.000000000 Z
11
+ date: 2024-02-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: i18n
@@ -357,10 +357,10 @@ licenses:
357
357
  - MIT
358
358
  metadata:
359
359
  bug_tracker_uri: https://github.com/rails/rails/issues
360
- changelog_uri: https://github.com/rails/rails/blob/v6.1.7.2/activesupport/CHANGELOG.md
361
- documentation_uri: https://api.rubyonrails.org/v6.1.7.2/
360
+ changelog_uri: https://github.com/rails/rails/blob/v6.1.7.7/activesupport/CHANGELOG.md
361
+ documentation_uri: https://api.rubyonrails.org/v6.1.7.7/
362
362
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
363
- source_code_uri: https://github.com/rails/rails/tree/v6.1.7.2/activesupport
363
+ source_code_uri: https://github.com/rails/rails/tree/v6.1.7.7/activesupport
364
364
  rubygems_mfa_required: 'true'
365
365
  post_install_message:
366
366
  rdoc_options:
@@ -379,7 +379,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
379
379
  - !ruby/object:Gem::Version
380
380
  version: '0'
381
381
  requirements: []
382
- rubygems_version: 3.4.3
382
+ rubygems_version: 3.2.22
383
383
  signing_key:
384
384
  specification_version: 4
385
385
  summary: A toolkit of support libraries and Ruby core extensions extracted from the