activesupport 7.0.4.2 → 7.0.4.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of activesupport might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b3b5e296e65bfdc81c344a77a989f352ea66801e60d70e79761f7caca0f89b52
4
- data.tar.gz: 633843403f31a29e039064b99558621ee1e04f2ffdcbbc9d7c3faad5ba76aca1
3
+ metadata.gz: af711c41eae644a4fba03556039ec8d30337836525e57b896af3fa895bd5826f
4
+ data.tar.gz: 7c4eb0e42e2aaa1ba161eedd7657cdd8a458adfb456ac3df242a72dceceecc5c
5
5
  SHA512:
6
- metadata.gz: b7466b6167afea9df25d97382060e976f35551fd97e4c5649b644714e7791f351a9a3ca08b6b2283d430588c8a21e71acc4d65795798d872505ee0b6e67a9aea
7
- data.tar.gz: 70e12f9f04bebf2d4f760892c218b0b150e252cc0f887dad2e50f1a42e5dac3e3b8b929b45da3c823c91604ebf02f32d35c6c367e19f4ce46bfa02a24899ce7c
6
+ metadata.gz: f255bc83f2f93d1743014853471a053798dbad3e8162551a0c0593eb5c5ea8abef362abf37de6c298985e9413c32b5ad02294a84dad063da8c150f8ce34d3051
7
+ data.tar.gz: 39f1750b28dc755ead136f17a4b999b9d6e46a5bdf8b733ded897c6ec163f49b8651df20682b6568aa7bd8bf82c127aa5b00fc354ca80a82ba72c642caa25dd2
data/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ ## Rails 7.0.4.3 (March 13, 2023) ##
2
+
3
+ * Implement SafeBuffer#bytesplice
4
+
5
+ [CVE-2023-28120]
6
+
7
+
1
8
  ## Rails 7.0.4.2 (January 24, 2023) ##
2
9
 
3
10
  * No changes.
@@ -219,6 +219,10 @@ module ActiveSupport # :nodoc:
219
219
  end
220
220
  alias << concat
221
221
 
222
+ def bytesplice(*args, value)
223
+ super(*args, implicit_html_escape_interpolated_argument(value))
224
+ end
225
+
222
226
  def insert(index, value)
223
227
  super(index, implicit_html_escape_interpolated_argument(value))
224
228
  end
@@ -10,7 +10,7 @@ module ActiveSupport
10
10
  MAJOR = 7
11
11
  MINOR = 0
12
12
  TINY = 4
13
- PRE = "2"
13
+ PRE = "3"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activesupport
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.0.4.2
4
+ version: 7.0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-25 00:00:00.000000000 Z
11
+ date: 2023-03-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: i18n
@@ -359,10 +359,10 @@ licenses:
359
359
  - MIT
360
360
  metadata:
361
361
  bug_tracker_uri: https://github.com/rails/rails/issues
362
- changelog_uri: https://github.com/rails/rails/blob/v7.0.4.2/activesupport/CHANGELOG.md
363
- documentation_uri: https://api.rubyonrails.org/v7.0.4.2/
362
+ changelog_uri: https://github.com/rails/rails/blob/v7.0.4.3/activesupport/CHANGELOG.md
363
+ documentation_uri: https://api.rubyonrails.org/v7.0.4.3/
364
364
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
365
- source_code_uri: https://github.com/rails/rails/tree/v7.0.4.2/activesupport
365
+ source_code_uri: https://github.com/rails/rails/tree/v7.0.4.3/activesupport
366
366
  rubygems_mfa_required: 'true'
367
367
  post_install_message:
368
368
  rdoc_options: