avo 2.46.0 → 2.48.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +3 -3
- data/app/components/avo/field_wrapper_component.rb +6 -6
- data/app/components/avo/fields/common/files/view_type/grid_item_component.html.erb +1 -1
- data/app/components/avo/fields/hidden_field/edit_component.html.erb +2 -1
- data/app/javascript/js/controllers/fields/key_value_controller.js +2 -1
- data/lib/avo/services/encryption_service.rb +1 -5
- data/lib/avo/version.rb +1 -1
- data/public/avo-assets/avo.base.js +225 -223
- data/public/avo-assets/avo.base.js.map +3 -3
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 63a1e190de1ea81343c769a8896e64c91aab1024084dc04d3b8ed1ce96e55233
|
4
|
+
data.tar.gz: cd447a81f2d123f536fe500ee57c6cd1396df2e5615ae4b8f1d3dfa944ff8214
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 83f2e5618a4fd689d5619d0c390bf41bae93e73b74b75d30b2cfddc2091eb7770a76704df7a251897910c886d25fefd97e5c4e0de179cb2ac2b93f3a3886855c
|
7
|
+
data.tar.gz: 30ed29798e3563143acf57eb594c915fdaac080b082bf02fb5a72c4073b3eed53256773b17987f17e0cb0a26bc3e257ee77ea45aaed92ac9d3c5e2b10843b8ca
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
avo (2.
|
4
|
+
avo (2.48.0)
|
5
5
|
actionview (>= 6.0)
|
6
6
|
active_link_to
|
7
7
|
activerecord (>= 6.0)
|
@@ -269,10 +269,10 @@ GEM
|
|
269
269
|
net-smtp (0.3.3)
|
270
270
|
net-protocol
|
271
271
|
nio4r (2.5.9)
|
272
|
-
nokogiri (1.
|
272
|
+
nokogiri (1.16.0)
|
273
273
|
mini_portile2 (~> 2.8.2)
|
274
274
|
racc (~> 1.4)
|
275
|
-
nokogiri (1.
|
275
|
+
nokogiri (1.16.0-x86_64-linux)
|
276
276
|
racc (~> 1.4)
|
277
277
|
orm_adapter (0.5.0)
|
278
278
|
pagy (6.0.4)
|
@@ -82,6 +82,12 @@ class Avo::FieldWrapperComponent < ViewComponent::Base
|
|
82
82
|
**@data
|
83
83
|
}
|
84
84
|
|
85
|
+
# Fetch the data attributes off the html option
|
86
|
+
wrapper_data_attributes = @field.get_html :data, view: view, element: :wrapper
|
87
|
+
if wrapper_data_attributes.present?
|
88
|
+
attributes.merge! wrapper_data_attributes
|
89
|
+
end
|
90
|
+
|
85
91
|
# Add the built-in stimulus integration data tags.
|
86
92
|
if @resource.present?
|
87
93
|
add_stimulus_attributes_for(@resource, attributes)
|
@@ -91,12 +97,6 @@ class Avo::FieldWrapperComponent < ViewComponent::Base
|
|
91
97
|
add_stimulus_attributes_for(@action, attributes)
|
92
98
|
end
|
93
99
|
|
94
|
-
# Fetch the data attributes off the html option
|
95
|
-
wrapper_data_attributes = @field.get_html :data, view: view, element: :wrapper
|
96
|
-
if wrapper_data_attributes.present?
|
97
|
-
attributes.merge! wrapper_data_attributes
|
98
|
-
end
|
99
|
-
|
100
100
|
attributes
|
101
101
|
end
|
102
102
|
|
@@ -1,6 +1,6 @@
|
|
1
1
|
<div id="<%= dom_id file %>" class="relative min-h-full max-w-full flex-1 flex flex-col justify-between space-y-2">
|
2
2
|
<% if file.present? %>
|
3
|
-
<div class="flex h-full">
|
3
|
+
<div class="flex flex-col h-full">
|
4
4
|
<% if file.representable? && is_image? %>
|
5
5
|
<%= image_tag helpers.main_app.url_for(file), class: "rounded-lg max-w-full #{@extra_classes}" %>
|
6
6
|
<% elsif is_audio? %>
|
@@ -1,5 +1,6 @@
|
|
1
1
|
<%= @form.hidden_field @field.id,
|
2
2
|
class: @field.get_html(:classes, view: view, element: :input),
|
3
3
|
data: @field.get_html(:data, view: view, element: :input),
|
4
|
-
style: @field.get_html(:style, view: view, element: :input)
|
4
|
+
style: @field.get_html(:style, view: view, element: :input),
|
5
|
+
value: @field.value
|
5
6
|
%>
|
@@ -1,4 +1,5 @@
|
|
1
1
|
/* eslint-disable max-len */
|
2
|
+
import * as DOMPurify from 'dompurify'
|
2
3
|
import { Controller } from '@hotwired/stimulus'
|
3
4
|
import { castBoolean } from '../../helpers/cast_boolean'
|
4
5
|
|
@@ -80,7 +81,7 @@ export default class extends Controller {
|
|
80
81
|
let index = 0
|
81
82
|
this.fieldValue.forEach((row) => {
|
82
83
|
const [key, value] = row
|
83
|
-
result += this.interpolatedRow(key, value, index)
|
84
|
+
result += this.interpolatedRow(DOMPurify.sanitize(key), DOMPurify.sanitize(value), index)
|
84
85
|
index++
|
85
86
|
})
|
86
87
|
this.rowsTarget.innerHTML = result
|
@@ -32,16 +32,12 @@ module Avo
|
|
32
32
|
private
|
33
33
|
|
34
34
|
def encryption_key
|
35
|
-
secret_key_base[0..31]
|
35
|
+
Rails.application.secret_key_base[0..31]
|
36
36
|
rescue
|
37
37
|
# This will fail the decryption process.
|
38
38
|
# It's here only to keep Avo from crashing
|
39
39
|
SecureRandom.random_bytes(32)
|
40
40
|
end
|
41
|
-
|
42
|
-
def secret_key_base
|
43
|
-
ENV["SECRET_KEY_BASE"] || Rails.application.credentials.secret_key_base || Rails.application.secrets.secret_key_base
|
44
|
-
end
|
45
41
|
end
|
46
42
|
end
|
47
43
|
end
|
data/lib/avo/version.rb
CHANGED