action-center-platform
action-center-platform copied to clipboard
EFForg
The EFF Action Center Platform
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.5 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.2.0 to 1.4.3. Release notes Sourced from rails-html-sanitizer's releases. 1.4.3 / 2022-06-09 Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. Prevent the combination of select...
Bumps [jmespath](https://github.com/trevorrowe/jmespath.rb) from 1.4.0 to 1.6.1. Release notes Sourced from jmespath's releases. Release v1.6.1 - 2022-03-07 Issue - Use JSON.parse instead of JSON.load. Release v1.6.0 - 2022-02-14 Feature - Add...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.8 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...
Bumps [puma](https://github.com/puma/puma) from 3.12.4 to 4.3.12. Release notes Sourced from puma's releases. 4.3.12 Security Close several HTTP Request Smuggling exploits (CVE-2022-24790) 4.3.11 Bugfix/Security Response body will always be closed. (GHSA-rmj8-8hhh-gv5h,...
Draft until #863 is merged, alternatively this contains all of my recent upgrade PRs for action center so this can be reviewed as a whole.
When attempting to look up my representative on the take action page I get the following error: ``` ActionView::Template::Error undefined local variable or method `us_states_with_codes' for Places:Module Did you mean?...
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.8.0. Release notes Sourced from better_errors's releases. v2.8.0 Support for Rails ActionableError #465 Allow editor links to work inside an iframe or with CSP that...
Artemis writes: I've noticed other sites now have the gender-neutral "Mx." option for titles in their dropdown. Could we add this to Action Center? https://redmine.eff.org/issues/27254
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.6.0 to 2.8.0. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Regular Expression Denial of Service in Addressable templates Impact...
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot] avatar"){kind=avatar}