be_vimmer
be_vimmer copied to clipboard
JunichiIto
A bot that tweets Vim tips
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.3. Release notes Sourced from rails-html-sanitizer's releases. 1.4.3 / 2022-06-09 Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. Prevent the combination of select...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.1 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...
Bumps [puma](https://github.com/puma/puma) from 5.2.1 to 5.6.4. Release notes Sourced from puma's releases. 5.6.4 Security Close several HTTP Request Smuggling exploits (CVE-2022-24790) The 5.6.3 release was a mistake (released the wrong...
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0. Changelog Sourced from addressable's changelog. Addressable 2.8.0 fixes ReDoS vulnerability in Addressable::Template#match no longer replaces + with spaces in queries for non-http(s) schemes fixed...
Bumps [globalid](https://github.com/rails/globalid) from 1.0.0 to 1.0.1. Release notes Sourced from globalid's releases. v1.0.1 Possible ReDoS based DoS vulnerability in GlobalID There is a ReDoS based DoS vulnerability in the GlobalID...
Bumps [rack](https://github.com/rack/rack) from 2.2.4 to 2.2.6.2. Changelog Sourced from rack's changelog. Changelog All notable changes to this project will be documented in this file. For info on how to format...
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.4.3 to 1.4.4. Release notes Sourced from rails-html-sanitizer's releases. 1.4.4 / 2022-12-13 Address inefficient regular expression complexity with certain configurations of Rails::Html::Sanitizer. Fixes CVE-2022-23517. See GHSA-5x79-w82f-gw8w for...
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.19.0 to 2.19.1. Release notes Sourced from loofah's releases. 2.19.1 / 2022-12-13 Security Address CVE-2022-23514, inefficient regular expression complexity. See GHSA-486f-hjj9-9vhh for more information. Address CVE-2022-23515, improper...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.9 to 1.13.10. Release notes Sourced from nokogiri's releases. 1.13.10 / 2022-12-07 Security [CRuby] Address CVE-2022-23476, unchecked return value from xmlTextReaderExpand. See GHSA-qv4q-mr5r-qprj for more information. Improvements...