jobsworth
jobsworth copied to clipboard
ari
Project Management, Collaboration and Time Tracking.
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.2 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.0.3 to 1.4.3. Release notes Sourced from rails-html-sanitizer's releases. 1.4.3 / 2022-06-09 Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. Prevent the combination of select...
Bumps [i18n](https://github.com/ruby-i18n/i18n) from 0.7.0 to 0.9.5. Release notes Sourced from i18n's releases. v0.9.5 #404 reported a regression in 0.9.3, which wasn't fixed by 0.9.4. #408 fixes this issue. Thanks @wjordan!...
Bumps [rack](https://github.com/rack/rack) from 1.6.4 to 1.6.13. Commits 47a1fd7 bump version b8dc520 Handle case where session id key is requested but it is missing 698a060 Merge pull request #1462 from jeremyevans/sessionid-to_s...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.6.8 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...
Bumps [rdoc](https://github.com/ruby/rdoc) from 4.2.2 to 6.3.1. Changelog Sourced from rdoc's changelog. === 5.1.0 / 2017-02-24 Bug fixes Fix an issue that rdoc fails when running on Windows with RUBYOPT=-U. PR...
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.4.0 to 2.8.0. Changelog Sourced from addressable's changelog. Addressable 2.8.0 fixes ReDoS vulnerability in Addressable::Template#match no longer replaces + with spaces in queries for non-http(s) schemes fixed...
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-ruby) from 0.1.2 to 0.1.5. Changelog Sourced from websocket-extensions's changelog. 0.1.5 / 2020-06-02 Remove a ReDoS vulnerability in the header parser (CVE-2020-7663) 0.1.4 / 2019-06-10 Fix a deprecation warning...
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.0.3 to 2.3.1. Release notes *Sourced from [loofah's releases](https://github.com/flavorjones/loofah/releases).* > ## 2.3.1 / 2019-10-22 > > ### Security > > Address CVE-2019-15587: Unsanitized JavaScript may occur in...
Bumps [rubyzip](https://github.com/rubyzip/rubyzip) from 1.2.0 to 1.3.0. Release notes *Sourced from [rubyzip's releases](https://github.com/rubyzip/rubyzip/releases).* > ## v1.3.0 > Security > > - Add `validate_entry_sizes` option so that callers can trust an entry's...