joatu-v2
joatu-v2 copied to clipboard
joatuapp
The JoatU application, version 2. Written in Ruby on Rails.
Bumps [globalid](https://github.com/rails/globalid) from 0.4.2 to 1.0.1. Release notes Sourced from globalid's releases. v1.0.1 Possible ReDoS based DoS vulnerability in GlobalID There is a ReDoS based DoS vulnerability in the GlobalID...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [rack](https://github.com/rack/rack) from 2.2.2 to 2.2.6.2. Changelog Sourced from rack's changelog. Changelog All notable changes to this project will be documented in this file. For info on how to format...
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.4. Release notes Sourced from rails-html-sanitizer's releases. 1.4.4 / 2022-12-13 Address inefficient regular expression complexity with certain configurations of Rails::Html::Sanitizer. Fixes CVE-2022-23517. See GHSA-5x79-w82f-gw8w for...
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.5.0 to 2.19.1. Release notes Sourced from loofah's releases. 2.19.1 / 2022-12-13 Security Address CVE-2022-23514, inefficient regular expression complexity. See GHSA-486f-hjj9-9vhh for more information. Address CVE-2022-23515, improper...
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.1. Changelog Sourced from addressable's changelog. Addressable 2.8.1 refactor Addressable::URI.normalize_path to address linter offenses (#430) remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438) update gemspec to...
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.7 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
Bumps [puma](https://github.com/puma/puma) from 3.12.6 to 4.3.12. Release notes Sourced from puma's releases. 4.3.12 Security Close several HTTP Request Smuggling exploits (CVE-2022-24790) 4.3.11 Bugfix/Security Response body will always be closed. (GHSA-rmj8-8hhh-gv5h,...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.8 to 1.12.5. Release notes Sourced from nokogiri's releases. 1.12.5 / 2021-09-27 Security [JRuby] Address CVE-2021-41098 (GHSA-2rr5-8q37-2w7h). In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX...
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.7.0 to 2.8.0. Release notes Sourced from better_errors's releases. v2.8.0 Support for Rails ActionableError #465 Allow editor links to work inside an iframe or with CSP that...
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.7.7. Changelog Sourced from bootsnap's changelog. 1.7.7 Fix require_relative in evaled code on latest ruby 3.1.0-dev. (#366) 1.7.6 Fix reliance on set to be required....
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot] avatar"){kind=avatar}