RBlog
RBlog copied to clipboard
liuzhenangel
个人博客系统v2.0
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.1. Changelog Sourced from addressable's changelog. Addressable 2.8.1 refactor Addressable::URI.normalize_path to address linter offenses (#430) remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438) update gemspec to...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.9 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.3. Release notes Sourced from rails-html-sanitizer's releases. 1.4.3 / 2022-06-09 Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. Prevent the combination of select...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.1 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...
Bumps [puma](https://github.com/puma/puma) from 3.12.6 to 4.3.12. Release notes Sourced from puma's releases. 4.3.12 Security Close several HTTP Request Smuggling exploits (CVE-2022-24790) 4.3.11 Bugfix/Security Response body will always be closed. (GHSA-rmj8-8hhh-gv5h,...
Bumps [image_processing](https://github.com/janko/image_processing) from 1.12.1 to 1.12.2. Changelog Sourced from image_processing's changelog. 1.12.2 (2022-03-01) Prevent remote shell execution when using #apply with operations coming from user input (@janko) Commits 12e7cf5 Bump...
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.1.3 to 6.4.0. Changelog Sourced from sidekiq's changelog. 6.4.0 SECURITY: Validate input to avoid possible DoS in Web UI. Add strict argument checking #5071 Sidekiq will now...
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 3.5.1 to 5.0.0. Changelog Sourced from simple_form's changelog. 5.0.0 Enhancements Set multiple attribute for grouped selects also. @ollym Removes or renames label classes. Abduvakilov Support to label...
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.0.1 to 1.2.1. Release notes Sourced from kaminari's releases. v1.2.0 Deprecations: Deprecated current_per_page in favor of limit_value Enhancements: Added #url_to_next_page and #url_to_prev_page helper methods: 38e95a2 Extracted url...
Bumps [globalid](https://github.com/rails/globalid) from 0.4.2 to 1.0.1. Release notes Sourced from globalid's releases. v1.0.1 Possible ReDoS based DoS vulnerability in GlobalID There is a ReDoS based DoS vulnerability in the GlobalID...