Postmodern
Postmodern
I'm going to call it, this probably isn't even a vulnerability. I can't think of a scenario where this behavior could have been exploited. Confirmation validation is typically used for...
This can be closed now. The GHSA sync script now populates `related: url: ...`.
@ken-duck that version range could probably be rewritten as `< 4.2.0, >= 4.1.14.2`.
Closing this since NVD/MITRE managed to resolve the issues with CVE assignment. I think we should consider migrating to a new ID format or schema when everyone else starts to...
It's been a while since I worked on this library, but the `MAX_INT`/`MIN_INT` values come from other BERT libraries: https://github.com/mojombo/bert/blob/c2abcc4868bb47909696c6a42c606de34e83ef70/lib/bert/types.rb#L18-L19 I can't find where they are exactly defined in the...
This can be implemented using [Deferrable Connections](http://eventmachine.rubyforge.org/EventMachine/Connection.html#M000306) with EventMachine. See Issue #3.
@bbatsov if you check the documentation for [Style/RedundantParentheses](https://docs.rubocop.org/rubocop/cops_style.html#styleredundantparentheses) it shows: ```ruby # bad (x) if ((y.z).nil?) # good x if y.z.nil? ``` so I assume the purpose of this cop...
@koic > In all the cases exemplified, Ruby style does not use parentheses around the outermost part of condition. > Additionally, this rule is also indicated in the Ruby Style...
Hello, one of the maintainers of [ruby-advisory-db](https://github.com/rubysec/ruby-advisory-db) here, and I was wondering if this vulnerability (aka GHSA-wrxf-x8rm-6ggg / CVE-2020-21514) was ever patched? Was it really patched in 1.0? GHSA-wrxf-x8rm-6ggg claims...
I believe this is intentionally part of hunspell's design. They assume a text-editor will maintain it's own list of "Remembered" words that are loaded into the dictionary on startup. Maybe...