Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ui-dev: bump rails from 6.1.7.7 to 7.1.3.2 in /server/src/main/webapp/WEB-INF/rails #12543

Closed
wants to merge 1 commit into from
Closed

ui-dev: bump rails from 6.1.7.7 to 7.1.3.2 in /server/src/main/webapp/WEB-INF/rails #12543

wants to merge 1 commit into from
+109 −67

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 22, 2024
edited

Bumps rails from 6.1.7.7 to 7.1.3.2.

Release notes

Sourced from rails's releases.

v7.1.3.2

Active Support

  • No changes.

Active Model

  • No changes.

Active Record

  • No changes.

Action View

  • No changes.

Action Pack

  • Fix raise_on_missing_translations not working correctly with the translate method in controllers after the patch for CVE-2024-26143.

Active Job

  • No changes.

Action Mailer

  • No changes.

Action Cable

  • No changes.

... (truncated)

Commits
  • 6f0d1ad Preparing for 7.1.3.2 release
  • c25f0fc Respect raise_on_missing_ in controller
  • d73ed95 Preparing for 7.1.3.1 release
  • 43037d8 update changelog
  • 5187a9e fix XSS vulnerability when using translation
  • b4d3bfb Fix ReDoS in accept header scanning
  • 36c1591 Preparing for 7.1.3 release
  • a84622f Sync changelog
  • 1f505f0 Merge pull request #50771 from rails/backport-preview-nplus1
  • d8a8dd9 Merge pull request #50758 from rails/fix-video-preview-nplus1
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot mentioned this pull request Feb 22, 2024
Closed
@chadlwilson chadlwilson marked this pull request as draft February 22, 2024 00:06
@dependabot dependabot bot force-pushed the dependabot/bundler/server/src/main/webapp/WEB-INF/rails/rails-7.1.3.2 branch 2 times, most recently from a39022d to f55216d Compare February 22, 2024 00:37
@chadlwilson chadlwilson changed the title ui-dev: bump rails from 6.1.7.6 to 7.1.3.2 in /server/src/main/webapp/WEB-INF/rails ui-dev: bump rails from 6.1.7.7 to 7.1.3.2 in /server/src/main/webapp/WEB-INF/rails Feb 25, 2024
@dependabot dependabot bot force-pushed the dependabot/bundler/server/src/main/webapp/WEB-INF/rails/rails-7.1.3.2 branch from f55216d to d5cf39c Compare February 27, 2024 05:11
@dependabot dependabot bot force-pushed the dependabot/bundler/server/src/main/webapp/WEB-INF/rails/rails-7.1.3.2 branch 2 times, most recently from 166644c to 0a1bed3 Compare March 7, 2024 13:04
@dependabot dependabot bot force-pushed the dependabot/bundler/server/src/main/webapp/WEB-INF/rails/rails-7.1.3.2 branch 3 times, most recently from 6af3c15 to 622a62f Compare March 19, 2024 06:14
@dependabot
ui-dev: bump rails in /server/src/main/webapp/WEB-INF/rails
5e4a02f 
Bumps [rails](https://github.com/rails/rails) from 6.1.7.6 to 7.1.3.2.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](rails/rails@v6.1.7.6...v7.1.3.2)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: indirect
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/bundler/server/src/main/webapp/WEB-INF/rails/rails-7.1.3.2 branch from 622a62f to 5e4a02f Compare March 21, 2024 15:14
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github May 17, 2024

Superseded by #12779.

@dependabot dependabot bot closed this May 17, 2024
@dependabot dependabot bot deleted the dependabot/bundler/server/src/main/webapp/WEB-INF/rails/rails-7.1.3.2 branch May 17, 2024 04:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies ruby
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants