Bump administrate from 0.12.0 to 0.13.0

[dependabot[bot]]

Bumps administrate from 0.12.0 to 0.13.0.

Release notes

Sourced from administrate's releases.

0.13.0

NOTE: This release contains the fix for CVE-2020-5257, which fixes a potential SQL injection on dashboard sorting.

• [SECURITY] Fix Sort order SQL injection.
• [BUGFIX] #1561 Fix very narrow nested fields.
• [BUGFIX] #1565 Fix unterminated single quote.
• [UI] #1537 Provide <title> tags for doc pages.
• [BUGFIX] #1552 Use the correct foreign key when sorting belongs_to associations.
• [FEATURE] #1551 More readable warnings.
• [FEATURE] #1512 Avoid confusion with class methods and protected/private modifiers.
• [FEATURE] #1513 Accessible from templates; avoids having to create new field types.
• [UI] #1536 Declare doctype, language and charset.
• [DOC] #1540 Add new Date field to docs.
• [FEATURE] #1530 Include Date Field.
• [BUGFIX] #1522 Align label and data on show page.
• [FEATURE] #1521 Expose required fields on form.
• [DOC] #1531 Remove project level rubocop.yml.
• [DOC] #1534 Move documentation of how to disable some actions on controller.
• [UI] #1524 Hide resources without index in the navigation.
• [DOC] #1523 Update screenshot.
• [UI] #1376 Add a "back" link to the navigation.
• [DOC] #1187 Update comment with new namespace.
• [DOC] #1514 Rewrite the contributing guide.
• [BUGFIX] #1495 Attempt to fix random CI failures.
• [BUGFIX] #1507 Remove query from link, to avoid triggering banned params.
• [DOC] #1479 Document controller APIs.
• [COMPAT] #1475 Allows running specs individually.
• [UI] #1484 Double-click to select attribute text.
• [DOC] Configure GitHub Sponsors.
• [COMPAT] #1457 Fix PhantomJS test behaviour on Linux.
• [BUGFIX] #920 Remove NameError rescue in page base.
• [BUGFIX] #1447 Don't pass raw SQL when changing sort order.
• [FEATURE] #1452 Support Sprockets 4.
• [DOC] #1426 Add issue templates.

Changelog

Sourced from administrate's changelog.

0.13.0 (March 13, 2020)

NOTE: This release contains the fix for CVE-2020-5257, which fixes a potential SQL injection on dashboard sorting.

• [SECURITY] Fix Sort order SQL injection.
• [BUGFIX] #1561 Fix very narrow nested fields.
• [BUGFIX] #1565 Fix unterminated single quote.
• [UI] #1537 Provide <title> tags for doc pages.
• [BUGFIX] #1552 Use the correct foreign key when sorting belongs_to associations.
• [FEATURE] #1551 More readable warnings.
• [FEATURE] #1512 Avoid confusion with class methods and protected/private modifiers.
• [FEATURE] #1513 Accessible from templates; avoids having to create new field types.
• [UI] #1536 Declare doctype, language and charset.
• [DOC] #1540 Add new Date field to docs.
• [FEATURE] #1530 Include Date Field.
• [BUGFIX] #1522 Align label and data on show page.
• [FEATURE] #1521 Expose required fields on form.
• [DOC] #1531 Remove project level rubocop.yml.
• [DOC] #1534 Move documentation of how to disable some actions on controller.
• [UI] #1524 Hide resources without index in the navigation.
• [DOC] #1523 Update screenshot.
• [UI] #1376 Add a "back" link to the navigation.
• [DOC] #1187 Update comment with new namespace.
• [DOC] #1514 Rewrite the contributing guide.
• [BUGFIX] #1495 Attempt to fix random CI failures.
• [BUGFIX] #1507 Remove query from link, to avoid triggering banned params.
• [DOC] #1479 Document controller APIs.
• [COMPAT] #1475 Allows running specs individually.
• [UI] #1484 Double-click to select attribute text.
• [DOC] Configure GitHub Sponsors.
• [COMPAT] #1457 Fix PhantomJS test behaviour on Linux.
• [BUGFIX] #920 Remove NameError rescue in page base.
• [BUGFIX] #1447 Don't pass raw SQL when changing sort order.
• [FEATURE] #1452 Support Sprockets 4.
• [DOC] #1426 Add issue templates.

Commits

• 70a2778 Release version 0.13.0
• 61f94d6 Update Appraisal's gemfiles
• 3ab838b Merge pull request from GHSA-2p5p-m353-833w
• decf629 Bump webmock from 3.8.2 to 3.8.3 (#1568)
• 9e9b831 Bump i18n-tasks from 0.9.30 to 0.9.31 (#1567)
• 7546a4b Fix very narrow nested fields (#1561)
• cdb27de Fix unterminated single quote (#1565)
• 55d5b51 Bump sentry-raven from 2.13.0 to 3.0.0 (#1564)
• cc90542 Bump launchy from 2.4.3 to 2.5.0 (#1562)
• 6cc3697 [Security] Bump nokogiri from 1.10.7 to 1.10.8 (#1558)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Drieam/LtiLauncher/network/alerts).