This fixes a compatibility issue introduced in our previous security
release when using domain: :all with a two letter but single level top
level domain domain (like .ca, rather than .co.uk).
Redis cache store is now compatible with redis-rb 5.0.
Jean Boussier
Fix NoMethodError on custom ActiveSupport::Deprecation behavior.
ActiveSupport::Deprecation.behavior= was supposed to accept any object
that responds to call, but in fact its internal implementation assumed that
this object could respond to arity, so it was restricted to only Proc objects.
This change removes this arity restriction of custom behaviors.
Ryo Nakamura
Rails 7.0.3.1 (July 12, 2022)
No changes.
Rails 7.0.3 (May 09, 2022)
No changes.
Rails 7.0.2.4 (April 26, 2022)
Fix and add protections for XSS in ActionView::Helpers and ERB::Util.
Add the method ERB::Util.xml_name_escape to escape dangerous characters
in names of tags and names of attributes, following the specification of XML.
Changed DateTime results to always use the proleptic Gregorian calendar. This affects DateTime results prior to 1582-10-15 and any arithmetic performed on the results that would produce a secondary result prior to 1582-10-15.
Added support for eager loading all the time zone and country data by calling either TZInfo::DataSource#eager_load! or TZInfo.eager_load!. Compatible with Ruby On Rails' eager_load_namespaces. #129.
Ignore the SECURITY file from Arch Linux's tzdata package. #134.
Fixed an incorrect InvalidTimezoneIdentifier exception raised when loading a zoneinfo file that includes rules specifying an additional transition to the final defined offset (for example, Africa/Casablanca in version 2018e of the Time Zone Database). #123.
Added support for handling "slim" format zoneinfo files that are produced by default by zic version 2020b and later. The POSIX-style TZ string is now used calculate DST transition times after the final defined transition in the file. #120.
Fixed TimeWithOffset#getlocal returning a TimeWithOffset with the timezone_offset still assigned when called with an offset argument on JRuby 9.3.
to_local and period_for instance methods have been added to TZInfo::Timezone. These are similar to utc_to_local and period_for_utc, but take the UTC offset of the given time into account.
abbreviation, dst?, base_utc_offset and observed_utc_offset instance methods have been added to TZInfo::Timezone, returning the abbreviation, whether daylight savings time is in effect and the UTC offset of the time zone at a specified time.
A TZInfo::Timestamp class has been added. It can be used with TZInfo::Timezone in place of a Time or DateTime.
local_time, local_datetime and local_timestamp instance methods have been added to TZInfo::Timezone. These methods construct local Time, DateTime and TZInfo::Timestamp instances with the correct UTC offset and abbreviation for the time zone.
Support for a (yet to be released) version 2 of tzinfo-data has been added, in addition to support for version 1. The new version will remove the (no longer needed) DateTime parameters from transition times, reduce memory consumption and improve the efficiency of loading timezone and country indexes.
A TZInfo::VERSION constant has been added, indicating the TZInfo version number.
Eliminate Object#untaint deprecation warnings on JRuby 9.4.0.0. #145.
Version 2.0.5 - 19-Jul-2022
Changed DateTime results to always use the proleptic Gregorian calendar.
This affects DateTime results prior to 1582-10-15 and any arithmetic
performed on the results that would produce a secondary result prior to
1582-10-15.
Added support for eager loading all the time zone and country data by calling
either TZInfo::DataSource#eager_load! or TZInfo.eager_load!. Compatible
with Ruby On Rails' eager_load_namespaces. #129.
Ignore the SECURITY file from Arch Linux's tzdata package. #134.
Version 2.0.4 - 16-Dec-2020
Fixed an incorrect InvalidTimezoneIdentifier exception raised when loading a
zoneinfo file that includes rules specifying an additional transition to the
final defined offset (for example, Africa/Casablanca in version 2018e of the
Time Zone Database). #123.
Version 2.0.3 - 8-Nov-2020
Added support for handling "slim" format zoneinfo files that are produced by
default by zic version 2020b and later. The POSIX-style TZ string is now used
calculate DST transition times after the final defined transition in the file.
#120.
Fixed TimeWithOffset#getlocal returning a TimeWithOffset with the
timezone_offset still assigned when called with an offset argument on JRuby
9.3.
Rubinius is no longer supported.
Version 2.0.2 - 2-Apr-2020
Fixed 'wrong number of arguments' errors when running on JRuby 9.0. #114.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/delphidabbler/delphi-tips/network/alerts).
Bumps activesupport, tzinfo and github-pages. These dependencies needed to be updated together. Updates
activesupport
from 6.0.6.1 to 7.0.4.2Release notes
Sourced from activesupport's releases.
... (truncated)
Changelog
Sourced from activesupport's changelog.
... (truncated)
Commits
7c70791
Version 7.0.4.223e0345
Version 7.0.4.12164d4f
Avoid regex backtracking in Inflector.underscore8015c2c
Version 7.0.4ff27758
Revert "Merge pull request #44695 from Edouard-chin/ec-tagger-logger-broadcast"4a1f224
Merge pull request #45882 from rails/short-inspect-on-test-casea3bd3b5
Backport Redis 5.0 compatibility67f37ac
Fix flaky tests for RedisCacheStorec520e38
Document AS::Cache::MemCacheStore#write options [ci-skip]a74b650
Document AS::Cache::Store#initialize options [ci-skip]Updates
tzinfo
from 1.2.10 to 2.0.6Release notes
Sourced from tzinfo's releases.
... (truncated)
Changelog
Sourced from tzinfo's changelog.
... (truncated)
Commits
d5893c9
Fix formatting.5561942
Preparing v2.0.6.ec27c09
Add v1.2.11 from the 1.2 branch.d77da3f
Update copyright years.eac33df
Eliminate Object#untaint deprecation warnings on JRuby 9.4.0.0.19f984c
Add Ruby 3.2 and JRuby 9.4.e9fe818
Update the dependency on actions/checkout.f76bc7f
Fix include issues with tests on Ruby 3.2.8a781cf
Revert "Workaround for 'Permission denied - NUL' errors with JRuby on Windows."d9b289e
Preparing v2.0.5.Updates
github-pages
from 225 to 228Release notes
Sourced from github-pages's releases.
Commits
07c8509
Merge pull request #867 from agnostic-apollo/jekyll-3.9.3b0f457c
Merge pull request #860 from gradybarrett/gradybarrett/liquid-v4-0-45e16515
Merge pull request #869 from github/bump-jekyll-commonmark-ghpagesbe30930
Update jekyll-commonmark-ghpages53ef32a
Merge pull request #863 from github/dependabot/github_actions/actions/checkout-38ec987b
Merge pull request #862 from github/dependabot/github_actions/docker/metadata...9e968a7
Bump 💎 to v22846b51cf
Bump jekyll to v3.9.30ab2e26
build: update liquid to 4.0.4d94c986
Bump actions/checkout from 2 to 3Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/delphidabbler/delphi-tips/network/alerts).