Changelog
*Sourced from [gollum's changelog](https://github.com/gollum/gollum/blob/master/HISTORY.md).*
> # 4.1.4 /2018-01-10
>
> * Depend on new version of gollum-lib that relies on a patched version of sanitize, which solves a vulnerability (CVE-2018-3740). See https://github-redirect.dependabot.com/gollum/gollum-lib/pull/296.
>
> # 4.1.3 /2018-17-09
>
> * Solves a vulnerability in the File view and All Pages view that would allow XSS.
>
> # 4.1.2 /2017-08-07
>
> * Lock to a newer version of gollum-lib to avoid installing an outdated and vulnerable dependency (nokogiri) on ruby 2.0. See https://github-redirect.dependabot.com/gollum/gollum-lib/pull/279. Note: this breaks semantic versioning so those using outdated rubies will discover the problem on update.
>
> # 4.1.0 /2017-03-09
>
> * Added file deletion functionality to file view
> * Various performance improvements
> * Emoji support
>
> # 4.0.0 /2015-04-11
>
> * Now compatible with JRuby (via the [rjgit](https://github.com/repotag/rjgit) [adapter](https://github.com/repotag/gollum-lib_rjgit_adapter))
>
> # 3.1.1 /2014-12-04
>
> * Security fix for [remote code execution issue](https://github-redirect.dependabot.com/gollum/gollum/issues/913). Please update!
>
> # 3.1 / 2014-11-28
>
> * New features
> * Drag-and-drop uploading in the editor [@lucas-clemente](https://github.com/lucas-clemente)
> * Latest changes view [@etienneCharignon](https://github.com/etienneCharignon) ([#707](https://github-redirect.dependabot.com/gollum/gollum/issues/707))
> * Option `--no-edit` to disable editing from the web interface [@bambycha](https://github.com/bambycha) ([#879](https://github-redirect.dependabot.com/gollum/gollum/issues/879))
> * Option `--mathjax-config` to specify custom mathjax configuration [@hardywu](https://github.com/hardywu) ([#842](https://github-redirect.dependabot.com/gollum/gollum/issues/842))
> * Major enhancements
> * Made the Gollum theme responsive [@rtrvrtg](https://github.com/rtrvrtg) ([#831](https://github-redirect.dependabot.com/gollum/gollum/issues/831))
> * Depends on new [gollum-lib](https://github.com/gollum/gollum-lib) `4.0.0`
> * Allows specifiying [git adapter](https://github.com/gollum/gollum/wiki/Git-adapters) with `--adapter` [@bartkamphorst](https://github.com/bartkamphorst), [@dometto](https://github.com/dometto)
> * Numerous bugfixes
> * **NB**: please pass `--h1-title` if you do not want page titles to default to the page's filepath. See [here](https://github.com/gollum/gollum/wiki/Page-titles).
>
> # 2.4.11 / 2013-01-08
>
> * Numerous security issues have been fixed. Please update to `2.4.11`
>
> # 1.4.0 / 2012-04-10
>
> * Minor
> * Add a way to configure the `#id_prefix` property of Sanitization
> objects.
> * Add web sequence diagrams support
> ... (truncated)
Commits
- [`ab42c0c`](https://github.com/gollum/gollum/commit/ab42c0c0dfc9879f73312ad2c804875b510a414c) Release 4.0.1
- [`de5aed2`](https://github.com/gollum/gollum/commit/de5aed2f6a6f9ad62cae05dc59d16fbfdd7a4543) Merge pull request [#1069](https://github-redirect.dependabot.com/gollum/gollum/issues/1069) from repotag/master
- [`ce68a88`](https://github.com/gollum/gollum/commit/ce68a88293ce3b18c261312392ad33a88bb69ea1) Added security check.
- [`288f759`](https://github.com/gollum/gollum/commit/288f75929d57bff1753b47aa860066ce674d5229) Merge pull request [#1065](https://github-redirect.dependabot.com/gollum/gollum/issues/1065) from n-st/sysv-init-script
- [`8528dd0`](https://github.com/gollum/gollum/commit/8528dd0c7fb0399c62f6870eb68fd53e2844c4ac) Merge pull request [#1067](https://github-redirect.dependabot.com/gollum/gollum/issues/1067) from SkyCrawl/master
- [`e0f35ec`](https://github.com/gollum/gollum/commit/e0f35eceab7d880e9b0ce8aa922c8c9e986e1f78) Fixing the link to Windows support meta issue
- [`7e36517`](https://github.com/gollum/gollum/commit/7e36517a798ad3d9c505ca7984fb0f8ce460516f) Merge pull request [#1054](https://github-redirect.dependabot.com/gollum/gollum/issues/1054) from SkyCrawl/master
- [`6932776`](https://github.com/gollum/gollum/commit/69327766bb6e6f7de0ce7be269768d3ad46f578f) Merge pull request [#1061](https://github-redirect.dependabot.com/gollum/gollum/issues/1061) from rgroux/gollum-with-cas-sso
- [`9ecf8a6`](https://github.com/gollum/gollum/commit/9ecf8a61baebafbca7c7485f30061fc90113c47e) Added init script for Debian's SysV-style init system
- [`2323506`](https://github.com/gollum/gollum/commit/2323506c823d9ce7d4e66a523d29aa941ced2b41) Update README.md
- Additional commits viewable in [compare view](https://github.com/gollum/gollum/compare/v1.3.0...v4.0.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/engineyard/ey-docs/network/alerts).
Bumps gollum from 1.3.0 to 4.0.1.
Changelog
*Sourced from [gollum's changelog](https://github.com/gollum/gollum/blob/master/HISTORY.md).* > # 4.1.4 /2018-01-10 > > * Depend on new version of gollum-lib that relies on a patched version of sanitize, which solves a vulnerability (CVE-2018-3740). See https://github-redirect.dependabot.com/gollum/gollum-lib/pull/296. > > # 4.1.3 /2018-17-09 > > * Solves a vulnerability in the File view and All Pages view that would allow XSS. > > # 4.1.2 /2017-08-07 > > * Lock to a newer version of gollum-lib to avoid installing an outdated and vulnerable dependency (nokogiri) on ruby 2.0. See https://github-redirect.dependabot.com/gollum/gollum-lib/pull/279. Note: this breaks semantic versioning so those using outdated rubies will discover the problem on update. > > # 4.1.0 /2017-03-09 > > * Added file deletion functionality to file view > * Various performance improvements > * Emoji support > > # 4.0.0 /2015-04-11 > > * Now compatible with JRuby (via the [rjgit](https://github.com/repotag/rjgit) [adapter](https://github.com/repotag/gollum-lib_rjgit_adapter)) > > # 3.1.1 /2014-12-04 > > * Security fix for [remote code execution issue](https://github-redirect.dependabot.com/gollum/gollum/issues/913). Please update! > > # 3.1 / 2014-11-28 > > * New features > * Drag-and-drop uploading in the editor [@lucas-clemente](https://github.com/lucas-clemente) > * Latest changes view [@etienneCharignon](https://github.com/etienneCharignon) ([#707](https://github-redirect.dependabot.com/gollum/gollum/issues/707)) > * Option `--no-edit` to disable editing from the web interface [@bambycha](https://github.com/bambycha) ([#879](https://github-redirect.dependabot.com/gollum/gollum/issues/879)) > * Option `--mathjax-config` to specify custom mathjax configuration [@hardywu](https://github.com/hardywu) ([#842](https://github-redirect.dependabot.com/gollum/gollum/issues/842)) > * Major enhancements > * Made the Gollum theme responsive [@rtrvrtg](https://github.com/rtrvrtg) ([#831](https://github-redirect.dependabot.com/gollum/gollum/issues/831)) > * Depends on new [gollum-lib](https://github.com/gollum/gollum-lib) `4.0.0` > * Allows specifiying [git adapter](https://github.com/gollum/gollum/wiki/Git-adapters) with `--adapter` [@bartkamphorst](https://github.com/bartkamphorst), [@dometto](https://github.com/dometto) > * Numerous bugfixes > * **NB**: please pass `--h1-title` if you do not want page titles to default to the page's filepath. See [here](https://github.com/gollum/gollum/wiki/Page-titles). > > # 2.4.11 / 2013-01-08 > > * Numerous security issues have been fixed. Please update to `2.4.11` > > # 1.4.0 / 2012-04-10 > > * Minor > * Add a way to configure the `#id_prefix` property of Sanitization > objects. > * Add web sequence diagrams support > ... (truncated)Commits
- [`ab42c0c`](https://github.com/gollum/gollum/commit/ab42c0c0dfc9879f73312ad2c804875b510a414c) Release 4.0.1 - [`de5aed2`](https://github.com/gollum/gollum/commit/de5aed2f6a6f9ad62cae05dc59d16fbfdd7a4543) Merge pull request [#1069](https://github-redirect.dependabot.com/gollum/gollum/issues/1069) from repotag/master - [`ce68a88`](https://github.com/gollum/gollum/commit/ce68a88293ce3b18c261312392ad33a88bb69ea1) Added security check. - [`288f759`](https://github.com/gollum/gollum/commit/288f75929d57bff1753b47aa860066ce674d5229) Merge pull request [#1065](https://github-redirect.dependabot.com/gollum/gollum/issues/1065) from n-st/sysv-init-script - [`8528dd0`](https://github.com/gollum/gollum/commit/8528dd0c7fb0399c62f6870eb68fd53e2844c4ac) Merge pull request [#1067](https://github-redirect.dependabot.com/gollum/gollum/issues/1067) from SkyCrawl/master - [`e0f35ec`](https://github.com/gollum/gollum/commit/e0f35eceab7d880e9b0ce8aa922c8c9e986e1f78) Fixing the link to Windows support meta issue - [`7e36517`](https://github.com/gollum/gollum/commit/7e36517a798ad3d9c505ca7984fb0f8ce460516f) Merge pull request [#1054](https://github-redirect.dependabot.com/gollum/gollum/issues/1054) from SkyCrawl/master - [`6932776`](https://github.com/gollum/gollum/commit/69327766bb6e6f7de0ce7be269768d3ad46f578f) Merge pull request [#1061](https://github-redirect.dependabot.com/gollum/gollum/issues/1061) from rgroux/gollum-with-cas-sso - [`9ecf8a6`](https://github.com/gollum/gollum/commit/9ecf8a61baebafbca7c7485f30061fc90113c47e) Added init script for Debian's SysV-style init system - [`2323506`](https://github.com/gollum/gollum/commit/2323506c823d9ce7d4e66a523d29aa941ced2b41) Update README.md - Additional commits viewable in [compare view](https://github.com/gollum/gollum/compare/v1.3.0...v4.0.1)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/engineyard/ey-docs/network/alerts).