hhba / mapa76

Plataforma de investigación periodística
http://analice.me/
31 stars 8 forks source link

Bump rest-client from 1.6.7 to 1.8.0 in /hephaestus #254

Open dependabot[bot] opened 5 years ago

dependabot[bot] commented 5 years ago

Bumps rest-client from 1.6.7 to 1.8.0.

Changelog *Sourced from [rest-client's changelog](https://github.com/rest-client/rest-client/blob/master/history.md).* > # 1.8.0 > > - Security: implement standards compliant cookie handling by adding a > dependency on http-cookie. This breaks compatibility, but was necessary to > address a session fixation / cookie disclosure vulnerability. > ([#369](https://github-redirect.dependabot.com/rest-client/rest-client/issues/369) / CVE-2015-1820) > > Previously, any Set-Cookie headers found in an HTTP 30x response would be > sent to the redirection target, regardless of domain. Responses now expose a > cookie jar and respect standards compliant domain / path flags in Set-Cookie > headers. > > # 1.7.3 > > - Security: redact password in URI from logs ([#349](https://github-redirect.dependabot.com/rest-client/rest-client/issues/349) / OSVDB-117461) > - Drop monkey patch on MIME::Types (added `type_for_extension` method, use > the public interface instead. > > # 1.7.2 > > - Ignore duplicate certificates in CA store on Windows > > # 1.7.1 > > - Relax mime-types dependency to continue supporting mime-types 1.x series. > There seem to be a large number of popular gems that have depended on > mime-types '~> 1.16' until very recently. > - Improve urlencode performance > - Clean up a number of style points > > # 1.7.0 > > - This release drops support for Ruby 1.8.7 and breaks compatibility in a few > other relatively minor ways > - Upgrade to mime-types ~> 2.0 > - Don't CGI.unescape cookie values sent to the server (issue [#89](https://github-redirect.dependabot.com/rest-client/rest-client/issues/89)) > - Add support for reading credentials from netrc > - Lots of SSL changes and enhancements: ([#268](https://github-redirect.dependabot.com/rest-client/rest-client/issues/268)) > - Enable peer verification by default (setting `VERIFY_PEER` with OpenSSL) > - By default, use the system default certificate store for SSL verification, > even on Windows (this uses a separate Windows build that pulls in ffi) > - Add support for SSL `ca_path` > - Add support for SSL `cert_store` > - Add support for SSL `verify_callback` (with some caveats for jruby, OS X, [#277](https://github-redirect.dependabot.com/rest-client/rest-client/issues/277)) > - Add support for SSL ciphers, and choose secure ones by default > - Run tests under travis > - Several other bugfixes and test improvements > - Convert Errno::ETIMEDOUT to RestClient::RequestTimeout > - Handle more HTTP response codes from recent standards > - Save raw responses to binary mode tempfile ([#110](https://github-redirect.dependabot.com/rest-client/rest-client/issues/110)) > ... (truncated)
Commits - [`92bc04d`](https://github.com/rest-client/rest-client/commit/92bc04d18499eb20481ee3e3660e382fc377a430) Version 1.8.0 - [`2038aa6`](https://github.com/rest-client/rest-client/commit/2038aa6fc5e9c0ec0ae492b31354b9b474c44c12) Add history notes for 1.8.0. - [`d2b6247`](https://github.com/rest-client/rest-client/commit/d2b624702b89141eb55d2ca4ee909e2bf243f739) Update version spec test. - [`07e5aff`](https://github.com/rest-client/rest-client/commit/07e5aff5ccce20465aa9ba87572a13e1425e8ac5) Version 1.8.0.rc1 - [`f468c5f`](https://github.com/rest-client/rest-client/commit/f468c5f078166605d9fd392a0a22d4b929caf709) Merge pull request [#365](https://github-redirect.dependabot.com/rest-client/rest-client/issues/365) from rest-client/ab-cookies - [`c215b22`](https://github.com/rest-client/rest-client/commit/c215b22bdbcb988dcc40117ff45432b0db25175b) Fix up cookie redirect functionality and tests. - [`12e9231`](https://github.com/rest-client/rest-client/commit/12e92312b97fce97d9d7fb3577beff5ac0c05fba) Add cookie jar for handling HTTP redirection. - [`37d92c0`](https://github.com/rest-client/rest-client/commit/37d92c0a64ad656bfde11745293b5de7dccafb9b) Add dependency on http-cookie gem. - [`988d5a8`](https://github.com/rest-client/rest-client/commit/988d5a81ff3081c1c6a3ab267e81a9fff94bd9e4) Tag version 1.7.3 - [`778e1ea`](https://github.com/rest-client/rest-client/commit/778e1ea5c7a28350ad94a9742a46062c8eebd581) Import history from 2.0.x branch. - Additional commits viewable in [compare view](https://github.com/rest-client/rest-client/compare/v1.6.7...v1.8.0)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hhba/mapa76/network/alerts).