relaton / api.relaton.org

Relaton Service API
https://relaton-api.herokuapp.com
1 stars 1 forks source link

Bump simple_form from 4.1.0 to 5.0.0 #11

Closed dependabot[bot] closed 5 years ago

dependabot[bot] commented 5 years ago

Bumps simple_form from 4.1.0 to 5.0.0.

Changelog *Sourced from [simple_form's changelog](https://github.com/plataformatec/simple_form/blob/master/CHANGELOG.md).* > ## 5.0.0 > > ### Enhancements > * Set multiple attribute for grouped selects also. [@​ollym](https://github.com/ollym) > * Removes or renames label classes. [Abduvakilov](https://github.com/Abduvakilov) > * Support to label custom classes for inline collections. [@​feliperenan](https://github.com/feliperenan) > * Update bootstrap generator template to match v4.3.x. [@​m5o](https://github.com/m5o) > * Allow "required" attribute in generated select elements of PriorityInput. [@​mcountis](https://github.com/mcountis) > > ### Bug fix > * Do not call `#send` in form object to check whether the attribute is a file input. [@​tegon](https://github.com/tegon) > > ## Deprecations > * The config `SimpleForm.file_methods` is deprecated and it has no effect. Simple Form now supports automatically discover of file inputs for the following Gems: activestorage, carrierwave, paperclip, refile and shrine. If you are using a custom method that is not from one of the supported Gems, please change your forms to pass the input type explicitly: > > ```erb > <%= form.input :avatar, as: :file %> > ``` > > See http://blog.plataformatec.com.br/2019/09/incorrect-access-control-in-simple-form-cve-2019-16676 for more information.
Commits - [`440ed5f`](https://github.com/plataformatec/simple_form/commit/440ed5f2fe093d9066940ab6979099a409576ad9) Include information about security issues in README.md and - [`8c91bd7`](https://github.com/plataformatec/simple_form/commit/8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6) Don't call `#send` in form object to build file inputs - [`62408e8`](https://github.com/plataformatec/simple_form/commit/62408e80ae0f7c69784d887e26117e2c8eeb8199) Remove `ruby-head` jobs - [`69f4d46`](https://github.com/plataformatec/simple_form/commit/69f4d460449a222bfc75fe1d4352bc438fed1560) Update jruby version - [`bcc1197`](https://github.com/plataformatec/simple_form/commit/bcc119744bfb5dbb2b87ff2326d4eb302ce7fdda) Don't run specs with jruby 9.1 and Rails 6 - [`8d56636`](https://github.com/plataformatec/simple_form/commit/8d56636ccf079739d7e23ef8d56755e340ecae4e) Fix full error message test on Rails 6 - [`13d0341`](https://github.com/plataformatec/simple_form/commit/13d0341bdf1c4bc9f966db8e010d26bd05597189) Use different assertions for Rails 5 and 6 - [`6f677ec`](https://github.com/plataformatec/simple_form/commit/6f677ec0e992d0cc7ebd8eb477dffc39530413c3) Don't run specs with Rails 6 and older rubies - [`fc25ab4`](https://github.com/plataformatec/simple_form/commit/fc25ab40a28ad477e1ac0e45ddcf7ad2b64891f3) Rails 6 and latest rubies on CI - [`9d7921f`](https://github.com/plataformatec/simple_form/commit/9d7921f38d8335c67adbf3dd430992a8ae4c0111) Merge pull request [#1667](https://github-redirect.dependabot.com/plataformatec/simple_form/issues/1667) from olleolleolle/patch-1 - Additional commits viewable in [compare view](https://github.com/plataformatec/simple_form/compare/v4.1.0...v5.0.0)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/relaton/api.relaton.org/network/alerts).