mirror of
https://github.com/matrix-org/dendrite.git
synced 2024-11-22 22:31:56 -06:00
9c826d064d
Bumps [activesupport](https://github.com/rails/rails) from 6.0.5 to 6.0.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rails/rails/releases">activesupport's releases</a>.</em></p> <blockquote> <h2>v6.0.6.1</h2> <h2>Active Support</h2> <ul> <li>No changes.</li> </ul> <h2>Active Model</h2> <ul> <li>No changes.</li> </ul> <h2>Active Record</h2> <ul> <li> <p>Make <code>sanitize_as_sql_comment</code> more strict</p> <p>Though this method was likely never meant to take user input, it was attempting sanitization. That sanitization could be bypassed with carefully crafted input.</p> <p>This commit makes the sanitization more robust by replacing any occurrances of "/<em>" or "</em>/" with "/ <em>" or "</em> /". It also performs a first pass to remove one surrounding comment to avoid compatibility issues for users relying on the existing removal.</p> <p>This also clarifies in the documentation of annotate that it should not be provided user input.</p> <p>[CVE-2023-22794]</p> </li> </ul> <h2>Action View</h2> <ul> <li>No changes.</li> </ul> <h2>Action Pack</h2> <ul> <li>No changes.</li> </ul> <h2>Active Job</h2> <ul> <li>No changes.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="28bb76d3ef
"><code>28bb76d</code></a> Version 6.0.6.1</li> <li><a href="91cf62e7b4
"><code>91cf62e</code></a> Version 6.0.6</li> <li><a href="c7d64e91b6
"><code>c7d64e9</code></a> Preparing for 6.0.5.1 release</li> <li><a href="c177e45858
"><code>c177e45</code></a> updating version and changelog</li> <li>See full diff in <a href="https://github.com/rails/rails/compare/v6.0.5...v6.0.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=activesupport&package-manager=bundler&previous-version=6.0.5&new-version=6.0.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/matrix-org/dendrite/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
286 lines
7.8 KiB
Plaintext
286 lines
7.8 KiB
Plaintext
GEM
|
|
remote: https://rubygems.org/
|
|
specs:
|
|
activesupport (6.0.6.1)
|
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
i18n (>= 0.7, < 2)
|
|
minitest (~> 5.1)
|
|
tzinfo (~> 1.1)
|
|
zeitwerk (~> 2.2, >= 2.2.2)
|
|
addressable (2.8.0)
|
|
public_suffix (>= 2.0.2, < 5.0)
|
|
coffee-script (2.4.1)
|
|
coffee-script-source
|
|
execjs
|
|
coffee-script-source (1.11.1)
|
|
colorator (1.1.0)
|
|
commonmarker (0.23.7)
|
|
concurrent-ruby (1.2.0)
|
|
dnsruby (1.61.9)
|
|
simpleidn (~> 0.1)
|
|
em-websocket (0.5.3)
|
|
eventmachine (>= 0.12.9)
|
|
http_parser.rb (~> 0)
|
|
ethon (0.15.0)
|
|
ffi (>= 1.15.0)
|
|
eventmachine (1.2.7)
|
|
execjs (2.8.1)
|
|
faraday (1.10.0)
|
|
faraday-em_http (~> 1.0)
|
|
faraday-em_synchrony (~> 1.0)
|
|
faraday-excon (~> 1.1)
|
|
faraday-httpclient (~> 1.0)
|
|
faraday-multipart (~> 1.0)
|
|
faraday-net_http (~> 1.0)
|
|
faraday-net_http_persistent (~> 1.0)
|
|
faraday-patron (~> 1.0)
|
|
faraday-rack (~> 1.0)
|
|
faraday-retry (~> 1.0)
|
|
ruby2_keywords (>= 0.0.4)
|
|
faraday-em_http (1.0.0)
|
|
faraday-em_synchrony (1.0.0)
|
|
faraday-excon (1.1.0)
|
|
faraday-httpclient (1.0.1)
|
|
faraday-multipart (1.0.3)
|
|
multipart-post (>= 1.2, < 3)
|
|
faraday-net_http (1.0.1)
|
|
faraday-net_http_persistent (1.2.0)
|
|
faraday-patron (1.0.0)
|
|
faraday-rack (1.0.0)
|
|
faraday-retry (1.0.3)
|
|
ffi (1.15.5)
|
|
forwardable-extended (2.6.0)
|
|
gemoji (3.0.1)
|
|
github-pages (226)
|
|
github-pages-health-check (= 1.17.9)
|
|
jekyll (= 3.9.2)
|
|
jekyll-avatar (= 0.7.0)
|
|
jekyll-coffeescript (= 1.1.1)
|
|
jekyll-commonmark-ghpages (= 0.2.0)
|
|
jekyll-default-layout (= 0.1.4)
|
|
jekyll-feed (= 0.15.1)
|
|
jekyll-gist (= 1.5.0)
|
|
jekyll-github-metadata (= 2.13.0)
|
|
jekyll-include-cache (= 0.2.1)
|
|
jekyll-mentions (= 1.6.0)
|
|
jekyll-optional-front-matter (= 0.3.2)
|
|
jekyll-paginate (= 1.1.0)
|
|
jekyll-readme-index (= 0.3.0)
|
|
jekyll-redirect-from (= 0.16.0)
|
|
jekyll-relative-links (= 0.6.1)
|
|
jekyll-remote-theme (= 0.4.3)
|
|
jekyll-sass-converter (= 1.5.2)
|
|
jekyll-seo-tag (= 2.8.0)
|
|
jekyll-sitemap (= 1.4.0)
|
|
jekyll-swiss (= 1.0.0)
|
|
jekyll-theme-architect (= 0.2.0)
|
|
jekyll-theme-cayman (= 0.2.0)
|
|
jekyll-theme-dinky (= 0.2.0)
|
|
jekyll-theme-hacker (= 0.2.0)
|
|
jekyll-theme-leap-day (= 0.2.0)
|
|
jekyll-theme-merlot (= 0.2.0)
|
|
jekyll-theme-midnight (= 0.2.0)
|
|
jekyll-theme-minimal (= 0.2.0)
|
|
jekyll-theme-modernist (= 0.2.0)
|
|
jekyll-theme-primer (= 0.6.0)
|
|
jekyll-theme-slate (= 0.2.0)
|
|
jekyll-theme-tactile (= 0.2.0)
|
|
jekyll-theme-time-machine (= 0.2.0)
|
|
jekyll-titles-from-headings (= 0.5.3)
|
|
jemoji (= 0.12.0)
|
|
kramdown (= 2.3.2)
|
|
kramdown-parser-gfm (= 1.1.0)
|
|
liquid (= 4.0.3)
|
|
mercenary (~> 0.3)
|
|
minima (= 2.5.1)
|
|
nokogiri (>= 1.13.4, < 2.0)
|
|
rouge (= 3.26.0)
|
|
terminal-table (~> 1.4)
|
|
github-pages-health-check (1.17.9)
|
|
addressable (~> 2.3)
|
|
dnsruby (~> 1.60)
|
|
octokit (~> 4.0)
|
|
public_suffix (>= 3.0, < 5.0)
|
|
typhoeus (~> 1.3)
|
|
html-pipeline (2.14.1)
|
|
activesupport (>= 2)
|
|
nokogiri (>= 1.4)
|
|
http_parser.rb (0.8.0)
|
|
i18n (0.9.5)
|
|
concurrent-ruby (~> 1.0)
|
|
jekyll (3.9.2)
|
|
addressable (~> 2.4)
|
|
colorator (~> 1.0)
|
|
em-websocket (~> 0.5)
|
|
i18n (~> 0.7)
|
|
jekyll-sass-converter (~> 1.0)
|
|
jekyll-watch (~> 2.0)
|
|
kramdown (>= 1.17, < 3)
|
|
liquid (~> 4.0)
|
|
mercenary (~> 0.3.3)
|
|
pathutil (~> 0.9)
|
|
rouge (>= 1.7, < 4)
|
|
safe_yaml (~> 1.0)
|
|
jekyll-avatar (0.7.0)
|
|
jekyll (>= 3.0, < 5.0)
|
|
jekyll-coffeescript (1.1.1)
|
|
coffee-script (~> 2.2)
|
|
coffee-script-source (~> 1.11.1)
|
|
jekyll-commonmark (1.4.0)
|
|
commonmarker (~> 0.22)
|
|
jekyll-commonmark-ghpages (0.2.0)
|
|
commonmarker (~> 0.23.4)
|
|
jekyll (~> 3.9.0)
|
|
jekyll-commonmark (~> 1.4.0)
|
|
rouge (>= 2.0, < 4.0)
|
|
jekyll-default-layout (0.1.4)
|
|
jekyll (~> 3.0)
|
|
jekyll-feed (0.15.1)
|
|
jekyll (>= 3.7, < 5.0)
|
|
jekyll-gist (1.5.0)
|
|
octokit (~> 4.2)
|
|
jekyll-github-metadata (2.13.0)
|
|
jekyll (>= 3.4, < 5.0)
|
|
octokit (~> 4.0, != 4.4.0)
|
|
jekyll-include-cache (0.2.1)
|
|
jekyll (>= 3.7, < 5.0)
|
|
jekyll-mentions (1.6.0)
|
|
html-pipeline (~> 2.3)
|
|
jekyll (>= 3.7, < 5.0)
|
|
jekyll-optional-front-matter (0.3.2)
|
|
jekyll (>= 3.0, < 5.0)
|
|
jekyll-paginate (1.1.0)
|
|
jekyll-readme-index (0.3.0)
|
|
jekyll (>= 3.0, < 5.0)
|
|
jekyll-redirect-from (0.16.0)
|
|
jekyll (>= 3.3, < 5.0)
|
|
jekyll-relative-links (0.6.1)
|
|
jekyll (>= 3.3, < 5.0)
|
|
jekyll-remote-theme (0.4.3)
|
|
addressable (~> 2.0)
|
|
jekyll (>= 3.5, < 5.0)
|
|
jekyll-sass-converter (>= 1.0, <= 3.0.0, != 2.0.0)
|
|
rubyzip (>= 1.3.0, < 3.0)
|
|
jekyll-sass-converter (1.5.2)
|
|
sass (~> 3.4)
|
|
jekyll-seo-tag (2.8.0)
|
|
jekyll (>= 3.8, < 5.0)
|
|
jekyll-sitemap (1.4.0)
|
|
jekyll (>= 3.7, < 5.0)
|
|
jekyll-swiss (1.0.0)
|
|
jekyll-theme-architect (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-cayman (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-dinky (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-hacker (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-leap-day (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-merlot (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-midnight (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-minimal (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-modernist (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-primer (0.6.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-github-metadata (~> 2.9)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-slate (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-tactile (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-theme-time-machine (0.2.0)
|
|
jekyll (> 3.5, < 5.0)
|
|
jekyll-seo-tag (~> 2.0)
|
|
jekyll-titles-from-headings (0.5.3)
|
|
jekyll (>= 3.3, < 5.0)
|
|
jekyll-watch (2.2.1)
|
|
listen (~> 3.0)
|
|
jemoji (0.12.0)
|
|
gemoji (~> 3.0)
|
|
html-pipeline (~> 2.2)
|
|
jekyll (>= 3.0, < 5.0)
|
|
kramdown (2.3.2)
|
|
rexml
|
|
kramdown-parser-gfm (1.1.0)
|
|
kramdown (~> 2.0)
|
|
liquid (4.0.3)
|
|
listen (3.7.1)
|
|
rb-fsevent (~> 0.10, >= 0.10.3)
|
|
rb-inotify (~> 0.9, >= 0.9.10)
|
|
mercenary (0.3.6)
|
|
minima (2.5.1)
|
|
jekyll (>= 3.5, < 5.0)
|
|
jekyll-feed (~> 0.9)
|
|
jekyll-seo-tag (~> 2.1)
|
|
minitest (5.17.0)
|
|
multipart-post (2.1.1)
|
|
nokogiri (1.13.10-arm64-darwin)
|
|
racc (~> 1.4)
|
|
nokogiri (1.13.10-x86_64-linux)
|
|
racc (~> 1.4)
|
|
octokit (4.22.0)
|
|
faraday (>= 0.9)
|
|
sawyer (~> 0.8.0, >= 0.5.3)
|
|
pathutil (0.16.2)
|
|
forwardable-extended (~> 2.6)
|
|
public_suffix (4.0.7)
|
|
racc (1.6.1)
|
|
rb-fsevent (0.11.1)
|
|
rb-inotify (0.10.1)
|
|
ffi (~> 1.0)
|
|
rexml (3.2.5)
|
|
rouge (3.26.0)
|
|
ruby2_keywords (0.0.5)
|
|
rubyzip (2.3.2)
|
|
safe_yaml (1.0.5)
|
|
sass (3.7.4)
|
|
sass-listen (~> 4.0.0)
|
|
sass-listen (4.0.0)
|
|
rb-fsevent (~> 0.9, >= 0.9.4)
|
|
rb-inotify (~> 0.9, >= 0.9.7)
|
|
sawyer (0.8.2)
|
|
addressable (>= 2.3.5)
|
|
faraday (> 0.8, < 2.0)
|
|
simpleidn (0.2.1)
|
|
unf (~> 0.1.4)
|
|
terminal-table (1.8.0)
|
|
unicode-display_width (~> 1.1, >= 1.1.1)
|
|
thread_safe (0.3.6)
|
|
typhoeus (1.4.0)
|
|
ethon (>= 0.9.0)
|
|
tzinfo (1.2.11)
|
|
thread_safe (~> 0.1)
|
|
unf (0.1.4)
|
|
unf_ext
|
|
unf_ext (0.0.8.1)
|
|
unicode-display_width (1.8.0)
|
|
zeitwerk (2.6.6)
|
|
|
|
PLATFORMS
|
|
arm64-darwin-21
|
|
x86_64-linux
|
|
|
|
DEPENDENCIES
|
|
github-pages (~> 226)
|
|
jekyll-feed (~> 0.15.1)
|
|
|
|
BUNDLED WITH
|
|
2.3.7
|