--- - branch: pkgsrc-2022Q1 date: Sat Jun 4 09:31:42 UTC 2022 files: - new: 1.11.2.1 old: '1.11' path: pkgsrc/databases/ruby-activerecord61/distinfo pathrev: pkgsrc/databases/ruby-activerecord61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/devel/ruby-activejob61/distinfo pathrev: pkgsrc/devel/ruby-activejob61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/devel/ruby-activemodel61/distinfo pathrev: pkgsrc/devel/ruby-activemodel61/distinfo@1.11.2.1 type: modified - new: 1.4.2.1 old: '1.4' path: pkgsrc/devel/ruby-activestorage61/Makefile pathrev: pkgsrc/devel/ruby-activestorage61/Makefile@1.4.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/devel/ruby-activestorage61/distinfo pathrev: pkgsrc/devel/ruby-activestorage61/distinfo@1.11.2.1 type: modified - new: 1.3.2.1 old: '1.3' path: pkgsrc/devel/ruby-activesupport61/Makefile pathrev: pkgsrc/devel/ruby-activesupport61/Makefile@1.3.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/devel/ruby-activesupport61/distinfo pathrev: pkgsrc/devel/ruby-activesupport61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/devel/ruby-railties61/distinfo pathrev: pkgsrc/devel/ruby-railties61/distinfo@1.11.2.1 type: modified - new: 1.118.2.3 old: 1.118.2.2 path: pkgsrc/lang/ruby/rails.mk pathrev: pkgsrc/lang/ruby/rails.mk@1.118.2.3 type: modified - new: 1.1.10.1 old: '1.1' path: pkgsrc/mail/ruby-actionmailbox61/PLIST pathrev: pkgsrc/mail/ruby-actionmailbox61/PLIST@1.1.10.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/mail/ruby-actionmailbox61/distinfo pathrev: pkgsrc/mail/ruby-actionmailbox61/distinfo@1.11.2.1 type: modified - new: 1.1.10.1 old: '1.1' path: pkgsrc/mail/ruby-actionmailer61/PLIST pathrev: pkgsrc/mail/ruby-actionmailer61/PLIST@1.1.10.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/mail/ruby-actionmailer61/distinfo pathrev: pkgsrc/mail/ruby-actionmailer61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/textproc/ruby-actiontext61/distinfo pathrev: pkgsrc/textproc/ruby-actiontext61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/www/ruby-actioncable61/distinfo pathrev: pkgsrc/www/ruby-actioncable61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/www/ruby-actionpack61/distinfo pathrev: pkgsrc/www/ruby-actionpack61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/www/ruby-actionview61/distinfo pathrev: pkgsrc/www/ruby-actionview61/distinfo@1.11.2.1 type: modified - new: 1.11.2.1 old: '1.11' path: pkgsrc/www/ruby-rails61/distinfo pathrev: pkgsrc/www/ruby-rails61/distinfo@1.11.2.1 type: modified id: 20220604T093142Z.90c63a249da5218554e29ece461d7ae88870d6a9 log: "Pullup ticket #6630 - requested by taca\ndatabases/ruby-activerecord61: security update\ndevel/ruby-activejob61: security update\ndevel/ruby-activemodel61: security update\ndevel/ruby-activestorage61: security update\ndevel/ruby-activesupport61: security update\ndevel/ruby-railties61: security update\nlang/ruby: version info update\nmail/ruby-actionmailbox61: security update\nmail/ruby-actionmailer61: security update\ntextproc/ruby-actiontext61: security update\nwww/ruby-actioncable61: security update\nwww/ruby-actionpack61: security update\nwww/ruby-actionview61: security update\nwww/ruby-rails61: security update\n\nRevisions pulled up:\n- databases/ruby-activerecord61/distinfo 1.12\n- devel/ruby-activejob61/distinfo \ 1.12\n- devel/ruby-activemodel61/distinfo 1.12\n- devel/ruby-activestorage61/Makefile 1.5\n- devel/ruby-activestorage61/distinfo \ 1.12\n- devel/ruby-activesupport61/Makefile 1.4\n- devel/ruby-activesupport61/distinfo 1.12\n- devel/ruby-railties61/distinfo \ 1.12\n- lang/ruby/rails.mk 1.121\n- mail/ruby-actionmailbox61/PLIST 1.2\n- mail/ruby-actionmailbox61/distinfo \ 1.12\n- mail/ruby-actionmailer61/PLIST 1.2\n- mail/ruby-actionmailer61/distinfo 1.12\n- textproc/ruby-actiontext61/distinfo \ 1.12\n- www/ruby-actioncable61/distinfo 1.12\n- www/ruby-actionpack61/distinfo 1.12\n- www/ruby-actionview61/distinfo \ 1.12\n- www/ruby-rails61/distinfo 1.12\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:38:25 UTC 2022\n\n Modified Files:\n \tpkgsrc/lang/ruby: rails.mk\n\n Log Message:\n \ lang/ruby/rails.mk: Really update of Ruby on Rails to 6.1.5.1\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.120 -r1.121 pkgsrc/lang/ruby/rails.mk\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:28:21 UTC 2022\n\n Modified Files:\n \tpkgsrc/devel/ruby-activesupport61: Makefile distinfo\n\n Log Message:\n devel/ruby-activesupport61: update to 6.1.5.1\n\n \ ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.\n\n Add the method `ERB::Util.xml_name_escape` to escape dangerous characters\n in names of tags and names of attributes, following the specification of XML.\n\n *ï¾\x81lvaro Mart�n Fraguas*\n\n \ ## Rails 6.1.5 (March 09, 2022) ##\n\n * Fix `ActiveSupport::Duration.build` to support negative values.\n\n The algorithm to collect the `parts` of the `ActiveSupport::Duration`\n ignored the sign of the `value` and accumulated incorrect part values. This\n impacted `ActiveSupport::Duration#sum` (which is dependent on `parts`) but\n not `ActiveSupport::Duration#eql?` (which is dependent on `value`).\n\n *Caleb Buxton*, *Braden Staudacher*\n\n * \ `Time#change` and methods that call it (eg. `Time#advance`) will now\n return a `Time` with the timezone argument provided, if the caller was\n initialized with a timezone argument.\n\n Fixes [#42467](https://github.com/rails/rails/issues/42467).\n\n \ *Alex Ghiculescu*\n\n * Clone to keep extended Logger methods for tagged logger.\n\n *Orhan Toy*\n\n * `assert_changes` works on including `ActiveSupport::Assertions` module.\n\n *Pedro Medeiros*\n\n To generate a diff of this commit:\n \ cvs rdiff -u -r1.3 -r1.4 pkgsrc/devel/ruby-activesupport61/Makefile\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activesupport61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:28:57 UTC 2022\n\n Modified Files:\n \tpkgsrc/devel/ruby-activemodel61: distinfo\n\n \ Log Message:\n devel/ruby-activemodel61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * No changes.\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n * Clear secure password cache if password is set to `nil`\n\n \ Before:\n\n user.password = 'something'\n user.password = nil\n\n user.password # => 'something'\n\n Now:\n\n user.password = 'something'\n user.password = nil\n\n user.password # => nil\n\n \ *Markus Doits*\n\n * Fix delegation in `ActiveModel::Type::Registry#lookup` and `ActiveModel::Type.lookup`\n\n Passing a last positional argument `{}` would be incorrectly considered as keyword argument.\n\n *Benoit Daloze*\n\n \ * Fix `to_json` after `changes_applied` for `ActiveModel::Dirty` object.\n\n \ *Ryuta Kamizono*\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activemodel61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:29:32 UTC 2022\n\n Modified Files:\n \tpkgsrc/www/ruby-actionview61: distinfo\n\n \ Log Message:\n www/ruby-actionview61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.\n\n Escape dangerous characters in names of tags and names of attributes in the\n tag helpers, following the XML specification. Rename the option\n `:escape_attributes` to `:escape`, to simplify by applying the option to the\n whole tag.\n\n *ï¾\x81lvaro Mart�n Fraguas*\n\n \ ## Rails 6.1.5 (March 09, 2022) ##\n\n * `preload_link_tag` properly inserts `as` attributes for files with `image` MIME\n types, such as JPG or SVG.\n\n \ *Nate Berkopec*\n\n * Add `autocomplete=\"off\"` to all generated hidden fields.\n\n Fixes #42610.\n\n *Ryan Baumann*\n\n * Fix `current_page?` when URL has trailing slash.\n\n This fixes the `current_page?` helper when the given URL has a trailing slash,\n and is an absolute URL or also has query params.\n\n Fixes #33956.\n\n *Jonathan Hefner*\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-actionview61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:30:02 UTC 2022\n\n Modified Files:\n \tpkgsrc/www/ruby-actionpack61: distinfo\n\n \ Log Message:\n www/ruby-actionpack61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * Allow Content Security Policy DSL to generate for API responses.\n\n *Tim Wade*\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n \ * Fix `content_security_policy` returning invalid directives.\n\n Directives such as `self`, `unsafe-eval` and few others were not\n single quoted when the directive was the result of calling a lambda\n returning an array.\n\n \ ```ruby\n content_security_policy do |policy|\n policy.frame_ancestors lambda { [:self, \"https://example.com\"] }\n end\n ```\n\n With this fix the policy generated from above will now be valid.\n\n *Edouard Chin*\n\n * Update `HostAuthorization` middleware to render debug info only\n \ when `config.consider_all_requests_local` is set to true.\n\n Also, blocked host info is always logged with level `error`.\n\n Fixes #42813.\n\n \ *Nikita Vyrko*\n\n * Dup arrays that get \"converted\".\n\n Fixes #43681.\n\n *Aaron Patterson*\n\n * Don't show deprecation warning for equal paths.\n\n *Anton Rieder*\n\n * Fix crash in `ActionController::Instrumentation` with invalid HTTP formats.\n\n Fixes #43094.\n\n *Alex Ghiculescu*\n\n \ * Add fallback host for SystemTestCase driven by RackTest.\n\n Fixes #42780.\n\n *Petrik de Heus*\n\n * Add more detail about what hosts are allowed.\n\n *Alex Ghiculescu*\n\n To generate a diff of this commit:\n \ cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-actionpack61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:30:33 UTC 2022\n\n Modified Files:\n \tpkgsrc/databases/ruby-activerecord61: distinfo\n\n \ Log Message:\n databases/ruby-activerecord61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * No changes.\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n * Fix `ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicate` for Ruby 2.6.\n\n Ruby 2.6 and 2.7 have slightly different implementations of the `String#@-` method.\n In Ruby 2.6, the receiver of the `String#@-` method is modified under certain circumstances.\n This was later identified as a bug (https://bugs.ruby-lang.org/issues/15926) and only\n fixed in Ruby 2.7.\n\n Before the changes in this commit, the\n `ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicate` method, which internally\n calls the `String#@-` method, could also modify an input string argument in Ruby 2.6 --\n changing a tainted, unfrozen string into a tainted, frozen string.\n\n Fixes #43056\n\n *Eric O'Hanlon*\n\n \ * Fix migration compatibility to create SQLite references/belongs_to column as integer when\n migration version is 6.0.\n\n `reference`/`belongs_to` in migrations with version 6.0 were creating columns as\n bigint instead of integer for the SQLite Adapter.\n\n *Marcelo Lauxen*\n\n * Fix dbconsole for 3-tier config.\n\n *Eileen M. Uchitelle*\n\n * Better handle SQL queries with invalid encoding.\n\n ```ruby\n Post.create(name: \"broken \\xC8 UTF-8\")\n ```\n\n Would cause all adapters to fail in a non controlled way in the code\n responsible to detect write queries.\n\n The query is now properly passed to the database connection, which might or might\n \ not be able to handle it, but will either succeed or failed in a more correct way.\n\n *Jean Boussier*\n\n * Ignore persisted in-memory records when merging target lists.\n\n *Kevin Sj�berg*\n\n * Fix regression bug that caused ignoring additional conditions for preloading\n `has_many` through relations.\n\n Fixes #43132\n\n *Alexander Pauly*\n\n * Fix `ActiveRecord::InternalMetadata` to not be broken by\n `config.active_record.record_timestamps = false`\n\n \ Since the model always create the timestamp columns, it has to set them, otherwise it breaks\n various DB management tasks.\n\n Fixes #42983\n\n \ *Jean Boussier*\n\n * Fix duplicate active record objects on `inverse_of`.\n\n \ *Justin Carvalho*\n\n * Fix duplicate objects stored in has many association after save.\n\n Fixes #42549.\n\n *Alex Ghiculescu*\n\n * Fix performance regression in `CollectionAssocation#build`.\n\n *Alex Ghiculescu*\n\n \ * Fix retrieving default value for text column for MariaDB.\n\n *fatkodima*\n\n \ To generate a diff of this commit:\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/ruby-activerecord61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:31:02 UTC 2022\n\n Modified Files:\n \tpkgsrc/devel/ruby-activestorage61: Makefile distinfo\n\n Log Message:\n devel/ruby-activestorage61: update to 6.1.5.1\n\n \ ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * No changes.\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n * Attachments can be deleted after their association is no longer defined.\n\n Fixes #42514\n\n *Don Sisco*\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.4 -r1.5 pkgsrc/devel/ruby-activestorage61/Makefile\n \ cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activestorage61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:31:47 UTC 2022\n\n Modified Files:\n \tpkgsrc/mail/ruby-actionmailbox61: PLIST distinfo\n\n \ Log Message:\n mail/ruby-actionmailbox61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * No changes.\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n * Add `attachments` to the list of permitted parameters for inbound emails conductor.\n\n When using the conductor to test inbound emails with attachments, this prevents an\n unpermitted parameter warning in default configurations, and prevents errors for\n applications that set:\n\n ```ruby\n \ config.action_controller.action_on_unpermitted_parameters = :raise\n ```\n\n \ *David Jones*, *Dana Henke*\n\n To generate a diff of this commit:\n \ cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/ruby-actionmailbox61/PLIST\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/mail/ruby-actionmailbox61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:32:28 UTC 2022\n\n Modified Files:\n \tpkgsrc/www/ruby-actioncable61: distinfo\n\n \ Log Message:\n www/ruby-actioncable61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * No changes.\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n * The Action Cable client now ensures successful channel subscriptions:\n\n \ * The client maintains a set of pending subscriptions until either\n the server confirms the subscription or the channel is torn down.\n * Rectifies the race condition where an unsubscribe is rapidly followed\n by a subscribe (on the same channel identifier) and the requests are\n handled out of order by the ActionCable server, thereby ignoring the\n subscribe command.\n\n \ *Daniel Spinosa*\n\n * Truncate broadcast logging messages.\n\n *J Smith*\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-actioncable61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:32:59 UTC 2022\n\n Modified Files:\n \tpkgsrc/devel/ruby-railties61: distinfo\n\n \ Log Message:\n devel/ruby-railties61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * No changes.\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n * In `zeitwerk` mode, setup the `once` autoloader first, and the `main` autoloader after it.\n This order plays better with shared namespaces.\n\n \ *Xavier Noria*\n\n * Handle paths with spaces when editing credentials.\n\n \ *Alex Ghiculescu*\n\n * Support Psych 4 when loading secrets.\n\n *Nat Morcos*\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-railties61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:33:27 UTC 2022\n\n Modified Files:\n \tpkgsrc/textproc/ruby-actiontext61: distinfo\n\n \ Log Message:\n textproc/ruby-actiontext61: update to 6.1.5.1\n\n ## Rails 6.1.5.1 (April 26, 2022) ##\n\n * No changes.\n\n ## Rails 6.1.5 (March 09, 2022) ##\n\n * Fix Action Text extra trix content wrapper.\n\n *Alexandre Ruban*\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/textproc/ruby-actiontext61/distinfo\n\n-------------------------------------------------------------------\n \ Module Name:\tpkgsrc\n Committed By:\ttaca\n Date:\t\tThu May 5 03:34:37 UTC 2022\n\n Modified Files:\n \tpkgsrc/devel/ruby-activejob61: distinfo\n \ \tpkgsrc/mail/ruby-actionmailer61: PLIST distinfo\n \tpkgsrc/www/ruby-rails61: distinfo\n\n Log Message:\n Update rest of Ruby on Rails 61 components.\n\n \ No change except version.\n\n To generate a diff of this commit:\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/ruby-activejob61/distinfo\n cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/ruby-actionmailer61/PLIST\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/mail/ruby-actionmailer61/distinfo\n cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/ruby-rails61/distinfo\n" module: pkgsrc subject: 'CVS commit: [pkgsrc-2022Q1] pkgsrc' unixtime: '1654335102' user: spz