- 18 5月, 2020 2 次提交
-
-
由 Aaron Patterson 提交于
-
由 Aaron Patterson 提交于
-
- 16 5月, 2020 6 次提交
-
-
由 Aaron Patterson 提交于
-
由 Jack McCracken 提交于
[CVE-2020-8167]
-
由 Jack McCracken 提交于
[CVE-2020-8166]
-
由 Dylan Thacker-Smith 提交于
The same value for the `raw` option should be provided for both reading and writing to avoid Marshal.load being called on untrusted data. [CVE-2020-8165]
-
由 Dylan Thacker-Smith 提交于
Dalli is already being used for marshalling, so we should also rely on it for unmarshalling. Since Dalli tags the cache value as marshalled it can avoid unmarshalling a raw string which might have come from an untrusted source. [CVE-2020-8165]
-
由 Jack McCracken 提交于
[CVE-2020-8164]
-
- 15 5月, 2020 1 次提交
-
-
由 Travis Pew 提交于
[CVE-2020-8162]
-
- 20 3月, 2020 2 次提交
-
-
由 Aaron Patterson 提交于
-
由 Aaron Patterson 提交于
This commit escapes dollar signs and backticks to prevent JS XSS issues when using the `j` or `javascript_escape` helper CVE-2020-5267
-
- 19 12月, 2019 2 次提交
-
-
由 Rafael Mendonça França 提交于
-
由 Rafael Mendonça França 提交于
The `ActionDispatch::Session::MemcacheStore` is still vulnerable given it requires the gem dalli to be updated as well. CVE-2019-16782
-
- 27 11月, 2019 1 次提交
-
-
由 Rafael Mendonça França 提交于
-
- 23 11月, 2019 12 次提交
-
-
由 Rafael Mendonça França 提交于
-
由 Rafael Mendonça França 提交于
-
由 Rafael Mendonça França 提交于
-
由 Rafael Mendonça França 提交于
-
由 John Hawthorn 提交于
-
由 John Hawthorn 提交于
-
由 John Hawthorn 提交于
We no longer link JS by default, we need to modify manifest.js for that now.
-
由 John Hawthorn 提交于
-
由 John Hawthorn 提交于
We no longer link all js by default, so we should do this test with a css instead (we don't care about that specifics of the dir just that its in the manifest and in this dir).
-
由 John Hawthorn 提交于
-
由 John Hawthorn 提交于
-
由 John Hawthorn 提交于
-
- 20 11月, 2019 13 次提交
-
-
由 Ryuta Kamizono 提交于
Fix Active Job Sidekiq integration tests
-
由 Ryuta Kamizono 提交于
Check that entire collection has been loaded before short circuiting
-
由 Ryuta Kamizono 提交于
Address test_statement_cache_with_in_clause failure
-
由 Ryuta Kamizono 提交于
-
由 Ryuta Kamizono 提交于
Fix "NameError: undefined local variable or method `primary' for #<ApplicationTests::ServerTest:0x000055df43b391d8>"
-
由 Ryuta Kamizono 提交于
Merge pull request #37489 from giraffate/fix_random_ci_failure_due_to_non-deterministic_sorting_order Fix random CI failure due to non-deterministic sorting order
-
由 Ryuta Kamizono 提交于
Address occasional test_pluck_columns_with_same_name failure
-
由 Ryuta Kamizono 提交于
Fix activestorage CI failure due to ffprove version differece
-
由 Ryuta Kamizono 提交于
Update test to avoid Puma output format change
-
由 Ryuta Kamizono 提交于
Maintain extra joins for string or complex arel conditions
-
- 16 11月, 2019 1 次提交
-
-
由 Rafael Mendonça França 提交于
See parent commit for more info.
-