treehouse
/
mastodon
20
8
Fork 5
Code Issues 32 Pull Requests Projects 1 Releases Wiki Activity
17,389 Commits
12 Branches
15 Tags
760 MiB
Commit Graph

1979 Commits (07492326d102380bb0613e723ca383d2cb375617)

Author SHA1 Message Date
kouhai dev ee1dc4a0d1 th: Merge remote-tracking branch 'glitch/main' 2023-04-22 00:38:08 -07:00
kouhai dev 7ce5d26bf4 th: Add foreman to development deps 2023-04-22 00:38:08 -07:00
kouhai dev da1aa87c6f th: Merge remote-tracking branch 'glitch/main' 2023-04-22 00:38:08 -07:00
kouhai dev 228f9c72d4 th: update models, node/Gemfile state 2023-04-22 00:38:08 -07:00
Claire a95dc48e01 Merge branch 'main' into glitch-soc/merge-upstream 2023-03-02 17:32:38 +01:00
Matt Jankowski 0d409f9fd7 Update rspec-rails to version 6.0.1 (#23908) 2023-03-02 15:55:37 +01:00
Shlee 8ed5fc7252 [Dependashlee] Update to Puma 6.1.0 (#23795) 2023-02-28 13:30:28 +01:00
Claire f15ded319f Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end of the file, while glitch-soc had its own
  extra lines.
  Took upstream's change.
- `CONTRIBUTING.md`:
  We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes.
  Ported upstream changes.
- `app/controllers/application_controller.rb`:
  Upstream made code style changes in a method that is entirely replaced
  in glitch-soc.
  Ignored the change.
- `app/models/account.rb`:
  Code style changes textually close to glitch-soc-specific changes.
  Ported upstream changes.
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream code style changes.
  Ignored them.
 2023-02-25 14:00:40 +01:00
dependabot[bot] 185e7aa9ea Bump devise from 4.8.1 to 4.9.0 (#23691) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-21 10:41:28 +01:00
dependabot[bot] 227be00a33 Bump capistrano from 3.17.1 to 3.17.2 (#23775) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-21 09:29:07 +01:00
Claire 63992c6900 Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.github/dependabot.yml`:
  Upstream made changes while we have dropped this file.
  Keep the file deleted.
- `.prettierignore`:
  Upstream made changes at the end of the file, where we
  had our extra lines.
  Just moved our extra lines back at the end.
- `app/serializers/initial_state_serializer.rb`:
  Upstream code style changes.
  Applied them.
- `app/services/backup_service.rb`:
  Upstream code style changes.
  Applied them.
 2023-02-19 10:42:55 +01:00
dependabot[bot] b8dc16c819 Bump oj from 3.13.23 to 3.14.2 (#23560) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-18 14:21:10 +09:00
dependabot[bot] b683ba772e Bump webauthn from 2.5.2 to 3.0.0 (#23659) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-17 10:06:24 +01:00
Aaron Patterson edc6f486bf Upgrade to Ruby 3.2 (#22928) 
Co-authored-by: Matthew Ford <matt@bitzesty.com>
 2023-02-15 08:30:27 +01:00
dependabot[bot] 64af18c656 Bump nokogiri from 1.14.1 to 1.14.2 (#23577) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-14 09:11:51 +01:00
dependabot[bot] a532606d38 Bump aws-sdk-s3 from 1.119.0 to 1.119.1 (#23586) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-14 09:07:12 +01:00
Claire 92d1e05c3e Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end, glitch-soc had extra entries at the end.
  Added upstream's new line before glitch-soc's.
- `Gemfile.lock`:
  Upstream updated dependencies while glitch-soc has an extra one (hcaptcha).
  Updated dependencies like upstream did.
- `app/controllers/api/v1/statuses_controller.rb`:
  Not a real conflict, upstream added a parameter (`allowed_mentions`) where
  glitch-soc already had an extra one (`content_type`).
  Added upstream's new parameter.
- `app/javascript/styles/fonts/roboto-mono.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
- `app/javascript/styles/fonts/roboto.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
 2023-02-13 19:35:35 +01:00
Shlee 5a13f1d2ad chewy from 7.2.4 to 7.2.7 (#23572) 2023-02-13 16:33:34 +01:00
Stan Hu 7ab1306c20 Switch OpenID Connect gems (#23223) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-02-13 15:47:50 +01:00
dependabot[bot] b44fa2623a Bump rubocop from 1.44.1 to 1.45.1 (#23523) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 14:38:43 +01:00
Claire 9a70c0de00 Add dependency on net-http (#23571) 2023-02-13 14:36:07 +01:00
dependabot[bot] 6ab50dfd94 Bump sidekiq-scheduler from 5.0.0 to 5.0.1 (#23569) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 13:55:55 +01:00
dependabot[bot] d9fdce121c Bump sidekiq-scheduler from 4.0.3 to 5.0.0 (#23212) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-02-13 13:31:42 +01:00
Nick Schonning acf0bbcab8 Replace hamlit-rails with haml-rails (#23542) 2023-02-13 04:59:30 +01:00
Eugen Rochko d070724298 Bump blurhash from 0.1.6 to 0.1.7 (#23517) 2023-02-11 04:02:07 +01:00
Claire 5f26e6e7ca Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `README.md`:
  Minor upstream change, our README is completely different.
  Kept ours.
- `lib/tasks/assets.rake`:
  glitch-soc has extra code to deal with its theming system,
  upstream changed a line that exists in glitch-soc.
  Applied upstream changes.
 2023-02-09 12:46:12 +01:00
dependabot[bot] cd082caeb8 Bump rubocop-performance from 1.15.2 to 1.16.0 (#23418) 
Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/rubocop/rubocop-performance/releases)
- [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.15.2...v1.16.0)

---
updated-dependencies:
- dependency-name: rubocop-performance
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:40:36 +09:00
dependabot[bot] 936d7d9446 Bump doorkeeper from 5.6.3 to 5.6.4 (#23422) 
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.3 to 5.6.4.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.3...v5.6.4)

---
updated-dependencies:
- dependency-name: doorkeeper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:39:37 +09:00
dependabot[bot] 3d3e05652c Bump webpacker from 5.4.3 to 5.4.4 (#23424) 
Bumps [webpacker](https://github.com/rails/webpacker) from 5.4.3 to 5.4.4.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v5.4.3...v5.4.4)

---
updated-dependencies:
- dependency-name: webpacker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:39:02 +09:00
dependabot[bot] 4b3e7cfff2 Bump faker from 3.1.0 to 3.1.1 (#23425) 
Bumps [faker](https://github.com/faker-ruby/faker) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: faker
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:38:30 +09:00
dependabot[bot] be3006e888 Bump bootsnap from 1.15.0 to 1.16.0 (#23340) 
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-04 15:55:07 +09:00
Claire 91f66ece5a Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream updated `docker/build-push-action`, and we a different config
  for `docker/metadata-action` so the lines directly above were different,
  but it's not a real conflict.
  Upgraded `docker/build-push-action` as upstream did.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
  Upstream changed the codestyle near a line we had modified to accommodate
  configurable character count.
  Kept our change.
 2023-02-03 19:23:27 +01:00
dependabot[bot] 134c15491b Bump nokogiri from 1.14.0 to 1.14.1 (#23330) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.0...v1.14.1)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:33:07 +01:00
dependabot[bot] 8074923344 Bump ox from 2.14.13 to 2.14.14 (#23338) 
Bumps [ox](https://github.com/ohler55/ox) from 2.14.13 to 2.14.14.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.14.13...v2.14.14)

---
updated-dependencies:
- dependency-name: ox
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:31:50 +01:00
dependabot[bot] bc290e9a2a Bump redcarpet from 3.5.1 to 3.6.0 (#23339) 
Bumps [redcarpet](https://github.com/vmg/redcarpet) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/vmg/redcarpet/releases)
- [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vmg/redcarpet/compare/v3.5.1...v3.6.0)

---
updated-dependencies:
- dependency-name: redcarpet
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:19:30 +01:00
dependabot[bot] 8eec28e802 Bump aws-sdk-s3 from 1.118.0 to 1.119.0 (#23341) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.118.0 to 1.119.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:16:38 +01:00
dependabot[bot] 091542f3bc Bump rubocop from 1.44.0 to 1.44.1 (#23337) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.44.0 to 1.44.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.44.0...v1.44.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:16:13 +01:00
dependabot[bot] 2b107ab81f Bump simple_form from 5.1.0 to 5.2.0 (#23328) 
Bumps [simple_form](https://github.com/heartcombo/simple_form) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/heartcombo/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/main/CHANGELOG.md)
- [Commits](https://github.com/heartcombo/simple_form/compare/v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: simple_form
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:07:16 +01:00
dependabot[bot] 068851654f Bump rails from 6.1.7.1 to 6.1.7.2 (#23326) 
Bumps [rails](https://github.com/rails/rails) from 6.1.7.1 to 6.1.7.2.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.7.1...v6.1.7.2)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:06:59 +01:00
dependabot[bot] 485c564321 Bump doorkeeper from 5.6.2 to 5.6.3 (#23324) 
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.2 to 5.6.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.2...v5.6.3)

---
updated-dependencies:
- dependency-name: doorkeeper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 10:58:10 +01:00
dependabot[bot] 0758811df2 Bump gitlab-omniauth-openid-connect from 0.10.0 to 0.10.1 (#23241) 
Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect) from 0.10.0 to 0.10.1.
- [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags)
- [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.10.0...v0.10.1)

---
updated-dependencies:
- dependency-name: gitlab-omniauth-openid-connect
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-31 00:46:27 +09:00
dependabot[bot] 6b0624261b Bump aws-sdk-s3 from 1.117.2 to 1.118.0 (#23202) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.117.2 to 1.118.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-30 10:57:59 +09:00
dependabot[bot] 5b170f4e98 Bump sanitize from 6.0.0 to 6.0.1 (#23281) 
Bumps [sanitize](https://github.com/rgrove/sanitize) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v6.0.0...v6.0.1)

---
updated-dependencies:
- dependency-name: sanitize
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-28 18:12:57 +09:00
Claire 8134672631 Merge branch 'main' into glitch-soc/merge-upstream 2023-01-24 20:32:31 +01:00
dependabot[bot] 268a6ad1ad Bump concurrent-ruby from 1.1.10 to 1.2.0 (#23236) 
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.10 to 1.2.0.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.10...v1.2.0)

---
updated-dependencies:
- dependency-name: concurrent-ruby
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-24 09:46:26 +01:00
dependabot[bot] 74cb87c072 Bump rubocop from 1.43.0 to 1.44.0 (#23213) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.43.0...v1.44.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-23 18:03:20 +01:00
dependabot[bot] f6b2d20d5e Bump rubocop-rspec from 2.18.0 to 2.18.1 (#23203) 
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.18.0 to 2.18.1.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.18.0...v2.18.1)

---
updated-dependencies:
- dependency-name: rubocop-rspec
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-23 13:14:11 +01:00
Kaspar V 930de8db1f fix(pghero): update because CVE-2023-22626 (#23190) 
There is a vulnerability
[CVE-2023-22626](https://github.com/advisories/GHSA-vf99-xw26-86g5)

```
Name: pghero
Version: 2.8.3
CVE: CVE-2023-22626
GHSA: GHSA-vf99-xw26-86g5
Criticality: High
URL: https://github.com/ankane/pghero/issues/439
Title: Information Disclosure Through EXPLAIN Feature
Solution: upgrade to '>= 3.1.0'
```
 2023-01-22 23:09:02 +01:00
Claire 84c2d30b71 Merge branch 'main' into glitch-soc/merge 2023-01-18 11:57:01 +01:00
dependabot[bot] e410e02a4d Bump rails from 6.1.7 to 6.1.7.1 (#23144) 
Bumps [rails](https://github.com/rails/rails) from 6.1.7 to 6.1.7.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.7...v6.1.7.1)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-18 11:40:21 +01:00