treehouse
/
mastodon
19
8
Fork 5
Code Issues 32 Pull Requests Projects 1 Releases Wiki Activity
17,387 Commits
10 Branches
15 Tags
734 MiB
Commit Graph

1979 Commits (a16bd970260e9c72cc4dade4dca9f80b922f8af3)

Author SHA1 Message Date
kouhai dev a16bd97026 Merge remote-tracking branch 'glitch/main'
ci/woodpecker/push/woodpecker Pipeline failed Details
2023-03-12 20:02:44 -07:00
kouhai dev aa49562d32 Add foreman to development deps
ci/woodpecker/push/woodpecker Pipeline failed Details
2023-03-12 20:00:22 -07:00
kouhai dev 9146104f56 Merge remote-tracking branch 'glitch/main' 2023-03-12 19:58:37 -07:00
Claire 276c1d32d6 Merge branch 'main' into glitch-soc/merge-upstream 2023-03-02 17:32:38 +01:00
Matt Jankowski 9da52ac044
Update rspec-rails to version 6.0.1 (#23908) 2023-03-02 15:55:37 +01:00
Shlee f8848a5c8b
[Dependashlee] Update to Puma 6.1.0 (#23795) 2023-02-28 13:30:28 +01:00
Claire 4ed09276d5 Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end of the file, while glitch-soc had its own
  extra lines.
  Took upstream's change.
- `CONTRIBUTING.md`:
  We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes.
  Ported upstream changes.
- `app/controllers/application_controller.rb`:
  Upstream made code style changes in a method that is entirely replaced
  in glitch-soc.
  Ignored the change.
- `app/models/account.rb`:
  Code style changes textually close to glitch-soc-specific changes.
  Ported upstream changes.
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream code style changes.
  Ignored them.
 2023-02-25 14:00:40 +01:00
dependabot[bot] 4b964fa605
Bump devise from 4.8.1 to 4.9.0 (#23691) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-21 10:41:28 +01:00
dependabot[bot] fbbf5c4841
Bump capistrano from 3.17.1 to 3.17.2 (#23775) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-21 09:29:07 +01:00
Claire 7452a95998 Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.github/dependabot.yml`:
  Upstream made changes while we have dropped this file.
  Keep the file deleted.
- `.prettierignore`:
  Upstream made changes at the end of the file, where we
  had our extra lines.
  Just moved our extra lines back at the end.
- `app/serializers/initial_state_serializer.rb`:
  Upstream code style changes.
  Applied them.
- `app/services/backup_service.rb`:
  Upstream code style changes.
  Applied them.
 2023-02-19 10:42:55 +01:00
dependabot[bot] 49b9ef0c1e
Bump oj from 3.13.23 to 3.14.2 (#23560) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-18 14:21:10 +09:00
dependabot[bot] 7cf3430e63
Bump webauthn from 2.5.2 to 3.0.0 (#23659) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-17 10:06:24 +01:00
Aaron Patterson fb8503e861
Upgrade to Ruby 3.2 (#22928) 
Co-authored-by: Matthew Ford <matt@bitzesty.com>
 2023-02-15 08:30:27 +01:00
dependabot[bot] 737fbe5c02
Bump nokogiri from 1.14.1 to 1.14.2 (#23577) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-14 09:11:51 +01:00
dependabot[bot] 7bc946e8da
Bump aws-sdk-s3 from 1.119.0 to 1.119.1 (#23586) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-14 09:07:12 +01:00
Claire ce84d163cc Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end, glitch-soc had extra entries at the end.
  Added upstream's new line before glitch-soc's.
- `Gemfile.lock`:
  Upstream updated dependencies while glitch-soc has an extra one (hcaptcha).
  Updated dependencies like upstream did.
- `app/controllers/api/v1/statuses_controller.rb`:
  Not a real conflict, upstream added a parameter (`allowed_mentions`) where
  glitch-soc already had an extra one (`content_type`).
  Added upstream's new parameter.
- `app/javascript/styles/fonts/roboto-mono.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
- `app/javascript/styles/fonts/roboto.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
 2023-02-13 19:35:35 +01:00
Shlee c84f38abc4
chewy from 7.2.4 to 7.2.7 (#23572) 2023-02-13 16:33:34 +01:00
Stan Hu f553b064e0
Switch OpenID Connect gems (#23223) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-02-13 15:47:50 +01:00
dependabot[bot] 93d7c26fa5
Bump rubocop from 1.44.1 to 1.45.1 (#23523) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 14:38:43 +01:00
Claire cc92c65d83
Add dependency on net-http (#23571) 2023-02-13 14:36:07 +01:00
dependabot[bot] 66f2ad483c
Bump sidekiq-scheduler from 5.0.0 to 5.0.1 (#23569) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-13 13:55:55 +01:00
dependabot[bot] 31352f0d2c
Bump sidekiq-scheduler from 4.0.3 to 5.0.0 (#23212) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-02-13 13:31:42 +01:00
Nick Schonning 7c5d396fca
Replace hamlit-rails with haml-rails (#23542) 2023-02-13 04:59:30 +01:00
kouhai dev 057124c61a Update models, node/Gemfile state
ci/woodpecker/push/woodpecker Pipeline failed Details
2023-02-10 19:05:56 -08:00
Eugen Rochko e7b81d7d96
Bump blurhash from 0.1.6 to 0.1.7 (#23517) 2023-02-11 04:02:07 +01:00
Claire 85558a5e18 Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `README.md`:
  Minor upstream change, our README is completely different.
  Kept ours.
- `lib/tasks/assets.rake`:
  glitch-soc has extra code to deal with its theming system,
  upstream changed a line that exists in glitch-soc.
  Applied upstream changes.
 2023-02-09 12:46:12 +01:00
dependabot[bot] e559d1e672
Bump rubocop-performance from 1.15.2 to 1.16.0 (#23418) 
Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/rubocop/rubocop-performance/releases)
- [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.15.2...v1.16.0)

---
updated-dependencies:
- dependency-name: rubocop-performance
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:40:36 +09:00
dependabot[bot] ea4ff7e786
Bump doorkeeper from 5.6.3 to 5.6.4 (#23422) 
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.3 to 5.6.4.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.3...v5.6.4)

---
updated-dependencies:
- dependency-name: doorkeeper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:39:37 +09:00
dependabot[bot] fb7919e4ec
Bump webpacker from 5.4.3 to 5.4.4 (#23424) 
Bumps [webpacker](https://github.com/rails/webpacker) from 5.4.3 to 5.4.4.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v5.4.3...v5.4.4)

---
updated-dependencies:
- dependency-name: webpacker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:39:02 +09:00
dependabot[bot] 4f14957723
Bump faker from 3.1.0 to 3.1.1 (#23425) 
Bumps [faker](https://github.com/faker-ruby/faker) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: faker
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-08 00:38:30 +09:00
dependabot[bot] 1f9f8035e4
Bump bootsnap from 1.15.0 to 1.16.0 (#23340) 
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-04 15:55:07 +09:00
Claire aeacebb3d7 Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream updated `docker/build-push-action`, and we a different config
  for `docker/metadata-action` so the lines directly above were different,
  but it's not a real conflict.
  Upgraded `docker/build-push-action` as upstream did.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
  Upstream changed the codestyle near a line we had modified to accommodate
  configurable character count.
  Kept our change.
 2023-02-03 19:23:27 +01:00
dependabot[bot] 05f5e5ae6f
Bump nokogiri from 1.14.0 to 1.14.1 (#23330) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.0...v1.14.1)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:33:07 +01:00
dependabot[bot] 91ceb8af11
Bump ox from 2.14.13 to 2.14.14 (#23338) 
Bumps [ox](https://github.com/ohler55/ox) from 2.14.13 to 2.14.14.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.14.13...v2.14.14)

---
updated-dependencies:
- dependency-name: ox
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:31:50 +01:00
dependabot[bot] 41baf4b217
Bump redcarpet from 3.5.1 to 3.6.0 (#23339) 
Bumps [redcarpet](https://github.com/vmg/redcarpet) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/vmg/redcarpet/releases)
- [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vmg/redcarpet/compare/v3.5.1...v3.6.0)

---
updated-dependencies:
- dependency-name: redcarpet
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:19:30 +01:00
dependabot[bot] fa379a993d
Bump aws-sdk-s3 from 1.118.0 to 1.119.0 (#23341) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.118.0 to 1.119.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:16:38 +01:00
dependabot[bot] 723412ac5e
Bump rubocop from 1.44.0 to 1.44.1 (#23337) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.44.0 to 1.44.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.44.0...v1.44.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:16:13 +01:00
dependabot[bot] 801a209e06
Bump simple_form from 5.1.0 to 5.2.0 (#23328) 
Bumps [simple_form](https://github.com/heartcombo/simple_form) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/heartcombo/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/main/CHANGELOG.md)
- [Commits](https://github.com/heartcombo/simple_form/compare/v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: simple_form
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:07:16 +01:00
dependabot[bot] d49879cc7b
Bump rails from 6.1.7.1 to 6.1.7.2 (#23326) 
Bumps [rails](https://github.com/rails/rails) from 6.1.7.1 to 6.1.7.2.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.7.1...v6.1.7.2)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 11:06:59 +01:00
dependabot[bot] 409fcd1985
Bump doorkeeper from 5.6.2 to 5.6.3 (#23324) 
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.2 to 5.6.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.2...v5.6.3)

---
updated-dependencies:
- dependency-name: doorkeeper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-01 10:58:10 +01:00
dependabot[bot] 1ca3127a1d
Bump gitlab-omniauth-openid-connect from 0.10.0 to 0.10.1 (#23241) 
Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect) from 0.10.0 to 0.10.1.
- [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags)
- [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.10.0...v0.10.1)

---
updated-dependencies:
- dependency-name: gitlab-omniauth-openid-connect
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-31 00:46:27 +09:00
dependabot[bot] ea1507ee85
Bump aws-sdk-s3 from 1.117.2 to 1.118.0 (#23202) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.117.2 to 1.118.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-30 10:57:59 +09:00
dependabot[bot] 1708167dd3
Bump sanitize from 6.0.0 to 6.0.1 (#23281) 
Bumps [sanitize](https://github.com/rgrove/sanitize) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v6.0.0...v6.0.1)

---
updated-dependencies:
- dependency-name: sanitize
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-28 18:12:57 +09:00
Claire 3074338d79 Merge branch 'main' into glitch-soc/merge-upstream 2023-01-24 20:32:31 +01:00
dependabot[bot] 23a2451576
Bump concurrent-ruby from 1.1.10 to 1.2.0 (#23236) 
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.10 to 1.2.0.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.10...v1.2.0)

---
updated-dependencies:
- dependency-name: concurrent-ruby
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-24 09:46:26 +01:00
dependabot[bot] 95fb53c53e
Bump rubocop from 1.43.0 to 1.44.0 (#23213) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.43.0...v1.44.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-23 18:03:20 +01:00
dependabot[bot] 77c2ea1f0f
Bump rubocop-rspec from 2.18.0 to 2.18.1 (#23203) 
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.18.0 to 2.18.1.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.18.0...v2.18.1)

---
updated-dependencies:
- dependency-name: rubocop-rspec
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-23 13:14:11 +01:00
Kaspar V 9b795a25cd
fix(pghero): update because CVE-2023-22626 (#23190) 
There is a vulnerability
[CVE-2023-22626](https://github.com/advisories/GHSA-vf99-xw26-86g5)

```
Name: pghero
Version: 2.8.3
CVE: CVE-2023-22626
GHSA: GHSA-vf99-xw26-86g5
Criticality: High
URL: https://github.com/ankane/pghero/issues/439
Title: Information Disclosure Through EXPLAIN Feature
Solution: upgrade to '>= 3.1.0'
```
 2023-01-22 23:09:02 +01:00
Claire 6ae97bba25 Merge branch 'main' into glitch-soc/merge 2023-01-18 11:57:01 +01:00
dependabot[bot] 302fcb9788
Bump rails from 6.1.7 to 6.1.7.1 (#23144) 
Bumps [rails](https://github.com/rails/rails) from 6.1.7 to 6.1.7.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.7...v6.1.7.1)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-18 11:40:21 +01:00