{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":491964623,"defaultBranch":"main","name":"demo_mode","ownerLogin":"Betterment","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2022-05-13T16:14:34.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/871554?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1717541194.0","currentOid":""},"activityList":{"items":[{"before":null,"after":"a6bc3e93f13b1b3523301fbb776b7556fd6b71a6","ref":"refs/heads/dependabot/bundler/actionpack-7.1.3.4","pushedAt":"2024-06-04T22:46:34.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump actionpack from 7.1.3.3 to 7.1.3.4\n\nBumps [actionpack](https://github.com/rails/rails) from 7.1.3.3 to 7.1.3.4.\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v7.1.3.4/actionpack/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v7.1.3.3...v7.1.3.4)\n\n---\nupdated-dependencies:\n- dependency-name: actionpack\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump actionpack from 7.1.3.3 to 7.1.3.4"}},{"before":null,"after":"b993729e9ba849db9b7a21ddc410cf741492d372","ref":"refs/heads/dependabot/bundler/actiontext-7.1.3.4","pushedAt":"2024-06-04T22:42:43.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump actiontext from 7.1.3.3 to 7.1.3.4\n\nBumps [actiontext](https://github.com/rails/rails) from 7.1.3.3 to 7.1.3.4.\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v7.1.3.4/actiontext/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v7.1.3.3...v7.1.3.4)\n\n---\nupdated-dependencies:\n- dependency-name: actiontext\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump actiontext from 7.1.3.3 to 7.1.3.4"}},{"before":"6e1602d385eac96882312a3e32da0ebe0f033d4e","after":null,"ref":"refs/heads/dependabot/bundler/nokogiri-1.16.5","pushedAt":"2024-06-03T20:01:06.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"0c31843d38bdb613c429b040b49d622342880b2b","after":null,"ref":"refs/heads/dependabot/bundler/actiontext-7.1.3.3","pushedAt":"2024-06-03T19:59:51.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"}},{"before":"9af78659a42c395dfab68ec8440c3f34d13888e0","after":"6aa3fe4cbe33e0fb286bf91cad11e620beb0e530","ref":"refs/heads/main","pushedAt":"2024-06-03T19:59:50.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Bump actiontext from 7.1.3.2 to 7.1.3.3 (#20)\n\nBumps [actiontext](https://github.com/rails/rails) from 7.1.3.2 to\r\n7.1.3.3.\r\n
\r\nRelease notes\r\n

Sourced from actiontext's\r\nreleases.

\r\n
\r\n

7.1.3.3

\r\n

Active Support

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Active Model

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Active Record

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action View

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action Pack

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Active Job

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action Mailer

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action Cable

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Active Storage

\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from actiontext's\r\nchangelog.

\r\n
\r\n

Rails 7.1.3.3 (May 16, 2024)

\r\n
    \r\n
  • \r\n

    Upgrade Trix to 1.3.2 to fix CVE-2024-34341.

    \r\n

    Rafael Mendonça França

    \r\n
    • \r\n
\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 747a03b\r\nPreparing for 7.1.3.3 release
    • \r\n
  • 260cb39\r\nUpgrade Trix to 2.1.1 to fix [CVE-2024-34341][1]
    • \r\n
  • See full diff in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actiontext&package-manager=bundler&previous-version=7.1.3.2&new-version=7.1.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/Betterment/demo_mode/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump actiontext from 7.1.3.2 to 7.1.3.3 (#20)"}},{"before":null,"after":"0c31843d38bdb613c429b040b49d622342880b2b","ref":"refs/heads/dependabot/bundler/actiontext-7.1.3.3","pushedAt":"2024-06-03T17:32:49.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump actiontext from 7.1.3.2 to 7.1.3.3\n\nBumps [actiontext](https://github.com/rails/rails) from 7.1.3.2 to 7.1.3.3.\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v7.1.3.3/actiontext/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v7.1.3.2...v7.1.3.3)\n\n---\nupdated-dependencies:\n- dependency-name: actiontext\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump actiontext from 7.1.3.2 to 7.1.3.3"}},{"before":null,"after":"87a6380547d561d6f2378760b31f957655aae520","ref":"refs/heads/dependabot/bundler/rexml-3.2.8","pushedAt":"2024-05-16T21:52:31.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump rexml from 3.2.6 to 3.2.8\n\nBumps [rexml](https://github.com/ruby/rexml) from 3.2.6 to 3.2.8.\n- [Release notes](https://github.com/ruby/rexml/releases)\n- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)\n- [Commits](https://github.com/ruby/rexml/compare/v3.2.6...v3.2.8)\n\n---\nupdated-dependencies:\n- dependency-name: rexml\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump rexml from 3.2.6 to 3.2.8"}},{"before":null,"after":"6e1602d385eac96882312a3e32da0ebe0f033d4e","ref":"refs/heads/dependabot/bundler/nokogiri-1.16.5","pushedAt":"2024-05-13T23:37:26.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump nokogiri from 1.16.2 to 1.16.5\n\nBumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.2 to 1.16.5.\n- [Release notes](https://github.com/sparklemotion/nokogiri/releases)\n- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.16.2...v1.16.5)\n\n---\nupdated-dependencies:\n- dependency-name: nokogiri\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump nokogiri from 1.16.2 to 1.16.5"}},{"before":"4e0073c099192337371aac0222ece12beeb86e2c","after":null,"ref":"refs/heads/dependabot/bundler/rdoc-6.6.3.1","pushedAt":"2024-03-25T19:49:28.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"}},{"before":"64eb2769f1577786803a3d511ecec0c5eacedbd6","after":"9af78659a42c395dfab68ec8440c3f34d13888e0","ref":"refs/heads/main","pushedAt":"2024-03-25T19:49:27.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Bump rdoc from 6.6.2 to 6.6.3.1 (#17)\n\nBumps [rdoc](https://github.com/ruby/rdoc) from 6.6.2 to 6.6.3.1.\r\n
\r\nCommits\r\n
    \r\n
  • ffbf8ae\r\nBump up 6.6.3.1
    • \r\n
  • e4a0e71\r\nFix NoMethodError for start_with
    • \r\n
  • d98baf4\r\nBump up 6.6.3
    • \r\n
  • da7a0c7\r\nFilter marshaled objets
    • \r\n
  • See full diff in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rdoc&package-manager=bundler&previous-version=6.6.2&new-version=6.6.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/Betterment/demo_mode/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump rdoc from 6.6.2 to 6.6.3.1 (#17)"}},{"before":null,"after":"4e0073c099192337371aac0222ece12beeb86e2c","ref":"refs/heads/dependabot/bundler/rdoc-6.6.3.1","pushedAt":"2024-03-25T19:48:10.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump rdoc from 6.6.2 to 6.6.3.1\n\nBumps [rdoc](https://github.com/ruby/rdoc) from 6.6.2 to 6.6.3.1.\n- [Release notes](https://github.com/ruby/rdoc/releases)\n- [Changelog](https://github.com/ruby/rdoc/blob/master/History.rdoc)\n- [Commits](https://github.com/ruby/rdoc/compare/v6.6.2...v6.6.3.1)\n\n---\nupdated-dependencies:\n- dependency-name: rdoc\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump rdoc from 6.6.2 to 6.6.3.1"}},{"before":"958c2d020f077eb8b3295f97d50d7b234f25aeb8","after":null,"ref":"refs/heads/dependabot/bundler/rails-7.1.3.2","pushedAt":"2024-02-27T21:52:49.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"}},{"before":"4293e08ea43024253fa529a13d3130c3d462fbf2","after":"64eb2769f1577786803a3d511ecec0c5eacedbd6","ref":"refs/heads/main","pushedAt":"2024-02-27T21:52:48.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Bump rails from 7.1.2 to 7.1.3.2 (#16)\n\nBumps [rails](https://github.com/rails/rails) from 7.1.2 to 7.1.3.2.\r\n
\r\nRelease notes\r\n

Sourced from rails's\r\nreleases.

\r\n
\r\n

v7.1.3.2

\r\n

Active Support

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Active Model

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Active Record

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action View

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action Pack

\r\n
    \r\n
  • Fix raise_on_missing_translations not working correctly\r\nwith the\r\ntranslate method in controllers after the patch for\r\nCVE-2024-26143.
    • \r\n
\r\n

Active Job

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action Mailer

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n

Action Cable

\r\n
    \r\n
  • No changes.
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 6f0d1ad\r\nPreparing for 7.1.3.2 release
    • \r\n
  • c25f0fc\r\nRespect raise_on_missing_ in controller
    • \r\n
  • d73ed95\r\nPreparing for 7.1.3.1 release
    • \r\n
  • 43037d8\r\nupdate changelog
    • \r\n
  • 5187a9e\r\nfix XSS vulnerability when using translation
    • \r\n
  • b4d3bfb\r\nFix ReDoS in accept header scanning
    • \r\n
  • 36c1591\r\nPreparing for 7.1.3 release
    • \r\n
  • a84622f\r\nSync changelog
    • \r\n
  • 1f505f0\r\nMerge pull request #50771\r\nfrom rails/backport-preview-nplus1
    • \r\n
  • d8a8dd9\r\nMerge pull request #50758\r\nfrom rails/fix-video-preview-nplus1
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rails&package-manager=bundler&previous-version=7.1.2&new-version=7.1.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/Betterment/demo_mode/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump rails from 7.1.2 to 7.1.3.2 (#16)"}},{"before":null,"after":"958c2d020f077eb8b3295f97d50d7b234f25aeb8","ref":"refs/heads/dependabot/bundler/rails-7.1.3.2","pushedAt":"2024-02-27T21:50:27.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump rails from 7.1.2 to 7.1.3.2\n\nBumps [rails](https://github.com/rails/rails) from 7.1.2 to 7.1.3.2.\n- [Release notes](https://github.com/rails/rails/releases)\n- [Commits](https://github.com/rails/rails/compare/v7.1.2...v7.1.3.2)\n\n---\nupdated-dependencies:\n- dependency-name: rails\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump rails from 7.1.2 to 7.1.3.2"}},{"before":"0262f62d0bdaa459cfdeb12f5415ef030bc3939f","after":null,"ref":"refs/heads/dependabot/bundler/nokogiri-1.16.2","pushedAt":"2024-02-06T14:31:10.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"}},{"before":"a3e439f46dc8e56d1279296570746fb05bcb4157","after":"4293e08ea43024253fa529a13d3130c3d462fbf2","ref":"refs/heads/main","pushedAt":"2024-02-06T14:31:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Bump nokogiri from 1.15.5 to 1.16.2 (#15)\n\nBumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.15.5\r\nto 1.16.2.\r\n
\r\nRelease notes\r\n

Sourced from nokogiri's\r\nreleases.

\r\n
\r\n

v1.16.2 / 2024-02-04

\r\n

Security

\r\n
    \r\n
  • [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See\r\nGHSA-xc9x-jj77-9p9j\r\nfor more information.
    • \r\n
\r\n

Dependencies

\r\n
    \r\n
  • [CRuby] Vendored libxml2 is updated to v2.12.5\r\nfrom v2.12.4. (@​flavorjones)
    • \r\n
\r\n
\r\n

sha256 checksums:

\r\n\r\n
69ba15d2a2498324489ed63850997f0b8f684260114ea81116d3082f16551d2d\r\nnokogiri-1.16.2-aarch64-linux.gem\r\n6a05ce42e3587a40cf8936ece0beaa5d32922254215d2e8cf9ad40588bb42e57\r\nnokogiri-1.16.2-arm-linux.gem\r\nc957226c8e36b31be6a3afb8602e2128282bf8b40ea51016c4cd21aa2608d3f8\r\nnokogiri-1.16.2-arm64-darwin.gem\r\n122652bfc338cd8a54a692ac035e245e41fd3b8283299202ca26e7a7d50db310\r\nnokogiri-1.16.2-java.gem\r\n7344b5072ca69fc5bedb61cb01a3b765b93a27aae5a2a845c2ba7200e4345074\r\nnokogiri-1.16.2-x64-mingw-ucrt.gem\r\na2a5e184a424111a0d5b77947986484920ad708009c667f061e8d02035c562dd\r\nnokogiri-1.16.2-x64-mingw32.gem\r\n833efddeb51a6c2c9f6356295623c2b2e0d50050d468695c59bd929162953323\r\nnokogiri-1.16.2-x86-linux.gem\r\ne67fc0418dffaff9dc8b1dc65f0605282c3fee9488832d0223b620b4319e0b53\r\nnokogiri-1.16.2-x86-mingw32.gem\r\n5def799e5f139f21a79d7cf71172313a7b6fb0e4b2a31ab9bd5d4ad305994539\r\nnokogiri-1.16.2-x86_64-darwin.gem\r\n5b146240ac6ec6c40fd4367623e74442bca45a542bd3282b1d4d18b07b8e5dfe\r\nnokogiri-1.16.2-x86_64-linux.gem\r\n68922ee5cde27497d995c46f2821957bae961947644eed2822d173daf7567f9c\r\nnokogiri-1.16.2.gem\r\n
\r\n

v1.16.1 / 2024-02-03

\r\n

Dependencies

\r\n
    \r\n
  • [CRuby] Vendored libxml2 is updated to v2.12.4\r\nfrom v2.12.3. (@​flavorjones)
    • \r\n
\r\n

Fixed

\r\n
    \r\n
  • [CRuby] XML::Reader defaults the encoding to UTF-8 if\r\nit's not specified in either the document or as a method parameter.\r\nPreviously non-ASCII characters were serialized as NCRs in this case. #2891\r\n(@​flavorjones)
    • \r\n
  • [CRuby] Restored support for compilation by GCC versions earlier\r\nthan 4.6, which was broken in v1.15.0 (540e9aee). #3090\r\n(@​adfoster-r7)
    • \r\n
  • [CRuby] Patched upstream libxml2 to allow parsing HTML5 in the\r\ncontext of a namespaced node (e.g., foreign content like MathML).\r\n[#3112, #3116]\r\n(@​flavorjones)
    • \r\n
  • [CRuby] Fixed a small memory leak in libgumbo (HTML5 parser) when\r\nthe maximum tree depth limit is hit. [#3098, #3100]\r\n(@​stevecheckoway)
    • \r\n
\r\n
\r\n

sha256 checksums:

\r\n\r\n
a541f35e5b9798a0c97300f9ee18f4217da2a2945a6d5499e4123b9018f9cafc\r\nnokogiri-1.16.1-aarch64-linux.gem\r\n6b82affd195000ab2f9c36cc08744ec2d2fcf6d8da88d59a2db67e83211f7c69\r\nnokogiri-1.16.1-arm-linux.gem\r\n</tr></table> \r\n
\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from nokogiri's\r\nchangelog.

\r\n
\r\n

v1.16.2 / 2024-02-04

\r\n

Security

\r\n
    \r\n
  • [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See\r\nGHSA-xc9x-jj77-9p9j\r\nfor more information.
    • \r\n
\r\n

Dependencies

\r\n
    \r\n
  • [CRuby] Vendored libxml2 is updated to v2.12.5\r\nfrom v2.12.4. (@​flavorjones)
    • \r\n
\r\n

v1.16.1 / 2024-02-03

\r\n

Dependencies

\r\n
    \r\n
  • [CRuby] Vendored libxml2 is updated to v2.12.4\r\nfrom v2.12.3. (@​flavorjones)
    • \r\n
\r\n

Fixed

\r\n
    \r\n
  • [CRuby] XML::Reader defaults the encoding to UTF-8 if\r\nit's not specified in either the document or as a method parameter.\r\nPreviously non-ASCII characters were serialized as NCRs in this case. #2891\r\n(@​flavorjones)
    • \r\n
  • [CRuby] Restored support for compilation by GCC versions earlier\r\nthan 4.6, which was broken in v1.15.0 (540e9aee). #3090\r\n(@​adfoster-r7)
    • \r\n
  • [CRuby] Patched upstream libxml2 to allow parsing HTML5 in the\r\ncontext of a namespaced node (e.g., foreign content like MathML).\r\n[#3112, #3116]\r\n(@​flavorjones)
    • \r\n
  • [CRuby] Fixed a small memory leak in libgumbo (HTML5 parser) when\r\nthe maximum tree depth limit is hit. [#3098, #3100]\r\n(@​stevecheckoway)
    • \r\n
\r\n

v1.16.0 / 2023-12-27

\r\n

Notable Changes

\r\n

Ruby

\r\n

This release introduces native gem support for Ruby 3.3.

\r\n

This release ends support for Ruby 2.7, for which upstream support\r\nended 2023-03-31.

\r\n

Pattern matching

\r\n

This version marks official support for the pattern matching\r\nAPI in XML::Attr, XML::Document,\r\nXML::DocumentFragment, XML::Namespace,\r\nXML::Node, and XML::NodeSet (and their\r\nsubclasses), originally introduced as an experimental feature in\r\nv1.14.0. (@​flavorjones)

\r\n

Documentation on what can be matched:

\r\n
    \r\n
  • XML::Attr#deconstruct_keys
    • \r\n
  • XML::Document#deconstruct_keys
    • \r\n
  • XML::Namespace#deconstruct_keys
    • \r\n
  • XML::Node#deconstruct_keys
    • \r\n
  • XML::DocumentFragment#deconstruct
    • \r\n
  • XML::NodeSet#deconstruct
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 673756f\r\nversion bump to v1.16.2
    • \r\n
  • 74ffd67\r\ndep: update libxml to 2.12.5 (branch v1.16.x) (#3122)
    • \r\n
  • 0d4018d\r\ndep: update libxml2 to v2.12.5
    • \r\n
  • f33a25f\r\ndep: remove patch from #3112\r\nwhich has been released upstream
    • \r\n
  • e994168\r\nversion bump to v1.16.1
    • \r\n
  • 77ea2f2\r\ndev: add files to manifest ignore list
    • \r\n
  • 756f27c\r\nbuild(deps): bump actions/{download,upload}-artifact from 3 to 4
    • \r\n
  • 464f8d4\r\n.gitignore: clangd-related files
    • \r\n
  • 2beeb96\r\ndoc: update CHANGELOG
    • \r\n
  • a26536d\r\nfix: apply upstream patch for in-context parsing (#3116)
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nokogiri&package-manager=bundler&previous-version=1.15.5&new-version=1.16.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/Betterment/demo_mode/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump nokogiri from 1.15.5 to 1.16.2 (#15)"}},{"before":null,"after":"0262f62d0bdaa459cfdeb12f5415ef030bc3939f","ref":"refs/heads/dependabot/bundler/nokogiri-1.16.2","pushedAt":"2024-02-06T03:52:44.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump nokogiri from 1.15.5 to 1.16.2\n\nBumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.15.5 to 1.16.2.\n- [Release notes](https://github.com/sparklemotion/nokogiri/releases)\n- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.15.5...v1.16.2)\n\n---\nupdated-dependencies:\n- dependency-name: nokogiri\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump nokogiri from 1.15.5 to 1.16.2"}},{"before":"82d36189ab107c3a13fac82d5cfa563a1d497974","after":"a3e439f46dc8e56d1279296570746fb05bcb4157","ref":"refs/heads/main","pushedAt":"2024-01-02T15:23:26.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Add lockfile(s) (#14)\n\n**Summary of changes:**\r\n- Commit lockfile(s) previously ignored (see\r\nhttps://bundler.io/guides/faq.html#using-gemfiles-inside-gems,\r\nhttps://github.com/thoughtbot/appraisal/issues/68#issuecomment-28083719).\r\n- Address rubocop offenses (detailed per commit).\r\n\r\n/task https://app.asana.com/0/0/1206244989881230/f\r\n\r\n---------\r\n\r\nCo-authored-by: Irving Caro <112433591+betterment-coding-agent@users.noreply.github.com>","shortMessageHtmlLink":"Add lockfile(s) (#14)"}},{"before":"46f82a095c4cd283c93354d7734437d7b4aff3c5","after":"82d36189ab107c3a13fac82d5cfa563a1d497974","ref":"refs/heads/main","pushedAt":"2023-08-24T18:46:04.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Handle case where table-filter is not found (#12)\n\nWhen there are no standard personas, the\r\n`input[data-behavior=table-filter]` element won't exist (see\r\n[here](https://github.com/Betterment/demo_mode/blob/46f82a095c4cd283c93354d7734437d7b4aff3c5/app/views/demo_mode/sessions/new.html.erb#L21)).\r\nAs a result, the following JS error is thrown:\r\n> TypeError: Cannot set properties of null (setting 'oninput')\r\n\r\nThis PR does an early return if that input is not found.\r\n\r\nIn addition to this bugfix, the following maintenance has been\r\nperformed:\r\n* Bumped the version.\r\n* Switch to Cuprite. It's simpler to configure and would have caught\r\nthis error with `js_errors: true`.\r\n* Removed Ruby 2.7 from the build matrix.\r\n* Removed Rails 6.0 from the build matrix.\r\n* Added Ruby 3.2 to the build matrix.\r\n* Fixed new Rubocop violations.","shortMessageHtmlLink":"Handle case where table-filter is not found (#12)"}},{"before":"910e5a0be0e3ed4937cf439e3c2ef11d90c46389","after":"46f82a095c4cd283c93354d7734437d7b4aff3c5","ref":"refs/heads/main","pushedAt":"2023-06-12T16:45:26.576Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Permit POSTing without an authenticity token to create a session (#11)\n\nAllow the creation of new sessions from a remote page.","shortMessageHtmlLink":"Permit POSTing without an authenticity token to create a session (#11)"}},{"before":"a8caa7541bf2204ad652f10e56fa7bdc8ebe7651","after":null,"ref":"refs/tags/v1.1.0","pushedAt":"2023-05-12T20:09:52.822Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"}},{"before":"848d94cbe514d83d5f022ccc63ffe36b07c95b9d","after":null,"ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T20:09:04.618Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"}},{"before":"4c27feb1f607ce04eca9b730380e5421aa4817f9","after":"910e5a0be0e3ed4937cf439e3c2ef11d90c46389","ref":"refs/heads/main","pushedAt":"2023-05-12T20:09:03.390Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"smudge","name":"Nathan Griffith","path":"/smudge","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/83998?s=80&v=4"},"commit":{"message":"Fix initializer for Rails 7 support (#9)\n\nWhen starting a Rails 7 app, I ran into this error\r\n```\r\nNameError:\r\n uninitialized constant ApplicationController\r\n Did you mean? ApplicationHelper\r\n```\r\n\r\nThis happened because in Rails 7, the app can no longer configure the\r\nautoloader, so `app.config.respond_to(:autoloader)` would return false.\r\nThis caused the pre-rails 6.x branch of the initializer to run.\r\n\r\nRather than fix the initializer to work with Rails 5.x, 6.x, and 7.x, I\r\nremoved support for Rails 5.x.","shortMessageHtmlLink":"Fix initializer for Rails 7 support (#9)"}},{"before":"2e238259faeb900f13e74fbe46929e326dce7726","after":"848d94cbe514d83d5f022ccc63ffe36b07c95b9d","ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T19:06:31.031Z","pushType":"push","commitsCount":1,"pusher":{"login":"effron","name":"Harris Effron","path":"/effron","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3477650?s=80&v=4"},"commit":{"message":"require some gems that need to be required","shortMessageHtmlLink":"require some gems that need to be required"}},{"before":"8bf7741c45db971d3e4189fbd676c6f0cd890260","after":"2e238259faeb900f13e74fbe46929e326dce7726","ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T19:03:44.577Z","pushType":"push","commitsCount":1,"pusher":{"login":"effron","name":"Harris Effron","path":"/effron","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3477650?s=80&v=4"},"commit":{"message":"fix appraisal gemfiles, use require: false","shortMessageHtmlLink":"fix appraisal gemfiles, use require: false"}},{"before":"336acc600985f7b0ed06943d2bcd8e2c7f4ecb80","after":"8bf7741c45db971d3e4189fbd676c6f0cd890260","ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T18:58:48.966Z","pushType":"push","commitsCount":1,"pusher":{"login":"effron","name":"Harris Effron","path":"/effron","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3477650?s=80&v=4"},"commit":{"message":"remove rubocoptodo","shortMessageHtmlLink":"remove rubocoptodo"}},{"before":"02c3d3bf589b9b71dbba38b47a0c5847f7c23a7f","after":"336acc600985f7b0ed06943d2bcd8e2c7f4ecb80","ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T18:45:00.462Z","pushType":"push","commitsCount":1,"pusher":{"login":"effron","name":"Harris Effron","path":"/effron","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3477650?s=80&v=4"},"commit":{"message":"infer spec type from file location","shortMessageHtmlLink":"infer spec type from file location"}},{"before":"78a63a2fa75cf8b717022cb119957b93b21d6e02","after":"02c3d3bf589b9b71dbba38b47a0c5847f7c23a7f","ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T18:21:05.215Z","pushType":"push","commitsCount":1,"pusher":{"login":"effron","name":"Harris Effron","path":"/effron","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3477650?s=80&v=4"},"commit":{"message":"rubocop fixes","shortMessageHtmlLink":"rubocop fixes"}},{"before":"3cc3da36163e3e807df86418452c13c99791c54b","after":"78a63a2fa75cf8b717022cb119957b93b21d6e02","ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T18:14:22.516Z","pushType":"push","commitsCount":2,"pusher":{"login":"effron","name":"Harris Effron","path":"/effron","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3477650?s=80&v=4"},"commit":{"message":"fix spec matcher","shortMessageHtmlLink":"fix spec matcher"}},{"before":"5a512a442c98b5ff52d50ae9be5cba29716cb946","after":"3cc3da36163e3e807df86418452c13c99791c54b","ref":"refs/heads/effron/main/rails-7-support","pushedAt":"2023-05-12T18:09:50.754Z","pushType":"push","commitsCount":1,"pusher":{"login":"effron","name":"Harris Effron","path":"/effron","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3477650?s=80&v=4"},"commit":{"message":"rubocop fixes","shortMessageHtmlLink":"rubocop fixes"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEXIYIHQA","startCursor":null,"endCursor":null}},"title":"Activity · Betterment/demo_mode"}