[Snyk] Upgrade rails-ujs from 5.2.2 to 5.2.4 #174
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade rails-ujs from 5.2.2 to 5.2.4.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.Release notes
Package name: rails-ujs
Active Support
Make ActiveSupport::Logger Fiber-safe. Fixes #36752.
Use
Fiber.current.__id__
inActiveSupport::Logger#local_level=
in orderto make log level local to Ruby Fibers in addition to Threads.
Example:
Before:
After:
Alexander Varnin
Active Model
Type cast falsy boolean symbols on boolean attribute as false.
Fixes #35676.
Ryuta Kamizono
Active Record
Fix circular
autosave: true
causes invalid records to be saved.Prior to the fix, when there was a circular series of
autosave: true
associations, the callback for a
has_many
association was run whileanother instance of the same callback on the same association hadn't
finished running. When control returned to the first instance of the
callback, the instance variable had changed, and subsequent associated
records weren't saved correctly. Specifically, the ID field for the
belongs_to
corresponding to thehas_many
wasnil
.Fixes #28080.
Larry Reid
PostgreSQL: Fix GROUP BY with ORDER BY virtual count attribute.
Fixes #36022.
Ryuta Kamizono
Fix sqlite3 collation parsing when using decimal columns.
Martin R. Schuster
Make ActiveRecord
ConnectionPool.connections
method thread-safe.Fixes #36465.
Jeff Doering
Assign all attributes before calling
build
to ensure the child record is visible inbefore_add
andafter_add
callbacks forhas_many :through
associations.Fixes #33249.
Ryan H. Kerr
Action View
Allow programmatic click events to trigger Rails UJS click handlers.
Programmatic click events (eg. ones generated by
Rails.fire(link, "click")
) don't specify a button. These events were being incorrectly stopped by code meant to ignore scroll wheel and right clicks introduced in #34573.Sudara Williams
Action Pack
Active Job
Action Mailer
Action Cable
Active Storage
Railties
Use original
bundler
environment variables during the process of generating a new rails project.Marco Costa
Allow loading seeds without ActiveJob.
Fixes #35782
Jeremy Weathers
Only force
:async
ActiveJob adapter to:inline
during seeding.BatedUrGonnaDie
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs