Bump actionpack from 6.1.7 to 7.0.5 #32

dependabot · 2023-06-22T20:13:42Z

Bumps actionpack from 6.1.7 to 7.0.5.

Release notes

v7.0.5

Active Support

Fixes TimeWithZone ArgumentError.

Niklas Häusele

Active Model

No changes.

Active Record

Type cast #attribute_changed? :from and :to options.

Andrew Novoselac

Fix index_exists? when column is an array.

Eileen M. Uchitelle

Handle Date objects for PostgreSQL timestamptz columns.

Alex Ghiculescu

Fix collation for changing column to non-string.

Hartley McGuire

Map through subtype in PostgreSQL::OID::Array.

Jonathan Hefner

Store correct environment in internal_metadata when run rails db:prepare.

fatkodima

Make sure ActiveRecord::Relation#sum works with objects that implement #coerce without deprecation.

Alex Ghiculescu

Fix retrieving foreign keys referencing tables named like keywords in PostgreSQL and MySQL.

fatkodima

... (truncated)

Changelog

Sourced from actionpack's changelog.

Rails 7.0.5 (May 24, 2023)

Do not return CSP headers for 304 Not Modified responses.

Tobias Kraze

Fix EtagWithFlash when there is no Flash middleware available.

fatkodima

Fix content-type header with send_stream.

Elliot Crosby-McCullough

Address Selenium :capabilities deprecation warning.

Ron Shinall

Fix cookie domain for domain: all on two letter single level TLD.

John Hawthorn

Don't double log the controller, action, or namespaced_controller when using ActiveRecord::QueryLog

Previously if you set config.active_record.query_log_tags to an array that included :controller, :namespaced_controller, or :action, that item would get logged twice. This bug has been fixed.

Alex Ghiculescu

Rescue EOFError exception from rack on a multipart request.

Nikita Vasilevsky

Rescue JSON::ParserError in Cookies json deserializer to discards marshal dumps:

Without this change, if action_dispatch.cookies_serializer is set to :json and the app tries to read a :marshal serialized cookie, it would error out which wouldn't clear the cookie and force app users to manually clear it in their browser.

(See #45127 for original bug discussion)

Nathan Bardoux

Rails 7.0.4.3 (March 13, 2023)

No changes.

Rails 7.0.4.2 (January 24, 2023)

... (truncated)

Commits

e88857b Preparing for 7.0.5 release
ac1fc34 Sync CHANGELOG
98497a6 Merge branch '7-0-4-sec' into 7-0-stable
c15ee6e Preparing for 7.0.4.3 release
799b300 Version 7.0.4.2
5bed458 Merge pull request #47087 from jhawthorn/cookie_domain
7c70791 Version 7.0.4.2
1d6de16 Merge pull request #47087 from jhawthorn/cookie_domain
848fd23 Merge pull request #47117 from higher-pixels/selenium-capabilities-deprecation
54dfe5a Document ActionController::Rendering#render [ci-skip]
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [actionpack](https://github.com/rails/rails) from 6.1.7 to 7.0.5. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v7.0.5/actionpack/CHANGELOG.md) - [Commits](rails/rails@v6.1.7...v7.0.5) --- updated-dependencies: - dependency-name: actionpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2023-06-29T22:24:46Z

Superseded by #33.

dependabot bot requested a review from a team as a code owner June 22, 2023 20:13

dependabot bot added the dependencies Pull requests that update a dependency file label Jun 22, 2023

dependabot bot mentioned this pull request Jun 22, 2023

Bump actionpack from 6.1.7 to 7.0.4.2 #21

Closed

dependabot bot closed this Jun 29, 2023

dependabot bot deleted the dependabot/bundler/actionpack-7.0.5 branch June 29, 2023 22:24

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump actionpack from 6.1.7 to 7.0.5 #32

Bump actionpack from 6.1.7 to 7.0.5 #32

Uh oh!

dependabot bot commented on behalf of github Jun 22, 2023

Uh oh!

dependabot bot commented on behalf of github Jun 29, 2023

Uh oh!

Uh oh!

Bump actionpack from 6.1.7 to 7.0.5 #32

Bump actionpack from 6.1.7 to 7.0.5 #32

Uh oh!

Conversation

dependabot bot commented on behalf of github Jun 22, 2023

v7.0.5

Active Support

Active Model

Active Record

Rails 7.0.5 (May 24, 2023)

Rails 7.0.4.3 (March 13, 2023)

Rails 7.0.4.2 (January 24, 2023)

Uh oh!

dependabot bot commented on behalf of github Jun 29, 2023

Uh oh!

Uh oh!