{"id":33456,"name":"actionview","ecosystem":"rubygems","repository_url":"https://github.com/rails/rails","issues_count":185,"created_at":"2025-06-07T13:02:47.651Z","updated_at":"2025-06-07T13:02:47.651Z","purl":"pkg:gem/actionview","metadata":{"id":149064,"name":"actionview","ecosystem":"rubygems","description":"Simple, battle-tested conventions and helpers for building web pages.","homepage":"https://rubyonrails.org","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/rails/rails","keywords_array":[],"namespace":null,"versions_count":287,"first_release_published_at":"2013-12-18T00:14:46.301Z","latest_release_published_at":"2025-03-12T03:08:48.862Z","latest_release_number":"8.0.2","last_synced_at":"2025-06-07T01:39:14.157Z","created_at":"2022-04-05T16:22:36.158Z","updated_at":"2025-06-07T01:40:32.594Z","registry_url":"https://rubygems.org/gems/actionview","install_command":"gem install actionview -s https://rubygems.org","documentation_url":"http://www.rubydoc.info/gems/actionview/","metadata":{"funding":null},"repo_metadata":{"id":390886,"uuid":"8514","full_name":"rails/rails","owner":"rails","description":"Ruby on Rails","archived":false,"fork":false,"pushed_at":"2025-06-02T18:06:50.000Z","size":265516,"stargazers_count":56954,"open_issues_count":1331,"forks_count":21862,"subscribers_count":2315,"default_branch":"main","last_synced_at":"2025-06-02T20:14:18.309Z","etag":null,"topics":["activejob","activerecord","framework","html","mvc","rails","ruby"],"latest_commit_sha":null,"homepage":"https://rubyonrails.org","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rails.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"MIT-LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":".github/security.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2008-04-11T02:19:47.000Z","updated_at":"2025-06-02T18:06:56.000Z","dependencies_parsed_at":"2024-02-04T10:23:48.595Z","dependency_job_id":"76bea4fd-bd22-40af-b9bb-10ebcdcbd69d","html_url":"https://github.com/rails/rails","commit_stats":{"total_commits":70043,"total_committers":6052,"mean_commits":"11.573529411764707","dds":0.9368816298559456,"last_synced_commit":"be9aa73dd72f1097be5d45a58d7912447a266bd1"},"previous_names":[],"tags_count":572,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rails","download_url":"https://codeload.github.com/rails/rails/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":257640807,"owners_count":22578216,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"rails","name":"Ruby on Rails","uuid":"4223","kind":"organization","description":"","email":null,"website":"https://rubyonrails.org/","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/4223?v=4","repositories_count":116,"last_synced_at":"2023-04-09T03:40:20.529Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/rails","funding_links":[],"total_stars":114333,"followers":null,"following":null,"created_at":"2022-11-02T16:17:13.297Z","updated_at":"2023-04-09T03:40:20.550Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rails","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rails/repositories"},"tags":[{"name":"v8.0.2","sha":"3235827585d87661942c91bc81f64f56d710f0b2","kind":"tag","published_at":"2025-03-12T02:54:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.2","html_url":"https://github.com/rails/rails/releases/tag/v8.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.2/manifests"},{"name":"v8.0.1","sha":"cf6ff17e9a3c6c1139040b519a341f55f0be16cf","kind":"tag","published_at":"2024-12-13T19:54:18.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.1","html_url":"https://github.com/rails/rails/releases/tag/v8.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.1/manifests"},{"name":"v8.0.0.1","sha":"a993c27a50395e727872600b5669976ff0a272e7","kind":"tag","published_at":"2024-12-10T21:45:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.1","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.1/manifests"},{"name":"v7.2.2.1","sha":"33beb0a38db1c058123a8e3cc298cad918adfe32","kind":"tag","published_at":"2024-12-10T21:40:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.2.1","html_url":"https://github.com/rails/rails/releases/tag/v7.2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.2.1/manifests"},{"name":"v7.1.5.1","sha":"14c115b120ed089331ff3dc13f36bd9129ced33d","kind":"tag","published_at":"2024-12-10T21:25:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.5.1","html_url":"https://github.com/rails/rails/releases/tag/v7.1.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.5.1/manifests"},{"name":"v7.0.8.7","sha":"778eab826538be6da355d848aecaea2245e3b8ce","kind":"tag","published_at":"2024-12-10T21:16:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8.7","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.7/manifests"},{"name":"v8.0.0","sha":"dd8f7185faeca6ee968a6e9367f6d8601a83b8db","kind":"tag","published_at":"2024-11-07T22:24:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0/manifests"},{"name":"v7.2.2","sha":"d0dcb8fa6073a0c4d42600c15e82e3bb386b27d3","kind":"tag","published_at":"2024-10-31T01:43:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.2","html_url":"https://github.com/rails/rails/releases/tag/v7.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.2/manifests"},{"name":"v7.1.5","sha":"8984f4c4982f5c94bd6fb8ada42d7418bc403076","kind":"tag","published_at":"2024-10-31T01:14:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.5","html_url":"https://github.com/rails/rails/releases/tag/v7.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.5/manifests"},{"name":"v8.0.0.rc2","sha":"6283314df19ded7074f1fe37a8b0dbbad141e386","kind":"tag","published_at":"2024-10-30T00:30:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.rc2/manifests"},{"name":"v7.2.1.2","sha":"7750d64a65e5b2641d87ef45e6e65ace193d9a27","kind":"tag","published_at":"2024-10-23T22:32:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.1.2","html_url":"https://github.com/rails/rails/releases/tag/v7.2.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.1.2/manifests"},{"name":"v7.1.4.2","sha":"e52d670dba4861a081576e5ccc5db7015af3003c","kind":"tag","published_at":"2024-10-23T22:27:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.4.2","html_url":"https://github.com/rails/rails/releases/tag/v7.1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.4.2/manifests"},{"name":"v7.0.8.6","sha":"bc979c5cf4e29e2aba95b7b13ca53e7a02fddee2","kind":"tag","published_at":"2024-10-23T22:21:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8.6","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.6/manifests"},{"name":"v6.1.7.10","sha":"86864c2f6661d3aa93b07f833b2900d241568cb7","kind":"tag","published_at":"2024-10-23T21:56:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.10","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.10/manifests"},{"name":"v8.0.0.rc1","sha":"35b3c7f12b3f13f80cacf7abde2fc5a9c0abea7b","kind":"tag","published_at":"2024-10-19T01:38:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.rc1/manifests"},{"name":"v6.1.7.9","sha":"b2fbbfbcaa3d662c68a9ee21ab6cf95eccc2b4ec","kind":"tag","published_at":"2024-10-15T21:23:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.9","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.9/manifests"},{"name":"v7.2.1.1","sha":"a1f6a13f691e0929d40b7e1b1e0d31aa69778128","kind":"tag","published_at":"2024-10-15T20:44:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.1.1","html_url":"https://github.com/rails/rails/releases/tag/v7.2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.1.1/manifests"},{"name":"v7.1.4.1","sha":"5b5f0da552f62e85e31e2d747d52aed2a3133f48","kind":"tag","published_at":"2024-10-15T20:36:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.4.1","html_url":"https://github.com/rails/rails/releases/tag/v7.1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.4.1/manifests"},{"name":"v7.0.8.5","sha":"f61f4ef957f80e1668797fce8a2393f3edb7ed76","kind":"tag","published_at":"2024-10-15T20:19:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8.5","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.5/manifests"},{"name":"v8.0.0.beta1","sha":"72bc36fb47aa3a9b10149ecefc1f344d7b028d79","kind":"tag","published_at":"2024-09-26T15:04:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.beta1/manifests"},{"name":"v8.0.0.alpha9","sha":"0fe9dc6c2bb0bdbc23d3874f112e15cacabe72f3","kind":"tag","published_at":"2024-09-25T18:14:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha9","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha9/manifests"},{"name":"v8.0.0.alpha8","sha":"7c9855125e8bdf5c82bdde581b1dfaf636aba5b7","kind":"tag","published_at":"2024-09-18T21:08:33.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha8","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha8/manifests"},{"name":"v8.0.0.alpha7","sha":"34e9d47d8e53786efe4b64e4513aa78eaea757b0","kind":"tag","published_at":"2024-09-18T05:04:18.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha7","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha7/manifests"},{"name":"v8.0.0.alpha6","sha":"668c51e8761d38d798a0a4973549042ee41995c5","kind":"tag","published_at":"2024-09-18T05:01:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha6","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha6/manifests"},{"name":"v8.0.0.alpha5","sha":"6b21e48541331054120ec617cf455c0d13a51539","kind":"tag","published_at":"2024-09-18T04:57:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha5","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha5/manifests"},{"name":"v8.0.0.alpha4","sha":"aa5479e8188c303c3acbb30b1d490c4e473e7ce4","kind":"tag","published_at":"2024-09-18T03:37:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha4","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha4/manifests"},{"name":"v8.0.0.alpha3","sha":"e14521de210a9b5ab8fbdd431110128b78fb1e12","kind":"tag","published_at":"2024-09-17T04:34:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha3","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha3/manifests"},{"name":"v8.0.0.alpha2","sha":"f270115dd1c441aa672cb7054598551de80c1ec7","kind":"tag","published_at":"2024-09-17T04:30:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha2","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha2/manifests"},{"name":"v8.0.0.alpha1","sha":"2c68c89238628373473eb8cb2bf6f853a9cda2b1","kind":"tag","published_at":"2024-09-17T04:23:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v8.0.0.alpha1","html_url":"https://github.com/rails/rails/releases/tag/v8.0.0.alpha1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v8.0.0.alpha1/manifests"},{"name":"v7.1.4","sha":"6f57590388ca38ed2b83bc1207a8be13a9ba2aef","kind":"tag","published_at":"2024-08-22T21:26:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.4","html_url":"https://github.com/rails/rails/releases/tag/v7.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.4/manifests"},{"name":"v7.2.1","sha":"a11f0a63673d274c59c69c2688c63ba303b86193","kind":"tag","published_at":"2024-08-22T19:44:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.1","html_url":"https://github.com/rails/rails/releases/tag/v7.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.1/manifests"},{"name":"v7.2.0","sha":"fb6c4305939da06efdf2893d99130e7829c53e8b","kind":"tag","published_at":"2024-08-09T23:25:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.0","html_url":"https://github.com/rails/rails/releases/tag/v7.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0/manifests"},{"name":"v7.2.0.rc1","sha":"41d50f4bb11a1b1a910b38a3beefa97cafb52a2a","kind":"tag","published_at":"2024-08-06T17:00:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v7.2.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.rc1/manifests"},{"name":"v0.8.0","sha":"7050bba8984dca2ae8c52b1d4cc616149f5c9d91","kind":"tag","published_at":"2024-08-01T16:10:39.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.8.0","html_url":"https://github.com/rails/rails/releases/tag/v0.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.8.0/manifests"},{"name":"v0.8.5","sha":"fbf913fafea1072cb15c0a635b276dab5dfefe63","kind":"tag","published_at":"2024-08-01T16:10:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.8.5","html_url":"https://github.com/rails/rails/releases/tag/v0.8.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.8.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.8.5/manifests"},{"name":"v0.7.0","sha":"3cd56dccf840c97059e242ab616c13a84393a24c","kind":"tag","published_at":"2024-08-01T16:09:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.7.0","html_url":"https://github.com/rails/rails/releases/tag/v0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.7.0/manifests"},{"name":"v0.6.5","sha":"11665ed67989e2ebb4ef38fa0781514a649b7ef2","kind":"tag","published_at":"2024-08-01T16:09:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.6.5","html_url":"https://github.com/rails/rails/releases/tag/v0.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.6.5/manifests"},{"name":"v0.6.0","sha":"be81c4351b3e3af81c001d157541c4bf58a2f94b","kind":"tag","published_at":"2024-08-01T16:08:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.6.0","html_url":"https://github.com/rails/rails/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.6.0/manifests"},{"name":"v0.5.7","sha":"7b7799aec70f1b31db9fcc389b26ae61ef44d9bc","kind":"tag","published_at":"2024-08-01T16:08:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.5.7","html_url":"https://github.com/rails/rails/releases/tag/v0.5.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.7/manifests"},{"name":"v0.5.6","sha":"ec06ea363252e2251a93f7db756f2e9421ae2c78","kind":"tag","published_at":"2024-08-01T16:08:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.5.6","html_url":"https://github.com/rails/rails/releases/tag/v0.5.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.6/manifests"},{"name":"v0.5.5","sha":"42042de1e2b8e7023b807ec105d9b479f9f457f1","kind":"tag","published_at":"2024-08-01T16:07:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.5.5","html_url":"https://github.com/rails/rails/releases/tag/v0.5.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.5/manifests"},{"name":"v0.5.0","sha":"feba2817693536f24cd3848f3cbdc28735806261","kind":"tag","published_at":"2024-08-01T16:07:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.5.0","html_url":"https://github.com/rails/rails/releases/tag/v0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.5.0/manifests"},{"name":"v7.2.0.beta3","sha":"9b63450fe40749d2481b6b6b3e0a7c711750e2a0","kind":"tag","published_at":"2024-07-11T15:19:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.0.beta3","html_url":"https://github.com/rails/rails/releases/tag/v7.2.0.beta3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.beta3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.beta3/manifests"},{"name":"v7.2.0.beta2","sha":"b752c38e81a310c1aaca78c7cdd1784009ea189a","kind":"tag","published_at":"2024-06-04T18:14:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.0.beta2","html_url":"https://github.com/rails/rails/releases/tag/v7.2.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.beta2/manifests"},{"name":"v7.1.3.4","sha":"19eebf6d33dd15a0172e3ed2481bec57a89a2404","kind":"tag","published_at":"2024-06-04T18:00:18.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.3.4","html_url":"https://github.com/rails/rails/releases/tag/v7.1.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.4/manifests"},{"name":"v7.0.8.4","sha":"ec7f25368dff972b014fad4294c62181fb26c584","kind":"tag","published_at":"2024-06-04T17:56:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8.4","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.4/manifests"},{"name":"v6.1.7.8","sha":"e39361ab9062e23dcef5aeaf376fc48b106da66b","kind":"tag","published_at":"2024-06-04T17:55:28.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.8","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.8/manifests"},{"name":"v7.2.0.beta1","sha":"9098f535b2accef27c6c284dede119c936c44595","kind":"tag","published_at":"2024-05-29T23:37:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.2.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v7.2.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.2.0.beta1/manifests"},{"name":"v7.0.8.3","sha":"08bc3ce3e0930d3509fce12127942172917a5c03","kind":"tag","published_at":"2024-05-17T19:52:17.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8.3","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.3/manifests"},{"name":"v7.1.3.3","sha":"747a03ba7722b6f0a7ce42e86cea83cf07a2e6ef","kind":"tag","published_at":"2024-05-16T19:20:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.3.3","html_url":"https://github.com/rails/rails/releases/tag/v7.1.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.3/manifests"},{"name":"v7.0.8.2","sha":"7c8d2a1d6e0a22c8e96ecae4bdea8c2b6e347168","kind":"tag","published_at":"2024-05-16T18:57:43.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8.2","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.2/manifests"},{"name":"v7.1.3.2","sha":"6f0d1ad14b92b9f5906e44740fce8b4f1c7075dc","kind":"tag","published_at":"2024-02-21T21:45:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.3.2","html_url":"https://github.com/rails/rails/releases/tag/v7.1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.2/manifests"},{"name":"v7.1.3.1","sha":"d73ed958dc91d6b8cbb0bef7b4cdcfc013bd876f","kind":"tag","published_at":"2024-02-21T18:46:05.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.3.1","html_url":"https://github.com/rails/rails/releases/tag/v7.1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3.1/manifests"},{"name":"v7.0.8.1","sha":"506462ab13755d9f024e1ddbfc8c58d73e7a1bce","kind":"tag","published_at":"2024-02-21T18:42:34.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8.1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8.1/manifests"},{"name":"v6.1.7.7","sha":"ac87f58207cff18880593263be9d83456aa3a2ef","kind":"tag","published_at":"2024-02-21T18:38:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.7","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.7/manifests"},{"name":"v7.1.3","sha":"36c1591bcb5e0ee3084759c7f42a706fe5bb7ca7","kind":"tag","published_at":"2024-01-16T22:53:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.3","html_url":"https://github.com/rails/rails/releases/tag/v7.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.3/manifests"},{"name":"v7.1.2","sha":"6b93fff8af32ef5e91f4ec3cfffb081d0553faf0","kind":"tag","published_at":"2023-11-10T21:49:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.2","html_url":"https://github.com/rails/rails/releases/tag/v7.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.2/manifests"},{"name":"v7.1.1","sha":"23938052acd773fa24068debe56cd892cbf8d868","kind":"tag","published_at":"2023-10-11T22:16:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.1","html_url":"https://github.com/rails/rails/releases/tag/v7.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.1/manifests"},{"name":"v7.1.0","sha":"d39db5d1891f7509cde2efc425c9d69bbb77e670","kind":"tag","published_at":"2023-10-05T08:05:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.0","html_url":"https://github.com/rails/rails/releases/tag/v7.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0/manifests"},{"name":"v7.1.0.rc2","sha":"8340f8ffdc6279c566b2b37c59674ecb158b4618","kind":"tag","published_at":"2023-10-01T21:58:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v7.1.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0.rc2/manifests"},{"name":"v7.1.0.rc1","sha":"b69de9967a328c0cfdc0650f044c0ebb2e87407a","kind":"tag","published_at":"2023-09-27T03:59:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v7.1.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0.rc1/manifests"},{"name":"v7.1.0.beta1","sha":"699dfdb42635faf6d40ff2405b2f0a615b1c54ed","kind":"tag","published_at":"2023-09-13T00:36:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.1.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v7.1.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.1.0.beta1/manifests"},{"name":"v7.0.8","sha":"fc734f28e65ef8829a1a939ee6702c1f349a1d5a","kind":"tag","published_at":"2023-09-09T19:10:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.8","html_url":"https://github.com/rails/rails/releases/tag/v7.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.8/manifests"},{"name":"v7.0.7.2","sha":"3668b4b5978822f1e6311c7fd7a32f58daee136a","kind":"tag","published_at":"2023-08-22T20:10:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.7.2","html_url":"https://github.com/rails/rails/releases/tag/v7.0.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.7.2/manifests"},{"name":"v6.1.7.6","sha":"56bcc0abd3c9a6b09469e9428f6eea0dd77c2294","kind":"tag","published_at":"2023-08-22T20:07:39.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.6","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.6/manifests"},{"name":"v7.0.7.1","sha":"c92caefc2bdf856845a72b8608d5603b330e8c3e","kind":"tag","published_at":"2023-08-22T17:20:17.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.7.1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.7.1/manifests"},{"name":"v6.1.7.5","sha":"3a1b6150a9b7619fb6d020b61c3b8f8d493142b0","kind":"tag","published_at":"2023-08-22T17:15:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.5","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.5/manifests"},{"name":"v7.0.7","sha":"522c86f35ccc80453ed9fb6ca8b394db321f9a69","kind":"tag","published_at":"2023-08-09T23:56:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.7","html_url":"https://github.com/rails/rails/releases/tag/v7.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.7/manifests"},{"name":"v7.0.6","sha":"593893c901f87b4ed205751f72df41519b4d2da3","kind":"tag","published_at":"2023-06-29T20:53:23.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.6","html_url":"https://github.com/rails/rails/releases/tag/v7.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.6/manifests"},{"name":"v7.0.5.1","sha":"cdd14ce1f5196e4bd98df42f89a1cd36ba9d4bee","kind":"tag","published_at":"2023-06-26T21:35:35.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.5.1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.5.1/manifests"},{"name":"v6.1.7.4","sha":"7d949d7c81d2ec3c6d21525ebb08c85f3f174b74","kind":"tag","published_at":"2023-06-26T21:31:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.4","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.4/manifests"},{"name":"v7.0.5","sha":"e88857bbb9d4e1dd64555c34541301870de4a45b","kind":"tag","published_at":"2023-05-24T18:56:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.5","html_url":"https://github.com/rails/rails/releases/tag/v7.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.5/manifests"},{"name":"v7.0.4.3","sha":"c15ee6e7b5065db3c46afa1f025b8e45f443604e","kind":"tag","published_at":"2023-03-13T18:53:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.4.3","html_url":"https://github.com/rails/rails/releases/tag/v7.0.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4.3/manifests"},{"name":"v6.1.7.3","sha":"f09dc7c4c2e8b9375345d443c230cb8d78ad6a18","kind":"tag","published_at":"2023-03-13T18:48:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.3","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.3/manifests"},{"name":"v6.1.7.2","sha":"f0c5e60aed8bdce96c385cad05b1e34d7d757038","kind":"tag","published_at":"2023-01-25T03:23:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.2","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.2/manifests"},{"name":"v7.0.4.2","sha":"7c70791470fc517deb7c640bead9f1b47efb5539","kind":"tag","published_at":"2023-01-25T03:13:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.4.2","html_url":"https://github.com/rails/rails/releases/tag/v7.0.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4.2/manifests"},{"name":"v7.0.4.1","sha":"23e0345fe900dfd7edd6e8e5a7a6bd54b2a7d2ed","kind":"tag","published_at":"2023-01-17T18:55:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.4.1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4.1/manifests"},{"name":"v6.1.7.1","sha":"c443466a99f8ed951605fb4993a01de5e41349a4","kind":"tag","published_at":"2023-01-17T18:54:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7.1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7.1/manifests"},{"name":"v6.0.6.1","sha":"28bb76d3efc39b2ef663dfe2346f7c2621343cd6","kind":"tag","published_at":"2023-01-17T18:52:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.6.1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.6.1/manifests"},{"name":"v7.0.4","sha":"8015c2c2cf5c8718449677570f372ceb01318a32","kind":"tag","published_at":"2022-09-09T18:42:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.4","html_url":"https://github.com/rails/rails/releases/tag/v7.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.4/manifests"},{"name":"v6.1.7","sha":"9ab33753b6bab1809fc73d35b98a5c1d0c96ba1b","kind":"tag","published_at":"2022-09-09T18:38:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.7","html_url":"https://github.com/rails/rails/releases/tag/v6.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.7/manifests"},{"name":"v6.0.6","sha":"91cf62e7b43c33ae6263adf3d7563da9b68ff21d","kind":"tag","published_at":"2022-09-09T18:31:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.6","html_url":"https://github.com/rails/rails/releases/tag/v6.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.6/manifests"},{"name":"v7.0.3.1","sha":"04972d9b9ef60796dc8f0917817b5392d61fcf09","kind":"tag","published_at":"2022-07-12T17:31:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.3.1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.3.1/manifests"},{"name":"v6.1.6.1","sha":"dc1242fd5a4d91e63846ab552a07e19ebf8716ac","kind":"tag","published_at":"2022-07-12T17:29:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.6.1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.6.1/manifests"},{"name":"v6.0.5.1","sha":"eed417637b594b33b3b58b08dd41daa10c57e083","kind":"tag","published_at":"2022-07-12T17:27:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.5.1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.5.1/manifests"},{"name":"v5.2.8.1","sha":"8030cff808657faa44828de001cd3b80364597de","kind":"tag","published_at":"2022-07-12T17:26:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.8.1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.8.1/manifests"},{"name":"v5.2.8","sha":"26521331e5923a0c50fa50984d2f924e5f26c50b","kind":"tag","published_at":"2022-05-09T13:57:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.8","html_url":"https://github.com/rails/rails/releases/tag/v5.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.8/manifests"},{"name":"v6.0.5","sha":"433115554d3ea0b4dab9df99548c47707cadb20d","kind":"tag","published_at":"2022-05-09T13:49:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.5","html_url":"https://github.com/rails/rails/releases/tag/v6.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.5/manifests"},{"name":"v6.1.6","sha":"147557dc16a5bd8bab96f999f359a570232e1873","kind":"tag","published_at":"2022-05-09T13:44:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.6","html_url":"https://github.com/rails/rails/releases/tag/v6.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.6/manifests"},{"name":"v7.0.3","sha":"3872bc0e54d32e8bf3a6299b0bfe173d94b072fc","kind":"tag","published_at":"2022-05-09T13:35:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.3","html_url":"https://github.com/rails/rails/releases/tag/v7.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.3/manifests"},{"name":"v7.0.2.4","sha":"3520cc77df1b52a6c808083214b583c769e9a4b2","kind":"tag","published_at":"2022-04-26T19:32:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.2.4","html_url":"https://github.com/rails/rails/releases/tag/v7.0.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.4/manifests"},{"name":"v6.1.5.1","sha":"e2efc667dea886e71c33e3837048e34b7a1fe470","kind":"tag","published_at":"2022-04-26T19:30:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.5.1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.5.1/manifests"},{"name":"v6.0.4.8","sha":"27a5ec76eed1e5d0bc5649b0e92097267c0b4338","kind":"tag","published_at":"2022-04-26T19:26:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.8","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.8/manifests"},{"name":"v5.2.7.1","sha":"b290430faf946b298352196e245f227f762f8c08","kind":"tag","published_at":"2022-04-26T19:22:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.7.1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.7.1/manifests"},{"name":"v5.2.7","sha":"459e7cf62252558bbf65f582a230562ab1a76c5e","kind":"tag","published_at":"2022-03-10T23:59:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.7","html_url":"https://github.com/rails/rails/releases/tag/v5.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.7/manifests"},{"name":"v6.1.5","sha":"53410537594be0c0a528cff53dce433dd386cb6a","kind":"tag","published_at":"2022-03-10T21:11:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.5","html_url":"https://github.com/rails/rails/releases/tag/v6.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.5/manifests"},{"name":"v7.0.2.3","sha":"de53ba56cab69fb9707785a397a59ac4aaee9d6f","kind":"tag","published_at":"2022-03-08T17:50:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.2.3","html_url":"https://github.com/rails/rails/releases/tag/v7.0.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.3/manifests"},{"name":"v6.1.4.7","sha":"66073335585f04f2ed0f5ef930eb3c8955d50a6a","kind":"tag","published_at":"2022-03-08T17:48:35.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4.7","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.7/manifests"},{"name":"v6.0.4.7","sha":"4ba546e960cb368b1b552a3f91a371aced64da4c","kind":"tag","published_at":"2022-03-08T17:47:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.7","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.7/manifests"},{"name":"v5.2.6.3","sha":"b287570dbadcc418ce64b83ebde2746891e12d03","kind":"tag","published_at":"2022-03-08T17:45:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.6.3","html_url":"https://github.com/rails/rails/releases/tag/v5.2.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6.3/manifests"},{"name":"v7.0.2.2","sha":"2459c20afb508c987347f52148210d874a9af4fa","kind":"tag","published_at":"2022-02-11T19:43:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.2.2","html_url":"https://github.com/rails/rails/releases/tag/v7.0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.2/manifests"},{"name":"v6.1.4.6","sha":"10a2c77e901eb15b486f2c72fd9997bd0e2d506c","kind":"tag","published_at":"2022-02-11T19:41:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4.6","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.6/manifests"},{"name":"v6.0.4.6","sha":"5f85a37f49227a76ec472eb74954b54806028641","kind":"tag","published_at":"2022-02-11T19:39:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.6","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.6/manifests"},{"name":"v5.2.6.2","sha":"46fe51b4875ba947cd3317cef420042f22aa8ffd","kind":"tag","published_at":"2022-02-11T19:37:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.6.2","html_url":"https://github.com/rails/rails/releases/tag/v5.2.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6.2/manifests"},{"name":"v5.2.6.1","sha":"9c111dcbb9d15bbc8328edbae03e67746cdec314","kind":"tag","published_at":"2022-02-11T18:38:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.6.1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6.1/manifests"},{"name":"v6.0.4.5","sha":"c06fa92a3f8b3ff88c85ce587630c451ea3396a6","kind":"tag","published_at":"2022-02-11T18:24:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.5","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.5/manifests"},{"name":"v6.1.4.5","sha":"6d25fed5c70bc1bd3292f69692c82063dd32320a","kind":"tag","published_at":"2022-02-11T18:22:29.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4.5","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.5/manifests"},{"name":"v7.0.2.1","sha":"365e0fe8c346a90c91d2f622b4bdae2fbb11a940","kind":"tag","published_at":"2022-02-11T18:18:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.2.1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2.1/manifests"},{"name":"v7.0.2","sha":"76489d81ba77216271870e11fba6889088016fa5","kind":"tag","published_at":"2022-02-08T23:10:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.2","html_url":"https://github.com/rails/rails/releases/tag/v7.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.2/manifests"},{"name":"v7.0.1","sha":"6bfc637659248df5d6719a86d2981b52662d9b50","kind":"tag","published_at":"2022-01-06T21:53:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.1/manifests"},{"name":"v7.0.0","sha":"984c3ef2775781d47efa9f541ce570daa2434a80","kind":"tag","published_at":"2021-12-15T23:42:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.0","html_url":"https://github.com/rails/rails/releases/tag/v7.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0/manifests"},{"name":"v6.1.4.4","sha":"87d4d0f4126f64d991d40a1827de50935ddfdbff","kind":"tag","published_at":"2021-12-15T22:52:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4.4","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.4/manifests"},{"name":"v6.0.4.4","sha":"34bd524a9d7580ceecbf4a6dd9dced6296e20f97","kind":"tag","published_at":"2021-12-15T22:45:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.4","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.4/manifests"},{"name":"v7.0.0.rc3","sha":"834cc1aee3b3a9e0f5884fde1242c6d7b5e8a3dd","kind":"tag","published_at":"2021-12-14T23:04:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.0.rc3","html_url":"https://github.com/rails/rails/releases/tag/v7.0.0.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.rc3/manifests"},{"name":"v6.1.4.3","sha":"ac2e12a0fd1ff17de5021d4150df7feb864fc83d","kind":"tag","published_at":"2021-12-14T23:02:12.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4.3","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.3/manifests"},{"name":"v6.0.4.3","sha":"0cc179fdc77e57ee2756769ec4d14203d93e2354","kind":"tag","published_at":"2021-12-14T23:00:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.3","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.3/manifests"},{"name":"v6.0.4.2","sha":"9ef61211d7861093a69fa1fbfc2ba136abd37cd2","kind":"tag","published_at":"2021-12-14T20:09:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.2","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.2/manifests"},{"name":"v6.1.4.2","sha":"5e52f65fe99c46d40602f2b46418a3f9fee2260e","kind":"tag","published_at":"2021-12-14T19:45:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4.2","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.2/manifests"},{"name":"v7.0.0.rc2","sha":"69e2e898478a1795913b8fda7cb95079228f8fb2","kind":"tag","published_at":"2021-12-14T19:39:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v7.0.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.rc2/manifests"},{"name":"v7.0.0.rc1","sha":"7c10fe108adfb1cd1c35ce44d5fbc0dd820c76d4","kind":"tag","published_at":"2021-12-06T21:27:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.rc1/manifests"},{"name":"v7.0.0.alpha2","sha":"ceb4b94baaf17f3a9f4ea795c83ec6c67211f737","kind":"tag","published_at":"2021-09-15T23:14:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.0.alpha2","html_url":"https://github.com/rails/rails/releases/tag/v7.0.0.alpha2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.alpha2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.alpha2/manifests"},{"name":"v7.0.0.alpha1","sha":"9b7be48212a2b6979b8af5093bb58ee5087e5044","kind":"tag","published_at":"2021-09-15T21:55:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v7.0.0.alpha1","html_url":"https://github.com/rails/rails/releases/tag/v7.0.0.alpha1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.alpha1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v7.0.0.alpha1/manifests"},{"name":"v6.1.4.1","sha":"90357af08048ef5076730505f6e7b14a81f33d0c","kind":"tag","published_at":"2021-08-19T16:25:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4.1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4.1/manifests"},{"name":"v6.0.4.1","sha":"0d304eae601f085274b2e2c04316e025b443da62","kind":"tag","published_at":"2021-08-19T16:15:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4.1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4.1/manifests"},{"name":"v6.1.4","sha":"83217025a171593547d1268651b446d3533e2019","kind":"tag","published_at":"2021-06-24T20:39:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.4","html_url":"https://github.com/rails/rails/releases/tag/v6.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.4/manifests"},{"name":"v6.0.4","sha":"6e721d79ba9458317c93bb02590bbaa25c5a3649","kind":"tag","published_at":"2021-06-15T20:14:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.4","html_url":"https://github.com/rails/rails/releases/tag/v6.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.4/manifests"},{"name":"v5.2.6","sha":"48661542a2607d55f436438fe21001d262e61fec","kind":"tag","published_at":"2021-05-05T17:02:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.6","html_url":"https://github.com/rails/rails/releases/tag/v5.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.6/manifests"},{"name":"v6.0.3.7","sha":"c04aff675d4cd3e8a54e0008dbfca10a8832a414","kind":"tag","published_at":"2021-05-05T16:01:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.7","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.7/manifests"},{"name":"v6.1.3.2","sha":"75ac626c4e21129d8296d4206a1960563cc3d4aa","kind":"tag","published_at":"2021-05-05T15:34:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.3.2","html_url":"https://github.com/rails/rails/releases/tag/v6.1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.3.2/manifests"},{"name":"v5.2.4.6","sha":"26126839058bad41120b5d74f3cc06b93baa987e","kind":"tag","published_at":"2021-05-05T15:28:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4.6","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.6/manifests"},{"name":"v6.1.3.1","sha":"85c6823b77b60f2a3a6a25d7a1013032e8c580ef","kind":"tag","published_at":"2021-03-26T18:05:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.3.1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.3.1/manifests"},{"name":"v6.0.3.6","sha":"0073c7b29339b2ee1e11aa5c9622ea452d0633fc","kind":"tag","published_at":"2021-03-26T17:31:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.6","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.6/manifests"},{"name":"v5.2.5","sha":"cb0a558f42fc6957fac4d2daa16771b72ff7da6e","kind":"tag","published_at":"2021-03-26T17:16:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.5","html_url":"https://github.com/rails/rails/releases/tag/v5.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.5/manifests"},{"name":"v6.1.3","sha":"5aaaa1630ae9a71b3c3ecc4dc46074d678c08d67","kind":"tag","published_at":"2021-02-17T18:39:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.3","html_url":"https://github.com/rails/rails/releases/tag/v6.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.3/manifests"},{"name":"v6.1.2.1","sha":"130c128eae233bf71231c73b9c3c3b3f3ede918b","kind":"tag","published_at":"2021-02-10T20:44:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.2.1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.2.1/manifests"},{"name":"v6.0.3.5","sha":"c5929d5eb55b749bc124b3ccc2d79323d015701f","kind":"tag","published_at":"2021-02-10T20:39:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.5","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.5/manifests"},{"name":"v5.2.4.5","sha":"dc7364b1f39cf2fa3c3af3ea0f239f9ae1b5a790","kind":"tag","published_at":"2021-02-10T20:34:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4.5","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.5/manifests"},{"name":"v6.1.2","sha":"bf8c59cd896b1bf98d0f3df356531fa4c163219f","kind":"tag","published_at":"2021-02-09T21:27:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.2","html_url":"https://github.com/rails/rails/releases/tag/v6.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.2/manifests"},{"name":"v6.1.1","sha":"5f3ff60084ab5d5921ca3499814e4697f8350ee7","kind":"tag","published_at":"2021-01-07T22:58:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.1/manifests"},{"name":"v6.1.0","sha":"914caca2d31bd753f47f9168f2a375921d9e91cc","kind":"tag","published_at":"2020-12-09T19:56:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.0","html_url":"https://github.com/rails/rails/releases/tag/v6.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.0/manifests"},{"name":"v6.1.0.rc2","sha":"b38eb45ad9cb2041b30ac5d4d7b5b6e7b911ff2e","kind":"tag","published_at":"2020-12-01T22:00:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v6.1.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.0.rc2/manifests"},{"name":"v6.1.0.rc1","sha":"8389f9902c3f0e984df17a77386493f856d7a1bb","kind":"tag","published_at":"2020-11-02T21:13:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.1.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v6.1.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.1.0.rc1/manifests"},{"name":"v6.0.3.4","sha":"fe76a95b0d252a2d7c25e69498b720c96b243ea2","kind":"tag","published_at":"2020-10-07T16:49:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.4","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.4/manifests"},{"name":"v5.2.4.4","sha":"404ad9e8acf8ab45ae2314050131a00e57e63b40","kind":"tag","published_at":"2020-09-09T18:35:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4.4","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.4/manifests"},{"name":"v6.0.3.3","sha":"070d4afacd3e9721b7e3a4634e4d026b5fa2c32c","kind":"tag","published_at":"2020-09-09T18:18:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.3","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.3/manifests"},{"name":"v6.0.3.2","sha":"fbe2433be6e052a1acac63c7faf287c52ed3c5ba","kind":"tag","published_at":"2020-06-17T14:53:35.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.2","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.2/manifests"},{"name":"v6.0.3.1","sha":"34991a6ae2fc68347c01ea7382fa89004159e019","kind":"tag","published_at":"2020-05-18T15:46:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.1/manifests"},{"name":"v5.2.4.3","sha":"7b5cc5a5dfcf38522be0a4b5daa97c5b2ba26c20","kind":"tag","published_at":"2020-05-18T15:41:33.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4.3","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.3/manifests"},{"name":"v4.2.11.3","sha":"11f2bdf75a888682b34df0f9be03b94f54fc6796","kind":"tag","published_at":"2020-05-15T18:34:39.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.11.3","html_url":"https://github.com/rails/rails/releases/tag/v4.2.11.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11.3/manifests"},{"name":"v4.2.11.2","sha":"b9e5577b9943e21a216acccdc29c297585424c58","kind":"tag","published_at":"2020-05-15T16:29:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.11.2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.11.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11.2/manifests"},{"name":"v6.0.3","sha":"b738f1930f3c82f51741ef7241c1fee691d7deb2","kind":"tag","published_at":"2020-05-06T18:03:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3/manifests"},{"name":"v6.0.3.rc1","sha":"509b9da209a8481fef8310bc14d6c6cd27c629dc","kind":"tag","published_at":"2020-05-01T17:16:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.3.rc1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.3.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.3.rc1/manifests"},{"name":"v6.0.2.2","sha":"157920aead96865e3135f496c09ace607d5620dc","kind":"tag","published_at":"2020-03-19T16:43:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.2.2","html_url":"https://github.com/rails/rails/releases/tag/v6.0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.2/manifests"},{"name":"v5.2.4.2","sha":"4dcc5435e9569e084f6f90fcea6e7c37d7bd2b4d","kind":"tag","published_at":"2020-03-19T16:30:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4.2","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.2/manifests"},{"name":"v6.0.2.1","sha":"f33d52c95217212cbacc8d5e44b5a8e3cdc6f5b3","kind":"tag","published_at":"2019-12-18T19:07:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.2.1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.1/manifests"},{"name":"v5.2.4.1","sha":"ac30e389ecfa0e26e3d44c1eda8488ddf63b3ecc","kind":"tag","published_at":"2019-12-18T19:00:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4.1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.1/manifests"},{"name":"v6.0.2","sha":"f675cb30ce813a99b52b139a93e048330922fd9a","kind":"tag","published_at":"2019-12-13T18:08:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.2","html_url":"https://github.com/rails/rails/releases/tag/v6.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2/manifests"},{"name":"v6.0.2.rc2","sha":"63107e9914c893336f7612c2cd17a24474b6a6d6","kind":"tag","published_at":"2019-12-09T16:10:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.2.rc2","html_url":"https://github.com/rails/rails/releases/tag/v6.0.2.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.rc2/manifests"},{"name":"v5.2.4","sha":"8bec77cc0f1fd47677a331a64f68c5918efd2ca9","kind":"tag","published_at":"2019-11-27T15:42:23.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4/manifests"},{"name":"v6.0.2.rc1","sha":"a015f55240258723df311360123af22b3204fa08","kind":"tag","published_at":"2019-11-27T15:08:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.2.rc1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.2.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.2.rc1/manifests"},{"name":"v5.2.4.rc1","sha":"9e2a34122bd436e92a21ded4a50fa23461c29a4e","kind":"tag","published_at":"2019-11-23T00:26:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.4.rc1/manifests"},{"name":"v6.0.1","sha":"09a2979f75c51afb797dd60261a8930f84144af8","kind":"tag","published_at":"2019-11-05T14:38:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.1/manifests"},{"name":"v6.0.1.rc1","sha":"7982363efabc03e4624cd35aa86e2d284dcd35f7","kind":"tag","published_at":"2019-10-31T20:04:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.1.rc1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.1.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.1.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.1.rc1/manifests"},{"name":"v6.0.0","sha":"66cabeda2c46c582d19738e1318be8d59584cc5b","kind":"tag","published_at":"2019-08-16T17:59:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.0","html_url":"https://github.com/rails/rails/releases/tag/v6.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0/manifests"},{"name":"v6.0.0.rc2","sha":"16f2cd88e3ee92de341ba30b102e9206be3c68a7","kind":"tag","published_at":"2019-07-22T21:08:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v6.0.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.rc2/manifests"},{"name":"v6.0.0.rc1","sha":"01b7e9b73ac9dca92be0969e047b9cb0c767f261","kind":"tag","published_at":"2019-04-24T18:49:12.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.rc1/manifests"},{"name":"v5.2.3","sha":"b9ca94caea2ca6a6cc09abaffaad67b447134079","kind":"tag","published_at":"2019-03-28T02:59:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.3","html_url":"https://github.com/rails/rails/releases/tag/v5.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.3/manifests"},{"name":"v5.1.7","sha":"4f66945cd038bda638fc6729e0d54663d0dfbf22","kind":"tag","published_at":"2019-03-28T02:46:34.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.7","html_url":"https://github.com/rails/rails/releases/tag/v5.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.7/manifests"},{"name":"v5.1.7.rc1","sha":"ce0c4f3c822d75dda3226e92b9fb24f79bbd91d7","kind":"tag","published_at":"2019-03-22T04:11:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.7.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.7.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.7.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.7.rc1/manifests"},{"name":"v5.2.3.rc1","sha":"657103b603db54aa299055c38d085684f47650ab","kind":"tag","published_at":"2019-03-22T03:34:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.3.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.3.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.3.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.3.rc1/manifests"},{"name":"v6.0.0.beta3","sha":"7c87fd5635fd830905e17d3cbf1eb2a2215acedf","kind":"tag","published_at":"2019-03-13T17:01:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.0.beta3","html_url":"https://github.com/rails/rails/releases/tag/v6.0.0.beta3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.beta3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.beta3/manifests"},{"name":"v5.2.2.1","sha":"e69ff43060c1194d2a3bd9b8d9e23f3ae26b84b5","kind":"tag","published_at":"2019-03-13T16:46:43.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.2.1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.2.1/manifests"},{"name":"v5.1.6.2","sha":"ec8697bf0bfafff7d897fb50e322afe42ddc1623","kind":"tag","published_at":"2019-03-13T16:44:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.6.2","html_url":"https://github.com/rails/rails/releases/tag/v5.1.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.6.2/manifests"},{"name":"v5.0.7.2","sha":"c4d3e202e10ae627b3b9c34498afb45450652421","kind":"tag","published_at":"2019-03-13T16:39:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.7.2","html_url":"https://github.com/rails/rails/releases/tag/v5.0.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.7.2/manifests"},{"name":"v4.2.11.1","sha":"e06a1e09b6bec32b0a05c72a3ae7ceb00f61bf7d","kind":"tag","published_at":"2019-03-13T16:35:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.11.1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.11.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11.1/manifests"},{"name":"test-tag-1","sha":"1dc4d49f517e5cea99063afd9692b201199484ef","kind":"tag","published_at":"2019-03-13T16:22:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/test-tag-1","html_url":"https://github.com/rails/rails/releases/tag/test-tag-1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/test-tag-1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/test-tag-1/manifests"},{"name":"v6.0.0.beta2","sha":"5e6e505083c2b0caf85b2f86c6be3ff3d8750857","kind":"tag","published_at":"2019-02-25T22:45:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.0.beta2","html_url":"https://github.com/rails/rails/releases/tag/v6.0.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.beta2/manifests"},{"name":"v6.0.0.beta1","sha":"5a0230c67f852fb21173f99647e76336897446c1","kind":"tag","published_at":"2019-01-18T20:43:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v6.0.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v6.0.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v6.0.0.beta1/manifests"},{"name":"v5.2.2","sha":"94b5cd3a20edadd6f6b8cf0bdf1a4d4919df86cb","kind":"tag","published_at":"2018-12-04T18:12:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.2","html_url":"https://github.com/rails/rails/releases/tag/v5.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.2/manifests"},{"name":"v5.2.2.rc1","sha":"73ba3027261ef3ef75f29a037d11361240282be4","kind":"tag","published_at":"2018-11-28T22:51:28.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.2.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.2.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.2.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.2.rc1/manifests"},{"name":"v5.2.1.1","sha":"96dee0e7e5a8dd6ce42999b13d0bd0623073e229","kind":"tag","published_at":"2018-11-27T20:12:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.1.1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.1.1/manifests"},{"name":"v5.1.6.1","sha":"24ab200e26f7faee1f04a1d37b650e0becb79a41","kind":"tag","published_at":"2018-11-27T20:10:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.6.1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.6.1/manifests"},{"name":"v5.0.7.1","sha":"23839528551bebd65c210c51c29b91acff875c01","kind":"tag","published_at":"2018-11-27T20:08:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.7.1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.7.1/manifests"},{"name":"v4.2.11","sha":"474b7392c69852e8932260ea370cd63cf1e4fcaa","kind":"tag","published_at":"2018-11-27T20:06:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.11","html_url":"https://github.com/rails/rails/releases/tag/v4.2.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.11/manifests"},{"name":"v5.2.1","sha":"fc5dd0b85189811062c85520fd70de8389b55aeb","kind":"tag","published_at":"2018-08-07T21:42:35.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.1/manifests"},{"name":"v5.2.1.rc1","sha":"90c033984f38e40c2ff53c036d89ee22c88fadab","kind":"tag","published_at":"2018-07-30T20:09:42.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.1.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.1.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.1.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.1.rc1/manifests"},{"name":"v5.2.0","sha":"375a4143cf5caeb6159b338be824903edfd62836","kind":"tag","published_at":"2018-04-09T20:04:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.0","html_url":"https://github.com/rails/rails/releases/tag/v5.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0/manifests"},{"name":"v5.1.6","sha":"0ae59ea828ed20141af0d4c9ed9130eb47ce55f3","kind":"tag","published_at":"2018-03-29T18:27:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.6","html_url":"https://github.com/rails/rails/releases/tag/v5.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.6/manifests"},{"name":"v5.0.7","sha":"aea6423f013ca48f7704c70deadf2cd6ac7d70a1","kind":"tag","published_at":"2018-03-29T17:58:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.7","html_url":"https://github.com/rails/rails/releases/tag/v5.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.7/manifests"},{"name":"v5.2.0.rc2","sha":"db7edd81062648281d1e50c8ff9ebfafac5a9c3d","kind":"tag","published_at":"2018-03-20T17:49:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v5.2.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.rc2/manifests"},{"name":"v5.1.5","sha":"6ccd2b0efdfb8e9ef41764ee60dfac9731338608","kind":"tag","published_at":"2018-02-14T19:51:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.5","html_url":"https://github.com/rails/rails/releases/tag/v5.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.5/manifests"},{"name":"v5.1.5.rc1","sha":"f8c00c130016b248d1d409f131356632dcc418c6","kind":"tag","published_at":"2018-02-01T18:57:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.5.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.5.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.5.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.5.rc1/manifests"},{"name":"v5.2.0.rc1","sha":"6a97a17f195a925959866edda2e951e20d7b1e76","kind":"tag","published_at":"2018-01-30T23:35:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.rc1/manifests"},{"name":"v5.2.0.beta2","sha":"3ae1e1f3c055fe5b89287fb8e0e5b31416383fb8","kind":"tag","published_at":"2017-11-28T05:01:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.0.beta2","html_url":"https://github.com/rails/rails/releases/tag/v5.2.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.beta2/manifests"},{"name":"v5.2.0.beta1","sha":"382e7d2e23ca8d0ad552dd759b9cbb88751a2fbc","kind":"tag","published_at":"2017-11-27T18:02:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.2.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v5.2.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.2.0.beta1/manifests"},{"name":"v4.2.10","sha":"6b9a1ac484a4eda1b43aba7ed864952aac743ab9","kind":"tag","published_at":"2017-09-27T14:26:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.10","html_url":"https://github.com/rails/rails/releases/tag/v4.2.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.10/manifests"},{"name":"v4.2.10.rc1","sha":"84e0a231e9100db8eff73a1b6b9ae82db2ade2d8","kind":"tag","published_at":"2017-09-20T19:39:05.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.10.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.10.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.10.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.10.rc1/manifests"},{"name":"v5.1.4","sha":"813af4655f9bf3c712cf50205eebd337070cee52","kind":"tag","published_at":"2017-09-08T00:49:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.4","html_url":"https://github.com/rails/rails/releases/tag/v5.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.4/manifests"},{"name":"v5.0.6","sha":"71f4758c50fca5220429365c23b014458e7341f6","kind":"tag","published_at":"2017-09-08T00:45:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.6","html_url":"https://github.com/rails/rails/releases/tag/v5.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.6/manifests"},{"name":"v5.1.4.rc1","sha":"df776aabc45b17dff2cf8edbdd3b1367a1c21167","kind":"tag","published_at":"2017-08-24T19:35:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.4.rc1/manifests"},{"name":"v5.0.6.rc1","sha":"656bd2de78f549b353d0c08b54d8a7445d47d2df","kind":"tag","published_at":"2017-08-24T19:09:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.6.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.6.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.6.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.6.rc1/manifests"},{"name":"v5.1.3","sha":"c338c66f84d847f3ddf06d3e064426c7991e553d","kind":"tag","published_at":"2017-08-03T19:13:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.3","html_url":"https://github.com/rails/rails/releases/tag/v5.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3/manifests"},{"name":"v5.1.3.rc3","sha":"57ff548532b35330e822e27df629a952cf33bf37","kind":"tag","published_at":"2017-07-31T19:11:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.3.rc3","html_url":"https://github.com/rails/rails/releases/tag/v5.1.3.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3.rc3/manifests"},{"name":"v5.0.5","sha":"450889d1464431a04ef5c8a0f6a45b877aafe506","kind":"tag","published_at":"2017-07-31T19:03:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.5","html_url":"https://github.com/rails/rails/releases/tag/v5.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.5/manifests"},{"name":"v5.0.5.rc2","sha":"a7ad9f18371ebc3a14616cbfe216e6d87cbcba6d","kind":"tag","published_at":"2017-07-25T20:24:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.5.rc2","html_url":"https://github.com/rails/rails/releases/tag/v5.0.5.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.5.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.5.rc2/manifests"},{"name":"v5.1.3.rc2","sha":"885b69237b40712ddda075796dc881d4da7af55e","kind":"tag","published_at":"2017-07-25T20:16:18.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.3.rc2","html_url":"https://github.com/rails/rails/releases/tag/v5.1.3.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3.rc2/manifests"},{"name":"v5.0.5.rc1","sha":"872372aa93ae2abdcbb148d318c336563d0ba330","kind":"tag","published_at":"2017-07-19T19:42:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.5.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.5.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.5.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.5.rc1/manifests"},{"name":"v5.1.3.rc1","sha":"b6e24dbfc8d68c82dd62f2e99d668dca8df9b7f1","kind":"tag","published_at":"2017-07-19T19:29:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.3.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.3.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.3.rc1/manifests"},{"name":"v5.1.2","sha":"f8f3d709fc0df1fee5eadbaa5f518d2aef4a4f02","kind":"tag","published_at":"2017-06-26T21:49:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.2","html_url":"https://github.com/rails/rails/releases/tag/v5.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.2/manifests"},{"name":"v4.2.9","sha":"79c9f2e9422a23d144b71a18bd3058823b498116","kind":"tag","published_at":"2017-06-26T21:29:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.9","html_url":"https://github.com/rails/rails/releases/tag/v4.2.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.9/manifests"},{"name":"v5.1.2.rc1","sha":"1a32a58ea7ee61dab2c4628585a3ecb3e2d7320c","kind":"tag","published_at":"2017-06-20T17:02:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.2.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.2.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.2.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.2.rc1/manifests"},{"name":"v4.2.9.rc2","sha":"e13f5ba35b7105e4e66ff0b236018a6ad934da9f","kind":"tag","published_at":"2017-06-19T22:26:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.9.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.9.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.9.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.9.rc2/manifests"},{"name":"v5.0.4","sha":"c52823a0cf30a79e1abddc53aa8c6d0494ba5515","kind":"tag","published_at":"2017-06-19T21:57:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.4","html_url":"https://github.com/rails/rails/releases/tag/v5.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.4/manifests"},{"name":"v5.0.4.rc1","sha":"a2e6b307ba632082a9fb0d22716e7fa96da6543d","kind":"tag","published_at":"2017-06-14T20:47:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.4.rc1/manifests"},{"name":"v4.2.9.rc1","sha":"3c184ed4834a85b1eb197b6c530a5af13803f44f","kind":"tag","published_at":"2017-06-13T18:49:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.9.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.9.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.9.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.9.rc1/manifests"},{"name":"v5.1.1","sha":"c48b21685f4fec1c7a1c9b4e0dde4da89140ee22","kind":"tag","published_at":"2017-05-12T19:58:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.1/manifests"},{"name":"v5.0.3","sha":"52780d5d66515b3d9e5d10d2975deda3699ffd88","kind":"tag","published_at":"2017-05-12T19:53:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.3","html_url":"https://github.com/rails/rails/releases/tag/v5.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.3/manifests"},{"name":"v5.1.0","sha":"ce93740a5e4437dfc1cf9b0b13da1bad06a2a598","kind":"tag","published_at":"2017-04-27T20:59:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.0","html_url":"https://github.com/rails/rails/releases/tag/v5.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0/manifests"},{"name":"v5.1.0.rc2","sha":"2745ab856dbd0c0b846a4aa5d15d046e19466c6f","kind":"tag","published_at":"2017-04-21T01:28:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v5.1.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0.rc2/manifests"},{"name":"v5.1.0.rc1","sha":"d3b798b0879c70f3989efd322323a057a8507c99","kind":"tag","published_at":"2017-03-20T18:56:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0.rc1/manifests"},{"name":"v5.0.2","sha":"38ed1f4be114b77bd2004792b9583552a30921a2","kind":"tag","published_at":"2017-03-01T23:12:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.2","html_url":"https://github.com/rails/rails/releases/tag/v5.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.2/manifests"},{"name":"v5.0.2.rc1","sha":"2c858521b8e3a4d00b703a5ec08adbfe6141497c","kind":"tag","published_at":"2017-02-25T00:54:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.2.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.2.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.2.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.2.rc1/manifests"},{"name":"v5.1.0.beta1","sha":"f4acdd83ff76e2338895073ed914c525e7bb33b4","kind":"tag","published_at":"2017-02-23T19:54:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.1.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v5.1.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.1.0.beta1/manifests"},{"name":"v4.2.8","sha":"8ee716182df410052707c3d1eabf8bfd8e0e1c5e","kind":"tag","published_at":"2017-02-21T16:07:29.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.8","html_url":"https://github.com/rails/rails/releases/tag/v4.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.8/manifests"},{"name":"v4.2.8.rc1","sha":"8dd608b7b7b60f2fa8c5a3aaa0c8ab465ee50456","kind":"tag","published_at":"2017-02-10T02:43:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.8.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.8.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.8.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.8.rc1/manifests"},{"name":"v5.0.1","sha":"912ae0b34bf541f18d051c8a274a54aef91a5e04","kind":"tag","published_at":"2016-12-21T00:05:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.1/manifests"},{"name":"v5.0.1.rc2","sha":"0ef292cc8b1d66cbc85e271029402e72dfad66b5","kind":"tag","published_at":"2016-12-09T19:07:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.1.rc2","html_url":"https://github.com/rails/rails/releases/tag/v5.0.1.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.1.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.1.rc2/manifests"},{"name":"v5.0.1.rc1","sha":"82be3fe096231108e290433b5fe803451a37a160","kind":"tag","published_at":"2016-11-30T19:51:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.1.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.1.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.1.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.1.rc1/manifests"},{"name":"v3.2.22.5","sha":"e4b0a5f66ebd2b7f29e4f868d2f6b2504df091e6","kind":"tag","published_at":"2016-09-14T21:16:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.22.5","html_url":"https://github.com/rails/rails/releases/tag/v3.2.22.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.5/manifests"},{"name":"v3.2.22.4","sha":"c4e01690620c319ac3f04d213003f8001f33d14b","kind":"commit","published_at":"2016-08-11T19:17:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.22.4","html_url":"https://github.com/rails/rails/releases/tag/v3.2.22.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.4/manifests"},{"name":"v5.0.0.1","sha":"cdb307294a43eec489f0ea6ffdc6f0a07b16ff5c","kind":"commit","published_at":"2016-08-10T22:41:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.1/manifests"},{"name":"v4.2.7.1","sha":"26dadfb187b1cf13dc2f783198b91b32d141c3ab","kind":"commit","published_at":"2016-08-10T22:25:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.7.1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.7.1/manifests"},{"name":"v3.2.22.3","sha":"ebc3639139d21eeb8452edb28ce62530cc075198","kind":"commit","published_at":"2016-08-10T22:23:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.22.3","html_url":"https://github.com/rails/rails/releases/tag/v3.2.22.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.3/manifests"},{"name":"v4.2.7","sha":"7f2327f65b4117384bec3547ccd5a99028df57e0","kind":"tag","published_at":"2016-07-13T02:54:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.7","html_url":"https://github.com/rails/rails/releases/tag/v4.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.7/manifests"},{"name":"v4.1.16","sha":"d8803304051639dfcb87d61f58a1960b1005de87","kind":"tag","published_at":"2016-07-12T22:19:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.16","html_url":"https://github.com/rails/rails/releases/tag/v4.1.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.16/manifests"},{"name":"v4.1.16.rc1","sha":"871d63e2c7632a59989ffce0137b482ab5d94fe5","kind":"tag","published_at":"2016-07-02T02:13:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.16.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.16.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.16.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.16.rc1/manifests"},{"name":"v4.2.7.rc1","sha":"5a85938418285ab81e3db52ea102d19f95ed7a94","kind":"tag","published_at":"2016-07-01T00:30:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.7.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.7.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.7.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.7.rc1/manifests"},{"name":"v5.0.0","sha":"2efddadd6cba4e2129acedf1d402d11abcc03996","kind":"tag","published_at":"2016-06-30T21:20:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0/manifests"},{"name":"v5.0.0.rc2","sha":"50e0a6b209d1afe6c2bc3047208e14f13ac3b382","kind":"tag","published_at":"2016-06-22T20:01:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.rc2/manifests"},{"name":"v5.0.0.rc1","sha":"fbdcf5221ad7ea3d40ad09651962fc85d101dd67","kind":"tag","published_at":"2016-05-06T21:55:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.rc1/manifests"},{"name":"v5.0.0.beta4","sha":"f7a986012a6099445e20b6414d253ee0fc039118","kind":"tag","published_at":"2016-04-27T20:53:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.beta4","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.beta4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta4/manifests"},{"name":"v4.1.15","sha":"d5c4b82b64f3cdd511eb79c4d43d6ab1548c0dee","kind":"tag","published_at":"2016-03-07T22:35:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.15","html_url":"https://github.com/rails/rails/releases/tag/v4.1.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.15/manifests"},{"name":"v4.2.6","sha":"a0e0b67b5afbb02d9ea9e48d71ae80b3efb8c0ac","kind":"tag","published_at":"2016-03-07T22:31:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.6","html_url":"https://github.com/rails/rails/releases/tag/v4.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.6/manifests"},{"name":"v4.1.15.rc1","sha":"06d2bfd42a08ebdab9b0ad94e690841a80c93830","kind":"tag","published_at":"2016-03-01T18:42:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.15.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.15.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.15.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.15.rc1/manifests"},{"name":"v4.2.6.rc1","sha":"ef8ace7dc97fa810bb59f1aac386b71db239c3ec","kind":"tag","published_at":"2016-03-01T18:36:27.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.6.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.6.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.6.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.6.rc1/manifests"},{"name":"v4.1.14.2","sha":"4cffd33a96da706fb36ab8dbf37732749ca27cfc","kind":"tag","published_at":"2016-02-29T19:17:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.14.2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.14.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.2/manifests"},{"name":"v4.2.5.2","sha":"97ad61e9583e2bf5c57d6f75008cadc80ba9b910","kind":"tag","published_at":"2016-02-29T19:15:29.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.5.2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.2/manifests"},{"name":"v3.2.22.2","sha":"1ac2ddbc433ec96dd06affb6f10f33d9eb12d52a","kind":"commit","published_at":"2016-02-29T18:39:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.22.2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.22.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.2/manifests"},{"name":"v5.0.0.beta3","sha":"dbfa8fdfc29eb913fec6113a74394167aa13cdd6","kind":"tag","published_at":"2016-02-24T16:15:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.beta3","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.beta3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta3/manifests"},{"name":"v5.0.0.beta2","sha":"49f6ce63f33b7817bcbd0cdf5f8881b63f40d9c9","kind":"tag","published_at":"2016-02-01T21:41:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.beta2","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta2/manifests"},{"name":"v3.2.22.1","sha":"8d86637fb64ae8ae81ab71a286ddba02cc3144a4","kind":"tag","published_at":"2016-01-25T18:27:28.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.22.1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.22.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22.1/manifests"},{"name":"v4.1.14.1","sha":"31ab3aa0e881acfd1475abae602455905a4cadf1","kind":"tag","published_at":"2016-01-25T18:26:23.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.14.1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.14.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.1/manifests"},{"name":"v4.2.5.1","sha":"bb382b7aee116446518ca4ed1c6472d6b58f42b5","kind":"tag","published_at":"2016-01-25T18:25:38.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.5.1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.1/manifests"},{"name":"v5.0.0.beta1.1","sha":"908c011395cc9e3ea1bb195f9d1bd30a9d9df98f","kind":"tag","published_at":"2016-01-25T18:24:28.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.beta1.1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.beta1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta1.1/manifests"},{"name":"v5.0.0.beta1","sha":"099ddfdefd44fda11d0f6a72f934f8a0ee83141b","kind":"tag","published_at":"2015-12-18T21:15:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v5.0.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v5.0.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v5.0.0.beta1/manifests"},{"name":"v4.1.14","sha":"e694ac5fbc30bfe11c5b952084eab178bd649857","kind":"tag","published_at":"2015-11-12T17:19:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.14","html_url":"https://github.com/rails/rails/releases/tag/v4.1.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14/manifests"},{"name":"v4.2.5","sha":"73521d586981279a99d3ba038d62e2414125df7a","kind":"tag","published_at":"2015-11-12T17:02:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.5","html_url":"https://github.com/rails/rails/releases/tag/v4.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5/manifests"},{"name":"v4.2.5.rc2","sha":"5bda404fe1d7b5772560fdec99818b239d4b57aa","kind":"tag","published_at":"2015-11-05T03:00:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.5.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.5.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.rc2/manifests"},{"name":"v4.1.14.rc2","sha":"96c4b1a1311b0f9e099db2819f08a2277377c552","kind":"tag","published_at":"2015-11-05T02:53:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.14.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.14.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.rc2/manifests"},{"name":"v4.2.5.rc1","sha":"a37d0e57571f37e836638934a4e325c3accb550b","kind":"tag","published_at":"2015-10-30T20:46:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.5.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.5.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.5.rc1/manifests"},{"name":"v4.1.14.rc1","sha":"23df8809089cf3e5646829095ab0433f93f3e736","kind":"tag","published_at":"2015-10-30T20:43:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.14.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.14.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.14.rc1/manifests"},{"name":"v3.2.21.github15","sha":"cd41d7f7ed7877f54f9e63a1bdb4f3dbc54c39d8","kind":"tag","published_at":"2015-10-23T19:40:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.21.github15","html_url":"https://github.com/rails/rails/releases/tag/v3.2.21.github15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github15/manifests"},{"name":"v3.2.21.github7","sha":"1cd10a985883a9f67f283f101a0543bc177e2543","kind":"tag","published_at":"2015-10-23T16:10:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.21.github7","html_url":"https://github.com/rails/rails/releases/tag/v3.2.21.github7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github7/manifests"},{"name":"v4.2.4","sha":"dac822ef58ae05f0e805222fa8744116080165ac","kind":"tag","published_at":"2015-08-24T18:23:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.4","html_url":"https://github.com/rails/rails/releases/tag/v4.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.4/manifests"},{"name":"v4.1.13","sha":"10ac0155b19ea5b457417244f4f327404b997935","kind":"tag","published_at":"2015-08-24T17:59:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.13","html_url":"https://github.com/rails/rails/releases/tag/v4.1.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.13/manifests"},{"name":"v4.2.4.rc1","sha":"b5cb514c23f64ffd6db05535730df2b4f71f0c61","kind":"tag","published_at":"2015-08-14T15:18:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.4.rc1/manifests"},{"name":"v4.1.13.rc1","sha":"099a9181fcf350b05bc33b61bac288277b994ad0","kind":"tag","published_at":"2015-08-14T15:09:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.13.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.13.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.13.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.13.rc1/manifests"},{"name":"v4.2.3","sha":"6ac6daa43e1c5b7388f8fd69f8117eb7668887c7","kind":"tag","published_at":"2015-06-25T21:28:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.3","html_url":"https://github.com/rails/rails/releases/tag/v4.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.3/manifests"},{"name":"v4.1.12","sha":"adfda00f06248435e0aa2fc6545b1310644d91b6","kind":"tag","published_at":"2015-06-25T21:24:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.12","html_url":"https://github.com/rails/rails/releases/tag/v4.1.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.12/manifests"},{"name":"v3.2.21.github6","sha":"a31c67b20ca58d5702c21284eab55c48b13e5fff","kind":"commit","published_at":"2015-06-25T17:34:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.21.github6","html_url":"https://github.com/rails/rails/releases/tag/v3.2.21.github6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github6/manifests"},{"name":"v4.2.3.rc1","sha":"496bbfe0897b06c8af1404b59fca7869a27c870d","kind":"tag","published_at":"2015-06-22T14:21:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.3.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.3.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.3.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.3.rc1/manifests"},{"name":"v4.1.12.rc1","sha":"68d324549668169a41bb30f98afdd01682bc5dec","kind":"tag","published_at":"2015-06-22T14:03:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.12.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.12.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.12.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.12.rc1/manifests"},{"name":"v4.2.2","sha":"5d101c33fa19deca00e251152d25090cc152998f","kind":"tag","published_at":"2015-06-16T18:00:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.2/manifests"},{"name":"v4.1.11","sha":"260da06e6b63f4644fe67e67fbd486585f9d2724","kind":"tag","published_at":"2015-06-16T17:57:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.11","html_url":"https://github.com/rails/rails/releases/tag/v4.1.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.11/manifests"},{"name":"v3.2.22","sha":"9dc8ddc39424818a3d713a353353ac20cb431218","kind":"commit","published_at":"2015-06-16T16:12:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.22","html_url":"https://github.com/rails/rails/releases/tag/v3.2.22","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.22/manifests"},{"name":"v3.2.21.github5","sha":"ef93ff18cee87c505efea9f59617d0824c8f31d4","kind":"commit","published_at":"2015-06-10T01:50:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.21.github5","html_url":"https://github.com/rails/rails/releases/tag/v3.2.21.github5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21.github5/manifests"},{"name":"v4.0.13.github1","sha":"754cc500ade37d5e24a98292db99713704ac699f","kind":"commit","published_at":"2015-05-27T04:03:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.13.github1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.13.github1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13.github1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13.github1/manifests"},{"name":"v4.0.13.github0","sha":"d85ceb59b52ba424c6ce664f52714c5e222ab06b","kind":"commit","published_at":"2015-05-15T06:35:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.13.github0","html_url":"https://github.com/rails/rails/releases/tag/v4.0.13.github0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13.github0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13.github0/manifests"},{"name":"v4.1.10","sha":"5496ec8aac95f728465f218d12733cedef84232a","kind":"tag","published_at":"2015-03-19T16:48:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.10","html_url":"https://github.com/rails/rails/releases/tag/v4.1.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10/manifests"},{"name":"v4.2.1","sha":"f1ccb2e6ecb5486179ee6b20438d562ac45de4f4","kind":"tag","published_at":"2015-03-19T16:39:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1/manifests"},{"name":"v4.1.10.rc4","sha":"410f7d29e998befb27ab0b3dee3bbe83944bdc04","kind":"tag","published_at":"2015-03-12T21:31:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.10.rc4","html_url":"https://github.com/rails/rails/releases/tag/v4.1.10.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc4/manifests"},{"name":"v4.2.1.rc4","sha":"9bd0ca4501879709fcc84a6b206835fe4ead751f","kind":"tag","published_at":"2015-03-12T21:24:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.1.rc4","html_url":"https://github.com/rails/rails/releases/tag/v4.2.1.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc4/manifests"},{"name":"v4.1.10.rc3","sha":"77e324b59ec0e0b09f5c26b035add9de40482470","kind":"tag","published_at":"2015-03-02T21:38:18.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.10.rc3","html_url":"https://github.com/rails/rails/releases/tag/v4.1.10.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc3/manifests"},{"name":"v4.2.1.rc3","sha":"4e2754b5c73e2fd6a8f997beafcbeff888410581","kind":"tag","published_at":"2015-03-02T21:34:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.1.rc3","html_url":"https://github.com/rails/rails/releases/tag/v4.2.1.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc3/manifests"},{"name":"v4.1.10.rc2","sha":"08217de91143353f263ede79bcc01d529f644c30","kind":"tag","published_at":"2015-02-25T22:20:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.10.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.10.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc2/manifests"},{"name":"v4.2.1.rc2","sha":"d48bb9cb018a83a88dd04c9a4cbdee1f5b7ab885","kind":"tag","published_at":"2015-02-25T22:18:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.1.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.1.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc2/manifests"},{"name":"v4.1.10.rc1","sha":"a698862cbce7f12475d3fefdb7268022b3bd9af1","kind":"tag","published_at":"2015-02-20T22:23:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.10.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.10.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.10.rc1/manifests"},{"name":"v4.2.1.rc1","sha":"59bb184078cc23fbbb3a28dc34a51326da87014a","kind":"tag","published_at":"2015-02-20T21:40:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.1.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.1.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.1.rc1/manifests"},{"name":"v4.1.9","sha":"cca85ba699242c3266c5132dd601fdd8c5c5bb16","kind":"tag","published_at":"2015-01-06T20:02:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.9","html_url":"https://github.com/rails/rails/releases/tag/v4.1.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.9/manifests"},{"name":"v4.0.13","sha":"3c194d4a8d585547d1fe45f596d2800c155b1a4c","kind":"commit","published_at":"2015-01-06T19:14:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.13","html_url":"https://github.com/rails/rails/releases/tag/v4.0.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13/manifests"},{"name":"v4.1.9.rc1","sha":"116695b25890e2587923d4a237ce4107e3adb145","kind":"tag","published_at":"2015-01-02T01:09:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.9.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.9.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.9.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.9.rc1/manifests"},{"name":"v4.0.13.rc1","sha":"e63670a414828148b688eb0efb1e8e626798e7d9","kind":"commit","published_at":"2015-01-02T00:53:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.13.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.13.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.13.rc1/manifests"},{"name":"v4.2.0","sha":"7847a19f476fb9bee287681586d872ea43785e53","kind":"tag","published_at":"2014-12-20T00:14:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0/manifests"},{"name":"v4.2.0.rc3","sha":"203000dd4683e2ce4bdeaa3fe379b811ba8e5401","kind":"tag","published_at":"2014-12-13T02:57:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0.rc3","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.rc3/manifests"},{"name":"v4.2.0.rc2","sha":"4c67c1f551f182aa2730a8a8cfa80fcf02622a92","kind":"tag","published_at":"2014-12-05T23:19:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.rc2/manifests"},{"name":"v4.2.0.rc1","sha":"62264419e95a75da7762caf7d566982d24227794","kind":"tag","published_at":"2014-11-28T17:51:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.rc1/manifests"},{"name":"v4.1.7.1","sha":"7b8e4f82717fcb944eb7e712050b223bd47b544e","kind":"tag","published_at":"2014-11-19T19:10:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.7.1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.7.1/manifests"},{"name":"v4.0.11.1","sha":"a1ec4da291dd3e0705be536e71a963d8d356ff24","kind":"commit","published_at":"2014-11-19T17:43:33.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.11.1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.11.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.11.1/manifests"},{"name":"v4.1.8","sha":"b32babc4b0ff8f830933f25375ce9dbfbb356601","kind":"tag","published_at":"2014-11-17T15:50:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.8","html_url":"https://github.com/rails/rails/releases/tag/v4.1.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.8/manifests"},{"name":"v4.0.12","sha":"ee20103f1b2fa2ea66834682c7173bb23ddd83e0","kind":"tag","published_at":"2014-11-17T15:49:39.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.12","html_url":"https://github.com/rails/rails/releases/tag/v4.0.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.12/manifests"},{"name":"v3.2.21","sha":"ba886f73a2b4a06f3400f0698290c54566639b6a","kind":"tag","published_at":"2014-11-17T15:48:35.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.21","html_url":"https://github.com/rails/rails/releases/tag/v3.2.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.21/manifests"},{"name":"v3.2.19.github9","sha":"4fc14b1f718f26cae982ba97be3341fa8ddf3f7f","kind":"commit","published_at":"2014-11-10T04:30:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github9","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github9/manifests"},{"name":"v4.2.0.beta4","sha":"4daebedcc41e35079c47d5f130f5c7ad12db8bbb","kind":"commit","published_at":"2014-10-30T21:12:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0.beta4","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0.beta4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta4/manifests"},{"name":"v3.2.20","sha":"346acea281f048c853a6318429daac8d1a2e2d68","kind":"tag","published_at":"2014-10-29T22:40:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.20","html_url":"https://github.com/rails/rails/releases/tag/v3.2.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.20/manifests"},{"name":"v4.0.11","sha":"8cf8a08c7ef417b5183928f1c3c6d785c115bb48","kind":"tag","published_at":"2014-10-29T22:39:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.11","html_url":"https://github.com/rails/rails/releases/tag/v4.0.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.11/manifests"},{"name":"v4.1.7","sha":"6fe2572af11dc42f33d4f0e33a22391a85f2a1d2","kind":"tag","published_at":"2014-10-29T22:38:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.7","html_url":"https://github.com/rails/rails/releases/tag/v4.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.7/manifests"},{"name":"v4.2.0.beta3","sha":"331d7c6f9e6a481a23e5f120d95f7c0aabb6c60d","kind":"tag","published_at":"2014-10-29T22:38:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0.beta3","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0.beta3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta3/manifests"},{"name":"v3.2.19.github8","sha":"726e9963067c536c15e7994f0db772a80d4a963a","kind":"commit","published_at":"2014-10-09T06:42:43.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github8","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github8/manifests"},{"name":"v3.2.19.github7","sha":"b6f150c40c3fdda7b198bd8779768344fa3eb5fa","kind":"commit","published_at":"2014-10-07T05:41:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github7","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github7/manifests"},{"name":"v3.2.19.github6","sha":"0a3c7ba903767d07b3cf1cb95da6922a48d25c81","kind":"commit","published_at":"2014-10-07T05:29:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github6","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github6/manifests"},{"name":"v4.2.0.beta2","sha":"21bc83306b76c456e83f8824cb5822f9f1195d9c","kind":"tag","published_at":"2014-09-26T17:39:33.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0.beta2","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta2/manifests"},{"name":"v3.2.19.github5","sha":"56d2614309a5c84e4cf9670a4a7a26926ebb618a","kind":"commit","published_at":"2014-09-26T06:58:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github5","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github5/manifests"},{"name":"v3.2.19.github4","sha":"90ded51cc137ab136b5a4452eced5c944124adc5","kind":"commit","published_at":"2014-09-26T05:42:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github4","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github4/manifests"},{"name":"v3.2.19.github3","sha":"7ed2b48747d57d7051f0f3c761afc04cd3d7d079","kind":"commit","published_at":"2014-09-19T08:26:43.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github3","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github3/manifests"},{"name":"v3.2.19.github2","sha":"923ee6adf84fe278e520c48f0ff95875a2fbf6a2","kind":"commit","published_at":"2014-09-18T08:05:34.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19.github2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19.github2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19.github2/manifests"},{"name":"3.2.19.github1","sha":"e27d15746c9b82e921b3dbbdcac57fb5ed71cc75","kind":"commit","published_at":"2014-09-16T01:50:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/3.2.19.github1","html_url":"https://github.com/rails/rails/releases/tag/3.2.19.github1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.2.19.github1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.2.19.github1/manifests"},{"name":"v4.0.10","sha":"5aef91ea98f5df16ab6b9db14229dfba7dee1653","kind":"commit","published_at":"2014-09-11T17:31:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.10","html_url":"https://github.com/rails/rails/releases/tag/v4.0.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.10/manifests"},{"name":"v4.1.6","sha":"24027162dbe226acfbf3a91872237a9557764d72","kind":"tag","published_at":"2014-09-11T17:24:29.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.6","html_url":"https://github.com/rails/rails/releases/tag/v4.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.6/manifests"},{"name":"v4.1.6.rc2","sha":"57d65e3b286dcddbc4f07db1c618da42f31d1b84","kind":"tag","published_at":"2014-09-08T18:10:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.6.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.6.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.6.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.6.rc2/manifests"},{"name":"v4.0.10.rc2","sha":"91d4433d18b646a8ceb02ea13939ede4710b89ed","kind":"commit","published_at":"2014-09-08T17:53:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.10.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.0.10.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.10.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.10.rc2/manifests"},{"name":"v4.2.0.beta1","sha":"6a23bf0f4c33151e0cec0648e271dc6f5ab3f686","kind":"tag","published_at":"2014-08-20T02:33:35.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.2.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v4.2.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.2.0.beta1/manifests"},{"name":"v4.1.6.rc1","sha":"c5310bed8642656ade02d97c6fae651b54654a6b","kind":"tag","published_at":"2014-08-19T20:51:27.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.6.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.6.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.6.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.6.rc1/manifests"},{"name":"v4.0.10.rc1","sha":"77b60a2c43c1188d4d2d2e52fa5fd59b50e92e1b","kind":"commit","published_at":"2014-08-19T17:41:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.10.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.10.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.10.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.10.rc1/manifests"},{"name":"3.1.12.github1","sha":"808b03caeaceb09ab5d31465852182f03f658ee8","kind":"commit","published_at":"2014-08-18T17:40:42.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/3.1.12.github1","html_url":"https://github.com/rails/rails/releases/tag/3.1.12.github1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.1.12.github1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.1.12.github1/manifests"},{"name":"v4.1.5","sha":"9bb76261d39b59e7e229c80d052ca91a65ff17be","kind":"tag","published_at":"2014-08-18T16:58:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.5","html_url":"https://github.com/rails/rails/releases/tag/v4.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.5/manifests"},{"name":"v4.0.9","sha":"b792566f3ebdd0c7dc688db7a4076d1c2c74f69f","kind":"commit","published_at":"2014-08-18T16:46:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.9","html_url":"https://github.com/rails/rails/releases/tag/v4.0.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.9/manifests"},{"name":"v4.1.4","sha":"7c4bfe1c954ef90acf4f790e46fcbbd07d85af3e","kind":"tag","published_at":"2014-07-02T19:52:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.4","html_url":"https://github.com/rails/rails/releases/tag/v4.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.4/manifests"},{"name":"v4.0.8","sha":"31e922996b97b7c223ebc1e26d1a1a2764bb0a62","kind":"commit","published_at":"2014-07-02T18:28:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.8","html_url":"https://github.com/rails/rails/releases/tag/v4.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.8/manifests"},{"name":"v4.1.3","sha":"dfa7a76de8c1f7af0ef28119f9ac3072057c665e","kind":"tag","published_at":"2014-07-02T17:04:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.3","html_url":"https://github.com/rails/rails/releases/tag/v4.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.3/manifests"},{"name":"v4.0.7","sha":"f17b04a23e7c597876cb2320ef9d525537e0b0a8","kind":"commit","published_at":"2014-07-02T15:58:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.7","html_url":"https://github.com/rails/rails/releases/tag/v4.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.7/manifests"},{"name":"v3.2.19","sha":"53c845cb185036c71cc9793c4eb6bf4dc989307b","kind":"commit","published_at":"2014-07-02T15:55:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.19","html_url":"https://github.com/rails/rails/releases/tag/v3.2.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.19/manifests"},{"name":"v4.1.2","sha":"0690f6f3a47b8fddf60ac57da006f0b8bfa22e32","kind":"tag","published_at":"2014-06-26T14:48:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2/manifests"},{"name":"v4.0.6","sha":"276b72c60342eb716e7457b447bce1e352780e92","kind":"commit","published_at":"2014-06-26T13:37:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.6","html_url":"https://github.com/rails/rails/releases/tag/v4.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6/manifests"},{"name":"3.0.20.github4","sha":"d5eff4fba90e7cead50c196d0760aaab1283b440","kind":"commit","published_at":"2014-06-23T22:16:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/3.0.20.github4","html_url":"https://github.com/rails/rails/releases/tag/3.0.20.github4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github4/manifests"},{"name":"v4.1.2.rc3","sha":"6ed0f63398ba7268c541f9b959f7a56b68584301","kind":"tag","published_at":"2014-06-23T17:26:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.2.rc3","html_url":"https://github.com/rails/rails/releases/tag/v4.1.2.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2.rc3/manifests"},{"name":"v4.0.6.rc3","sha":"9649cb4b51c7f0194e02252e5b88a362a70da97f","kind":"commit","published_at":"2014-06-23T17:21:34.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.6.rc3","html_url":"https://github.com/rails/rails/releases/tag/v4.0.6.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6.rc3/manifests"},{"name":"3.0.20.github3","sha":"b46168e048931d7d2fcc1a40bc99e1ffd113ad82","kind":"commit","published_at":"2014-06-19T20:31:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/3.0.20.github3","html_url":"https://github.com/rails/rails/releases/tag/3.0.20.github3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github3/manifests"},{"name":"3.0.20.github2","sha":"a3e2e39c9ffe6c8906e2a7a214cd8e85e36f6cf3","kind":"commit","published_at":"2014-06-17T06:03:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/3.0.20.github2","html_url":"https://github.com/rails/rails/releases/tag/3.0.20.github2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github2/manifests"},{"name":"v4.1.2.rc2","sha":"5006b63ae3609aee86c4dae603d8dfe80230b1b1","kind":"tag","published_at":"2014-06-16T16:28:54.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.2.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.2.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2.rc2/manifests"},{"name":"v4.0.6.rc2","sha":"13c6bac0b73d4bba9cf0714b65cd1e339ee481b2","kind":"commit","published_at":"2014-06-16T16:14:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.6.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.0.6.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6.rc2/manifests"},{"name":"3.0.20.github1","sha":"b3037287784eddd7a9d311b82cbfae259de8f96d","kind":"commit","published_at":"2014-06-16T03:04:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/3.0.20.github1","html_url":"https://github.com/rails/rails/releases/tag/3.0.20.github1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/3.0.20.github1/manifests"},{"name":"github49","sha":"51d573aabebcf56c17fe755a160f9c4246edd64a","kind":"commit","published_at":"2014-06-13T05:49:17.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github49","html_url":"https://github.com/rails/rails/releases/tag/github49","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github49","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github49/manifests"},{"name":"v4.1.2.rc1","sha":"fcb1afc245455130ca6d42db8760cc7b43b99d18","kind":"tag","published_at":"2014-05-27T16:11:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.2.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.2.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.2.rc1/manifests"},{"name":"v4.0.6.rc1","sha":"100682883ba38cd8420350ef21d47f26e1b9c6c5","kind":"commit","published_at":"2014-05-27T15:58:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.6.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.6.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.6.rc1/manifests"},{"name":"github45","sha":"730e6a273c0f95a39ea9354a733fc6ec62cf11db","kind":"commit","published_at":"2014-05-16T05:06:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github45","html_url":"https://github.com/rails/rails/releases/tag/github45","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github45","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github45/manifests"},{"name":"github44","sha":"7403667b890c3c7a98041ef48a13b46f3c919a89","kind":"commit","published_at":"2014-05-09T14:52:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github44","html_url":"https://github.com/rails/rails/releases/tag/github44","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github44","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github44/manifests"},{"name":"v4.1.1","sha":"254e8e2c97b5df1dafd54cf8f305f7bad05f4a63","kind":"tag","published_at":"2014-05-06T16:17:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.1/manifests"},{"name":"v3.2.18","sha":"50d6b4549d56ac3a82f2096bd479a7b2305b0bf3","kind":"commit","published_at":"2014-05-06T16:03:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.18","html_url":"https://github.com/rails/rails/releases/tag/v3.2.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.18/manifests"},{"name":"v4.0.5","sha":"15ac2f0b6b2702f180707f480eb966a4e3b96e25","kind":"commit","published_at":"2014-05-06T14:32:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.5","html_url":"https://github.com/rails/rails/releases/tag/v4.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.5/manifests"},{"name":"v4.1.0","sha":"4e168015cef61207981d2427d4dbb6cf15f71182","kind":"tag","published_at":"2014-04-08T19:19:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.0","html_url":"https://github.com/rails/rails/releases/tag/v4.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0/manifests"},{"name":"github41","sha":"a141d9de0dcb6eb088e6e04dda238864754f29dc","kind":"commit","published_at":"2014-03-27T12:55:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github41","html_url":"https://github.com/rails/rails/releases/tag/github41","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github41","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github41/manifests"},{"name":"v4.1.0.rc2","sha":"6b6f8b566ef3245f5b25d03c61b2af0a1f55301e","kind":"tag","published_at":"2014-03-25T20:10:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.rc2/manifests"},{"name":"v4.0.4","sha":"2abe4b032d080f7177c6f2e34c9124c468e8a293","kind":"commit","published_at":"2014-03-14T17:35:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.4","html_url":"https://github.com/rails/rails/releases/tag/v4.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.4/manifests"},{"name":"v4.0.4.rc1","sha":"26bfdf9f300be2ada831a34b8eb71f55a9a5122f","kind":"commit","published_at":"2014-03-11T17:28:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.4.rc1/manifests"},{"name":"github40","sha":"4fdaf21b280a4b4be51b35b9db9bbaeb6cceb251","kind":"commit","published_at":"2014-02-18T21:28:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github40","html_url":"https://github.com/rails/rails/releases/tag/github40","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github40","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github40/manifests"},{"name":"v4.1.0.rc1","sha":"78ba185fb91d7066ae5c396ca97034c13054236c","kind":"tag","published_at":"2014-02-18T20:52:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.rc1/manifests"},{"name":"v4.1.0.beta2","sha":"8b20c72dd80e2faf531f308d430a145a253aeac3","kind":"tag","published_at":"2014-02-18T18:45:39.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.0.beta2","html_url":"https://github.com/rails/rails/releases/tag/v4.1.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.beta2/manifests"},{"name":"v4.0.3","sha":"1f6113c6a9f1f2f8e362b0e7702afac5d8cf98db","kind":"tag","published_at":"2014-02-18T18:38:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.3","html_url":"https://github.com/rails/rails/releases/tag/v4.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.3/manifests"},{"name":"v3.2.17","sha":"666e9f65bdfeb6cc5aa80b6254608adc3d7845ce","kind":"tag","published_at":"2014-02-18T18:17:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.17","html_url":"https://github.com/rails/rails/releases/tag/v3.2.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.17/manifests"},{"name":"github39","sha":"d0e554d231ad3a2671bd815da1f38d5a2e924d8f","kind":"tag","published_at":"2014-02-14T05:12:27.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github39","html_url":"https://github.com/rails/rails/releases/tag/github39","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github39","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github39/manifests"},{"name":"github37","sha":"3d7281835686053d5654344f6e5740b606bac588","kind":"commit","published_at":"2014-01-21T02:05:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github37","html_url":"https://github.com/rails/rails/releases/tag/github37","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github37","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github37/manifests"},{"name":"github35","sha":"3766b1b377c39204eca2101eaf1ec607c6c0844e","kind":"commit","published_at":"2014-01-13T21:58:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github35","html_url":"https://github.com/rails/rails/releases/tag/github35","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github35","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github35/manifests"},{"name":"github34","sha":"f63b0340ff63fcda44876472b9f883614c33749e","kind":"commit","published_at":"2014-01-09T05:04:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github34","html_url":"https://github.com/rails/rails/releases/tag/github34","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github34","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github34/manifests"},{"name":"github33","sha":"cedf026a1462764b732a481e3b149148dcc3081c","kind":"commit","published_at":"2013-12-30T04:45:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github33","html_url":"https://github.com/rails/rails/releases/tag/github33","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github33","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github33/manifests"},{"name":"v4.1.0.beta1","sha":"f706d5f945c5751072bb90d080aff154e6858435","kind":"commit","published_at":"2013-12-18T00:10:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.1.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v4.1.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.1.0.beta1/manifests"},{"name":"v4.0.2","sha":"98d06c6bd4eefeeb342d05116fccefa11875cb9b","kind":"tag","published_at":"2013-12-03T01:10:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.2","html_url":"https://github.com/rails/rails/releases/tag/v4.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.2/manifests"},{"name":"v3.2.16","sha":"64226302d82493d9bf67aa9e4fa52b4e0269ee3d","kind":"tag","published_at":"2013-12-03T00:25:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.16","html_url":"https://github.com/rails/rails/releases/tag/v3.2.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.16/manifests"},{"name":"github31","sha":"c0124ba8f356b1a03c7d47fd249be374b6b49b19","kind":"commit","published_at":"2013-12-02T09:43:27.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github31","html_url":"https://github.com/rails/rails/releases/tag/github31","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github31","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github31/manifests"},{"name":"v4.0.1","sha":"5505c1d700f17e2009e1189a7aa6dafafe7062a4","kind":"commit","published_at":"2013-11-01T18:01:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1/manifests"},{"name":"v4.0.1.rc4","sha":"9466dad7468f106bad6f8e2a0b468fb3ab113dcb","kind":"tag","published_at":"2013-10-30T19:30:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.1.rc4","html_url":"https://github.com/rails/rails/releases/tag/v4.0.1.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc4/manifests"},{"name":"github30","sha":"24e5712294c0bbdea776556cb9809e5e7aae8033","kind":"commit","published_at":"2013-10-30T03:32:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github30","html_url":"https://github.com/rails/rails/releases/tag/github30","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github30","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github30/manifests"},{"name":"github29","sha":"3b7754c9505e55d0332f28354b080511d0617d11","kind":"commit","published_at":"2013-10-29T19:10:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github29","html_url":"https://github.com/rails/rails/releases/tag/github29","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github29","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github29/manifests"},{"name":"github28","sha":"76884dd7f79f489c1996462d288f02e95774d8c5","kind":"tag","published_at":"2013-10-25T18:52:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github28","html_url":"https://github.com/rails/rails/releases/tag/github28","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github28","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github28/manifests"},{"name":"github27","sha":"00521f51185eebb960f75e81a86cbb4238043f19","kind":"tag","published_at":"2013-10-24T18:40:05.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github27","html_url":"https://github.com/rails/rails/releases/tag/github27","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github27","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github27/manifests"},{"name":"v4.0.1.rc3","sha":"b91f81c45bce0ecde0901d1a595051b8552a93fa","kind":"commit","published_at":"2013-10-23T21:38:54.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.1.rc3","html_url":"https://github.com/rails/rails/releases/tag/v4.0.1.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc3/manifests"},{"name":"v4.0.1.rc2","sha":"3449a204014c2c4db2238559a75586400766adee","kind":"tag","published_at":"2013-10-21T21:52:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.1.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.0.1.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc2/manifests"},{"name":"v4.0.1.rc1","sha":"3f2bc99024d25c73f5de66a36d3f897c484705b8","kind":"tag","published_at":"2013-10-17T16:42:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.1.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.1.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.1.rc1/manifests"},{"name":"v3.2.15","sha":"538f8ba0c16bb6c57b5b79320fc1a99afd14b0e2","kind":"tag","published_at":"2013-10-16T17:03:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.15","html_url":"https://github.com/rails/rails/releases/tag/v3.2.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15/manifests"},{"name":"github26","sha":"b2c42ec3412a31ed10cf8b794239de6245d1a5d6","kind":"tag","published_at":"2013-10-15T20:30:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github26","html_url":"https://github.com/rails/rails/releases/tag/github26","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github26","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github26/manifests"},{"name":"v3.2.15.rc3","sha":"e3abd78ee58ee8564a69c989e963ae480b8acf9f","kind":"tag","published_at":"2013-10-11T21:16:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.15.rc3","html_url":"https://github.com/rails/rails/releases/tag/v3.2.15.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15.rc3/manifests"},{"name":"v3.2.15.rc2","sha":"5ede19b7725b9f83a2231554b6d583117fbbb4c4","kind":"tag","published_at":"2013-10-04T20:47:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.15.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.15.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15.rc2/manifests"},{"name":"v3.2.15.rc1","sha":"5e277c82085f6258b6aa4a19a90c6ea46686af84","kind":"commit","published_at":"2013-10-03T18:52:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.15.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.15.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.15.rc1/manifests"},{"name":"github25","sha":"685cb901fcc86491a3424a7f2e27f61ba4e135c7","kind":"tag","published_at":"2013-08-27T10:57:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github25","html_url":"https://github.com/rails/rails/releases/tag/github25","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github25","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github25/manifests"},{"name":"github24","sha":"b2969e6b48e4dddff3ea9e6814383f73596c75c4","kind":"tag","published_at":"2013-08-09T04:03:22.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/github24","html_url":"https://github.com/rails/rails/releases/tag/github24","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github24","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/github24/manifests"},{"name":"v3.2.14","sha":"2fcd13eff251ca9e1ff5cf6a13f72c18087daf60","kind":"tag","published_at":"2013-07-22T16:40:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.14","html_url":"https://github.com/rails/rails/releases/tag/v3.2.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.14/manifests"},{"name":"v3.2.14.rc2","sha":"a96df04aac00fb2b7d91978c24741100230a50d4","kind":"tag","published_at":"2013-07-16T16:10:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.14.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.14.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.14.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.14.rc2/manifests"},{"name":"v3.2.14.rc1","sha":"facfc24f256d8367f33a62e3bbea6c0f8c698c1f","kind":"tag","published_at":"2013-07-13T00:23:43.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.14.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.14.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.14.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.14.rc1/manifests"},{"name":"v4.0.0","sha":"375d9a0a7fb329b0fbbd75a13e93e53a00520587","kind":"commit","published_at":"2013-06-25T14:28:29.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.0","html_url":"https://github.com/rails/rails/releases/tag/v4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0/manifests"},{"name":"v4.0.0.rc2","sha":"7b0d3a550328f64f23f38a27864419d72b941f2f","kind":"commit","published_at":"2013-06-11T20:17:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v4.0.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0.rc2/manifests"},{"name":"v4.0.0.rc1","sha":"1ec64297f9347986a11ce38af2cc3434d99c66c2","kind":"commit","published_at":"2013-04-29T15:29:18.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0.rc1/manifests"},{"name":"v2.3.18","sha":"3773c2fc1f63daf3a6f92ef49720e801988ac990","kind":"tag","published_at":"2013-03-18T17:01:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.18","html_url":"https://github.com/rails/rails/releases/tag/v2.3.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.18/manifests"},{"name":"v3.2.13","sha":"a4b55827721a5967299f3c1531afb3d6d81e4ac0","kind":"tag","published_at":"2013-03-18T16:23:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.13","html_url":"https://github.com/rails/rails/releases/tag/v3.2.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.13/manifests"},{"name":"v3.1.12","sha":"0c510c79cb676cdb9d6a65a1fecb8d71edd123b9","kind":"tag","published_at":"2013-03-18T16:18:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.12","html_url":"https://github.com/rails/rails/releases/tag/v3.1.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.12/manifests"},{"name":"v3.2.13.rc2","sha":"ccf256d8dcc68d975bbf00780c3b4096f47e29d3","kind":"tag","published_at":"2013-03-06T23:05:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.13.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.13.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.13.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.13.rc2/manifests"},{"name":"v3.2.13.rc1","sha":"5ca59b02d1cc80f3463eef062ced079eb1b3998c","kind":"commit","published_at":"2013-02-27T20:19:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.13.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.13.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.13.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.13.rc1/manifests"},{"name":"v4.0.0.beta1","sha":"202041e762a98cb433c3a24a0b03308d4e05a99d","kind":"commit","published_at":"2013-02-25T23:07:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v4.0.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v4.0.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v4.0.0.beta1/manifests"},{"name":"v2.3.17","sha":"02d553d24cc976136c59b9278bcfbe114f334087","kind":"tag","published_at":"2013-02-11T03:14:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.17","html_url":"https://github.com/rails/rails/releases/tag/v2.3.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.17/manifests"},{"name":"v3.1.11","sha":"415bf3d126bac64c3b256335af45f23d2881f9bf","kind":"tag","published_at":"2013-02-11T03:08:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.11","html_url":"https://github.com/rails/rails/releases/tag/v3.1.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.11/manifests"},{"name":"v3.2.12","sha":"1dccd44a5c74f20b0406ecc8d39373226f73af35","kind":"tag","published_at":"2013-02-11T03:05:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.12","html_url":"https://github.com/rails/rails/releases/tag/v3.2.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.12/manifests"},{"name":"v3.0.20","sha":"b875be03b50029e94244945f072a6cbbff2e1c24","kind":"tag","published_at":"2013-01-28T20:47:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.20","html_url":"https://github.com/rails/rails/releases/tag/v3.0.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.20/manifests"},{"name":"v2.3.16","sha":"1169552479d6800e6729fb599dcb4a987ef13a6a","kind":"tag","published_at":"2013-01-28T20:43:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.16","html_url":"https://github.com/rails/rails/releases/tag/v2.3.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.16/manifests"},{"name":"v2.3.15","sha":"709af0523337e4c87760cbe118914ed0ab28d326","kind":"tag","published_at":"2013-01-08T19:27:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.15","html_url":"https://github.com/rails/rails/releases/tag/v2.3.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.15/manifests"},{"name":"v3.0.19","sha":"7909e7f10c82be05d989340ad49e9d9c08fb0ead","kind":"tag","published_at":"2013-01-08T19:25:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.19","html_url":"https://github.com/rails/rails/releases/tag/v3.0.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.19/manifests"},{"name":"v3.1.10","sha":"a7dd0bb151d925a7e3cd0aec8f61746729949985","kind":"tag","published_at":"2013-01-08T19:24:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.10","html_url":"https://github.com/rails/rails/releases/tag/v3.1.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.10/manifests"},{"name":"v3.2.11","sha":"746dbd89faf8197e6d6f35f6e428a024923116a2","kind":"tag","published_at":"2013-01-08T19:24:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.11","html_url":"https://github.com/rails/rails/releases/tag/v3.2.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.11/manifests"},{"name":"v3.0.18","sha":"fb06fe48ef45de09691718806abf088ab190a185","kind":"tag","published_at":"2012-12-23T22:31:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.18","html_url":"https://github.com/rails/rails/releases/tag/v3.0.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.18/manifests"},{"name":"v3.1.9","sha":"f1e977cd14b13e316ad8195f49d41608a54891c6","kind":"tag","published_at":"2012-12-23T21:39:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.9","html_url":"https://github.com/rails/rails/releases/tag/v3.1.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.9/manifests"},{"name":"v3.2.10","sha":"8ba3df046f977dddd4bc46248db2a1355bc0ed1e","kind":"tag","published_at":"2012-12-23T21:36:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.10","html_url":"https://github.com/rails/rails/releases/tag/v3.2.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.10/manifests"},{"name":"v3.2.9","sha":"b33cf74a4917c6ac5229ba8d6296d33d0b3437bd","kind":"tag","published_at":"2012-11-12T15:19:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.9","html_url":"https://github.com/rails/rails/releases/tag/v3.2.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9/manifests"},{"name":"v3.2.9.rc3","sha":"db1d5f40714a47c58c13ff7d9643e8a0dec6bef8","kind":"tag","published_at":"2012-11-09T17:51:29.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.9.rc3","html_url":"https://github.com/rails/rails/releases/tag/v3.2.9.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9.rc3/manifests"},{"name":"v3.2.9.rc2","sha":"de3dff317010df12d15225f2bca4a7e914eb596c","kind":"tag","published_at":"2012-11-01T17:38:23.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.9.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.9.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9.rc2/manifests"},{"name":"v3.2.9.rc1","sha":"fdfb3990cde29c48554551d1309b06c8ef584f32","kind":"tag","published_at":"2012-10-29T16:38:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.9.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.9.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.9.rc1/manifests"},{"name":"v3.0.17","sha":"77977f34a5a4ea899f59e31ad869b582285fa5c1","kind":"tag","published_at":"2012-08-09T21:10:34.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.17","html_url":"https://github.com/rails/rails/releases/tag/v3.0.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.17/manifests"},{"name":"v3.1.8","sha":"38bf9cf36864b5656816b1aadf324624dbcb60b9","kind":"tag","published_at":"2012-08-09T21:10:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.8","html_url":"https://github.com/rails/rails/releases/tag/v3.1.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.8/manifests"},{"name":"v3.2.8","sha":"64146cf7babe35fd962576b699fa0deb4cfe0d70","kind":"tag","published_at":"2012-08-09T21:09:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.8","html_url":"https://github.com/rails/rails/releases/tag/v3.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.8/manifests"},{"name":"v3.2.8.rc2","sha":"65b5e35e898ac09a50b61c671d98a3cf92453003","kind":"tag","published_at":"2012-08-03T14:02:12.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.8.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.8.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.8.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.8.rc2/manifests"},{"name":"v3.2.8.rc1","sha":"fcccbacec1d25188619f597bbb75505c79084bc3","kind":"tag","published_at":"2012-08-01T20:51:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.8.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.8.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.8.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.8.rc1/manifests"},{"name":"v3.0.16","sha":"3166606dcbbbea5d6cc07bda233273e1dfa8821d","kind":"tag","published_at":"2012-07-26T21:59:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.16","html_url":"https://github.com/rails/rails/releases/tag/v3.0.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.16/manifests"},{"name":"v3.1.7","sha":"d314a48a40271552837fb795d9cde2fb516d2f78","kind":"tag","published_at":"2012-07-26T21:58:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.7","html_url":"https://github.com/rails/rails/releases/tag/v3.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.7/manifests"},{"name":"v3.2.7","sha":"d1b9cf2d48b4e58da2da563107dd2783e326e287","kind":"tag","published_at":"2012-07-26T21:49:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.7","html_url":"https://github.com/rails/rails/releases/tag/v3.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.7/manifests"},{"name":"v3.2.7.rc1","sha":"753c546df4c8d639a8402552bdd5c9d077610f6c","kind":"tag","published_at":"2012-07-23T21:44:33.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.7.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.7.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.7.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.7.rc1/manifests"},{"name":"2.3.14.github2","sha":"a6eb61b7e4138c999099a7e6ed7b3d2f0a227004","kind":"commit","published_at":"2012-06-13T06:14:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/2.3.14.github2","html_url":"https://github.com/rails/rails/releases/tag/2.3.14.github2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/2.3.14.github2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/2.3.14.github2/manifests"},{"name":"v3.0.15","sha":"def75432c9ead5e717fcd7797973b90fa22b3487","kind":"tag","published_at":"2012-06-13T03:05:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.15","html_url":"https://github.com/rails/rails/releases/tag/v3.0.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.15/manifests"},{"name":"v3.0.14","sha":"4be9dbff206119798e44a2d9973c60bc02685034","kind":"tag","published_at":"2012-06-12T21:15:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.14","html_url":"https://github.com/rails/rails/releases/tag/v3.0.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.14/manifests"},{"name":"v3.1.6","sha":"63dce16202fb7e1517e109266c74db95f95b4cb1","kind":"tag","published_at":"2012-06-12T21:14:12.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.6","html_url":"https://github.com/rails/rails/releases/tag/v3.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.6/manifests"},{"name":"v3.2.6","sha":"8381d398cedf3e95fb073b8110d80f636cff449c","kind":"tag","published_at":"2012-06-12T21:13:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.6","html_url":"https://github.com/rails/rails/releases/tag/v3.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.6/manifests"},{"name":"v3.2.5","sha":"b57fa0bf690b299ba4d8a0051bf06b9cecd3975a","kind":"tag","published_at":"2012-06-01T03:38:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.5","html_url":"https://github.com/rails/rails/releases/tag/v3.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.5/manifests"},{"name":"v3.0.13","sha":"7102fe8d44a9efafac0e74c1aa479d770003f458","kind":"tag","published_at":"2012-05-31T17:55:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.13","html_url":"https://github.com/rails/rails/releases/tag/v3.0.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.13/manifests"},{"name":"v3.1.5","sha":"aa18c0cac01f63fa20095581118548c68b17a3f3","kind":"tag","published_at":"2012-05-31T17:42:43.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.5","html_url":"https://github.com/rails/rails/releases/tag/v3.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.5/manifests"},{"name":"v3.2.4","sha":"febd65223e2b3a40755d23a734f6a77e04b97c88","kind":"tag","published_at":"2012-05-31T17:27:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.4","html_url":"https://github.com/rails/rails/releases/tag/v3.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.4/manifests"},{"name":"v3.2.4.rc1","sha":"fe4dfdd64450662d882b47bf519d885edee453df","kind":"tag","published_at":"2012-05-28T19:32:12.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.4.rc1/manifests"},{"name":"v3.1.5.rc1","sha":"bd8ee8c91293b34c0c3bea1bc541cd1ada7f5b12","kind":"tag","published_at":"2012-05-28T18:55:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.5.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.1.5.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.5.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.5.rc1/manifests"},{"name":"v3.0.13.rc1","sha":"88e7f5176c3b449301636d8acdb2726f854d4644","kind":"tag","published_at":"2012-05-28T18:53:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.13.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.13.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.13.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.13.rc1/manifests"},{"name":"v3.2.3","sha":"45d6cd94b3ef2ec77166def41f29188445b35608","kind":"tag","published_at":"2012-03-30T22:22:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.3","html_url":"https://github.com/rails/rails/releases/tag/v3.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.3/manifests"},{"name":"v3.2.3.rc2","sha":"5284e650be321273a2bb68bf4baa8adeb6bc586b","kind":"tag","published_at":"2012-03-29T16:13:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.3.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.3.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.3.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.3.rc2/manifests"},{"name":"v3.2.3.rc1","sha":"5f3726091851326d4976624db374a20d356b1630","kind":"tag","published_at":"2012-03-27T17:07:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.3.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.3.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.3.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.3.rc1/manifests"},{"name":"v3.0.12","sha":"9d6377ed731bafbe9d20ac7e950c1c135ab02f9f","kind":"tag","published_at":"2012-03-01T17:22:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.12","html_url":"https://github.com/rails/rails/releases/tag/v3.0.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.12/manifests"},{"name":"v3.1.4","sha":"1aabea698b4518f37263af15818a2c9fc7565521","kind":"tag","published_at":"2012-03-01T17:20:54.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.4","html_url":"https://github.com/rails/rails/releases/tag/v3.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.4/manifests"},{"name":"v3.2.2","sha":"01b470f526922ad3fc5562a237d11d45347befa9","kind":"tag","published_at":"2012-03-01T17:17:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.2/manifests"},{"name":"v3.0.12.rc1","sha":"2935435d7058cf00da3989b0e60a28b1472509bd","kind":"tag","published_at":"2012-02-22T21:31:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.12.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.12.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.12.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.12.rc1/manifests"},{"name":"v3.1.4.rc1","sha":"8c677e921a1116085b00b522cea6204587c09754","kind":"tag","published_at":"2012-02-22T20:06:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.1.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.4.rc1/manifests"},{"name":"v3.2.2.rc1","sha":"4bcd437f760cfaf310fece0fe36abe55bccba42b","kind":"tag","published_at":"2012-02-22T20:03:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.2.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.2.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.2.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.2.rc1/manifests"},{"name":"v3.2.1","sha":"67b8fbca921ba7e3e1fc02fe30a20963a67017e5","kind":"tag","published_at":"2012-01-26T22:58:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.1/manifests"},{"name":"v3.2.0","sha":"f36dcaf488b4357a52f43e3912628428956d351f","kind":"commit","published_at":"2012-01-20T16:44:32.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.0","html_url":"https://github.com/rails/rails/releases/tag/v3.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.0/manifests"},{"name":"v3.2.0.rc2","sha":"d268ef2f6599cd58cc27a8c9f0b9b6649f62e6a2","kind":"tag","published_at":"2012-01-04T21:00:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.2.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.0.rc2/manifests"},{"name":"v3.2.0.rc1","sha":"9d6e52b55ec67d0573a0bb1900b13f38e18f7eba","kind":"commit","published_at":"2011-12-20T00:34:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.2.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.2.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.2.0.rc1/manifests"},{"name":"v3.1.3","sha":"e9474c89d9583d50be485bef8fabb31a75b242bb","kind":"commit","published_at":"2011-11-20T22:48:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.3","html_url":"https://github.com/rails/rails/releases/tag/v3.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.3/manifests"},{"name":"v3.1.2","sha":"0e6b118313b5603482df071e30434ddab758f8a1","kind":"commit","published_at":"2011-11-18T01:27:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.2","html_url":"https://github.com/rails/rails/releases/tag/v3.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.2/manifests"},{"name":"v3.0.11","sha":"66a4beb0c9764238e1e8bed83aca88a397039bde","kind":"commit","published_at":"2011-11-18T01:19:17.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.11","html_url":"https://github.com/rails/rails/releases/tag/v3.0.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.11/manifests"},{"name":"2.3.14.github","sha":"fe11782158c82bf60f783cd5799449b9744ca3f0","kind":"commit","published_at":"2011-11-17T20:57:09.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/2.3.14.github","html_url":"https://github.com/rails/rails/releases/tag/2.3.14.github","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/2.3.14.github","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/2.3.14.github/manifests"},{"name":"v3.1.2.rc2","sha":"e29f27ad76b6e031f21bc258a6ff713ec9a16365","kind":"commit","published_at":"2011-11-14T15:44:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.2.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.1.2.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.2.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.2.rc2/manifests"},{"name":"v3.1.2.rc1","sha":"68ed8eae304b64c5049badda6a2cf854b5949831","kind":"commit","published_at":"2011-11-14T14:12:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.2.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.1.2.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.2.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.2.rc1/manifests"},{"name":"v3.1.1","sha":"ba708126d85a020f8984db1a12261bcdba47d70f","kind":"tag","published_at":"2011-10-07T15:14:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.1","html_url":"https://github.com/rails/rails/releases/tag/v3.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1/manifests"},{"name":"v3.1.1.rc3","sha":"57a01f337eb4da7941ec35e5541fa456b060601a","kind":"tag","published_at":"2011-10-06T02:27:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.1.rc3","html_url":"https://github.com/rails/rails/releases/tag/v3.1.1.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1.rc3/manifests"},{"name":"v3.1.1.rc2","sha":"aead5720d75ef3e2babb8d115a8587b2736a5b3b","kind":"tag","published_at":"2011-09-29T22:13:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.1.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.1.1.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1.rc2/manifests"},{"name":"v3.1.1.rc1","sha":"3f9665be11f9938baa9f617f3391cc0d7e3ff10b","kind":"tag","published_at":"2011-09-15T00:17:28.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.1.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.1.1.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.1.rc1/manifests"},{"name":"v3.1.0","sha":"505e84599aff6abf719484636b0515e1ce2e2220","kind":"tag","published_at":"2011-08-31T02:10:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0/manifests"},{"name":"v3.1.0.rc8","sha":"c4ce550f3e28a1dbc4716afc9957f2ec3c426782","kind":"tag","published_at":"2011-08-29T03:23:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc8","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc8/manifests"},{"name":"v3.1.0.rc7","sha":"e4fc8e22c17e222b3057d2b053ba5586a7260db0","kind":"tag","published_at":"2011-08-28T23:55:58.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc7","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc7/manifests"},{"name":"list","sha":"155f734155fd0772d19f4201f244dccd8cdbd126","kind":"commit","published_at":"2011-08-19T20:12:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/list","html_url":"https://github.com/rails/rails/releases/tag/list","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/list","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/list/manifests"},{"name":"v3.1.0.rc6","sha":"633a5693a7c304ec242488dc5aa11c8956b3b294","kind":"tag","published_at":"2011-08-16T22:30:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc6","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc6/manifests"},{"name":"v3.0.10","sha":"4f15f392601d4504fab850f3bf659c43f0cb51ec","kind":"tag","published_at":"2011-08-16T22:10:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.10","html_url":"https://github.com/rails/rails/releases/tag/v3.0.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.10/manifests"},{"name":"v2.3.14","sha":"e0774e47302a907319ed974ccf59b8b54d32bbde","kind":"tag","published_at":"2011-08-16T21:59:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.14","html_url":"https://github.com/rails/rails/releases/tag/v2.3.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.14/manifests"},{"name":"v2.3.13","sha":"dea5a10f716b84a49e3d8fa44efbd3bf1ff1bfda","kind":"tag","published_at":"2011-08-16T21:50:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.13","html_url":"https://github.com/rails/rails/releases/tag/v2.3.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.13/manifests"},{"name":"v3.0.10.rc1","sha":"521c9aa6a85fdb4c6d43d2aeb1af7b4cae2a20f5","kind":"tag","published_at":"2011-08-05T00:10:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.10.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.10.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.10.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.10.rc1/manifests"},{"name":"v3.1.0.rc5","sha":"a5188333aaf219e4000614f49748f459b79b6ef9","kind":"tag","published_at":"2011-07-25T23:06:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc5","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc5/manifests"},{"name":"v3.0.9","sha":"15e2b5887f2185e01b8d92646a7f441b8c1c549e","kind":"commit","published_at":"2011-06-16T10:03:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.9","html_url":"https://github.com/rails/rails/releases/tag/v3.0.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9/manifests"},{"name":"v3.0.9.rc5","sha":"6824c5d1d303f5bbc5c5d390390204fcc0cd6ced","kind":"commit","published_at":"2011-06-12T21:28:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.9.rc5","html_url":"https://github.com/rails/rails/releases/tag/v3.0.9.rc5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc5/manifests"},{"name":"v3.0.9.rc4","sha":"f283194234669d2034653445ca018582dc382c0e","kind":"commit","published_at":"2011-06-12T21:21:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.9.rc4","html_url":"https://github.com/rails/rails/releases/tag/v3.0.9.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc4/manifests"},{"name":"v3.1.0.rc4","sha":"279781f8964c95f842153c98dc245b06f1b1f76e","kind":"commit","published_at":"2011-06-09T22:53:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc4","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc4/manifests"},{"name":"v3.0.9.rc3","sha":"66ec7e84c9710aea7397e9ad92e87063b857c9d5","kind":"commit","published_at":"2011-06-09T22:48:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.9.rc3","html_url":"https://github.com/rails/rails/releases/tag/v3.0.9.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc3/manifests"},{"name":"v3.0.9.rc2","sha":"0e1ecb2e15ab8eaf5641e2ca9eb1c13bf5b304a0","kind":"commit","published_at":"2011-06-09T22:36:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.9.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.9.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc2/manifests"},{"name":"v3.1.0.rc3","sha":"aefd703443807598552f3ea2c81e4e9cb15349df","kind":"tag","published_at":"2011-06-08T21:34:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc3","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc3/manifests"},{"name":"v3.0.9.rc1","sha":"0c1608c4edccbf2a1b6b53d8f1ab7ccacc8cbc65","kind":"tag","published_at":"2011-06-08T21:18:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.9.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.9.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.9.rc1/manifests"},{"name":"v2.3.12","sha":"a2a34133d8347d83c015b1889a774c718644e4d6","kind":"tag","published_at":"2011-06-07T23:55:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.12","html_url":"https://github.com/rails/rails/releases/tag/v2.3.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.12/manifests"},{"name":"v3.0.8","sha":"b341e45d8e75d49a9f599881eea952c2a41af032","kind":"tag","published_at":"2011-06-07T23:52:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.8","html_url":"https://github.com/rails/rails/releases/tag/v3.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8/manifests"},{"name":"v3.1.0.rc2","sha":"d846f4baa5da299d51c72f1bdd098cf982279628","kind":"tag","published_at":"2011-06-07T23:48:30.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc2/manifests"},{"name":"v3.0.8.rc4","sha":"ce23c6e47f184616c8cc9b779c1670e1417adfd0","kind":"tag","published_at":"2011-05-31T00:09:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.8.rc4","html_url":"https://github.com/rails/rails/releases/tag/v3.0.8.rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc4/manifests"},{"name":"v3.0.8.rc3","sha":"f4073d530f76ebd5371017032874e5865ebd8ecb","kind":"tag","published_at":"2011-05-30T19:54:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.8.rc3","html_url":"https://github.com/rails/rails/releases/tag/v3.0.8.rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc3/manifests"},{"name":"v3.0.8.rc2","sha":"d75652540e8bb9fd565e1d251e6fcd9c3f2e8516","kind":"tag","published_at":"2011-05-27T16:30:00.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.8.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.8.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc2/manifests"},{"name":"v3.0.8.rc1","sha":"8b0806e1b0ea2dbe31ab25cfba298425fd0369f4","kind":"tag","published_at":"2011-05-26T00:08:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.8.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.8.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.8.rc1/manifests"},{"name":"v3.1.0.rc1","sha":"82857adc56efd16d22821971fff4c5e24a3c5b55","kind":"commit","published_at":"2011-05-22T01:56:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.rc1/manifests"},{"name":"v3.1.0.beta1","sha":"169ae75e091392e3852d0dfb56fadacef4b7a20b","kind":"commit","published_at":"2011-05-05T01:21:05.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.1.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v3.1.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.1.0.beta1/manifests"},{"name":"v3.0.7","sha":"2c3260147f90e35a6a5e3ce1b520b4de701e701e","kind":"tag","published_at":"2011-04-18T21:03:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.7","html_url":"https://github.com/rails/rails/releases/tag/v3.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.7/manifests"},{"name":"v3.0.7.rc2","sha":"f96ad0d582fd275c6f069e31fe716406a0ba924d","kind":"tag","published_at":"2011-04-15T17:23:20.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.7.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.7.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.7.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.7.rc2/manifests"},{"name":"v3.0.7.rc1","sha":"1787447ada8cf224bf5552c6ae8a3db053fa5839","kind":"tag","published_at":"2011-04-14T21:48:42.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.7.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.7.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.7.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.7.rc1/manifests"},{"name":"v3.0.6","sha":"38df020c95beca7e12f0188cb7e18f3c37789e20","kind":"tag","published_at":"2011-04-05T22:58:48.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.6","html_url":"https://github.com/rails/rails/releases/tag/v3.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.6/manifests"},{"name":"v3.0.6.rc2","sha":"b13be616a11ffa2c489e1b3ee4ae54e234990fcf","kind":"tag","published_at":"2011-03-31T05:26:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.6.rc2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.6.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.6.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.6.rc2/manifests"},{"name":"v3.0.6.rc1","sha":"ba117b2b43a00c282bb4905fb003dd169a5312df","kind":"tag","published_at":"2011-03-29T21:04:42.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.6.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.6.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.6.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.6.rc1/manifests"},{"name":"v3.0.5","sha":"ecc6bb597fba7512e4eb34566fb2e8eaae9e39b8","kind":"tag","published_at":"2011-02-27T02:28:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.5","html_url":"https://github.com/rails/rails/releases/tag/v3.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.5/manifests"},{"name":"v3.0.5.rc1","sha":"ef31b87d8297d0473b73a9c2cdc5b3a7395fae06","kind":"tag","published_at":"2011-02-23T19:13:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.5.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.5.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.5.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.5.rc1/manifests"},{"name":"v3.0.4","sha":"1081ea66a3d864f310a1a55f22229af4e10436a7","kind":"tag","published_at":"2011-02-08T21:24:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.4","html_url":"https://github.com/rails/rails/releases/tag/v3.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.4/manifests"},{"name":"v2.3.11","sha":"b0c3d451a242b53c9992cafa9108d0df52b4f2f0","kind":"tag","published_at":"2011-02-08T21:23:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.11","html_url":"https://github.com/rails/rails/releases/tag/v2.3.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.11/manifests"},{"name":"v3.0.4.rc1","sha":"0cbf9b2946c02a5057958dbd47bc164be16cbab2","kind":"tag","published_at":"2011-01-30T22:56:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.4.rc1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.4.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.4.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.4.rc1/manifests"},{"name":"v3.0.3","sha":"0aca27d407a339683665dcbb2199a1337972bb5e","kind":"commit","published_at":"2010-11-16T16:26:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.3","html_url":"https://github.com/rails/rails/releases/tag/v3.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.3/manifests"},{"name":"v3.0.2","sha":"186e3c71f95316b94e728eb62b519d074d27cea3","kind":"commit","published_at":"2010-11-15T19:23:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.2/manifests"},{"name":"v3.0.1","sha":"bac6ba99b11515374d3251ee4a1d1f3a0002713c","kind":"tag","published_at":"2010-10-14T20:57:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.1/manifests"},{"name":"v2.3.10","sha":"f5ed5c317e2280e41a9185c3000e7fbd1f7b3176","kind":"tag","published_at":"2010-10-14T20:06:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.10","html_url":"https://github.com/rails/rails/releases/tag/v2.3.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.10/manifests"},{"name":"v2.3.9","sha":"a61a39ecd44153676cc56257bbe8bbdf9a727cf9","kind":"commit","published_at":"2010-09-04T21:36:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.9","html_url":"https://github.com/rails/rails/releases/tag/v2.3.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.9/manifests"},{"name":"v2.3.9.pre","sha":"b2c91983dcb5e2a21ea2c0be28f86ad33b48f660","kind":"commit","published_at":"2010-08-30T03:19:05.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.9.pre","html_url":"https://github.com/rails/rails/releases/tag/v2.3.9.pre","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.9.pre","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.9.pre/manifests"},{"name":"v3.0.0","sha":"9891ca89c69732a21743f0349f2995956a7802e7","kind":"commit","published_at":"2010-08-29T22:00:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0/manifests"},{"name":"v3.0.0_RC2","sha":"822fa17c6c0f159eeff01c8fb251e13666f50357","kind":"commit","published_at":"2010-08-24T02:40:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0_RC2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0_RC2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0_RC2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0_RC2/manifests"},{"name":"v3.0.0_RC","sha":"b6f99325613baf0534c10677da9c82ac27b628c0","kind":"commit","published_at":"2010-07-26T21:40:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0_RC","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0_RC","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0_RC","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0_RC/manifests"},{"name":"v3.0.0.beta4","sha":"df40dbe6f13c6799e972b20dcc1fbf11f0a02c61","kind":"commit","published_at":"2010-06-08T22:10:27.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0.beta4","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0.beta4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta4/manifests"},{"name":"v2.3.8","sha":"240f4e944cd90fca138aba8467456043952110cc","kind":"commit","published_at":"2010-05-25T03:53:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.8","html_url":"https://github.com/rails/rails/releases/tag/v2.3.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.8/manifests"},{"name":"v2.3.7","sha":"326188c25efa3721a7e2f68cea3534b3e2850fcf","kind":"commit","published_at":"2010-05-24T07:04:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.7","html_url":"https://github.com/rails/rails/releases/tag/v2.3.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.7/manifests"},{"name":"v2.3.6","sha":"56bb5504dd1fc7314f1bd7a489ddaff973668be2","kind":"commit","published_at":"2010-05-23T06:53:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.6","html_url":"https://github.com/rails/rails/releases/tag/v2.3.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.6/manifests"},{"name":"v3.0.0.beta3","sha":"8e9df34fa3fd22719d939ba72f19b3ae9ffcc018","kind":"commit","published_at":"2010-04-13T21:07:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0.beta3","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0.beta3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta3/manifests"},{"name":"v3.0.0.beta.3","sha":"8e9df34fa3fd22719d939ba72f19b3ae9ffcc018","kind":"commit","published_at":"2010-04-13T21:07:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0.beta.3","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0.beta.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta.3/manifests"},{"name":"v3.0.0.beta2","sha":"f0364d87f03d58312bcab1b2f17b5b56b6c72653","kind":"commit","published_at":"2010-04-01T21:20:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0.beta2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0.beta2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta2/manifests"},{"name":"v3.0.0.beta.2","sha":"f0364d87f03d58312bcab1b2f17b5b56b6c72653","kind":"commit","published_at":"2010-04-01T21:20:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0.beta.2","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0.beta.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta.2/manifests"},{"name":"v3.0.0.beta1","sha":"c548e213658386f3a5b00097bc5b30bf3736e6b4","kind":"commit","published_at":"2010-02-05T17:24:12.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v3.0.0.beta1","html_url":"https://github.com/rails/rails/releases/tag/v3.0.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v3.0.0.beta1/manifests"},{"name":"v2.3.5","sha":"bfe032858077bb2946abe25e95e485ba6da86bd5","kind":"tag","published_at":"2009-11-27T00:26:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.5","html_url":"https://github.com/rails/rails/releases/tag/v2.3.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.5/manifests"},{"name":"v2.2.3","sha":"a60779f7e69a7045a308844e9464d7d6b9cac94d","kind":"tag","published_at":"2009-09-23T22:13:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.2.3","html_url":"https://github.com/rails/rails/releases/tag/v2.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.3/manifests"},{"name":"v2.3.4","sha":"a43ef2436cc6b63af35636127e42495ceb538cee","kind":"tag","published_at":"2009-09-04T00:16:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.4","html_url":"https://github.com/rails/rails/releases/tag/v2.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.4/manifests"},{"name":"v2.3.3.1","sha":"c7bcbb983f84e306e2b43adb698060e060605de9","kind":"tag","published_at":"2009-07-19T05:29:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.3.1","html_url":"https://github.com/rails/rails/releases/tag/v2.3.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.3.1/manifests"},{"name":"v2.3.3","sha":"a147becfb86b689ab25e92edcfbb4bcc04108099","kind":"tag","published_at":"2009-07-16T04:25:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.3","html_url":"https://github.com/rails/rails/releases/tag/v2.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.3/manifests"},{"name":"v2.3.2.1","sha":"dc88847e5ce392eed210b97525c14fca55852867","kind":"commit","published_at":"2009-03-17T12:26:34.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.2.1","html_url":"https://github.com/rails/rails/releases/tag/v2.3.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.2.1/manifests"},{"name":"v2.3.2","sha":"73fc42cc0b5e94541480032c2941a50edd4080c2","kind":"commit","published_at":"2009-03-16T03:06:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.2","html_url":"https://github.com/rails/rails/releases/tag/v2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.2/manifests"},{"name":"v2.3.1","sha":"b1c989f28dd1d619f0e3e3ca1b894b686e517f2f","kind":"commit","published_at":"2009-03-05T11:22:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.1","html_url":"https://github.com/rails/rails/releases/tag/v2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.1/manifests"},{"name":"v2.3.0","sha":"beca1f2e151558ded3d5a4efebd328ab2533edc6","kind":"commit","published_at":"2009-02-02T00:21:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.3.0","html_url":"https://github.com/rails/rails/releases/tag/v2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.3.0/manifests"},{"name":"v2.2.2","sha":"ff561370739eb809d1d006ea842cd2b1e43f6950","kind":"commit","published_at":"2008-11-21T16:25:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.2.2","html_url":"https://github.com/rails/rails/releases/tag/v2.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.2/manifests"},{"name":"v2.2.1","sha":"44c3b865ac52a7c9a6312982ba0f6c20d7ad41e1","kind":"commit","published_at":"2008-11-14T15:11:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.2.1","html_url":"https://github.com/rails/rails/releases/tag/v2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.1/manifests"},{"name":"v2.2.0","sha":"a17fc20eb122d45a017e99e592e5e159025ab26b","kind":"tag","published_at":"2008-10-24T14:42:03.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.2.0","html_url":"https://github.com/rails/rails/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.2.0/manifests"},{"name":"v2.1.2","sha":"15af6b315ee65afbc873889b6ad81b7e6b7e1b35","kind":"commit","published_at":"2008-10-23T16:16:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.1.2","html_url":"https://github.com/rails/rails/releases/tag/v2.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.2/manifests"},{"name":"v2.0.4","sha":"e724e3ede67b4199db8765e00d370e6a7bd401e6","kind":"tag","published_at":"2008-10-20T06:45:15.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.4","html_url":"https://github.com/rails/rails/releases/tag/v2.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.4/manifests"},{"name":"v2.0.5","sha":"c329794e7334f3d355d0a039e23a7145ad40ed35","kind":"tag","published_at":"2008-10-19T20:22:27.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.5","html_url":"https://github.com/rails/rails/releases/tag/v2.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.5/manifests"},{"name":"v2.1.1","sha":"d4eb3c0b7d13d3898c14d6ea7bfbc1853394f4e8","kind":"commit","published_at":"2008-09-04T14:31:40.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.1.1","html_url":"https://github.com/rails/rails/releases/tag/v2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.1/manifests"},{"name":"v2.1.0","sha":"71528b1825ce5184b23d09f923cb72f4073ce8ed","kind":"commit","published_at":"2008-06-01T00:22:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.1.0","html_url":"https://github.com/rails/rails/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.0/manifests"},{"name":"v2.0.3","sha":"44d721c193e5bc9d1fd9073ff65a241039467d7a","kind":"tag","published_at":"2008-05-12T00:04:24.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.3","html_url":"https://github.com/rails/rails/releases/tag/v2.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.3/manifests"},{"name":"v2.1.0_RC1","sha":"d2212c1601dcd67e72e9d52f98347d3285fd7134","kind":"tag","published_at":"2008-05-12T00:02:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.1.0_RC1","html_url":"https://github.com/rails/rails/releases/tag/v2.1.0_RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.0_RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.1.0_RC1/manifests"},{"name":"v2.0.2","sha":"c8da518bbfedc2a06b1d96912ddae00e57f21748","kind":"tag","published_at":"2008-04-11T00:25:55.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.2","html_url":"https://github.com/rails/rails/releases/tag/v2.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.2/manifests"},{"name":"v2.0.1","sha":"db885e81b9dc918a75bd66b1631a13e10447d0ff","kind":"tag","published_at":"2008-04-11T00:25:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.1","html_url":"https://github.com/rails/rails/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.1/manifests"},{"name":"v2.0.0_RC2","sha":"1d32cec17d768ac78d52903f5ed8b19cc37c7f78","kind":"tag","published_at":"2008-04-11T00:25:52.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.0_RC2","html_url":"https://github.com/rails/rails/releases/tag/v2.0.0_RC2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0_RC2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0_RC2/manifests"},{"name":"v2.0.0_RC1","sha":"0f2c6302a19abce498d6cdbd44df0131c51fc8a3","kind":"tag","published_at":"2008-04-11T00:25:50.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.0_RC1","html_url":"https://github.com/rails/rails/releases/tag/v2.0.0_RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0_RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0_RC1/manifests"},{"name":"v2.0.0_PR","sha":"7275d2749cb829d89bffe7e6aa87c99084351f6a","kind":"tag","published_at":"2008-04-11T00:25:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.0_PR","html_url":"https://github.com/rails/rails/releases/tag/v2.0.0_PR","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0_PR","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0_PR/manifests"},{"name":"v2.0.0","sha":"db885e81b9dc918a75bd66b1631a13e10447d0ff","kind":"tag","published_at":"2008-04-11T00:25:47.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v2.0.0","html_url":"https://github.com/rails/rails/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v2.0.0/manifests"},{"name":"v1.2.6","sha":"9c190098e0f80cf2638223142f335ffb25212b86","kind":"tag","published_at":"2008-04-11T00:25:45.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.6","html_url":"https://github.com/rails/rails/releases/tag/v1.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.6/manifests"},{"name":"v1.2.5","sha":"d201969236f1696e70c73e12a93229feac69ceda","kind":"tag","published_at":"2008-04-11T00:25:44.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.5","html_url":"https://github.com/rails/rails/releases/tag/v1.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.5/manifests"},{"name":"v1.2.4","sha":"478cd8223c5ef43abbbb347c5517910a5ab91b67","kind":"tag","published_at":"2008-04-11T00:25:42.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.4","html_url":"https://github.com/rails/rails/releases/tag/v1.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.4/manifests"},{"name":"v1.2.3","sha":"30549718ac827f3ae8c7afc8dc9a6bf639e4e65c","kind":"tag","published_at":"2008-04-11T00:25:41.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.3","html_url":"https://github.com/rails/rails/releases/tag/v1.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.3/manifests"},{"name":"v1.2.2","sha":"e73bdfc31be5acfddefdff6fa40515c145241f52","kind":"tag","published_at":"2008-04-11T00:25:39.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.2","html_url":"https://github.com/rails/rails/releases/tag/v1.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.2/manifests"},{"name":"v1.2.1","sha":"03e763ffc823531ea5a5a3be7134318f85370139","kind":"tag","published_at":"2008-04-11T00:25:37.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.1","html_url":"https://github.com/rails/rails/releases/tag/v1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.1/manifests"},{"name":"v1.2.0_RC2","sha":"83a21f75cf518b7f50581041cfce038c196a56b5","kind":"tag","published_at":"2008-04-11T00:25:36.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.0_RC2","html_url":"https://github.com/rails/rails/releases/tag/v1.2.0_RC2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.0_RC2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.0_RC2/manifests"},{"name":"v1.2.0_RC1","sha":"12949bbc135a33c9618e7816105d70b8a9c7e426","kind":"tag","published_at":"2008-04-11T00:25:34.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.0_RC1","html_url":"https://github.com/rails/rails/releases/tag/v1.2.0_RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.0_RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.0_RC1/manifests"},{"name":"v1.2.0","sha":"5988aaa50e72643b021ec5e8562d14a39b4f54e1","kind":"tag","published_at":"2008-04-11T00:25:31.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.2.0","html_url":"https://github.com/rails/rails/releases/tag/v1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.2.0/manifests"},{"name":"v1.1.6","sha":"e071b60e17913e210baf9bf77c4c5c0bb344d999","kind":"tag","published_at":"2008-04-11T00:25:29.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.6","html_url":"https://github.com/rails/rails/releases/tag/v1.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.6/manifests"},{"name":"v1.1.5","sha":"4874df1d674bccbe2fa41a12bb93fa63a5d489ee","kind":"tag","published_at":"2008-04-11T00:25:28.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.5","html_url":"https://github.com/rails/rails/releases/tag/v1.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.5/manifests"},{"name":"v1.1.4","sha":"14f11a73ed8cd50fa9075e3f068feaf3b89686ba","kind":"tag","published_at":"2008-04-11T00:25:26.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.4","html_url":"https://github.com/rails/rails/releases/tag/v1.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.4/manifests"},{"name":"v1.1.3","sha":"0c516b370b08e3e095fe24cc0e2b8d52fdecf9e0","kind":"tag","published_at":"2008-04-11T00:25:25.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.3","html_url":"https://github.com/rails/rails/releases/tag/v1.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.3/manifests"},{"name":"v1.1.2","sha":"83824935518f62cee9cc1c120b125085072f583c","kind":"tag","published_at":"2008-04-11T00:25:21.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.2","html_url":"https://github.com/rails/rails/releases/tag/v1.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.2/manifests"},{"name":"v1.1.1","sha":"496725022a09cd2100e1550745064fb5a6308ee4","kind":"tag","published_at":"2008-04-11T00:25:19.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.1","html_url":"https://github.com/rails/rails/releases/tag/v1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.1/manifests"},{"name":"v1.1.0_RC1","sha":"330823687bbae1c05af6545912377d317300c1bb","kind":"tag","published_at":"2008-04-11T00:25:18.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.0_RC1","html_url":"https://github.com/rails/rails/releases/tag/v1.1.0_RC1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.0_RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.0_RC1/manifests"},{"name":"v1.1.0","sha":"9babb2014ba101e8c4a7b7808c3e3624ee7bb8d7","kind":"tag","published_at":"2008-04-11T00:25:16.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.1.0","html_url":"https://github.com/rails/rails/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.1.0/manifests"},{"name":"v1.0.0","sha":"37e0d5de899cfbb3703067daefe2546215aaa4cc","kind":"tag","published_at":"2008-04-11T00:25:14.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v1.0.0","html_url":"https://github.com/rails/rails/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v1.0.0/manifests"},{"name":"v0.9.5","sha":"11611c1b002243a766c86c374b812c61a5b672c7","kind":"tag","published_at":"2008-04-11T00:25:13.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.9.5","html_url":"https://github.com/rails/rails/releases/tag/v0.9.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.5/manifests"},{"name":"v0.9.4.1","sha":"03e44cbcb2426a97dd35f76bc2ac6491c69821b1","kind":"tag","published_at":"2008-04-11T00:25:11.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.9.4.1","html_url":"https://github.com/rails/rails/releases/tag/v0.9.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.4.1/manifests"},{"name":"v0.9.4","sha":"3b9be80a3a6b83156562d218e459822a51d6795c","kind":"tag","published_at":"2008-04-11T00:25:10.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.9.4","html_url":"https://github.com/rails/rails/releases/tag/v0.9.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.4/manifests"},{"name":"v0.9.3","sha":"b3739fca2c185831c97efdd9fdcaa23476863539","kind":"tag","published_at":"2008-04-11T00:25:08.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.9.3","html_url":"https://github.com/rails/rails/releases/tag/v0.9.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.3/manifests"},{"name":"v0.9.2","sha":"d9c0a37f37402fa128302b7c048201d2180a029e","kind":"tag","published_at":"2008-04-11T00:25:07.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.9.2","html_url":"https://github.com/rails/rails/releases/tag/v0.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.2/manifests"},{"name":"v0.9.1","sha":"ed14042feac6ff84670958fc3e2017aaacac5856","kind":"tag","published_at":"2008-04-11T00:25:06.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.9.1","html_url":"https://github.com/rails/rails/releases/tag/v0.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.9.1/manifests"},{"name":"v0.14.4","sha":"93bd3b00e16cb6d79d38480e1827935067c8c771","kind":"tag","published_at":"2008-04-11T00:25:04.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.14.4","html_url":"https://github.com/rails/rails/releases/tag/v0.14.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.4/manifests"},{"name":"v0.14.3","sha":"c2eb22e5c69caba0f9eeb5b95558837d0d572f44","kind":"tag","published_at":"2008-04-11T00:25:02.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.14.3","html_url":"https://github.com/rails/rails/releases/tag/v0.14.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.3/manifests"},{"name":"v0.14.2","sha":"98b0b117f755a5d27ac5161dc7d0757c3c217230","kind":"tag","published_at":"2008-04-11T00:25:01.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.14.2","html_url":"https://github.com/rails/rails/releases/tag/v0.14.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.2/manifests"},{"name":"v0.14.1","sha":"b437eee41d38188f10f11e041b82d7def0a20629","kind":"tag","published_at":"2008-04-11T00:24:59.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.14.1","html_url":"https://github.com/rails/rails/releases/tag/v0.14.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.14.1/manifests"},{"name":"v0.13.1","sha":"1911f8eee928915f1020753a4a3ba34c81131a66","kind":"tag","published_at":"2008-04-11T00:24:57.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.13.1","html_url":"https://github.com/rails/rails/releases/tag/v0.13.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.13.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.13.1/manifests"},{"name":"v0.13.0","sha":"a0d31fcd81ef690adf56568aa954a07081c6aecc","kind":"tag","published_at":"2008-04-11T00:24:56.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.13.0","html_url":"https://github.com/rails/rails/releases/tag/v0.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.13.0/manifests"},{"name":"v0.12.0","sha":"0270b26e41f33d66af3a2bea1371af037b0b5923","kind":"tag","published_at":"2008-04-11T00:24:54.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.12.0","html_url":"https://github.com/rails/rails/releases/tag/v0.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.12.0/manifests"},{"name":"v0.11.1","sha":"f7b89667ac4157d64697aa2f51bcea8a26c0fd8f","kind":"tag","published_at":"2008-04-11T00:24:53.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.11.1","html_url":"https://github.com/rails/rails/releases/tag/v0.11.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.11.1/manifests"},{"name":"v0.11.0","sha":"61d236d94133fb7ae2f0dce0badaf2bf07b301b7","kind":"tag","published_at":"2008-04-11T00:24:51.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.11.0","html_url":"https://github.com/rails/rails/releases/tag/v0.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.11.0/manifests"},{"name":"v0.10.1","sha":"25b656fefa75954cffff119a14cf7650f4f99a92","kind":"tag","published_at":"2008-04-11T00:24:49.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.10.1","html_url":"https://github.com/rails/rails/releases/tag/v0.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.10.1/manifests"},{"name":"v0.10.0","sha":"e2724aa1856253f4fc48ddc251583042c5f06029","kind":"tag","published_at":"2008-04-11T00:24:46.000Z","download_url":"https://codeload.github.com/rails/rails/tar.gz/v0.10.0","html_url":"https://github.com/rails/rails/releases/tag/v0.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rails%2Frails/tags/v0.10.0/manifests"}]},"repo_metadata_updated_at":"2025-06-07T01:40:32.594Z","dependent_packages_count":369,"downloads":605374996,"downloads_period":"total","dependent_repos_count":601072,"rankings":{"downloads":0.02731905308816806,"dependent_repos_count":0.023973862914106667,"dependent_packages_count":0.12488709983162544,"stargazers_count":0.0016725950870306978,"forks_count":0.0011150633913537984,"docker_downloads_count":0.1427281140932862,"average":0.053615964734261806},"purl":"pkg:gem/actionview","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2ZzUtMndoMy1nYzlq","url":"https://github.com/advisories/GHSA-86g5-2wh3-gc9j","title":"Path Traversal in Action View","description":"# File Content Disclosure in Action View\n\nImpact \n------ \nThere is a possible file content disclosure vulnerability in Action View.  Specially crafted accept headers in combination with calls to `render file:`  can cause arbitrary files on the target server to be rendered, disclosing the  file contents. \n\nThe impact is limited to calls to `render` which render file contents without  a specified accept format.  Impacted code in a controller looks something like this: \n\n``` ruby\nclass UserController \u003c ApplicationController \n  def index \n    render file: \"#{Rails.root}/some/file\" \n  end \nend \n``` \n\nRendering templates as opposed to files is not impacted by this vulnerability. \n\nAll users running an affected release should either upgrade or use one of the workarounds immediately. \n\nReleases \n-------- \nThe 6.0.0.beta3, 5.2.2.1, 5.1.6.2, 5.0.7.2, and 4.2.11.1 releases are available at the normal locations. \n\nWorkarounds \n----------- \nThis vulnerability can be mitigated by specifying a format for file rendering, like this: \n\n``` ruby\nclass UserController \u003c ApplicationController \n  def index \n    render file: \"#{Rails.root}/some/file\", formats: [:html] \n  end \nend \n``` \n\nIn summary, impacted calls to `render` look like this: \n\n``` \nrender file: \"#{Rails.root}/some/file\" \n``` \n\nThe vulnerability can be mitigated by changing to this: \n\n``` \nrender file: \"#{Rails.root}/some/file\", formats: [:html] \n``` \n\nOther calls to `render` are not impacted. \n\nAlternatively, the following monkey patch can be applied in an initializer: \n\n``` ruby\n$ cat config/initializers/formats_filter.rb \n# frozen_string_literal: true \n\nActionDispatch::Request.prepend(Module.new do \n  def formats \n    super().select do |format| \n      format.symbol || format.ref == \"*/*\" \n    end \n  end \nend) \n``` \n\nCredits \n------- \nThanks to John Hawthorn \u003cjohn@hawthorn.email\u003e of GitHub ","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2019-03-13T17:26:59.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-5418","https://access.redhat.com/errata/RHSA-2019:0796","https://access.redhat.com/errata/RHSA-2019:1147","https://access.redhat.com/errata/RHSA-2019:1149","https://access.redhat.com/errata/RHSA-2019:1289","https://github.com/advisories/GHSA-86g5-2wh3-gc9j","https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q","https://groups.google.com/forum/#!topic/rubyonrails-security/zRNVOUhKHrg","https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/","https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/","https://www.exploit-db.com/exploits/46585/","http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html","http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html","http://www.openwall.com/lists/oss-security/2019/03/22/1"],"source_kind":"github","identifiers":["GHSA-86g5-2wh3-gc9j","CVE-2019-5418"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"4.2.11.1","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.2.11.0"},{"first_patched_version":"5.2.2.1","vulnerable_version_range":"\u003e= 5.2.0, \u003c= 5.2.2.0"},{"first_patched_version":"5.0.7.2","vulnerable_version_range":"\u003e= 5.0.0, \u003c= 5.0.7.1"},{"first_patched_version":"5.1.6.2","vulnerable_version_range":"\u003e= 5.1.0, \u003c= 5.1.6.1"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:59.072Z","updated_at":"2023-08-17T05:02:29.000Z","epss_percentage":0.94231,"epss_percentile":0.99913},{"uuid":"GSA_kwCzR0hTQS14cDVoLWY4amYtcmM4cc4AAzxa","url":"https://github.com/advisories/GHSA-xp5h-f8jf-rc8q","title":"rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements","description":"NOTE: rails-ujs is part of Rails/actionview since 5.1.0.\n\nThere is a potential DOM based cross-site scripting issue in rails-ujs\nwhich leverages the Clipboard API to target HTML elements that are\nassigned the contenteditable attribute. This has the potential to\noccur when pasting malicious HTML content from the clipboard that\nincludes a data-method, data-remote or data-disable-with attribute.\n\nThis vulnerability has been assigned the CVE identifier CVE-2023-23913.\n\nNot affected: \u003c 5.1.0\nVersions Affected: \u003e= 5.1.0\nFixed Versions: 6.1.7.3, 7.0.4.3\n\nImpact\n  If the specified malicious HTML clipboard content is provided to a\n  contenteditable element, this could result in the arbitrary execution\n  of javascript on the origin in question.\n\nReleases\n  The FIXED releases are available at the normal locations.\n\nWorkarounds\n  We recommend that all users upgrade to one of the FIXED versions.\n  In the meantime, users can attempt to mitigate this vulnerability\n  by removing the contenteditable attribute from elements in pages\n  that rails-ujs will interact with.\n\nPatches\n  To aid users who aren’t able to upgrade immediately we have provided\n  patches for the two supported release series. They are in git-am\n  format and consist of a single changeset.\n\n* rails-ujs-data-method-contenteditable-6-1.patch - Patch for 6.1 series\n* rails-ujs-data-method-contenteditable-7-0.patch - Patch for 7.0 series\n\nPlease note that only the 7.0.Z and 6.1.Z series are\nsupported at present, and 6.0.Z for severe vulnerabilities.\n\nUsers of earlier unsupported releases are advised to upgrade as\nsoon as possible as we cannot guarantee the continued availability\nof security fixes for unsupported releases.\n\nCredits\n  We would like to thank ryotak 15 for reporting this!\n\n* rails-ujs-data-method-contenteditable-6-1.patch (8.5 KB)\n* rails-ujs-data-method-contenteditable-7-0.patch (8.5 KB)\n* rails-ujs-data-method-contenteditable-main.patch (8.9 KB)\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2023-06-09T22:41:16.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/rails/rails/commit/5037a13614d71727af8a175063bcf6ba1a74bdbd","https://github.com/rails/rails/commit/73009ea59a811b28e8ec2a9c9bc24635aa891214","https://discuss.rubyonrails.org/t/cve-2023-23913-dom-based-cross-site-scripting-in-rails-ujs-for-contenteditable-html-elements/82468","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2023-23913.yml","https://nvd.nist.gov/vuln/detail/CVE-2023-23913","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033263","https://security.netapp.com/advisory/ntap-20240605-0007","https://www.debian.org/security/2023/dsa-5389","https://github.com/advisories/GHSA-xp5h-f8jf-rc8q"],"source_kind":"github","identifiers":["GHSA-xp5h-f8jf-rc8q","CVE-2023-23913"],"repository_url":"https://github.com/rails/rails","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"7.0.4.3","vulnerable_version_range":"\u003e= 7.0.0, \u003c 7.0.4.3"},{"first_patched_version":"6.1.7.3","vulnerable_version_range":"\u003e= 5.1.0, \u003c 6.1.7.3"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2023-06-09T23:03:22.879Z","updated_at":"2025-01-09T18:57:26.000Z","epss_percentage":0.00033,"epss_percentile":0.07892},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjM20tdjI4Ni0yandq","url":"https://github.com/advisories/GHSA-pc3m-v286-2jwj","title":"actionview Cross-site Scripting vulnerability","description":"Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as \"HTML safe\" and used as attribute values in tag handlers.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2017-10-24T18:33:35.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2016-6316","https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE","http://rhn.redhat.com/errata/RHSA-2016-1855.html","http://rhn.redhat.com/errata/RHSA-2016-1856.html","http://rhn.redhat.com/errata/RHSA-2016-1857.html","http://rhn.redhat.com/errata/RHSA-2016-1858.html","http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/","http://www.debian.org/security/2016/dsa-3651","http://www.openwall.com/lists/oss-security/2016/08/11/3","https://web.archive.org/web/20200227202008/http://www.securityfocus.com/bid/92430","https://web.archive.org/web/20200812154343/https://puppet.com/security/cve/cve-2016-6316","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2016-6316.yml","https://groups.google.com/forum/#!topic/rubyonrails-security/I-VWr034ouk","https://github.com/advisories/GHSA-pc3m-v286-2jwj"],"source_kind":"github","identifiers":["GHSA-pc3m-v286-2jwj","CVE-2016-6316"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"5.0.0.1","vulnerable_version_range":"= 5.0.0"},{"first_patched_version":"4.2.7.1","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.2.7"},{"first_patched_version":"3.2.22.3","vulnerable_version_range":"\u003e= 3.0.0, \u003c= 3.2.22.2"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:47.186Z","updated_at":"2023-11-06T05:05:11.000Z","epss_percentage":0.02338,"epss_percentile":0.83942},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmanYtNTQ5OC1tcGg1","url":"https://github.com/advisories/GHSA-cfjv-5498-mph5","title":"XSS in Action View","description":"There is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks.\n\n### Impact\n\nWhen an HTML-unsafe string is passed as the default for a missing translation key [named `html` or ending in `_html`](https://guides.rubyonrails.org/i18n.html#using-safe-html-translations), the default string is incorrectly marked as HTML-safe and not escaped. Vulnerable code may look like the following examples:\n\n```erb\n\u003c%# The welcome_html translation is not defined for the current locale: %\u003e\n\u003c%= t(\"welcome_html\", default: untrusted_user_controlled_string) %\u003e\n\n\u003c%# Neither the title.html translation nor the missing.html translation is defined for the current locale: %\u003e\n\u003c%= t(\"title.html\", default: [:\"missing.html\", untrusted_user_controlled_string]) %\u003e\n```\n\n### Patches\n\nPatched Rails versions, 6.0.3.3 and 5.2.4.4, are available from the normal locations.\n\nThe patches have also been applied to the `master`, `6-0-stable`, and `5-2-stable` branches on GitHub. If you track any of these branches, you should update to the latest.\n\nTo aid users who aren’t able to upgrade immediately, we’ve provided patches for the two supported release series. They are in git-am format and consist of a single changeset.\n\n* [5-2-translate-helper-xss.patch](https://gist.github.com/georgeclaghorn/a466e103922ee81f24c32c9034089442#file-5-2-translate-helper-xss-patch) — patch for the 5.2 release series\n* [6-0-translate-helper-xss.patch](https://gist.github.com/georgeclaghorn/a466e103922ee81f24c32c9034089442#file-6-0-translate-helper-xss-patch) — patch for the 6.0 release series\n\nPlease note that only the 5.2 and 6.0 release series are currently supported. Users of earlier, unsupported releases are advised to update as soon as possible, as we cannot provide security fixes for unsupported releases.\n\n### Workarounds\n\nImpacted users who can’t upgrade to a patched Rails version can avoid this issue by manually escaping default translations with the `html_escape` helper (aliased as `h`):\n\n```erb\n\u003c%= t(\"welcome_html\", default: h(untrusted_user_controlled_string)) %\u003e\n```","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-09-11T15:19:57.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/rails/rails/security/advisories/GHSA-cfjv-5498-mph5","https://github.com/rails/rails/commit/e663f084460ea56c55c3dc76f78c7caeddeeb02e","https://nvd.nist.gov/vuln/detail/CVE-2020-15169","https://www.debian.org/security/2020/dsa-4766","https://lists.debian.org/debian-lts-announce/2020/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJ7NUWXAEVRQCROIIBV4C6WXO6IR3KSB/","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-15169.yml","https://groups.google.com/g/rubyonrails-security/c/b-C9kSGXYrc","https://github.com/advisories/GHSA-cfjv-5498-mph5"],"source_kind":"github","identifiers":["GHSA-cfjv-5498-mph5","CVE-2020-15169"],"repository_url":"https://github.com/rails/rails","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"5.2.4.4","vulnerable_version_range":"\u003c= 5.2.4.3"},{"first_patched_version":"6.0.3.3","vulnerable_version_range":"\u003e= 6.0.0.0, \u003c= 6.0.3.2"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:13:14.011Z","updated_at":"2023-05-04T19:48:02.000Z","epss_percentage":0.0115,"epss_percentile":0.77352},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4MzQtcjkyZi1qajQy","url":"https://github.com/advisories/GHSA-6834-r92f-jj42","title":"Moderate severity vulnerability that affects actionview","description":"Withdrawn, accidental duplicate publish.\n\nDirectory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2018-09-17T21:55:54.000Z","withdrawn_at":"2020-06-16T21:18:20.000Z","classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2016-0752","https://github.com/advisories/GHSA-6834-r92f-jj42"],"source_kind":"github","identifiers":["GHSA-6834-r92f-jj42"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"4.2.5.1","vulnerable_version_range":"\u003e= 4.2.0, \u003c= 4.2.5.0"},{"first_patched_version":"4.1.14.1","vulnerable_version_range":"\u003e= 4.1.0, \u003c= 4.1.14.0"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:41.298Z","updated_at":"2023-01-09T05:02:46.000Z","epss_percentage":null,"epss_percentile":null},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhycjQtcDZmcS1oamc3","url":"https://github.com/advisories/GHSA-xrr4-p6fq-hjg7","title":"Directory traversal vulnerability in Action View in Ruby on Rails","description":"Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a `..` (dot dot) in a pathname.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2017-10-24T18:33:35.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2016-0752","https://github.com/advisories/GHSA-xrr4-p6fq-hjg7","http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html","http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html","http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html","http://rhn.redhat.com/errata/RHSA-2016-0296.html","http://www.debian.org/security/2016/dsa-3464","http://www.openwall.com/lists/oss-security/2016/01/25/13","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2016-0752.yml","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2016-0752.yml","https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00","https://web.archive.org/web/20210618005620/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ","https://web.archive.org/web/20210621170450/http://www.securityfocus.com/bid/81801","https://web.archive.org/web/20210723192420/http://www.securitytracker.com/id/1034816","https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ","https://www.exploit-db.com/exploits/40561","http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html","http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html","http://www.securityfocus.com/bid/81801","http://www.securitytracker.com/id/1034816"],"source_kind":"github","identifiers":["GHSA-xrr4-p6fq-hjg7","CVE-2016-0752"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"3.2.22.1","vulnerable_version_range":"\u003c 3.2.22.1"},{"first_patched_version":"4.2.5.1","vulnerable_version_range":"\u003e= 4.2.0, \u003c= 4.2.5.0"},{"first_patched_version":"4.1.14.1","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.1.14.0"}],"ecosystem":"rubygems","package_name":"actionpack"},{"versions":[{"first_patched_version":"4.2.5.1","vulnerable_version_range":"\u003e= 4.2.0, \u003c= 4.2.5.0"},{"first_patched_version":"4.1.14.1","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.1.14.0"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:59.630Z","updated_at":"2024-07-16T20:12:50.000Z","epss_percentage":0.92767,"epss_percentile":0.99741},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhxNWotZ3c3Zi1qZ2o4","url":"https://github.com/advisories/GHSA-xq5j-gw7f-jgj8","title":"CSRF Vulnerability in rails-ujs","description":"There is a vulnerability in rails-ujs that allows attackers to send CSRF tokens to wrong domains.\n\nVersions Affected:  rails \u003c= 6.0.3\nNot affected:       Applications which don't use rails-ujs.\nFixed Versions:     rails \u003e= 5.2.4.3, rails \u003e= 6.0.3.1\n\nImpact\n------\n\nThis is a regression of CVE-2015-1840.\n\nIn the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to a cross-origin URL, and the CSRF token will be sent.\n\nWorkarounds\n-----------\n\nTo work around this problem, change code that allows users to control the href attribute of an anchor tag or the action attribute of a form tag to filter the user parameters.\n\nFor example, code like this:\n\n    link_to params\n\nto code like this:\n\n    link_to filtered_params\n\n    def filtered_params\n      # Filter just the parameters that you trust\n    end","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-07-07T16:34:10.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-8167","https://hackerone.com/reports/189878","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-8167.yml","https://groups.google.com/forum/#!topic/rubyonrails-security/x9DixQDG9a0","https://groups.google.com/g/rubyonrails-security/c/x9DixQDG9a0","https://www.debian.org/security/2020/dsa-4766","https://github.com/advisories/GHSA-xq5j-gw7f-jgj8"],"source_kind":"github","identifiers":["GHSA-xq5j-gw7f-jgj8","CVE-2020-8167"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"6.0.3.1","vulnerable_version_range":"\u003e= 6.0.0, \u003c= 6.0.3"},{"first_patched_version":"5.2.4.3","vulnerable_version_range":"\u003e= 5.0.0, \u003c= 5.2.4.2"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:13:23.679Z","updated_at":"2023-08-17T05:01:53.000Z","epss_percentage":0.00592,"epss_percentile":0.68053},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4OWotNDZyaC1mcXI4","url":"https://github.com/advisories/GHSA-vx9j-46rh-fqr8","title":"actionview contains Path Traversal vulnerability","description":"There is a possible directory traversal and information leak vulnerability in Action View. This was meant to be fixed on CVE-2016-0752. However the 3.2 patch was not covering all possible scenarios. This vulnerability has been assigned the CVE identifier CVE-2016-2097.\n\nVersions Affected:  3.2.x, 4.0.x, 4.1.x\nNot affected:       4.2+\nFixed Versions:     3.2.22.2, 4.1.14.2\n\nImpact\n------\nApplications that pass unverified user input to the `render` method in a controller may be vulnerable to an information leak vulnerability.\n\nImpacted code will look something like this:\n\n```ruby\ndef index\n  render params[:id]\nend\n```\n\nCarefully crafted requests can cause the above code to render files from unexpected places like outside the application's view directory, and can possibly escalate this to a remote code execution attack.\n\nAll users running an affected release should either upgrade or use one of the workarounds immediately.\n\nReleases\n--------\nThe FIXED releases are available at the normal locations.\n\nWorkarounds\n-----------\nA workaround to this issue is to not pass arbitrary user input to the `render` method. Instead, verify that data before passing it to the `render` method.\n\nFor example, change this:\n\n```ruby\ndef index\n  render params[:id]\nend\n```\n\nTo this:\n\n```ruby\ndef index\n  render verify_template(params[:id])\nend\n\nprivate\ndef verify_template(name)\n  # add verification logic particular to your application here\nend\n```\n\nPatches\n-------\nTo aid users who aren't able to upgrade immediately we have provided patches for it. It is in git-am format and consist of a single changeset.\n\n* 3-2-render_data_leak_2.patch - Patch for 3.2 series\n* 4-1-render_data_leak_2.patch - Patch for 4.1 series\n\nCredits\n-------\nThanks to both Jyoti Singh and Tobias Kraze from makandra for reporting this and working with us in the patch!","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2017-10-24T18:33:35.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2016-2097","http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00080.html","http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00083.html","http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00006.html","http://weblog.rubyonrails.org/2016/2/29/Rails-4-2-5-2-4-1-14-2-3-2-22-2-have-been-released/","http://www.debian.org/security/2016/dsa-3509","https://web.archive.org/web/20160322002234/http://www.securitytracker.com/id/1035122","https://web.archive.org/web/20200228015320/http://www.securityfocus.com/bid/83726","https://github.com/rails/rails/commit/8a1d3ea617ffb0c8ae8467fa439bf63a3bfc4324","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2016-2097.yml","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2016-2097.yml","https://groups.google.com/forum/#!topic/rubyonrails-security/ddY6HgqB2z4","https://web.archive.org/web/20201221115217/https://groups.google.com/forum/message/raw?msg=rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ","https://github.com/advisories/GHSA-vx9j-46rh-fqr8"],"source_kind":"github","identifiers":["GHSA-vx9j-46rh-fqr8","CVE-2016-2097"],"repository_url":"https://github.com/rails/rails","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"4.1.14.2","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.1.14.1"},{"first_patched_version":"3.2.22.2","vulnerable_version_range":"\u003e= 3.0.0, \u003c= 3.2.22.1"}],"ecosystem":"rubygems","package_name":"actionpack"},{"versions":[{"first_patched_version":"4.1.14.2","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.1.14.1"},{"first_patched_version":"3.2.22.2","vulnerable_version_range":"\u003e= 3.0.0, \u003c= 3.2.22.1"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:59.558Z","updated_at":"2023-11-08T05:04:49.000Z","epss_percentage":0.05755,"epss_percentile":0.89943},{"uuid":"GSA_kwCzR0hTQS1jaDNoLWoydmYtOTVwds1BUQ","url":"https://github.com/advisories/GHSA-ch3h-j2vf-95pv","title":"XSS Vulnerability in Action View tag helpers","description":"There is a possible XSS vulnerability in Action View tag helpers. Passing untrusted input as hash keys can lead to a possible XSS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2022-27777.\n\nVersions Affected:  ALL\nNot affected:       NONE\nFixed Versions:     7.0.2.4, 6.1.5.1, 6.0.4.8, 5.2.7.1\n\n## Impact\n\nIf untrusted data is passed as the hash key for tag attributes, there is a possibility that the untrusted data may not be properly escaped which can lead to an XSS vulnerability.\n\nImpacted code will look something like this:\n\n```\ncheck_box_tag('thename', 'thevalue', false, aria: { malicious_input =\u003e 'thevalueofaria' })\n```\n\nWhere the \"malicious_input\" variable contains untrusted data.\n\nAll users running an affected release should either upgrade or use one of the workarounds immediately.\n\n## Releases\n\nThe FIXED releases are available at the normal locations.\n\n## Workarounds\n\nEscape the untrusted data before using it as a key for tag helper methods.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-04-27T22:32:49.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2022-27777","https://github.com/rails/rails/commit/649516ce0feb699ae06a8c5e81df75d460cc9a85","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2022-27777.yml","https://groups.google.com/g/ruby-security-ann/c/9wJPEDv-iRw","https://rubyonrails.org/2022/4/26/Rails-7-0-2-4-6-1-5-1-6-0-4-8-and-5-2-7-1-have-been-released","https://discuss.rubyonrails.org/t/cve-2022-27777-possible-xss-vulnerability-in-action-view-tag-helpers/80534","https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html","https://www.debian.org/security/2023/dsa-5372","https://github.com/advisories/GHSA-ch3h-j2vf-95pv"],"source_kind":"github","identifiers":["GHSA-ch3h-j2vf-95pv","CVE-2022-27777"],"repository_url":"https://github.com/rails/rails","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"7.0.2.4","vulnerable_version_range":"\u003e= 7.0.0, \u003c= 7.0.2.3"},{"first_patched_version":"6.1.5.1","vulnerable_version_range":"\u003e= 6.1.0, \u003c= 6.1.5.0"},{"first_patched_version":"6.0.4.8","vulnerable_version_range":"\u003e= 6.0.0, \u003c= 6.0.4.7"},{"first_patched_version":"5.2.7.1","vulnerable_version_range":"\u003c= 5.2.7.0"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:29.609Z","updated_at":"2025-05-28T01:12:36.236Z","epss_percentage":0.01006,"epss_percentile":0.75928},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwd2YteHdyMy1ocDU1","url":"https://github.com/advisories/GHSA-2pwf-xwr3-hp55","title":"Moderate severity vulnerability that affects actionview","description":"Withdrawn, accidental duplicate publish.\n\nDirectory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0752.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2018-08-13T20:48:52.000Z","withdrawn_at":"2020-06-16T20:52:48.000Z","classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2016-2097","https://github.com/advisories/GHSA-2pwf-xwr3-hp55"],"source_kind":"github","identifiers":["GHSA-2pwf-xwr3-hp55"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"4.1.14.2","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.1.14.1"},{"first_patched_version":"3.2.22.2","vulnerable_version_range":"\u003e= 3.2.0, \u003c= 3.2.22.1"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:41.352Z","updated_at":"2023-01-09T05:02:49.000Z","epss_percentage":null,"epss_percentile":null},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY1Y3YtcjZ4Ny03OWh2","url":"https://github.com/advisories/GHSA-65cv-r6x7-79hv","title":"Cross site scripting vulnerability in ActionView","description":"There is a possible cross site scripting (XSS) vulnerability in ActionView's JavaScript literal escape helpers.  Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks.\n\n### Impact\n\nThere is a possible XSS vulnerability in the `j` and `escape_javascript` methods in ActionView.  These methods are used for escaping JavaScript string literals.  Impacted code will look something like this:\n\n```erb\n\u003cscript\u003elet a = `\u003c%= j unknown_input %\u003e`\u003c/script\u003e\n```\n\nor\n\n```erb\n\u003cscript\u003elet a = `\u003c%= escape_javascript unknown_input %\u003e`\u003c/script\u003e\n```\n\n### Releases\n\nThe 6.0.2.2 and 5.2.4.2 releases are available at the normal locations.\n\n### Workarounds\n\nFor those that can't upgrade, the following monkey patch may be used:\n\n```ruby\nActionView::Helpers::JavaScriptHelper::JS_ESCAPE_MAP.merge!(\n  {\n    \"`\" =\u003e \"\\\\`\",\n    \"$\" =\u003e \"\\\\$\"\n  }\n)\n\nmodule ActionView::Helpers::JavaScriptHelper\n  alias :old_ej :escape_javascript\n  alias :old_j :j\n\n  def escape_javascript(javascript)\n    javascript = javascript.to_s\n    if javascript.empty?\n      result = \"\"\n    else\n      result = javascript.gsub(/(\\\\|\u003c\\/|\\r\\n|\\342\\200\\250|\\342\\200\\251|[\\n\\r\"']|[`]|[$])/u, JS_ESCAPE_MAP)\n    end\n    javascript.html_safe? ? result.html_safe : result\n  end\n\n  alias :j :escape_javascript\nend\n```\n\n### Patches\n\nTo aid users who aren't able to upgrade immediately we have provided patches for\nthe two supported release series. They are in git-am format and consist of a\nsingle changeset.\n\n* [5-2-js-helper-xss.patch](https://gist.github.com/tenderlove/c042ff49f0347c37e99183a6502accc6#file-5-2-js-helper-xss-patch) - Patch for 5.2 series\n* [6-0-js-helper-xss.patch](https://gist.github.com/tenderlove/c042ff49f0347c37e99183a6502accc6#file-6-0-js-helper-xss-patch) - Patch for 6.0 series\n\nPlease note that only the 5.2 and 6.0 series are supported at present. Users\nof earlier unsupported releases are advised to upgrade as soon as possible as we\ncannot guarantee the continued availability of security fixes for unsupported\nreleases.\n\n### Credits\n\nThanks to Jesse Campos from Chef Secure","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-03-19T17:30:29.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/rails/rails/security/advisories/GHSA-65cv-r6x7-79hv","https://github.com/rails/rails/commit/033a738817abd6e446e1b320cb7d1a5c15224e9a","https://nvd.nist.gov/vuln/detail/CVE-2020-5267","https://lists.debian.org/debian-lts-announce/2020/03/msg00022.html","http://www.openwall.com/lists/oss-security/2020/03/19/1","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-5267.yml","https://groups.google.com/forum/#!topic/rubyonrails-security/55reWMM_Pg8","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00019.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJ7NUWXAEVRQCROIIBV4C6WXO6IR3KSB/","https://github.com/advisories/GHSA-65cv-r6x7-79hv"],"source_kind":"github","identifiers":["GHSA-65cv-r6x7-79hv","CVE-2020-5267"],"repository_url":"https://github.com/rails/rails","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"5.2.4.2","vulnerable_version_range":"\u003c= 5.2.4.1"},{"first_patched_version":"6.0.2.2","vulnerable_version_range":"\u003e= 6.0.0, \u003c= 6.0.2.1"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:13:25.571Z","updated_at":"2025-05-28T01:13:26.892Z","epss_percentage":0.00887,"epss_percentile":0.7433},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02M2otd2g1dy1jMjUy","url":"https://github.com/advisories/GHSA-m63j-wh5w-c252","title":"Denial of Service Vulnerability in Action View","description":"# Denial of Service Vulnerability in Action View\n\nImpact \n------ \nSpecially crafted accept headers can cause the Action View template location code to consume 100% CPU, causing the server unable to process requests.  This impacts all Rails applications that render views. \n\nAll users running an affected release should either upgrade or use one of the workarounds immediately. \n\nReleases \n-------- \nThe 6.0.0.beta3, 5.2.2.1, 5.1.6.2, 5.0.7.2, and 4.2.11.1 releases are available at the normal locations. \n\nWorkarounds \n----------- \nThis vulnerability can be mitigated by wrapping `render` calls with `respond_to` blocks.  For example, the following example is vulnerable: \n\n``` ruby\nclass UserController \u003c ApplicationController \n  def index \n    render \"index\" \n  end \nend \n``` \n\nBut the following code is not vulnerable: \n\n```ruby \nclass UserController \u003c ApplicationController \n  def index \n    respond_to |format| \n      format.html { render \"index\" } \n    end \n  end \nend \n``` \n\nImplicit rendering is impacted, so this code is vulnerable: \n\n```ruby \nclass UserController \u003c ApplicationController \n  def index \n  end \nend \n``` \n\nBut can be changed this this: \n\n```ruby \nclass UserController \u003c ApplicationController \n  def index \n    respond_to |format| \n      format.html { render \"index\" } \n    end \n  end \nend \n``` \n\nAlternatively to specifying the format, the following monkey patch can be applied in an initializer: \n\n``` \n$ cat config/initializers/formats_filter.rb \n# frozen_string_literal: true \n\nActionDispatch::Request.prepend(Module.new do \n  def formats \n    super().select do |format| \n      format.symbol || format.ref == \"*/*\" \n    end \n  end \nend) \n``` \n\nPlease note that only the 5.2.x, 5.1.x, 5.0.x, and 4.2.x series are supported at present. Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases. \n\nAlso note that the patches for this vulnerability are the same as CVE-2019-5418. \n\nCredits \n------- \nThanks to John Hawthorn \u003cjohn@hawthorn.email\u003e of GitHub ","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2019-03-13T17:25:55.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2019-5419","https://access.redhat.com/errata/RHSA-2019:0796","https://access.redhat.com/errata/RHSA-2019:1147","https://access.redhat.com/errata/RHSA-2019:1149","https://access.redhat.com/errata/RHSA-2019:1289","https://groups.google.com/forum/#!topic/rubyonrails-security/GN7w9fFAQeI","https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA/","https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/","http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html","http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html","http://www.openwall.com/lists/oss-security/2019/03/22/1","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2019-5419.yml","https://github.com/rails/rails/pull/35708","https://github.com/rails/rails/commit/f4c70c2222180b8d9d924f00af0c7fd632e26715","https://github.com/advisories/GHSA-m63j-wh5w-c252"],"source_kind":"github","identifiers":["GHSA-m63j-wh5w-c252","CVE-2019-5419"],"repository_url":"https://github.com/rails/rails","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"6.0.0.beta3","vulnerable_version_range":"\u003e= 6.0.0.beta1, \u003c 6.0.0.beta3"},{"first_patched_version":"5.2.2.1","vulnerable_version_range":"\u003e= 5.2.0, \u003c= 5.2.2.0"},{"first_patched_version":"4.2.11.1","vulnerable_version_range":"\u003e= 4.0.0, \u003c= 4.2.11.0"},{"first_patched_version":"5.0.7.2","vulnerable_version_range":"\u003e= 5.0.0, \u003c= 5.0.7.1"},{"first_patched_version":"5.1.6.2","vulnerable_version_range":"\u003e= 5.1.0, \u003c= 5.1.6.1"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:12:59.384Z","updated_at":"2023-11-09T05:05:49.000Z","epss_percentage":0.09057,"epss_percentile":0.92163},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1dzYtcDZtZy12aDhq","url":"https://github.com/advisories/GHSA-75w6-p6mg-vh8j","title":"Rails actionpack gem vulnerable to Cross-site Scripting","description":"Multiple cross-site scripting (XSS) vulnerabilities in the `mail_to` helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2017-10-24T18:33:38.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2011-0446","http://groups.google.com/group/rubyonrails-security/msg/365b8a23b76a6b4a?dmode=source\u0026output=gplain","http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html","http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055074.html","http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055088.html","http://www.debian.org/security/2011/dsa-2247","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2011-0446.yml","https://groups.google.com/g/rubyonrails-security/c/8CpI7egxX4E/m/SmtqtyOKWzYJ","https://web.archive.org/web/20120527023027/http://www.securityfocus.com/bid/46291","https://web.archive.org/web/20200812054342/http://www.securitytracker.com/id?1025064","https://github.com/rails/rails/commit/abe97736b8316f1b714cac56c115c0779aa73217","https://github.com/rails/rails/commit/e3dd2107c57a8efaaea5d61cf8da65f7444760b2","https://web.archive.org/web/20111225083933/http://secunia.com/advisories/43274","https://web.archive.org/web/20111225083933/http://secunia.com/advisories/43666","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-0446.yml","https://github.com/advisories/GHSA-75w6-p6mg-vh8j"],"source_kind":"github","identifiers":["GHSA-75w6-p6mg-vh8j","CVE-2011-0446"],"repository_url":"https://github.com/rails/rails","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"3.0.4","vulnerable_version_range":"\u003e= 3.0.0, \u003c 3.0.4"},{"first_patched_version":"2.3.11","vulnerable_version_range":"\u003c 2.3.11"}],"ecosystem":"rubygems","package_name":"actionview"},{"versions":[{"first_patched_version":"3.0.4","vulnerable_version_range":"\u003e= 3.0.0, \u003c 3.0.4"},{"first_patched_version":"2.3.11","vulnerable_version_range":"\u003c 2.3.11"}],"ecosystem":"rubygems","package_name":"actionpack"}],"created_at":"2022-12-21T16:13:37.955Z","updated_at":"2023-11-09T05:00:30.000Z","epss_percentage":0.0067,"epss_percentile":0.7001},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyM3gtN20zOS1jNmpx","url":"https://github.com/advisories/GHSA-cr3x-7m39-c6jq","title":"Remote code execution via user-provided local names in ActionView","description":"The is a code injection vulnerability in versions of Rails prior to 5.0.1 that would allow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-07-07T16:34:27.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-8163","https://hackerone.com/reports/304805","https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-8163.yml","https://groups.google.com/forum/#!topic/rubyonrails-security/hWuKcHyoKh0","https://groups.google.com/g/rubyonrails-security/c/hWuKcHyoKh0","https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html","http://packetstormsecurity.com/files/158604/Ruby-On-Rails-5.0.1-Remote-Code-Execution.html","https://github.com/advisories/GHSA-cr3x-7m39-c6jq"],"source_kind":"github","identifiers":["GHSA-cr3x-7m39-c6jq","CVE-2020-8163"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"4.2.11.3","vulnerable_version_range":"\u003c= 4.2.11.1"}],"ecosystem":"rubygems","package_name":"actionview"}],"created_at":"2022-12-21T16:13:23.688Z","updated_at":"2023-07-05T20:22:41.000Z","epss_percentage":0.87317,"epss_percentile":0.994}],"docker_usage_url":"https://docker.ecosyste.ms/usage/rubygems/actionview","docker_dependents_count":1365,"docker_downloads_count":822814002,"usage_url":"https://repos.ecosyste.ms/usage/rubygems/actionview","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/rubygems/actionview/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/actionview/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/actionview/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/actionview/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/actionview/related_packages","maintainers":[{"uuid":"43492","login":"jhawthorn","name":null,"email":null,"url":null,"packages_count":136,"html_url":"https://rubygems.org/profiles/jhawthorn","role":null,"created_at":"2022-11-07T12:33:52.316Z","updated_at":"2022-11-07T12:33:52.316Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/jhawthorn/packages"},{"uuid":"207","login":"tenderlove","name":null,"email":null,"url":null,"packages_count":183,"html_url":"https://rubygems.org/profiles/tenderlove","role":null,"created_at":"2022-11-07T12:33:52.345Z","updated_at":"2022-11-07T12:33:52.345Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/tenderlove/packages"},{"uuid":"54617","login":"kamipo","name":null,"email":null,"url":null,"packages_count":61,"html_url":"https://rubygems.org/profiles/kamipo","role":null,"created_at":"2022-11-07T12:33:52.304Z","updated_at":"2022-11-07T12:33:52.304Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/kamipo/packages"},{"uuid":"46413","login":"byroot","name":null,"email":null,"url":null,"packages_count":104,"html_url":"https://rubygems.org/profiles/byroot","role":null,"created_at":"2022-11-07T12:33:52.328Z","updated_at":"2022-11-07T12:33:52.328Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/byroot/packages"},{"uuid":"1550","login":"webster132","name":null,"email":null,"url":null,"packages_count":95,"html_url":"https://rubygems.org/profiles/webster132","role":null,"created_at":"2022-11-07T12:33:52.333Z","updated_at":"2022-11-07T12:33:52.333Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/webster132/packages"},{"uuid":"43998","login":"guilleiguaran","name":null,"email":null,"url":null,"packages_count":85,"html_url":"https://rubygems.org/profiles/guilleiguaran","role":null,"created_at":"2022-11-07T12:33:52.366Z","updated_at":"2022-11-07T12:33:52.366Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/guilleiguaran/packages"},{"uuid":"32977","login":"fxn","name":null,"email":null,"url":null,"packages_count":61,"html_url":"https://rubygems.org/profiles/fxn","role":null,"created_at":"2022-11-07T12:33:52.355Z","updated_at":"2022-11-07T12:33:52.355Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/fxn/packages"},{"uuid":"429","login":"cantoniodasilva","name":null,"email":null,"url":null,"packages_count":67,"html_url":"https://rubygems.org/profiles/cantoniodasilva","role":null,"created_at":"2022-11-07T12:33:52.361Z","updated_at":"2022-11-07T12:33:52.361Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/cantoniodasilva/packages"},{"uuid":"47349","login":"rafaelfranca","name":null,"email":null,"url":null,"packages_count":120,"html_url":"https://rubygems.org/profiles/rafaelfranca","role":null,"created_at":"2022-11-07T12:33:52.339Z","updated_at":"2022-11-07T12:33:52.339Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/rafaelfranca/packages"},{"uuid":"337","login":"jeremydaer","name":null,"email":null,"url":null,"packages_count":81,"html_url":"https://rubygems.org/profiles/jeremydaer","role":null,"created_at":"2022-11-07T12:33:52.350Z","updated_at":"2022-11-07T12:33:52.350Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/jeremydaer/packages"},{"uuid":"528","login":"matthewd","name":null,"email":null,"url":null,"packages_count":66,"html_url":"https://rubygems.org/profiles/matthewd","role":null,"created_at":"2022-11-07T12:33:52.372Z","updated_at":"2022-11-07T12:33:52.372Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/matthewd/packages"},{"uuid":"96878","login":"eileencodes","name":null,"email":null,"url":null,"packages_count":51,"html_url":"https://rubygems.org/profiles/eileencodes","role":null,"created_at":"2022-11-07T12:33:52.377Z","updated_at":"2022-11-07T12:33:52.377Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/eileencodes/packages"}],"registry":{"name":"rubygems.org","url":"https://rubygems.org","ecosystem":"rubygems","default":true,"packages_count":198121,"maintainers_count":66429,"namespaces_count":0,"keywords_count":17804,"github":"rubygems","metadata":{"funded_packages_count":7046},"icon_url":"https://github.com/rubygems.png","created_at":"2022-04-04T15:19:23.446Z","updated_at":"2025-06-07T05:38:31.497Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/namespaces"}},"unique_repositories_count":138,"unique_repositories_count_past_30_days":2,"recent_issues":[{"uuid":"4471611584","node_id":"PR_kwDOPmBpWM7cxqM-","number":11,"state":"closed","title":"Bump the bundler group across 1 directory with 18 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-27T00:18:22.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T18:35:05.000Z","updated_at":"2026-05-27T00:18:24.000Z","time_to_close":711797,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":18,"packages":[{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.9","new_version":"1.19.3","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.198.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"view_component","old_version":"3.23.2","new_version":"4.11.0","repository_url":"https://github.com/viewcomponent/view_component"},{"name":"actionview","old_version":"8.0.2.1","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2.1","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2.1","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"css_parser","old_version":"1.21.1","new_version":"1.22.0","repository_url":"https://github.com/premailer/css_parser"},{"name":"erb","old_version":"5.0.2","new_version":"6.0.4","repository_url":"https://github.com/ruby/erb"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [addressable](https://github.com/sporkmonger/addressable), [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [view_component](https://github.com/viewcomponent/view_component), [actionview](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [css_parser](https://github.com/premailer/css_parser), [erb](https://github.com/ruby/erb), [faraday](https://github.com/lostisland/faraday), [jwt](https://github.com/jwt/ruby-jwt), [net-imap](https://github.com/ruby/net-imap), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml), [uri](https://github.com/ruby/uri) and [yard](https://yardoc.org) to permit the latest version.\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.9 to 1.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e46b89e5d7b9e844c2ee360794240c6ea2a4e6fa0c5892a4ed487db621224b639  nokogiri-1.19.3-aarch64-linux-gnu.gem\r\n8392dfdcd21be7a94dbbe9ccc138dea01b97b24cb2dc02a114ca98bfb1d9a0b7  nokogiri-1.19.3-aarch64-linux-musl.gem\r\n3919d5ffc334ad778a4a9eb88fda7dcb8b1fb58c8a52ac640c6dcd2f038e774f  nokogiri-1.19.3-arm-linux-gnu.gem\r\n9ce1cb6346bb9c67b1550eb537aa183ead91e4b6eadb2f36ade02d8dd2a79fb6  nokogiri-1.19.3-arm-linux-musl.gem\r\n71b9bd424b1b7abc18b05052a1a3cfd3627abdca62be280854cc411791357e42  nokogiri-1.19.3-arm64-darwin.gem\r\n40ea6ebf5cf2005dae1dee26dd557d3afb41fb6de6c9764aca8cf06fdb841db1  nokogiri-1.19.3-java.gem\r\n8bb7132cad356c879a1286eaabcb5e68326cb2490317984280fbc62f456d506a  nokogiri-1.19.3-x64-mingw-ucrt.gem\r\n77f3fba57d46c53ab31e62fc6c28f705109d1bf6264356c76f132b2be5728d4d  nokogiri-1.19.3-x86_64-darwin.gem\r\n2f5078620fe12e83669b5b17311b32532a8153d02eee7ad06948b926d6080976  nokogiri-1.19.3-x86_64-linux-gnu.gem\r\n248c906d2166eca5efb56d52fdee5f9a1f51d69a72e2b64fdac647b4ce39ea3f  nokogiri-1.19.3-x86_64-linux-musl.gem\r\n78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8  nokogiri-1.19.3.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSHA256 Checksums\u003c/h3\u003e\n\u003cpre\u003e\u003ccode\u003ec34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19  nokogiri-1.19.2-aarch64-linux-gnu.gem\r\n7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515  nokogiri-1.19.2-aarch64-linux-musl.gem\r\nb7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081  nokogiri-1.19.2-arm-linux-gnu.gem\r\n61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c  nokogiri-1.19.2-arm-linux-musl.gem\r\n58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205  nokogiri-1.19.2-arm64-darwin.gem\r\ne9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717  nokogiri-1.19.2-java.gem\r\n8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a  nokogiri-1.19.2-x64-mingw-ucrt.gem\r\n7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4  nokogiri-1.19.2-x86_64-darwin.gem\r\nfa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f  nokogiri-1.19.2-x86_64-linux-gnu.gem\r\n93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8  nokogiri-1.19.2-x86_64-linux-musl.gem\r\n38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756  nokogiri-1.19.2.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\"\u003ehttps://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/c139a3da0fe0cae7499a0bafa20f2875877c585b\"\u003e\u003ccode\u003ec139a3d\u003c/code\u003e\u003c/a\u003e version bump to v1.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/7501a63b9f4246d12516e35b91fed8be34f854c0\"\u003e\u003ccode\u003e7501a63\u003c/code\u003e\u003c/a\u003e fix: backtracking in CSS tokenizer rules (v1.19.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3627\"\u003e#3627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/03e7968a730a6544ab56a8d6c3e82dd630ad4339\"\u003e\u003ccode\u003e03e7968\u003c/code\u003e\u003c/a\u003e test: skip CSS tokenizer benchmarks on JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b984b7e47f622d1aa97d54c16d5cd596c3eb9538\"\u003e\u003ccode\u003eb984b7e\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer ident rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/00926231e28d5a20e5b4873efba36099aea0d5c6\"\u003e\u003ccode\u003e0092623\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer STRING rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ee17d33aff3adb30c14e71d3d4c8163465acaccf\"\u003e\u003ccode\u003eee17d33\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform (backport to v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ce188a395192e3757d8701949afb643dc025084c\"\u003e\u003ccode\u003ece188a3\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/caeaac41f874f0944f9397c78bf6c1bfac2cb472\"\u003e\u003ccode\u003ecaeaac4\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/25220bf268c9808e28415563ed7f8ea8d5c332bf\"\u003e\u003ccode\u003e25220bf\u003c/code\u003e\u003c/a\u003e dep(test): test against libxml-ruby v6 (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3618\"\u003e#3618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/0caeb21a5c5e9ff45bbede88fb53655f6753bb0e\"\u003e\u003ccode\u003e0caeb21\u003c/code\u003e\u003c/a\u003e doc: add security warnings for untrusted XSLT stylesheets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.9...v1.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.198.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `view_component` from 3.23.2 to 4.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/viewcomponent/view_component/releases\"\u003eview_component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003erender_in\u003c/code\u003e signature to accept \u003ccode\u003e**_\u003c/code\u003e for compatibility with Rails \u003ca href=\"https://redirect.github.com/rails/rails/pull/50623\"\u003e#50623\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix translation scope resolution in nested lambda-backed slots. Relative \u003ccode\u003et(\u0026quot;.key\u0026quot;)\u003c/code\u003e calls inside lambda-backed slots were resolving against an intermediate component's scope instead of the original partial's scope where the block was defined.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eArtin Boghosian\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNameError: uninitialized constant ViewComponent::SystemTestControllerNefariousPathError\u003c/code\u003e when booting in the test environment with \u003ccode\u003eeager_load = true\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix yielded content rendered at wrong location when using form helpers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eMarkus\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix path traversal vulnerability in \u003ccode\u003eViewComponentsSystemTestController\u003c/code\u003e where sibling directories sharing a string prefix with the allowed temp directory could bypass the path containment check. The \u003ccode\u003estart_with?\u003c/code\u003e check has been replaced with a separator-aware prefix check, and nefarious path errors now return a 404 instead of an unhandled exception.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix preview route vulnerability where inherited methods on \u003ccode\u003eViewComponent::Preview\u003c/code\u003e (such as \u003ccode\u003erender_with_template\u003c/code\u003e) could be invoked via the preview URL, allowing arbitrary internal Rails templates to be rendered with attacker-controlled locals and request parameters. \u003ccode\u003erender_args\u003c/code\u003e now raises \u003ccode\u003eAbstractController::ActionNotFound\u003c/code\u003e for any example not explicitly declared on the preview subclass.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eyard-lint\u003c/code\u003e to CI.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003ecompile.view_component\u003c/code\u003e ActiveSupport::Notifications event for eager compilation at boot time.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eGitHub Copilot\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix stale content cache when slots are accessed before \u003ccode\u003erender_in\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJared Armstrong\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd rubocop-view_component to resources.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAndy Waite\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix bug where inheritance of components with formatless templates improperly raised a NoMethodError.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGitHub Copilot\u003c/em\u003e, \u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eCameron Dutro\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.6.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ViewComponent/view_component/blob/main/docs/CHANGELOG.md\"\u003eview_component's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003erender_in\u003c/code\u003e signature to accept \u003ccode\u003e**_\u003c/code\u003e for compatibility with Rails \u003ca href=\"https://redirect.github.com/rails/rails/pull/50623\"\u003e#50623\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix translation scope resolution in nested lambda-backed slots. Relative \u003ccode\u003et(\u0026quot;.key\u0026quot;)\u003c/code\u003e calls inside lambda-backed slots were resolving against an intermediate component's scope instead of the original partial's scope where the block was defined.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eArtin Boghosian\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNameError: uninitialized constant ViewComponent::SystemTestControllerNefariousPathError\u003c/code\u003e when booting in the test environment with \u003ccode\u003eeager_load = true\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix yielded content rendered at wrong location when using form helpers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eMarkus\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix path traversal vulnerability in \u003ccode\u003eViewComponentsSystemTestController\u003c/code\u003e where sibling directories sharing a string prefix with the allowed temp directory could bypass the path containment check. The \u003ccode\u003estart_with?\u003c/code\u003e check has been replaced with a separator-aware prefix check, and nefarious path errors now return a 404 instead of an unhandled exception.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix preview route vulnerability where inherited methods on \u003ccode\u003eViewComponent::Preview\u003c/code\u003e (such as \u003ccode\u003erender_with_template\u003c/code\u003e) could be invoked via the preview URL, allowing arbitrary internal Rails templates to be rendered with attacker-controlled locals and request parameters. \u003ccode\u003erender_args\u003c/code\u003e now raises \u003ccode\u003eAbstractController::ActionNotFound\u003c/code\u003e for any example not explicitly declared on the preview subclass.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eyard-lint\u003c/code\u003e to CI.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003ecompile.view_component\u003c/code\u003e ActiveSupport::Notifications event for eager compilation at boot time.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eGitHub Copilot\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix stale content cache when slots are accessed before \u003ccode\u003erender_in\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJared Armstrong\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd rubocop-view_component to resources.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAndy Waite\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/b1f6917f3fe02589873c4ae95f7794e0bcb3b0ef\"\u003e\u003ccode\u003eb1f6917\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/viewcomponent/view_component/issues/2640\"\u003e#2640\u003c/a\u003e from ViewComponent/release-4-11-0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/f54b15a7b4cd9b27d9dd45e6907a9ef57d91b918\"\u003e\u003ccode\u003ef54b15a\u003c/code\u003e\u003c/a\u003e bump allocations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/49b66854d2d24fff1e3e3c4822cade917a1ea837\"\u003e\u003ccode\u003e49b6685\u003c/code\u003e\u003c/a\u003e release 4.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/e94672a5e27e52c793a8d1ddf68f60e2c5fd1afe\"\u003e\u003ccode\u003ee94672a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/viewcomponent/view_component/issues/2636\"\u003e#2636\u003c/a\u003e from ViewComponent/render_in_api\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/9360f6a1483b28fcfe9ae391543f61070e41937a\"\u003e\u003ccode\u003e9360f6a\u003c/code\u003e\u003c/a\u003e Fix appraisal naming consistency: use underscores throughout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/5b6e7320ab1dbba18f9066cc685a319142818ae5\"\u003e\u003ccode\u003e5b6e732\u003c/code\u003e\u003c/a\u003e whitespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/8a8e8c031eaef4bc52ec3eabf2bf7c615004a3a1\"\u003e\u003ccode\u003e8a8e8c0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/viewcomponent/view_component/issues/2634\"\u003e#2634\u003c/a\u003e from ViewComponent/dependabot/bundler/selenium-webdr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/346937739f4288a6defff13572bb58369d2fe874\"\u003e\u003ccode\u003e3469377\u003c/code\u003e\u003c/a\u003e Rename rails_main-head gemfile to use underscore for appraisal compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/da30a8f7d762e4ec1f4d316de782d5e2f1900c58\"\u003e\u003ccode\u003eda30a8f\u003c/code\u003e\u003c/a\u003e Fix Rails main compatibility issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/635645d172cd395f9ca574d0d3edf7c456f43495\"\u003e\u003ccode\u003e635645d\u003c/code\u003e\u003c/a\u003e fix\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/viewcomponent/view_component/compare/v3.23.2...v4.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2.1 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.5\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMake \u003ccode\u003edelegate\u003c/code\u003e and \u003ccode\u003edelegate_missing_to\u003c/code\u003e work in BasicObject subclasses.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveSupport::Inflector.humanize\u003c/code\u003e with international characters.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.humanize(\u0026quot;áÉÍÓÚ\u0026quot;)  # =\u0026gt; \u0026quot;Áéíóú\u0026quot;\r\nActiveSupport::Inflector.humanize(\u0026quot;аБВГДЕ\u0026quot;) # =\u0026gt; \u0026quot;Абвгде\u0026quot;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJose Luis Duran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003einsert_all\u003c/code\u003e and \u003ccode\u003eupsert_all\u003c/code\u003e log message when called on anonymous classes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGabriel Sobrinho\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eActiveRecord::SchemaDumper.ignore_tables\u003c/code\u003e when dumping SQLite virtual tables.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHans Schnedlitz\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestore previous instrumenter after \u003ccode\u003eexecute_or_skip\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/eb126bb140127d3589ad9be093a845e24fc4f475\"\u003e\u003ccode\u003eeb126bb\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.5 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f7fe4a5297dac5e1184747ce53e0305c56f487c3\"\u003e\u003ccode\u003ef7fe4a5\u003c/code\u003e\u003c/a\u003e Merge branch '8-0-sec' into 8-0-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/853e56de62dcdec036228e56414b49049da5b83a\"\u003e\u003ccode\u003e853e56d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f64c3d09ace91c011e0628c9d8cf6ea9874ffe9f\"\u003e\u003ccode\u003ef64c3d0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0a8792a661211963068f76bdc5f158b873979927\"\u003e\u003ccode\u003e0a8792a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56389\"\u003e#56389\u003c/a\u003e from bogdan/semantic-file-input-accept\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ea29cee26f240ad46051be4ddf47d0351fce1a18\"\u003e\u003ccode\u003eea29cee\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56316\"\u003e#56316\u003c/a\u003e from shivabhusal/support-closing_parenthesis-in-nex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/950d80c33c462f16897344f0293039b12fbb54ab\"\u003e\u003ccode\u003e950d80c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56270\"\u003e#56270\u003c/a\u003e from Saidbek/fix-multiline-strict-locals-parsing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2.1 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.5\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMake \u003ccode\u003edelegate\u003c/code\u003e and \u003ccode\u003edelegate_missing_to\u003c/code\u003e work in BasicObject subclasses.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveSupport::Inflector.humanize\u003c/code\u003e with international characters.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.humanize(\u0026quot;áÉÍÓÚ\u0026quot;)  # =\u0026gt; \u0026quot;Áéíóú\u0026quot;\r\nActiveSupport::Inflector.humanize(\u0026quot;аБВГДЕ\u0026quot;) # =\u0026gt; \u0026quot;Абвгде\u0026quot;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJose Luis Duran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003einsert_all\u003c/code\u003e and \u003ccode\u003eupsert_all\u003c/code\u003e log message when called on anonymous classes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGabriel Sobrinho\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eActiveRecord::SchemaDumper.ignore_tables\u003c/code\u003e when dumping SQLite virtual tables.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHans Schnedlitz\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestore previous instrumenter after \u003ccode\u003eexecute_or_skip\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/eb126bb140127d3589ad9be093a845e24fc4f475\"\u003e\u003ccode\u003eeb126bb\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.5 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f7fe4a5297dac5e1184747ce53e0305c56f487c3\"\u003e\u003ccode\u003ef7fe4a5\u003c/code\u003e\u003c/a\u003e Merge branch '8-0-sec' into 8-0-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3dc1be9084c93d5b5990476bd153c18ae0ba3f4f\"\u003e\u003ccode\u003e3dc1be9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56783\"\u003e#56783\u003c/a\u003e from kudoas/fix-activestorage-blob-content-type-nil\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2.1 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.5\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMake \u003ccode\u003edelegate\u003c/code\u003e and \u003ccode\u003edelegate_missing_to\u003c/code\u003e work in BasicObject subclasses.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveSupport::Inflector.humanize\u003c/code\u003e with international characters.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.humanize(\u0026quot;áÉÍÓÚ\u0026quot;)  # =\u0026gt; \u0026quot;Áéíóú\u0026quot;\r\nActiveSupport::Inflector.humanize(\u0026quot;аБВГДЕ\u0026quot;) # =\u0026gt; \u0026quot;Абвгде\u0026quot;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJose Luis Duran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003einsert_all\u003c/code\u003e and \u003ccode\u003eupsert_all\u003c/code\u003e log message when called on anonymous classes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGabriel Sobrinho\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eActiveRecord::SchemaDumper.ignore_tables\u003c/code\u003e when dumping SQLite virtual tables.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHans Schnedlitz\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestore previous instrumenter after \u003ccode\u003eexecute_or_skip\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/eb126bb140127d3589ad9be093a845e24fc4f475\"\u003e\u003ccode\u003eeb126bb\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.5 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f7fe4a5297dac5e1184747ce53e0305c56f487c3\"\u003e\u003ccode\u003ef7fe4a5\u003c/code\u003e\u003c/a\u003e Merge branch '8-0-sec' into 8-0-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b0daad4cf655374fff8d7d7c959a0230079c335\"\u003e\u003ccode\u003e0b0daad\u003c/code\u003e\u003c/a\u003e [DOC] Update CHANGELOG with key overwrite precedence note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/40acbf77827bd8196b25d8fc31abc9d129088d03\"\u003e\u003ccode\u003e40acbf7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56679\"\u003e#56679\u003c/a\u003e from Saidbek/fix-overlapping-acronyms-order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `css_parser` from 1.21.1 to 1.22.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/premailer/css_parser/blob/master/CHANGELOG.md\"\u003ecss_parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRuby CSS Parser CHANGELOG\u003c/h2\u003e\n\u003ch3\u003eUnreleased\u003c/h3\u003e\n\u003ch3\u003eVersion 2.2.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAccept CSS \u003ccode\u003e\u0026lt;number\u0026gt;\u003c/code\u003e values with an omitted integer part (e.g. \u003ccode\u003e.1\u003c/code\u003e) inside \u003ccode\u003ergb()\u003c/code\u003e/\u003ccode\u003ergba()\u003c/code\u003e/\u003ccode\u003ehsl()\u003c/code\u003e/\u003ccode\u003ehsla()\u003c/code\u003e. Previously \u003ccode\u003eRE_COLOUR_NUMERIC\u003c/code\u003e and \u003ccode\u003eRE_COLOUR_NUMERIC_ALPHA\u003c/code\u003e required at least one digit before the decimal point, which caused colours such as \u003ccode\u003ergba(0,0,0,.1)\u003c/code\u003e to be silently dropped during shorthand expansion (\u003ccode\u003ebackground-color\u003c/code\u003e from \u003ccode\u003ebackground:\u003c/code\u003e, \u003ccode\u003eborder-*-color\u003c/code\u003e from \u003ccode\u003eborder:\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.1.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate ssl when pulling files via https\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ruby \u0026lt;3.2, fix a memory leak\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/040895b7e554f4afbbf1a0dbd239eb2b85de7c32\"\u003e\u003ccode\u003e040895b\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/5069b71b4258dc9423db0019848654e8a1ea5c9b\"\u003e\u003ccode\u003e5069b71\u003c/code\u003e\u003c/a\u003e bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/e0c95d5abe91b237becb90ff316531a6547ada18\"\u003e\u003ccode\u003ee0c95d5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/premailer/css_parser/issues/186\"\u003e#186\u003c/a\u003e from premailer/grosser/https\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/premailer/css_parser/compare/v1.21.1...v1.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erb` from 5.0.2 to 6.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease not...\n\n_Description has been truncated_","html_url":"https://github.com/EthanThePhoenix38/openproject/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EthanThePhoenix38%2Fopenproject/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"4408412988","node_id":"PR_kwDOPmBpWM7ZouAY","number":8,"state":"closed","title":"Bump the bundler group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T00:00:00.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T18:07:18.000Z","updated_at":"2026-05-09T00:00:02.000Z","time_to_close":21162,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":16,"packages":[{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.9","new_version":"1.19.3","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.198.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"actionview","old_version":"8.0.2.1","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2.1","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2.1","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"css_parser","old_version":"1.21.1","new_version":"1.22.0","repository_url":"https://github.com/premailer/css_parser"},{"name":"erb","old_version":"5.0.2","new_version":"6.0.1.1","repository_url":"https://github.com/ruby/erb"},{"name":"faraday","old_version":"2.13.4","new_version":"2.14.1","repository_url":"https://github.com/lostisland/faraday"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [addressable](https://github.com/sporkmonger/addressable), [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [actionview](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [css_parser](https://github.com/premailer/css_parser), [erb](https://github.com/ruby/erb), [faraday](https://github.com/lostisland/faraday), [net-imap](https://github.com/ruby/net-imap), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml), [uri](https://github.com/ruby/uri) and [yard](https://yardoc.org) to permit the latest version.\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.9 to 1.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e46b89e5d7b9e844c2ee360794240c6ea2a4e6fa0c5892a4ed487db621224b639  nokogiri-1.19.3-aarch64-linux-gnu.gem\r\n8392dfdcd21be7a94dbbe9ccc138dea01b97b24cb2dc02a114ca98bfb1d9a0b7  nokogiri-1.19.3-aarch64-linux-musl.gem\r\n3919d5ffc334ad778a4a9eb88fda7dcb8b1fb58c8a52ac640c6dcd2f038e774f  nokogiri-1.19.3-arm-linux-gnu.gem\r\n9ce1cb6346bb9c67b1550eb537aa183ead91e4b6eadb2f36ade02d8dd2a79fb6  nokogiri-1.19.3-arm-linux-musl.gem\r\n71b9bd424b1b7abc18b05052a1a3cfd3627abdca62be280854cc411791357e42  nokogiri-1.19.3-arm64-darwin.gem\r\n40ea6ebf5cf2005dae1dee26dd557d3afb41fb6de6c9764aca8cf06fdb841db1  nokogiri-1.19.3-java.gem\r\n8bb7132cad356c879a1286eaabcb5e68326cb2490317984280fbc62f456d506a  nokogiri-1.19.3-x64-mingw-ucrt.gem\r\n77f3fba57d46c53ab31e62fc6c28f705109d1bf6264356c76f132b2be5728d4d  nokogiri-1.19.3-x86_64-darwin.gem\r\n2f5078620fe12e83669b5b17311b32532a8153d02eee7ad06948b926d6080976  nokogiri-1.19.3-x86_64-linux-gnu.gem\r\n248c906d2166eca5efb56d52fdee5f9a1f51d69a72e2b64fdac647b4ce39ea3f  nokogiri-1.19.3-x86_64-linux-musl.gem\r\n78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8  nokogiri-1.19.3.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSHA256 Checksums\u003c/h3\u003e\n\u003cpre\u003e\u003ccode\u003ec34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19  nokogiri-1.19.2-aarch64-linux-gnu.gem\r\n7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515  nokogiri-1.19.2-aarch64-linux-musl.gem\r\nb7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081  nokogiri-1.19.2-arm-linux-gnu.gem\r\n61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c  nokogiri-1.19.2-arm-linux-musl.gem\r\n58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205  nokogiri-1.19.2-arm64-darwin.gem\r\ne9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717  nokogiri-1.19.2-java.gem\r\n8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a  nokogiri-1.19.2-x64-mingw-ucrt.gem\r\n7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4  nokogiri-1.19.2-x86_64-darwin.gem\r\nfa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f  nokogiri-1.19.2-x86_64-linux-gnu.gem\r\n93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8  nokogiri-1.19.2-x86_64-linux-musl.gem\r\n38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756  nokogiri-1.19.2.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\"\u003ehttps://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/c139a3da0fe0cae7499a0bafa20f2875877c585b\"\u003e\u003ccode\u003ec139a3d\u003c/code\u003e\u003c/a\u003e version bump to v1.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/7501a63b9f4246d12516e35b91fed8be34f854c0\"\u003e\u003ccode\u003e7501a63\u003c/code\u003e\u003c/a\u003e fix: backtracking in CSS tokenizer rules (v1.19.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3627\"\u003e#3627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/03e7968a730a6544ab56a8d6c3e82dd630ad4339\"\u003e\u003ccode\u003e03e7968\u003c/code\u003e\u003c/a\u003e test: skip CSS tokenizer benchmarks on JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b984b7e47f622d1aa97d54c16d5cd596c3eb9538\"\u003e\u003ccode\u003eb984b7e\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer ident rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/00926231e28d5a20e5b4873efba36099aea0d5c6\"\u003e\u003ccode\u003e0092623\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer STRING rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ee17d33aff3adb30c14e71d3d4c8163465acaccf\"\u003e\u003ccode\u003eee17d33\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform (backport to v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ce188a395192e3757d8701949afb643dc025084c\"\u003e\u003ccode\u003ece188a3\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/caeaac41f874f0944f9397c78bf6c1bfac2cb472\"\u003e\u003ccode\u003ecaeaac4\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/25220bf268c9808e28415563ed7f8ea8d5c332bf\"\u003e\u003ccode\u003e25220bf\u003c/code\u003e\u003c/a\u003e dep(test): test against libxml-ruby v6 (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3618\"\u003e#3618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/0caeb21a5c5e9ff45bbede88fb53655f6753bb0e\"\u003e\u003ccode\u003e0caeb21\u003c/code\u003e\u003c/a\u003e doc: add security warnings for untrusted XSLT stylesheets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.9...v1.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.198.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2.1 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9ab450a023290ff50ed37c8561880a78dabbf19a\"\u003e\u003ccode\u003e9ab450a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55490\"\u003e#55490\u003c/a\u003e from Earlopain/bump-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/95bee6a4c8132b4caf53e073f7b01ce5cdeed4a6\"\u003e\u003ccode\u003e95bee6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55738\"\u003e#55738\u003c/a\u003e from skipkayhil/hm-nkxzsnnrqqlyrotw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6409b24dd20ee4076ec3dbefba9edc3376bf13f1\"\u003e\u003ccode\u003e6409b24\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55719\"\u003e#55719\u003c/a\u003e from skipkayhil/hm-fix-label-for-namespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0160f42886e2ebeb7a0680f073b870326f14c12a\"\u003e\u003ccode\u003e0160f42\u003c/code\u003e\u003c/a\u003e Sync CHANGELOGs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2.1 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/82f2c96c394b0cf2c2208a7cbf8ebb4fa591ebd6\"\u003e\u003ccode\u003e82f2c96\u003c/code\u003e\u003c/a\u003e Disable GCS tests in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2.1 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ddf2c97b27d25aa1e450545d59ff867df31253f\"\u003e\u003ccode\u003e0ddf2c9\u003c/code\u003e\u003c/a\u003e Delete test that now fails with new version of benchmark gem\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3c7a8a8208221c3f01bc841a8f7015ea00e86427\"\u003e\u003ccode\u003e3c7a8a8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55864\"\u003e#55864\u003c/a\u003e from RicardoTrindade/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/00e1dfa973ce121d767c299a02d05b028caf8b5c\"\u003e\u003ccode\u003e00e1dfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `css_parser` from 1.21.1 to 1.22.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/premailer/css_parser/blob/master/CHANGELOG.md\"\u003ecss_parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRuby CSS Parser CHANGELOG\u003c/h2\u003e\n\u003ch3\u003eUnreleased\u003c/h3\u003e\n\u003ch3\u003eVersion 2.2.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAccept CSS \u003ccode\u003e\u0026lt;number\u0026gt;\u003c/code\u003e values with an omitted integer part (e.g. \u003ccode\u003e.1\u003c/code\u003e) inside \u003ccode\u003ergb()\u003c/code\u003e/\u003ccode\u003ergba()\u003c/code\u003e/\u003ccode\u003ehsl()\u003c/code\u003e/\u003ccode\u003ehsla()\u003c/code\u003e. Previously \u003ccode\u003eRE_COLOUR_NUMERIC\u003c/code\u003e and \u003ccode\u003eRE_COLOUR_NUMERIC_ALPHA\u003c/code\u003e required at least one digit before the decimal point, which caused colours such as \u003ccode\u003ergba(0,0,0,.1)\u003c/code\u003e to be silently dropped during shorthand expansion (\u003ccode\u003ebackground-color\u003c/code\u003e from \u003ccode\u003ebackground:\u003c/code\u003e, \u003ccode\u003eborder-*-color\u003c/code\u003e from \u003ccode\u003eborder:\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.1.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate ssl when pulling files via https\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ruby \u0026lt;3.2, fix a memory leak\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/040895b7e554f4afbbf1a0dbd239eb2b85de7c32\"\u003e\u003ccode\u003e040895b\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/5069b71b4258dc9423db0019848654e8a1ea5c9b\"\u003e\u003ccode\u003e5069b71\u003c/code\u003e\u003c/a\u003e bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/e0c95d5abe91b237becb90ff316531a6547ada18\"\u003e\u003ccode\u003ee0c95d5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/premailer/css_parser/issues/186\"\u003e#186\u003c/a\u003e from premailer/grosser/https\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/premailer/css_parser/compare/v1.21.1...v1.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erb` from 5.0.2 to 6.0.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/erb/releases\"\u003eerb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v6.0.1...v6.0.1.1\"\u003ehttps://github.com/ruby/erb/compare/v6.0.1...v6.0.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix typo in changelog by \u003ca href=\"https://github.com/hunchr\"\u003e\u003ccode\u003e@​hunchr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/96\"\u003eruby/erb#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/97\"\u003eruby/erb#97\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump step-security/harden-runner from 2.13.1 to 2.13.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/98\"\u003eruby/erb#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed by \u003ccode\u003emisspell -w -error -source=text\u003c/code\u003e by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/99\"\u003eruby/erb#99\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFreeze ERB::Compiler::TrimScanner::ERB_STAG by \u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/100\"\u003eruby/erb#100\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hunchr\"\u003e\u003ccode\u003e@​hunchr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/96\"\u003eruby/erb#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/100\"\u003eruby/erb#100\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/ruby/erb/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the latest versions of actions: push-gem.yml by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/90\"\u003eruby/erb#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in documentation by \u003ca href=\"https://github.com/suy\"\u003e\u003ccode\u003e@​suy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/91\"\u003eruby/erb#91\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag shown in example of ERB expression tag and execution tag by \u003ca href=\"https://github.com/sampart\"\u003e\u003ccode\u003e@​sampart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/92\"\u003eruby/erb#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[DOC] Suppress documentation for internals by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/93\"\u003eruby/erb#93\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace Ruby 3.5 with Ruby 4.0 by \u003ca href=\"https://github.com/yahonda\"\u003e\u003ccode\u003e@​yahonda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/94\"\u003eruby/erb#94\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReapply \u0026quot;Remove safe_level and further positional arguments (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/7\"\u003e#7\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/k0kubun\"\u003e\u003ccode\u003e@​k0kubun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/95\"\u003eruby/erb#95\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suy\"\u003e\u003ccode\u003e@​suy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/91\"\u003eruby/erb#91\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sampart\"\u003e\u003ccode\u003e@​sampart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/92\"\u003eruby/erb#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yahonda\"\u003e\u003ccode\u003e@​yahonda\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/94\"\u003eruby/erb#94\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v5.1.3...v6.0.0\"\u003ehttps://github.com/ruby/erb/compare/v5.1.3...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v5.1.2...v5.1.3\"\u003ehttps://github.com/ruby/erb/compare/v5.1.2...v5.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor html_escape by \u003ca href=\"https://github.com/noteflakes\"\u003e\u003ccode\u003e@​noteflakes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/88\"\u003eruby/erb#88\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echangelog_uri\u003c/code\u003e to spec metadata by \u003ca href=\"https://github.com/jgarber623\"\u003e\u003ccode\u003e@​jgarber623\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/89\"\u003eruby/erb#89\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber623\"\u003e\u003ccode\u003e@​jgarber623\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/89\"\u003eruby/erb#89\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v5.1.1...v5.1.2\"\u003ehttps://github.com/ruby/erb/compare/v5.1.1...v5.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/erb/blob/master/NEWS.md\"\u003eerb's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProhibit \u003ccode\u003edef_method\u003c/code\u003e on marshal-loaded ERB instances\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFreeze \u003ccode\u003eERB::Compiler::TrimScanner::ERB_STAG\u003c/code\u003e for Ractor compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003esafe_level\u003c/code\u003e and further positional arguments from \u003ccode\u003eERB.new\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated constant \u003ccode\u003eERB::Revision\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v5.1.2 with trusted publishing for JRuby\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003echangelog_uri\u003c/code\u003e to spec metadata \u003ca href=\"https://redirect.github.com/ruby/erb/pull/89\"\u003eruby/erb#89\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix integer overflow that is introduced at v5.1.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ehtml_escape: Avoid buffer allocation for strings with no escapable character \u003ca href=\"https://redirect.github.com/ruby/erb/pull/87\"\u003eruby/erb#87\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate help of erb(1) \u003ca href=\"https://redirect.github.com/ruby/erb/pull/85\"\u003e#85\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/93450765b5319cfb552a3d9719df137e8fbb75e9\"\u003e\u003ccode\u003e9345076\u003c/code\u003e\u003c/a\u003e Version 6.0.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/dd34ce41031327269a5fb83b0bc2c0d852895e9f\"\u003e\u003ccode\u003edd34ce4\u003c/code\u003e\u003c/a\u003e Prohibit def_method on marshal-loaded ERB instances\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/bbde68fcd562f376b24e17ea7fbfcb0ab6f47261\"\u003e\u003ccode\u003ebbde68f\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/43f087659566d04d283cd05d28ba21ed8c24b1e6\"\u003e\u003ccode\u003e43f0876\u003c/code\u003e\u003c/a\u003e Freeze ERB::Compiler::TrimScanner::ERB_STAG (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/2aa3a6800e51182b1967151919e956d7dcff972d\"\u003e\u003ccode\u003e2aa3a68\u003c/code\u003e\u003c/a\u003e Fixed by \u003ccode\u003emisspell -w -error -source=text\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/f91b2600a43af8a89c273bd8922289d873d9e259\"\u003e\u003ccode\u003ef91b260\u003c/code\u003e\u003c/a\u003e Bump step-security/harden-runner from 2.13.1 to 2.13.2 (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/543500f238220fdcf414d4a52afc80703bcadf2a\"\u003e\u003ccode\u003e543500f\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/b23452a4796ea2cec9d1f92a93e39b50d5efe9bc\"\u003e\u003ccode\u003eb23452a\u003c/code\u003e\u003c/a\u003e Fix typo in changelog (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/bbaaf1f51bd1b327f6b74931d41d9a24fe769901\"\u003e\u003ccode\u003ebbaaf1f\u003c/code\u003e\u003c/a\u003e Version 6.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/1f83b2578fd58b98a9abb8540f99cf2843d84dd5\"\u003e\u003ccode\u003e1f83b25\u003c/code\u003e\u003c/a\u003e Drop a deprecated constant ERB::Revision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/erb/compare/v5.0.2...v6.0.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 2.13.4 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.14.1\u003c/h2\u003e\n\u003ch2\u003eSecurity Note\u003c/h2\u003e\n\u003cp\u003eThis release contains a security fix, we recommend all users to upgrade as soon as possible.\nA Security Advisory with more details will be posted shortly.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd RFC document for Options architecture refactoring plan by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1644\"\u003elostisland/faraday#1644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1655\"\u003elostisland/faraday#1655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExplicit top-level namespace reference by \u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1657\"\u003elostisland/faraday#1657\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\"\u003ehttps://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew features ✨\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse newer \u003ccode\u003eUnprocessableContent\u003c/code\u003e naming for 422 by \u003ca href=\"https://github.com/tylerhunt\"\u003e\u003ccode\u003e@​tylerhunt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1638\"\u003elostisland/faraday#1638\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes 🐞\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eConvert strings to UTF-8 by \u003ca h...\n\n_Description has been truncated_","html_url":"https://github.com/EthanThePhoenix38/openproject/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EthanThePhoenix38%2Fopenproject/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"},{"uuid":"4407025879","node_id":"PR_kwDOOTp4f87ZkHDn","number":11,"state":"closed","title":"Bump the bundler group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-08T23:56:46.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T14:13:08.000Z","updated_at":"2026-05-08T23:56:48.000Z","time_to_close":35018,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":17,"packages":[{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.7","new_version":"1.19.3","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.183.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"actionview","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activerecord","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"css_parser","old_version":"1.21.1","new_version":"1.22.0","repository_url":"https://github.com/premailer/css_parser"},{"name":"faraday","old_version":"2.12.2","new_version":"2.14.1","repository_url":"https://github.com/lostisland/faraday"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [addressable](https://github.com/sporkmonger/addressable), [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [actionview](https://github.com/rails/rails), [activerecord](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [css_parser](https://github.com/premailer/css_parser), [faraday](https://github.com/lostisland/faraday), [net-imap](https://github.com/ruby/net-imap), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml), [ruby-saml](https://github.com/saml-toolkits/ruby-saml), [uri](https://github.com/ruby/uri) and [yard](https://yardoc.org) to permit the latest version.\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.7 to 1.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e46b89e5d7b9e844c2ee360794240c6ea2a4e6fa0c5892a4ed487db621224b639  nokogiri-1.19.3-aarch64-linux-gnu.gem\r\n8392dfdcd21be7a94dbbe9ccc138dea01b97b24cb2dc02a114ca98bfb1d9a0b7  nokogiri-1.19.3-aarch64-linux-musl.gem\r\n3919d5ffc334ad778a4a9eb88fda7dcb8b1fb58c8a52ac640c6dcd2f038e774f  nokogiri-1.19.3-arm-linux-gnu.gem\r\n9ce1cb6346bb9c67b1550eb537aa183ead91e4b6eadb2f36ade02d8dd2a79fb6  nokogiri-1.19.3-arm-linux-musl.gem\r\n71b9bd424b1b7abc18b05052a1a3cfd3627abdca62be280854cc411791357e42  nokogiri-1.19.3-arm64-darwin.gem\r\n40ea6ebf5cf2005dae1dee26dd557d3afb41fb6de6c9764aca8cf06fdb841db1  nokogiri-1.19.3-java.gem\r\n8bb7132cad356c879a1286eaabcb5e68326cb2490317984280fbc62f456d506a  nokogiri-1.19.3-x64-mingw-ucrt.gem\r\n77f3fba57d46c53ab31e62fc6c28f705109d1bf6264356c76f132b2be5728d4d  nokogiri-1.19.3-x86_64-darwin.gem\r\n2f5078620fe12e83669b5b17311b32532a8153d02eee7ad06948b926d6080976  nokogiri-1.19.3-x86_64-linux-gnu.gem\r\n248c906d2166eca5efb56d52fdee5f9a1f51d69a72e2b64fdac647b4ce39ea3f  nokogiri-1.19.3-x86_64-linux-musl.gem\r\n78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8  nokogiri-1.19.3.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSHA256 Checksums\u003c/h3\u003e\n\u003cpre\u003e\u003ccode\u003ec34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19  nokogiri-1.19.2-aarch64-linux-gnu.gem\r\n7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515  nokogiri-1.19.2-aarch64-linux-musl.gem\r\nb7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081  nokogiri-1.19.2-arm-linux-gnu.gem\r\n61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c  nokogiri-1.19.2-arm-linux-musl.gem\r\n58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205  nokogiri-1.19.2-arm64-darwin.gem\r\ne9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717  nokogiri-1.19.2-java.gem\r\n8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a  nokogiri-1.19.2-x64-mingw-ucrt.gem\r\n7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4  nokogiri-1.19.2-x86_64-darwin.gem\r\nfa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f  nokogiri-1.19.2-x86_64-linux-gnu.gem\r\n93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8  nokogiri-1.19.2-x86_64-linux-musl.gem\r\n38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756  nokogiri-1.19.2.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\"\u003ehttps://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/c139a3da0fe0cae7499a0bafa20f2875877c585b\"\u003e\u003ccode\u003ec139a3d\u003c/code\u003e\u003c/a\u003e version bump to v1.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/7501a63b9f4246d12516e35b91fed8be34f854c0\"\u003e\u003ccode\u003e7501a63\u003c/code\u003e\u003c/a\u003e fix: backtracking in CSS tokenizer rules (v1.19.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3627\"\u003e#3627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/03e7968a730a6544ab56a8d6c3e82dd630ad4339\"\u003e\u003ccode\u003e03e7968\u003c/code\u003e\u003c/a\u003e test: skip CSS tokenizer benchmarks on JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b984b7e47f622d1aa97d54c16d5cd596c3eb9538\"\u003e\u003ccode\u003eb984b7e\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer ident rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/00926231e28d5a20e5b4873efba36099aea0d5c6\"\u003e\u003ccode\u003e0092623\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer STRING rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ee17d33aff3adb30c14e71d3d4c8163465acaccf\"\u003e\u003ccode\u003eee17d33\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform (backport to v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ce188a395192e3757d8701949afb643dc025084c\"\u003e\u003ccode\u003ece188a3\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/caeaac41f874f0944f9397c78bf6c1bfac2cb472\"\u003e\u003ccode\u003ecaeaac4\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/25220bf268c9808e28415563ed7f8ea8d5c332bf\"\u003e\u003ccode\u003e25220bf\u003c/code\u003e\u003c/a\u003e dep(test): test against libxml-ruby v6 (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3618\"\u003e#3618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/0caeb21a5c5e9ff45bbede88fb53655f6753bb0e\"\u003e\u003ccode\u003e0caeb21\u003c/code\u003e\u003c/a\u003e doc: add security warnings for untrusted XSLT stylesheets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.7...v1.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.183.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9ab450a023290ff50ed37c8561880a78dabbf19a\"\u003e\u003ccode\u003e9ab450a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55490\"\u003e#55490\u003c/a\u003e from Earlopain/bump-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/95bee6a4c8132b4caf53e073f7b01ce5cdeed4a6\"\u003e\u003ccode\u003e95bee6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55738\"\u003e#55738\u003c/a\u003e from skipkayhil/hm-nkxzsnnrqqlyrotw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6409b24dd20ee4076ec3dbefba9edc3376bf13f1\"\u003e\u003ccode\u003e6409b24\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55719\"\u003e#55719\u003c/a\u003e from skipkayhil/hm-fix-label-for-namespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0160f42886e2ebeb7a0680f073b870326f14c12a\"\u003e\u003ccode\u003e0160f42\u003c/code\u003e\u003c/a\u003e Sync CHANGELOGs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activerecord` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6981fd2fbeadc8bc7db6547604cf2df13cb18a40\"\u003e\u003ccode\u003e6981fd2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55969\"\u003e#55969\u003c/a\u003e from rails/fix-explain-tests-mysql-9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/52347e0467445b350f482838da5bb503c155eb72\"\u003e\u003ccode\u003e52347e0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55938\"\u003e#55938\u003c/a\u003e from aidanharan/truthy-condition-mssql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d2826215f9c9c1fe2f1c91e292171a042be1e9c5\"\u003e\u003ccode\u003ed282621\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55925\"\u003e#55925\u003c/a\u003e from flavorjones/flavorjones/shard-swap-prohibition...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/511dbf2665746e54240c07b93b0d0ddc184873f9\"\u003e\u003ccode\u003e511dbf2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55907\"\u003e#55907\u003c/a\u003e from ruyrocha/fix/sqlite3-data-loss\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bf9219d62aed746260e853cebe98503c8c27cdd5\"\u003e\u003ccode\u003ebf9219d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55918\"\u003e#55918\u003c/a\u003e from baarde/with-bound-sql-literals\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/865bc776d039645bd4b7f2c826ab4e0aaadf51b6\"\u003e\u003ccode\u003e865bc77\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55332\"\u003e#55332\u003c/a\u003e from zzak/re-54882\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/dee79c4a74723ce8016b2e96e3d6d5723f673aa6\"\u003e\u003ccode\u003edee79c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55778\"\u003e#55778\u003c/a\u003e from ianterrell/ianterrell/fix-autosave-changed-via...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/82f2c96c394b0cf2c2208a7cbf8ebb4fa591ebd6\"\u003e\u003ccode\u003e82f2c96\u003c/code\u003e\u003c/a\u003e Disable GCS tests in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ddf2c97b27d25aa1e450545d59ff867df31253f\"\u003e\u003ccode\u003e0ddf2c9\u003c/code\u003e\u003c/a\u003e Delete test that now fails with new version of benchmark gem\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3c7a8a8208221c3f01bc841a8f7015ea00e86427\"\u003e\u003ccode\u003e3c7a8a8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55864\"\u003e#55864\u003c/a\u003e from RicardoTrindade/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/00e1dfa973ce121d767c299a02d05b028caf8b5c\"\u003e\u003ccode\u003e00e1dfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `css_parser` from 1.21.1 to 1.22.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/premailer/css_parser/blob/master/CHANGELOG.md\"\u003ecss_parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRuby CSS Parser CHANGELOG\u003c/h2\u003e\n\u003ch3\u003eUnreleased\u003c/h3\u003e\n\u003ch3\u003eVersion 2.2.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAccept CSS \u003ccode\u003e\u0026lt;number\u0026gt;\u003c/code\u003e values with an omitted integer part (e.g. \u003ccode\u003e.1\u003c/code\u003e) inside \u003ccode\u003ergb()\u003c/code\u003e/\u003ccode\u003ergba()\u003c/code\u003e/\u003ccode\u003ehsl()\u003c/code\u003e/\u003ccode\u003ehsla()\u003c/code\u003e. Previously \u003ccode\u003eRE_COLOUR_NUMERIC\u003c/code\u003e and \u003ccode\u003eRE_COLOUR_NUMERIC_ALPHA\u003c/code\u003e required at least one digit before the decimal point, which caused colours such as \u003ccode\u003ergba(0,0,0,.1)\u003c/code\u003e to be silently dropped during shorthand expansion (\u003ccode\u003ebackground-color\u003c/code\u003e from \u003ccode\u003ebackground:\u003c/code\u003e, \u003ccode\u003eborder-*-color\u003c/code\u003e from \u003ccode\u003eborder:\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.1.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate ssl when pulling files via https\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ruby \u0026lt;3.2, fix a memory leak\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/040895b7e554f4afbbf1a0dbd239eb2b85de7c32\"\u003e\u003ccode\u003e040895b\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/5069b71b4258dc9423db0019848654e8a1ea5c9b\"\u003e\u003ccode\u003e5069b71\u003c/code\u003e\u003c/a\u003e bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/e0c95d5abe91b237becb90ff316531a6547ada18\"\u003e\u003ccode\u003ee0c95d5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/premailer/css_parser/issues/186\"\u003e#186\u003c/a\u003e from premailer/grosser/https\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/premailer/css_parser/compare/v1.21.1...v1.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 2.12.2 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.14.1\u003c/h2\u003e\n\u003ch2\u003eSecurity Note\u003c/h2\u003e\n\u003cp\u003eThis release contains a security fix, we recommend all users to upgrade as soon as possible.\nA Security Advisory with more details will be posted shortly.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd RFC document for Options architecture refactoring plan by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1644\"\u003elostisland/faraday#1644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1655\"\u003elostisland/faraday#1655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExplicit top-level namespace reference by \u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1657\"\u003elostisland/faraday#1657\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\"\u003ehttps://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew features ✨\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse newer \u003ccode\u003eUnprocessableContent\u003c/code\u003e naming for 422 by \u003ca href=\"https://github.com/tylerhunt\"\u003e\u003ccode\u003e@​tylerhunt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1638\"\u003elostisland/faraday#1638\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes 🐞\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eConvert strings to UTF-8 by \u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1624\"\u003elostisland/faraday#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eResponse#to_hash\u003c/code\u003e when response not finished yet by \u003ca href=\"https://github.com/yykamei\"\u003e\u003ccode\u003e@​yykamei\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1639\"\u003elostisland/faraday#1639\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc/Docs 📄\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eLint: use \u003ccode\u003efilter_map\u003c/code\u003e by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1637\"\u003elostisland/faraday#1637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eactions/checkout\u003c/code\u003e from v4 to v5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1636\"\u003elostisland/faraday#1636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes documentation by \u003ca href=\"https://github.com/dharamgollapudi\"\u003e\u003ccode\u003e@​dharamgollapudi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1635\"\u003elostisland/faraday#1635\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1624\"\u003elostisland/faraday#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dharamgollapudi\"\u003e\u003ccode\u003e@​dharamgollapudi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1635\"\u003elostisland/faraday#1635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tylerhunt\"\u003e\u003ccode\u003e@​tylerhunt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1638\"\u003elostisland/faraday#1638\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.13.4...v2.14.0\"\u003ehttps://github.com/lostisland/faraday/compare/v2.13.4...v2.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove error handling logic and add missing test coverage by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1633\"\u003elostisland/faraday#1633\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.13.3...v2.13.4\"\u003ehttps://github.com/lostisland/faraday/compare/v2.13.3...v2.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix type assumption in \u003ccode\u003eFaraday::Error\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1630\"\u003elostisland/faraday#1630\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/16cbd38ef252d25dedf416a4d2510a2f3db10c87\"\u003e\u003ccode\u003e16cbd38\u003c/code\u003e\u003c/a\u003e Version bump to 2.14.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/a6d3a3a0bf59c2ab307d0abd91bc126aef5561bc\"\u003e\u003ccode\u003ea6d3a3a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/b23f710d28c0dba169470f568df4017a1e8beea7\"\u003e\u003ccode\u003eb23f710\u003c/code\u003e\u003c/a\u003e Explicit top-level namespace reference (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1657\"\u003e#1657\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/49ba4ac3a7359baed634c12a82386f6c8c717ea8\"\u003e\u003ccode\u003e49ba4ac\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1655\"\u003e#1655\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/51a49bc99d7df6f724d250d64771e1d710576df7\"\u003e\u003ccode\u003e51a49bc\u003c/code\u003e\u003c/a\u003e Ensure Claude reads the guidelines and allow to plan in a gitignored .ai/PLAN...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/894f65cab8f04bcf35e84a2dfd9fc0286dbce340\"\u003e\u003ccode\u003e894f65c\u003c/code\u003e\u003c/a\u003e Add RFC document for Options architecture refactoring plan (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1644\"\u003e#1644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/397e3ded0c5166313bb22f1c0221b36b6023fd0f\"\u003e\u003ccode\u003e397e3de\u003c/code\u003e\u003c/a\u003e Add comprehensive AI agent ...\n\n_Description has been truncated_","html_url":"https://github.com/LelandParker/openproject/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LelandParker%2Fopenproject/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"4248319616","node_id":"PR_kwDOFPUles7Rxzto","number":182,"state":"open","title":"Bump actionview from 7.2.3 to 7.2.3.1 in /api","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-12T14:13:04.000Z","updated_at":"2026-04-12T14:19:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":"/api","ecosystem":"rubygems"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/zatarain/portfolio/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/zatarain/portfolio/pull/182","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zatarain%2Fportfolio/issues/182","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/182/packages"},{"uuid":"4221560219","node_id":"PR_kwDOMt-mx87QqrMs","number":18,"state":"closed","title":"Bump the bundler group across 4 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-08T08:21:15.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-08T01:47:56.000Z","updated_at":"2026-04-08T08:21:18.000Z","time_to_close":23599,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":8,"packages":[{"name":"activesupport","old_version":"7.2.1","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"},{"name":"nokogiri","old_version":"1.16.7","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"devise","old_version":"4.9.4","new_version":"5.0.3","repository_url":"https://github.com/heartcombo/devise"},{"name":"actionview","old_version":"6.1.7.8","new_version":"8.1.3"},{"name":"activestorage","old_version":"6.1.7.8","new_version":"8.1.3"},{"name":"activesupport","old_version":"6.1.7.8","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22"},{"name":"nokogiri","old_version":"1.16.7","new_version":"1.19.2","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.9","new_version":"3.2.6"},{"name":"devise","old_version":"4.9.4","new_version":"5.0.3","repository_url":"https://github.com/heartcombo/devise"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 2 updates in the /docs directory: [activesupport](https://github.com/rails/rails) and [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 1 update in the /gemfiles/rails_61 directory: [devise](https://github.com/heartcombo/devise).\nBumps the bundler group with 1 update in the /gemfiles/rails_70 directory: [devise](https://github.com/heartcombo/devise).\nBumps the bundler group with 1 update in the /gemfiles/rails_71 directory: [devise](https://github.com/heartcombo/devise).\n\nUpdates `activesupport` from 7.2.1 to 7.2.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b54a4b373c6f042cab6ee2033246b1c9ecc38974\"\u003e\u003ccode\u003eb54a4b3\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c1ad0e8e1972032f3395853a5e99cea035035beb\"\u003e\u003ccode\u003ec1ad0e8\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a\"\u003e\u003ccode\u003eebd6be1\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4a155f1fd7d4a1887b169eda4983a052fb2e2f13\"\u003e\u003ccode\u003e4a155f1\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fe41a9fa77412917ea3f228d6a742f31ad21e26d\"\u003e\u003ccode\u003efe41a9f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/12040a3145012fb312eb2d70fc700f4d34a27934\"\u003e\u003ccode\u003e12040a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55808\"\u003e#55808\u003c/a\u003e from olivier-thatch/fix-enum-sole\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/58630e19ad0fe3c822302ae147ad1f863c95de2e\"\u003e\u003ccode\u003e58630e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55794\"\u003e#55794\u003c/a\u003e from rails/fix-55513\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.1...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.16.7 to 1.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\r\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\r\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\r\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\r\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\r\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\r\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\r\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\r\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\r\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\r\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\r\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\r\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\r\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\r\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\r\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\r\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\r\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\r\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\r\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\r\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.7...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devise` from 4.9.4 to 5.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/releases\"\u003edevise's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0.rc\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/blob/main/CHANGELOG.md\"\u003edevise's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e5.0.3 - 2026-03-16\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity fixes\n\u003cul\u003e\n\u003cli\u003eFix race condition vulnerability on confirmable \u0026quot;change email\u0026quot; which would allow confirming an email they don't own CVE-2026-32700 \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5783\"\u003e#5783\u003c/a\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5784\"\u003e#5784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2 - 2026-02-18\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenhancements\n\u003cul\u003e\n\u003cli\u003eAllow resource class scopes to override the global configuration for \u003ccode\u003esign_in_after_change_password\u003c/code\u003e behaviour. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5825\"\u003e#5825\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eNote\u003c/em\u003e: some users ran into an issue with this change because \u003ccode\u003eRegistrationsController\u003c/code\u003e now relies on a setting from the \u003ccode\u003e:registerable\u003c/code\u003e module. These users were configuring their own routes pointing to the \u003ccode\u003eRegistrationsController\u003c/code\u003e for resource edit/update actions mostly, without relying on the other registration actions (e.g. user sign up.), so they omitted \u003ccode\u003e:registerable\u003c/code\u003e from the model declaration. While using just a portion of the controller functionality is a valid use for \u003ccode\u003e:registerable\u003c/code\u003e (or any module really), the module must still be declared in the model, much like the other modules must be declared if you plan on using just a portion of their behavior. Please check \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5828#issuecomment-3926822788\"\u003ethis issue\u003c/a\u003e for more info.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003esign_in_after_reset_password?\u003c/code\u003e check hook to passwords controller, to allow it to be customized by users. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5826\"\u003e#5826\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1 - 2026-02-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebug fixes\n\u003cul\u003e\n\u003cli\u003eFix translation issue with German \u003ccode\u003eE-Mail\u003c/code\u003e on invalid authentication messages caused by previous fix for incorrect grammar \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5822\"\u003e#5822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0 - 2026-01-23\u003c/h3\u003e\n\u003cp\u003eno changes\u003c/p\u003e\n\u003ch3\u003e5.0.0.rc - 2025-12-31\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Ruby \u0026lt; 2.7\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Rails \u0026lt; 7.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003e:bypass\u003c/code\u003e option from \u003ccode\u003esign_in\u003c/code\u003e helper, use \u003ccode\u003ebypass_sign_in\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003edevise_error_messages!\u003c/code\u003e helper, use \u003ccode\u003erender \u0026quot;devise/shared/error_messages\u0026quot;, resource: resource\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003escope\u003c/code\u003e second argument from \u003ccode\u003esign_in(resource, :admin)\u003c/code\u003e controller test helper, use \u003ccode\u003esign_in(resource, scope: :admin)\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::TestHelpers\u003c/code\u003e, use \u003ccode\u003eDevise::Test::ControllerHelpers\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION\u003c/code\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5598\"\u003e#5598\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise.activerecord51?\u003c/code\u003e method.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eSecretKeyFinder\u003c/code\u003e and use \u003ccode\u003eapp.secret_key_base\u003c/code\u003e as the default secret key for \u003ccode\u003eDevise.secret_key\u003c/code\u003e if a custom \u003ccode\u003eDevise.secret_key\u003c/code\u003e is not provided.\u003c/p\u003e\n\u003cp\u003eThis is potentially a breaking change because Devise previously used the following order to find a secret key:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eapp.credentials.secret_key_base \u0026gt; app.secrets.secret_key_base \u0026gt; application.config.secret_key_base \u0026gt; application.secret_key_base\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eNow, it always uses \u003ccode\u003eapplication.secret_key_base\u003c/code\u003e. Make sure you're using the same secret key after the upgrade; otherwise, previously generated tokens for \u003ccode\u003erecoverable\u003c/code\u003e, \u003ccode\u003elockable\u003c/code\u003e, and \u003ccode\u003econfirmable\u003c/code\u003e will be invalid.\n\u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5645\"\u003e#5645\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChange password instructions button label on devise view from \u003ccode\u003eSend me reset password instructions\u003c/code\u003e to \u003ccode\u003eSend me password reset instructions\u003c/code\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5515\"\u003e#5515\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChange \u003ccode\u003e\u0026lt;br\u0026gt;\u003c/code\u003e tags separating form elements to wrapping them in \u003ccode\u003e\u0026lt;p\u0026gt;\u003c/code\u003e tags \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5494\"\u003e#5494\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReplace \u003ccode\u003e[data-turbo-cache=false]\u003c/code\u003e with \u003ccode\u003e[data-turbo-temporary]\u003c/code\u003e on \u003ccode\u003edevise/shared/error_messages\u003c/code\u003e partial. This has been \u003ca href=\"https://github.com/hotwired/turbo/releases/tag/v7.3.0\"\u003edeprecated by Turbo since v7.3.0 (released on Mar 1, 2023)\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIf you are using an older version of Turbo and the default devise template, you'll need to copy it over to your app and change that back to \u003ccode\u003e[data-turbo-cache=false]\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Rails 8 support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/2f809205b2a9112767e68e1a5666c649a42609c6\"\u003e\u003ccode\u003e2f80920\u003c/code\u003e\u003c/a\u003e Release v5.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/53347074021b38590653b95523f9b7113e5dcfdc\"\u003e\u003ccode\u003e5334707\u003c/code\u003e\u003c/a\u003e Add CVE to changelog [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/02527772bd9adbc3357d9c62fbc16e73e438121d\"\u003e\u003ccode\u003e0252777\u003c/code\u003e\u003c/a\u003e Fix race condition vulnerability, by ensuring the \u003ccode\u003eunconfirmed_email\u003c/code\u003e is alwa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/879f79fceaf2ec6525219ee7bb4057ce4db65729\"\u003e\u003ccode\u003e879f79f\u003c/code\u003e\u003c/a\u003e Bundle update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/0f4493bd0302f85d1662b71c4f2145268fecc200\"\u003e\u003ccode\u003e0f4493b\u003c/code\u003e\u003c/a\u003e Configure default permissions as read-only for the workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/8c785761bd3c717793f0da4146dd630865568567\"\u003e\u003ccode\u003e8c78576\u003c/code\u003e\u003c/a\u003e Ignore test/** folder for GH default code scanning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/c9e655e13253dc53e3c0981a8345f134bcda1fc5\"\u003e\u003ccode\u003ec9e655e\u003c/code\u003e\u003c/a\u003e Bundle update, clear dependabot security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/3fd061095084d8f9d3f8c995c46caabcd15640fd\"\u003e\u003ccode\u003e3fd0610\u003c/code\u003e\u003c/a\u003e Add a note to the changelog about an edge case issue some users ran into\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/5b008ed51c0df3223cf727e7ad07378d6329b12f\"\u003e\u003ccode\u003e5b008ed\u003c/code\u003e\u003c/a\u003e Release v5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/916f94ed4b4bb8e7881d5cf8c6535b7ccb368f7a\"\u003e\u003ccode\u003e916f94e\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003esign_in_after_reset_password?\u003c/code\u003e check hook to passwords controller (\u003ca href=\"https://redirect.github.com/heartcombo/devise/issues/5826\"\u003e#5826\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/heartcombo/devise/compare/v4.9.4...v5.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 6.1.7.8 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix encoding errors for string locals containing non-ASCII characters.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eKataoka Katsuki\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix collection caching to only forward \u003ccode\u003eexpires_in\u003c/code\u003e argument if explicitly set.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePieter Visser\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.2 (January 08, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003efile_field\u003c/code\u003e to join mime types with a comma when provided as Array\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003efile_field(:article, :image, accept: ['image/png', 'image/gif', 'image/jpeg'])\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eNow behaves likes:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003efile_field(:article, :image, accept: 'image/png,image/gif,image/jpeg')\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eBogdan Gusiev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix strict locals parsing to handle multiline definitions.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003econtent_security_policy_nonce\u003c/code\u003e error in mailers when using \u003ccode\u003econtent_security_policy_nonce_auto\u003c/code\u003e setting.\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003econtent_security_policy_nonce helper\u003c/code\u003e is provided by \u003ccode\u003eActionController::ContentSecurityPolicy\u003c/code\u003e, and it relies on \u003ccode\u003erequest.content_security_policy_nonc\u003c/code\u003ee. Mailers lack both the module and the request object.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJarrett Lusso\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e598b9427876ba44bd62c48390e6568476b3f8f0\"\u003e\u003ccode\u003ee598b94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c2ea79c21161de7eb271b2789fbed21dde504071\"\u003e\u003ccode\u003ec2ea79c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7c8ae65b7045490965218a994c300aea8dbb079\"\u003e\u003ccode\u003ed7c8ae6\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/27aa94fb4430b8dd9464081ad9b5ca083452570c\"\u003e\u003ccode\u003e27aa94f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56389\"\u003e#56389\u003c/a\u003e from bogdan/semantic-file-input-accept\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v6.1.7.8...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 6.1.7.8 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/activestorage/CHANGELOG.md\"\u003eactivestorage's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveStorage::Blob\u003c/code\u003e content type predicate methods to handle \u003ccode\u003enil\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDaichi KUDO\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFilter user supplied metadata in DirectUploadController\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33173]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eConfigurable maxmimum streaming chunk size\u003c/p\u003e\n\u003cp\u003eMakes sure that byte ranges for blobs don't exceed 100mb by default.\nContent ranges that are too big can result in denial of service.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33174]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGannon McGibbon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eLimit range requests to a single range\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33658]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ePrevent path traversal in \u003ccode\u003eDiskService\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eDiskService#path_for\u003c/code\u003e now raises an \u003ccode\u003eInvalidKeyError\u003c/code\u003e when passed keys with dot segments (\u0026quot;.\u0026quot;,\n\u0026quot;..\u0026quot;), or if the resolved path is outside the storage root directory.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e#path_for\u003c/code\u003e also now consistently raises \u003ccode\u003eInvalidKeyError\u003c/code\u003e if the key is invalid in any way, for\nexample containing null bytes or having an incompatible encoding. Previously, the exception\nraised may have been \u003ccode\u003eArgumentError\u003c/code\u003e or \u003ccode\u003eEncoding::CompatibilityError\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eDiskController\u003c/code\u003e now explicitly rescues \u003ccode\u003eInvalidKeyError\u003c/code\u003e with appropriate HTTP status codes.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33195]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ePrevent glob injection in \u003ccode\u003eDiskService#delete_prefixed\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eEscape glob metacharacters in the resolved path before passing to \u003ccode\u003eDir.glob\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8c9676b803820110548cdb7523800db43bc6874c\"\u003e\u003ccode\u003e8c9676b\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9b06fbc0f504b8afe333f33d19548f3b85fbe655\"\u003e\u003ccode\u003e9b06fbc\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d9502f5214e2198245a4c1defe9cd02a7c8057d0\"\u003e\u003ccode\u003ed9502f5\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/85ec5b1e00d3197d8c69a5e622e1b398a1b10b06\"\u003e\u003ccode\u003e85ec5b1\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/42012eaaa88dfc7d0030161b2bc8074a7bbce92a\"\u003e\u003ccode\u003e42012ea\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/064cea7d610f6020bc8cb97cb693d1fb15ed23c8\"\u003e\u003ccode\u003e064cea7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56783\"\u003e#56783\u003c/a\u003e from kudoas/fix-activestorage-blob-content-type-nil\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v6.1.7.8...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 6.1.7.8 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b54a4b373c6f042cab6ee2033246b1c9ecc38974\"\u003e\u003ccode\u003eb54a4b3\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c1ad0e8e1972032f3395853a5e99cea035035beb\"\u003e\u003ccode\u003ec1ad0e8\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a\"\u003e\u003ccode\u003eebd6be1\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4a155f1fd7d4a1887b169eda4983a052fb2e2f13\"\u003e\u003ccode\u003e4a155f1\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fe41a9fa77412917ea3f228d6a742f31ad21e26d\"\u003e\u003ccode\u003efe41a9f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/12040a3145012fb312eb2d70fc700f4d34a27934\"\u003e\u003ccode\u003e12040a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55808\"\u003e#55808\u003c/a\u003e from olivier-thatch/fix-enum-sole\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/58630e19ad0fe3c822302ae147ad1f863c95de2e\"\u003e\u003ccode\u003e58630e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55794\"\u003e#55794\u003c/a\u003e from rails/fix-55513\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.1...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.16.7 to 1.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\r\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\r\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\r\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\r\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\r\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\r\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\r\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\r\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\r\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\r\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\r\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\r\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\r\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\r\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\r\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\r\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\r\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\r\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\r\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\r\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.7...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.9 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.2.5...v3.2.6\"\u003ehttps://github.com/rack/rack/compare/v3.2.5...v3.2.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.9.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix content-length calcuation in Rack:Response#write \u003ca href=\"https://redirect.github.com/rack/rack/issues/2150\"\u003e#2150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.8...v3.0.9\"\u003ehttps://github.com/rack/rack/compare/v3.0.8...v3.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Fix some unused variable verbose warnings\u0026quot; by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.7...v3.0.8\"\u003ehttps://github.com/rack/rack/compare/v3.0.7...v3.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Make query parameters without = have nil values\u0026quot;. by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2060\"\u003erack/rack#2060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\"\u003ehttps://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.6.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.3...v3.0.4\"\u003ehttps://github.com/rack/rack/compare/v3.0.3...v3.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v3.0.3 by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2000\"\u003erack/rack#2000\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.6] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qfgr-crr9-7r49\"\u003eCVE-2026-32762\u003c/a\u003e Forwarded header semicolon injection enables Host and Scheme spoofing.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-g2pf-xv49-m2h5\"\u003eCVE-2026-34835\u003c/a\u003e \u003ccode\u003eRack::Request\u003c/code\u003e accepts invalid Host characters, enabling host allowlist bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v6x5-cg8r-vv6x\"\u003eCVE-2026-34827\u003c/a\u003e Multipart header parsing allows denial of service via escape-heavy quoted parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-rx22-g9mx-qrhv\"\u003eCVE-2026-26962\u003c/a\u003e Improper unfolding of folded multipart headers preserves CRLF in parsed parameter values.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e1f22fdbe99afd2126b6fbf05bb12399359574b7\"\u003e\u003ccode\u003ee1f22fd\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/31989fd7bb6f806fdb3cfa4e9aec1fe8434f47d1\"\u003e\u003ccode\u003e31989fd\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d268165e390e17b83573fec916dcdef6304a8b4b\"\u003e\u003ccode\u003ed268165\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8f425de0ee75a2f3cdfbfdd57858c1910b7645ff\"\u003e\u003ccode\u003e8f425de\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bf830426ce5b3daccb5a226b733703c86504ceba\"\u003e\u003ccode\u003ebf83042\u003c/code\u003e\u003c/a\u003e Drop EOL Rubies from external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d50c4d3dab62fa80b2a276271d0d4fb338cfa7df\"\u003e\u003ccode\u003ed50c4d3\u003c/code\u003e\u003c/a\u003e Implement OBS unfolding for multipart requests per RFC 5322 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bfb69142dbe2a1e3298ad52d12935938d1b58205\"\u003e\u003ccode\u003ebfb6914\u003c/code\u003e\u003c/a\u003e Limit the number of quoted escapes during multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b3e5945c648c5a5b6982e5072b26e51990991229\"\u003e\u003ccode\u003eb3e5945\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7a8f32696609b88e2c4c1f09d473a1d2d837ed4b\"\u003e\u003ccode\u003e7a8f326\u003c/code\u003e\u003c/a\u003e Fix root prefix bug in Rack::Static\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a57bc140247f904dc1e3302badedcb73645072c7\"\u003e\u003ccode\u003ea57bc14\u003c/code\u003e\u003c/a\u003e Only do a simple substitution on the x-accel-mapping paths\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.9...v3.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devise` from 4.9.4 to 5.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/releases\"\u003edevise's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0.rc\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/blob/main/CHANGELOG.md\"\u003edevise's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e5.0.3 - 2026-03-16\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity fixes\n\u003cul\u003e\n\u003cli\u003eFix race condition vulnerability on confirmable \u0026quot;change email\u0026quot; which would allow confirming an email they don't own CVE-2026-32700 \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5783\"\u003e#5783\u003c/a\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5784\"\u003e#5784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2 - 2026-02-18\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenhancements\n\u003cul\u003e\n\u003cli\u003eAllow resource class scopes to override the global configuration for \u003ccode\u003esign_in_after_change_password\u003c/code\u003e behaviour. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5825\"\u003e#5825\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eNote\u003c/em\u003e: some users ran into an issue with this change because \u003ccode\u003eRegistrationsController\u003c/code\u003e now relies on a setting from the \u003ccode\u003e:registerable\u003c/code\u003e module. These users were configuring their own routes pointing to the \u003ccode\u003eRegistrationsController\u003c/code\u003e for resource edit/update actions mostly, without relying on the other registration actions (e.g. user sign up.), so they omitted \u003ccode\u003e:registerable\u003c/code\u003e from the model declaration. While using just a portion of the controller functionality is a valid use for \u003ccode\u003e:registerable\u003c/code\u003e (or any module really), the module must still be declared in the model, much like the other modules must be declared if you plan on using just a portion of their behavior. Please check \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5828#issuecomment-3926822788\"\u003ethis issue\u003c/a\u003e for more info.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003esign_in_after_reset_password?\u003c/code\u003e check hook to passwords controller, to allow it to be customized by users. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5826\"\u003e#5826\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1 - 2026-02-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebug fixes\n\u003cul\u003e\n\u003cli\u003eFix translation issue with German \u003ccode\u003eE-Mail\u003c/code\u003e on invalid authentication messages caused by previous fix for incorrect grammar \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5822\"\u003e#5822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0 - 2026-01-23\u003c/h3\u003e\n\u003cp\u003eno changes\u003c/p\u003e\n\u003ch3\u003e5.0.0.rc - 2025-12-31\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Ruby \u0026lt; 2.7\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Rails \u0026lt; 7.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003e:bypass\u003c/code\u003e option from \u003ccode\u003esign_in\u003c/code\u003e helper, use \u003ccode\u003ebypass_sign_in\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003edevise_error_messages!\u003c/code\u003e helper, use \u003ccode\u003erender \u0026quot;devise/shared/error_messages\u0026quot;, resource: resource\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003escope\u003c/code\u003e second argument from \u003ccode\u003esign_in(resource, :admin)\u003c/code\u003e controller test helper, use \u003ccode\u003esign_in(resource, scope: :admin)\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::TestHelpers\u003c/code\u003e, use \u003ccode\u003eDevise::Test::ControllerHelpers\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION\u003c/code\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5598\"\u003e#5598\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise.activerecord51?\u003c/code\u003e method.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eSecretKeyFinder\u003c/code\u003e and use \u003ccode\u003eapp.secre...\n\n_Description has been truncated_","html_url":"https://github.com/waveaccounting/activeadmin/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/waveaccounting%2Factiveadmin/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"},{"uuid":"4176216222","node_id":"PR_kwDODeLmpc7O16gw","number":706,"state":"closed","title":"Bump actionview from 8.1.2 to 8.1.2.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-01T00:03:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T06:22:53.000Z","updated_at":"2026-04-01T00:03:40.000Z","time_to_close":63645,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"8.1.2","new_version":"8.1.2.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2 to 8.1.2.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2...v8.1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2\u0026new-version=8.1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bio-org-au/editor/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bio-org-au/editor/pull/706","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bio-org-au%2Feditor/issues/706","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/706/packages"},{"uuid":"4135090950","node_id":"PR_kwDOAeBT_c7NVYY2","number":178,"state":"open","title":"[bundler] Bump the rails group with 4 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-25T12:33:45.000Z","updated_at":"2026-03-25T12:34:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[bundler] Bump","group_name":"rails","update_count":4,"packages":[{"name":"activemodel","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"actionpack","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"actionview","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the rails group with 4 updates: [activemodel](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [actionpack](https://github.com/rails/rails) and [actionview](https://github.com/rails/rails).\n\nUpdates `activemodel` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivemodel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/activemodel/CHANGELOG.md\"\u003eactivemodel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eEdward Woodcock\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5a3d7d903aba1219f394259c2d9c02949b1b5cd7\"\u003e\u003ccode\u003e5a3d7d9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56943\"\u003e#56943\u003c/a\u003e from yahonda/ruby-16321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/034ca73253a001be8cce523812559012ac341fb8\"\u003e\u003ccode\u003e034ca73\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56867\"\u003e#56867\u003c/a\u003e from hammadxcm/fix-ruby4-delegator-inspect-warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6c23f3bd4e252619010bb13ab2570faa5000ed55\"\u003e\u003ccode\u003e6c23f3b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56768\"\u003e#56768\u003c/a\u003e from RemoteCTO/fix/integer-type-marshal-compat\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/activesupport/CHANGELOG.md\"\u003eactivesupport's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\n  inflect.acronym \u0026quot;USD\u0026quot;\n  inflect.acronym \u0026quot;USDC\u0026quot;\nend\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c315744f2001bdd5cba32d43274adca50b71e289\"\u003e\u003ccode\u003ec315744\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56889\"\u003e#56889\u003c/a\u003e from alpaca-tc/support-spring-on-test-environment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2ac86a8a9e32fff6bfaacd199957ba4ace0a2256\"\u003e\u003ccode\u003e2ac86a8\u003c/code\u003e\u003c/a\u003e Revert benchmark.rb to a silent shim (\u003ca href=\"https://redirect.github.com/rails/rails/issues/56832\"\u003e#56832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8e8c95511610c6316084ccd9bc098acfd5e163b8\"\u003e\u003ccode\u003e8e8c955\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56785\"\u003e#56785\u003c/a\u003e from drsharp/dan/fix-json-encoder-bug\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/38e8df6a5a3244e5a239e33c3a08ed0c52791b73\"\u003e\u003ccode\u003e38e8df6\u003c/code\u003e\u003c/a\u003e Fix activesupport/CHANGELOG.md offense at 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f5266eee6c69972b629cbcdeed8ad34d5410de14\"\u003e\u003ccode\u003ef5266ee\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56679\"\u003e#56679\u003c/a\u003e from Saidbek/fix-overlapping-acronyms-order\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8080d2d6bbbc8d534d2ba57623b8bcf90f7e0caf\"\u003e\u003ccode\u003e8080d2d\u003c/code\u003e\u003c/a\u003e Fix changelog formatting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/594357c4bc3ee1aae1b9413715f99407352e7c19\"\u003e\u003ccode\u003e594357c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56652\"\u003e#56652\u003c/a\u003e from zzak/re-56588\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/055902a00e777d6ed5be51c73181d54aa1251e0a\"\u003e\u003ccode\u003e055902a\u003c/code\u003e\u003c/a\u003e Handle Ruby 4.1 stabby lambda in Proc#source_location start_column\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionpack` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionpack/CHANGELOG.md\"\u003eactionpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/10c6e0eb362d4cd437ea092deb86e67f0d243dfc\"\u003e\u003ccode\u003e10c6e0e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56750\"\u003e#56750\u003c/a\u003e from nicolasva/fix/UnknownHttpMethod\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/cce61db5a22f94e8e820b3d2bf3d96cf0db9412a\"\u003e\u003ccode\u003ecce61db\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56820\"\u003e#56820\u003c/a\u003e from ybiquitous/improve-apidoc-for-ActionDispatch_I...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix encoding errors for string locals containing non-ASCII characters.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eKataoka Katsuki\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix collection caching to only forward \u003ccode\u003eexpires_in\u003c/code\u003e argument if explicitly set.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePieter Visser\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e598b9427876ba44bd62c48390e6568476b3f8f0\"\u003e\u003ccode\u003ee598b94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c2ea79c21161de7eb271b2789fbed21dde504071\"\u003e\u003ccode\u003ec2ea79c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e\n\n\u003c!-- CURSOR_SUMMARY --\u003e\n---\n\n\u003e [!NOTE]\n\u003e **Low Risk**\n\u003e Lockfile-only dependency updates to Rails patch releases and `json` patch version; main risk is unexpected upstream behavior changes in framework internals.\n\u003e \n\u003e **Overview**\n\u003e Updates `Gemfile.lock` to bump the Rails framework gems (`actionpack`, `actionview`, `activemodel`, `activesupport`) from `8.1.2.1` to `8.1.3`, including refreshed checksums.\n\u003e \n\u003e Also bumps the `json` gem from `2.19.2` to `2.19.3`.\n\u003e \n\u003e \u003csup\u003eWritten by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 3ac7be5462b12fd672a340cddd579bbe16ff2ae5. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).\u003c/sup\u003e\n\u003c!-- /CURSOR_SUMMARY --\u003e","html_url":"https://github.com/guideline-tech/subroutine/pull/178","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guideline-tech%2Fsubroutine/issues/178","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/178/packages"},{"uuid":"4134833841","node_id":"PR_kwDORsWxws7NUp2L","number":5,"state":"closed","title":"chore(deps): bump actionview from 8.1.2 to 8.1.2.1 in /src/email","user":"dependabot[bot]","labels":["dependencies","ruby","Stale"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-09T04:06:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T11:51:04.000Z","updated_at":"2026-04-09T04:06:40.000Z","time_to_close":1268126,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actionview","old_version":"8.1.2","new_version":"8.1.2.1","repository_url":"https://github.com/rails/rails"}],"path":"/src/email","ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2 to 8.1.2.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2...v8.1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2\u0026new-version=8.1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pactflow/opentelemetry-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/pactflow/opentelemetry-demo/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pactflow%2Fopentelemetry-demo/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4134610965","node_id":"PR_kwDOAiV2K87NUB4I","number":335,"state":"open","title":"Bump actionview from 8.1.2 to 8.1.2.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-25T11:16:20.000Z","updated_at":"2026-03-27T19:42:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"8.1.2","new_version":"8.1.2.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2 to 8.1.2.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2...v8.1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2\u0026new-version=8.1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kaspernj/worker_plugins/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/kaspernj/worker_plugins/pull/335","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kaspernj%2Fworker_plugins/issues/335","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/335/packages"},{"uuid":"4132022472","node_id":"PR_kwDOAC7Aw87NMnuz","number":4311,"state":"closed","title":":arrow_up: Bump actionview from 8.1.2.1 to 8.1.3","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-03-25T02:59:35.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T02:57:53.000Z","updated_at":"2026-03-25T02:59:36.000Z","time_to_close":102,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":":arrow_up: Bump","packages":[{"name":"actionview","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2.1 to 8.1.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix encoding errors for string locals containing non-ASCII characters.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eKataoka Katsuki\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix collection caching to only forward \u003ccode\u003eexpires_in\u003c/code\u003e argument if explicitly set.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePieter Visser\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e598b9427876ba44bd62c48390e6568476b3f8f0\"\u003e\u003ccode\u003ee598b94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c2ea79c21161de7eb271b2789fbed21dde504071\"\u003e\u003ccode\u003ec2ea79c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2.1\u0026new-version=8.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pglombardo/PasswordPusher/pull/4311","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pglombardo%2FPasswordPusher/issues/4311","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4311/packages"},{"uuid":"4130635026","node_id":"PR_kwDOAHOAqs7NIn70","number":38840,"state":"open","title":"DEPS: Bump the rails group with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T21:03:20.000Z","updated_at":"2026-03-24T21:03:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"DEPS: Bump","group_name":"rails","update_count":8,"packages":[{"name":"actionmailer","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"actionpack","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"actionview","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activemodel","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activerecord","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"railties","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activejob","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the rails group with 8 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actionmailer](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [actionpack](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [actionview](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activemodel](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activerecord](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activesupport](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [railties](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activejob](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n\n\nUpdates `actionmailer` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/actionmailer/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `actionpack` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/actionpack/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `actionview` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activemodel` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activemodel/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activerecord` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activerecord/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activesupport` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activesupport/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `railties` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/railties/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activejob` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activejob/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)","html_url":"https://github.com/discourse/discourse/pull/38840","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/discourse%2Fdiscourse/issues/38840","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/38840/packages"},{"uuid":"4130174658","node_id":"PR_kwDOOTp4f87NHPm7","number":4,"state":"closed","title":"Bump the bundler group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-25T22:10:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T19:27:55.000Z","updated_at":"2026-03-25T22:11:00.000Z","time_to_close":96183,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":9,"packages":[{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.7","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.183.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"actionview","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activerecord","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"uri","old_version":"1.0.3","new_version":"1.1.1","repository_url":"https://github.com/ruby/uri"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [actionview](https://github.com/rails/rails), [activerecord](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails) and [uri](https://github.com/ruby/uri) to permit the latest version.\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.7 to 1.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\r\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\r\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\r\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\r\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\r\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\r\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\r\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\r\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\r\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\r\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\r\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\r\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\r\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\r\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\r\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\r\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\r\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\r\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\r\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\r\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.7...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.183.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9ab450a023290ff50ed37c8561880a78dabbf19a\"\u003e\u003ccode\u003e9ab450a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55490\"\u003e#55490\u003c/a\u003e from Earlopain/bump-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/95bee6a4c8132b4caf53e073f7b01ce5cdeed4a6\"\u003e\u003ccode\u003e95bee6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55738\"\u003e#55738\u003c/a\u003e from skipkayhil/hm-nkxzsnnrqqlyrotw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6409b24dd20ee4076ec3dbefba9edc3376bf13f1\"\u003e\u003ccode\u003e6409b24\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55719\"\u003e#55719\u003c/a\u003e from skipkayhil/hm-fix-label-for-namespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0160f42886e2ebeb7a0680f073b870326f14c12a\"\u003e\u003ccode\u003e0160f42\u003c/code\u003e\u003c/a\u003e Sync CHANGELOGs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activerecord` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6981fd2fbeadc8bc7db6547604cf2df13cb18a40\"\u003e\u003ccode\u003e6981fd2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55969\"\u003e#55969\u003c/a\u003e from rails/fix-explain-tests-mysql-9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/52347e0467445b350f482838da5bb503c155eb72\"\u003e\u003ccode\u003e52347e0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55938\"\u003e#55938\u003c/a\u003e from aidanharan/truthy-condition-mssql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d2826215f9c9c1fe2f1c91e292171a042be1e9c5\"\u003e\u003ccode\u003ed282621\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55925\"\u003e#55925\u003c/a\u003e from flavorjones/flavorjones/shard-swap-prohibition...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/511dbf2665746e54240c07b93b0d0ddc184873f9\"\u003e\u003ccode\u003e511dbf2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55907\"\u003e#55907\u003c/a\u003e from ruyrocha/fix/sqlite3-data-loss\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bf9219d62aed746260e853cebe98503c8c27cdd5\"\u003e\u003ccode\u003ebf9219d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55918\"\u003e#55918\u003c/a\u003e from baarde/with-bound-sql-literals\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/865bc776d039645bd4b7f2c826ab4e0aaadf51b6\"\u003e\u003ccode\u003e865bc77\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55332\"\u003e#55332\u003c/a\u003e from zzak/re-54882\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/dee79c4a74723ce8016b2e96e3d6d5723f673aa6\"\u003e\u003ccode\u003edee79c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55778\"\u003e#55778\u003c/a\u003e from ianterrell/ianterrell/fix-autosave-changed-via...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/82f2c96c394b0cf2c2208a7cbf8ebb4fa591ebd6\"\u003e\u003ccode\u003e82f2c96\u003c/code\u003e\u003c/a\u003e Disable GCS tests in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ddf2c97b27d25aa1e450545d59ff867df31253f\"\u003e\u003ccode\u003e0ddf2c9\u003c/code\u003e\u003c/a\u003e Delete test that now fails with new version of benchmark gem\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3c7a8a8208221c3f01bc841a8f7015ea00e86427\"\u003e\u003ccode\u003e3c7a8a8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55864\"\u003e#55864\u003c/a\u003e from RicardoTrindade/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/00e1dfa973ce121d767c299a02d05b028caf8b5c\"\u003e\u003ccode\u003e00e1dfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uri` from 1.0.3 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/uri/releases\"\u003euri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-allow consecutive, leading and trailing dots in EMAIL_REGEXP by \u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/ruby/uri/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to use the latest version of setup-ruby and bump up to Ruby 3.4 by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/158\"\u003eruby/uri#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the mention to removed \u003ccode\u003eURI.escape/URI::Escape\u003c/code\u003e by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse a fully qualified name in warning messages by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/150\"\u003eruby/uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eRactor#value\u003c/code\u003e by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/163\"\u003eruby/uri#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unnecessary workaround  by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/164\"\u003eruby/uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape reserved characters in scheme name by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/148\"\u003eruby/uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[DOC] State that uri library is needed to call Kernel#URI by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/167\"\u003eruby/uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer dedicated assertion methods by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/169\"\u003eruby/uri#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the message for unexpected argument by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/171\"\u003eruby/uri#171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake URI::regexp schemes case sensitive (\u003ca href=\"https://redirect.github.com/ruby/uri/issues/38\"\u003e#38\u003c/a\u003e) by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/170\"\u003eruby/uri#170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe local part should not contain leading or trailing dots in the EMAIL_REGEXP by \u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMore checks in \u003ccode\u003eEMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/172\"\u003eruby/uri#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not allow empty host names, as they are not allowed by RFC 3986 by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/116\"\u003eruby/uri#116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove performance of \u003ccode\u003eURI::MailTo::EMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/173\"\u003eruby/uri#173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance test stability by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/174\"\u003eruby/uri#174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documents that used \u003ccode\u003eURI::Parser\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/175\"\u003eruby/uri#175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a workflow to sync commits to ruby/ruby by \u003ca href=\"https://github.com/k0kubun\"\u003e\u003ccode\u003e@​k0kubun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/183\"\u003eruby/uri#183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eirb\u003c/code\u003e to the Gemfile to fix the warning by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/182\"\u003eruby/uri#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace reference to the obsolete URI.escape with URI::RFC2396_PARSER.escape by \u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch a parsing behavior completely when switching a parser by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/161\"\u003eruby/uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimprove error message by \u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse generic version number to VERSION by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/187\"\u003eruby/uri#187\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.4...v1.1.0\"\u003ehttps://github.com/ruby/uri/compare/v1.0.4...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.4\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/\"\u003eCVE-2025-61594\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/f1b05c89ab38667e7564896f994d4d6cfbc67149\"\u003e\u003ccode\u003ef1b05c8\u003c/code\u003e\u003c/a\u003e v1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/8557e8d470ad7b969ba11d210e33b9570919661d\"\u003e\u003ccode\u003e8557e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/189\"\u003e#189\u003c/a\u003e from osyoyu/restore-whatwg-email-regexp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c551d7020bba3cf452e696d55c451ae951d0f24b\"\u003e\u003ccode\u003ec551d70\u003c/code\u003e\u003c/a\u003e Re-allow consecutive, leading and trailing dots in EMAIL_REGEXP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c41903b3e4df8ba2ceba16a80d3156a97a81e038\"\u003e\u003ccode\u003ec41903b\u003c/code\u003e\u003c/a\u003e v1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/b433f3499202b2abc27c5211554195243d083f88\"\u003e\u003ccode\u003eb433f34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/187\"\u003e#187\u003c/a\u003e from ruby/switch-version-code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/1fc4f0496a2d44f4af317d8f786a50e9f6918656\"\u003e\u003ccode\u003e1fc4f04\u003c/code\u003e\u003c/a\u003e Use generic version number to VERSION and generate VERSION_CODE from that\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/e8306800d9b58f37f3847e8d598599cb1ef36f3c\"\u003e\u003ccode\u003ee830680\u003c/code\u003e\u003c/a\u003e Exclude dependabot updates from release note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/70d245fa46786b9aa4970c4b815cfe8b1b823bf6\"\u003e\u003ccode\u003e70d245f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/130\"\u003e#130\u003c/a\u003e from soda92/improve-error-message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/d629c8c1541330e4fc50879fbafc0701728e447f\"\u003e\u003ccode\u003ed629c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/161\"\u003e#161\u003c/a\u003e from y-yagi/fix_changing_parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/fec6733919edb140bbdc429ed4b0492776ebc4a2\"\u003e\u003ccode\u003efec6733\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/166\"\u003e#166\u003c/a\u003e from vivshaw/vivshaw/correct-obsolete-parse\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/LelandParker/openproject/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/LelandParker/openproject/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LelandParker%2Fopenproject/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4124492502","node_id":"PR_kwDOGBMFYc7M2RAq","number":3265,"state":"open","title":"Bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:32:21.000Z","updated_at":"2026-03-24T00:32:32.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data/pull/3265","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/communitiesuk%2Fsubmit-social-housing-lettings-and-sales-data/issues/3265","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3265/packages"},{"uuid":"4124479514","node_id":"PR_kwDOBkzfZ87M2OYw","number":746,"state":"open","title":"Bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:27:45.000Z","updated_at":"2026-03-24T00:34:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/curationexperts/cypripedium/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/curationexperts/cypripedium/pull/746","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/curationexperts%2Fcypripedium/issues/746","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/746/packages"},{"uuid":"4124478281","node_id":"PR_kwDOG_HFPM7M2OIv","number":538,"state":"open","title":"chore(deps): bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:27:21.000Z","updated_at":"2026-03-24T00:29:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aspect-build/bazel-examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/aspect-build/bazel-examples/pull/538","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aspect-build%2Fbazel-examples/issues/538","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/538/packages"},{"uuid":"4124473447","node_id":"PR_kwDOP6mwe87M2NJ3","number":25,"state":"open","title":"chore(deps): bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:25:46.000Z","updated_at":"2026-03-24T00:26:49.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Bulletdev/prostaff-api/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Bulletdev/prostaff-api/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bulletdev%2Fprostaff-api/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"},{"uuid":"4124467330","node_id":"PR_kwDOANpmx87M2L4C","number":316,"state":"closed","title":"Bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-24T06:33:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:23:56.000Z","updated_at":"2026-03-24T06:33:32.000Z","time_to_close":22175,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AlchemyCMS/alchemy-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AlchemyCMS/alchemy-demo/pull/316","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AlchemyCMS%2Falchemy-demo/issues/316","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/316/packages"},{"uuid":"4124448364","node_id":"PR_kwDOA1pUms7M2ISR","number":59,"state":"closed","title":"Bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-17T18:19:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:17:35.000Z","updated_at":"2026-05-17T18:19:22.000Z","time_to_close":4730505,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ardell/active_record_rate_limiter/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/ardell/active_record_rate_limiter/pull/59","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ardell%2Factive_record_rate_limiter/issues/59","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/59/packages"},{"uuid":"4124436492","node_id":"PR_kwDODCDZ8s7M2GfI","number":746,"state":"closed","title":"Bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T00:28:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:14:57.000Z","updated_at":"2026-03-31T00:28:08.000Z","time_to_close":605589,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rdunlop/iuf-membership/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/rdunlop/iuf-membership/pull/746","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rdunlop%2Fiuf-membership/issues/746","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/746/packages"},{"uuid":"4124430430","node_id":"PR_kwDOJb09kc7M2Fkg","number":99,"state":"closed","title":"Bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-24T01:38:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:14:00.000Z","updated_at":"2026-03-24T01:38:18.000Z","time_to_close":5057,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/snex/xpg/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/snex/xpg/pull/99","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/snex%2Fxpg/issues/99","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/99/packages"}],"issue_packages":[{"old_version":"8.0.2.1","new_version":"8.0.5","update_type":"patch","path":null,"pr_created_at":"2026-05-18T18:35:05.000Z","version_change":"8.0.2.1 → 8.0.5","issue":{"uuid":"4471611584","node_id":"PR_kwDOPmBpWM7cxqM-","number":11,"state":"closed","title":"Bump the bundler group across 1 directory with 18 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-27T00:18:22.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T18:35:05.000Z","updated_at":"2026-05-27T00:18:24.000Z","time_to_close":711797,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":18,"packages":[{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.9","new_version":"1.19.3","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.198.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"view_component","old_version":"3.23.2","new_version":"4.11.0","repository_url":"https://github.com/viewcomponent/view_component"},{"name":"actionview","old_version":"8.0.2.1","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2.1","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2.1","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"css_parser","old_version":"1.21.1","new_version":"1.22.0","repository_url":"https://github.com/premailer/css_parser"},{"name":"erb","old_version":"5.0.2","new_version":"6.0.4","repository_url":"https://github.com/ruby/erb"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [addressable](https://github.com/sporkmonger/addressable), [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [view_component](https://github.com/viewcomponent/view_component), [actionview](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [css_parser](https://github.com/premailer/css_parser), [erb](https://github.com/ruby/erb), [faraday](https://github.com/lostisland/faraday), [jwt](https://github.com/jwt/ruby-jwt), [net-imap](https://github.com/ruby/net-imap), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml), [uri](https://github.com/ruby/uri) and [yard](https://yardoc.org) to permit the latest version.\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.9 to 1.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e46b89e5d7b9e844c2ee360794240c6ea2a4e6fa0c5892a4ed487db621224b639  nokogiri-1.19.3-aarch64-linux-gnu.gem\r\n8392dfdcd21be7a94dbbe9ccc138dea01b97b24cb2dc02a114ca98bfb1d9a0b7  nokogiri-1.19.3-aarch64-linux-musl.gem\r\n3919d5ffc334ad778a4a9eb88fda7dcb8b1fb58c8a52ac640c6dcd2f038e774f  nokogiri-1.19.3-arm-linux-gnu.gem\r\n9ce1cb6346bb9c67b1550eb537aa183ead91e4b6eadb2f36ade02d8dd2a79fb6  nokogiri-1.19.3-arm-linux-musl.gem\r\n71b9bd424b1b7abc18b05052a1a3cfd3627abdca62be280854cc411791357e42  nokogiri-1.19.3-arm64-darwin.gem\r\n40ea6ebf5cf2005dae1dee26dd557d3afb41fb6de6c9764aca8cf06fdb841db1  nokogiri-1.19.3-java.gem\r\n8bb7132cad356c879a1286eaabcb5e68326cb2490317984280fbc62f456d506a  nokogiri-1.19.3-x64-mingw-ucrt.gem\r\n77f3fba57d46c53ab31e62fc6c28f705109d1bf6264356c76f132b2be5728d4d  nokogiri-1.19.3-x86_64-darwin.gem\r\n2f5078620fe12e83669b5b17311b32532a8153d02eee7ad06948b926d6080976  nokogiri-1.19.3-x86_64-linux-gnu.gem\r\n248c906d2166eca5efb56d52fdee5f9a1f51d69a72e2b64fdac647b4ce39ea3f  nokogiri-1.19.3-x86_64-linux-musl.gem\r\n78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8  nokogiri-1.19.3.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSHA256 Checksums\u003c/h3\u003e\n\u003cpre\u003e\u003ccode\u003ec34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19  nokogiri-1.19.2-aarch64-linux-gnu.gem\r\n7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515  nokogiri-1.19.2-aarch64-linux-musl.gem\r\nb7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081  nokogiri-1.19.2-arm-linux-gnu.gem\r\n61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c  nokogiri-1.19.2-arm-linux-musl.gem\r\n58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205  nokogiri-1.19.2-arm64-darwin.gem\r\ne9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717  nokogiri-1.19.2-java.gem\r\n8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a  nokogiri-1.19.2-x64-mingw-ucrt.gem\r\n7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4  nokogiri-1.19.2-x86_64-darwin.gem\r\nfa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f  nokogiri-1.19.2-x86_64-linux-gnu.gem\r\n93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8  nokogiri-1.19.2-x86_64-linux-musl.gem\r\n38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756  nokogiri-1.19.2.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\"\u003ehttps://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/c139a3da0fe0cae7499a0bafa20f2875877c585b\"\u003e\u003ccode\u003ec139a3d\u003c/code\u003e\u003c/a\u003e version bump to v1.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/7501a63b9f4246d12516e35b91fed8be34f854c0\"\u003e\u003ccode\u003e7501a63\u003c/code\u003e\u003c/a\u003e fix: backtracking in CSS tokenizer rules (v1.19.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3627\"\u003e#3627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/03e7968a730a6544ab56a8d6c3e82dd630ad4339\"\u003e\u003ccode\u003e03e7968\u003c/code\u003e\u003c/a\u003e test: skip CSS tokenizer benchmarks on JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b984b7e47f622d1aa97d54c16d5cd596c3eb9538\"\u003e\u003ccode\u003eb984b7e\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer ident rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/00926231e28d5a20e5b4873efba36099aea0d5c6\"\u003e\u003ccode\u003e0092623\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer STRING rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ee17d33aff3adb30c14e71d3d4c8163465acaccf\"\u003e\u003ccode\u003eee17d33\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform (backport to v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ce188a395192e3757d8701949afb643dc025084c\"\u003e\u003ccode\u003ece188a3\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/caeaac41f874f0944f9397c78bf6c1bfac2cb472\"\u003e\u003ccode\u003ecaeaac4\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/25220bf268c9808e28415563ed7f8ea8d5c332bf\"\u003e\u003ccode\u003e25220bf\u003c/code\u003e\u003c/a\u003e dep(test): test against libxml-ruby v6 (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3618\"\u003e#3618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/0caeb21a5c5e9ff45bbede88fb53655f6753bb0e\"\u003e\u003ccode\u003e0caeb21\u003c/code\u003e\u003c/a\u003e doc: add security warnings for untrusted XSLT stylesheets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.9...v1.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.198.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `view_component` from 3.23.2 to 4.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/viewcomponent/view_component/releases\"\u003eview_component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003erender_in\u003c/code\u003e signature to accept \u003ccode\u003e**_\u003c/code\u003e for compatibility with Rails \u003ca href=\"https://redirect.github.com/rails/rails/pull/50623\"\u003e#50623\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix translation scope resolution in nested lambda-backed slots. Relative \u003ccode\u003et(\u0026quot;.key\u0026quot;)\u003c/code\u003e calls inside lambda-backed slots were resolving against an intermediate component's scope instead of the original partial's scope where the block was defined.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eArtin Boghosian\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNameError: uninitialized constant ViewComponent::SystemTestControllerNefariousPathError\u003c/code\u003e when booting in the test environment with \u003ccode\u003eeager_load = true\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix yielded content rendered at wrong location when using form helpers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eMarkus\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix path traversal vulnerability in \u003ccode\u003eViewComponentsSystemTestController\u003c/code\u003e where sibling directories sharing a string prefix with the allowed temp directory could bypass the path containment check. The \u003ccode\u003estart_with?\u003c/code\u003e check has been replaced with a separator-aware prefix check, and nefarious path errors now return a 404 instead of an unhandled exception.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix preview route vulnerability where inherited methods on \u003ccode\u003eViewComponent::Preview\u003c/code\u003e (such as \u003ccode\u003erender_with_template\u003c/code\u003e) could be invoked via the preview URL, allowing arbitrary internal Rails templates to be rendered with attacker-controlled locals and request parameters. \u003ccode\u003erender_args\u003c/code\u003e now raises \u003ccode\u003eAbstractController::ActionNotFound\u003c/code\u003e for any example not explicitly declared on the preview subclass.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eyard-lint\u003c/code\u003e to CI.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003ecompile.view_component\u003c/code\u003e ActiveSupport::Notifications event for eager compilation at boot time.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eGitHub Copilot\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix stale content cache when slots are accessed before \u003ccode\u003erender_in\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJared Armstrong\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd rubocop-view_component to resources.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAndy Waite\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix bug where inheritance of components with formatless templates improperly raised a NoMethodError.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGitHub Copilot\u003c/em\u003e, \u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eCameron Dutro\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.6.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ViewComponent/view_component/blob/main/docs/CHANGELOG.md\"\u003eview_component's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003erender_in\u003c/code\u003e signature to accept \u003ccode\u003e**_\u003c/code\u003e for compatibility with Rails \u003ca href=\"https://redirect.github.com/rails/rails/pull/50623\"\u003e#50623\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix translation scope resolution in nested lambda-backed slots. Relative \u003ccode\u003et(\u0026quot;.key\u0026quot;)\u003c/code\u003e calls inside lambda-backed slots were resolving against an intermediate component's scope instead of the original partial's scope where the block was defined.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eArtin Boghosian\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNameError: uninitialized constant ViewComponent::SystemTestControllerNefariousPathError\u003c/code\u003e when booting in the test environment with \u003ccode\u003eeager_load = true\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix yielded content rendered at wrong location when using form helpers.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eMarkus\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix path traversal vulnerability in \u003ccode\u003eViewComponentsSystemTestController\u003c/code\u003e where sibling directories sharing a string prefix with the allowed temp directory could bypass the path containment check. The \u003ccode\u003estart_with?\u003c/code\u003e check has been replaced with a separator-aware prefix check, and nefarious path errors now return a 404 instead of an unhandled exception.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix preview route vulnerability where inherited methods on \u003ccode\u003eViewComponent::Preview\u003c/code\u003e (such as \u003ccode\u003erender_with_template\u003c/code\u003e) could be invoked via the preview URL, allowing arbitrary internal Rails templates to be rendered with attacker-controlled locals and request parameters. \u003ccode\u003erender_args\u003c/code\u003e now raises \u003ccode\u003eAbstractController::ActionNotFound\u003c/code\u003e for any example not explicitly declared on the preview subclass.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eyard-lint\u003c/code\u003e to CI.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003ecompile.view_component\u003c/code\u003e ActiveSupport::Notifications event for eager compilation at boot time.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJoel Hawksley\u003c/em\u003e, \u003cem\u003eGitHub Copilot\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix stale content cache when slots are accessed before \u003ccode\u003erender_in\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJared Armstrong\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd rubocop-view_component to resources.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAndy Waite\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/b1f6917f3fe02589873c4ae95f7794e0bcb3b0ef\"\u003e\u003ccode\u003eb1f6917\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/viewcomponent/view_component/issues/2640\"\u003e#2640\u003c/a\u003e from ViewComponent/release-4-11-0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/f54b15a7b4cd9b27d9dd45e6907a9ef57d91b918\"\u003e\u003ccode\u003ef54b15a\u003c/code\u003e\u003c/a\u003e bump allocations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/49b66854d2d24fff1e3e3c4822cade917a1ea837\"\u003e\u003ccode\u003e49b6685\u003c/code\u003e\u003c/a\u003e release 4.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/e94672a5e27e52c793a8d1ddf68f60e2c5fd1afe\"\u003e\u003ccode\u003ee94672a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/viewcomponent/view_component/issues/2636\"\u003e#2636\u003c/a\u003e from ViewComponent/render_in_api\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/9360f6a1483b28fcfe9ae391543f61070e41937a\"\u003e\u003ccode\u003e9360f6a\u003c/code\u003e\u003c/a\u003e Fix appraisal naming consistency: use underscores throughout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/5b6e7320ab1dbba18f9066cc685a319142818ae5\"\u003e\u003ccode\u003e5b6e732\u003c/code\u003e\u003c/a\u003e whitespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/8a8e8c031eaef4bc52ec3eabf2bf7c615004a3a1\"\u003e\u003ccode\u003e8a8e8c0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/viewcomponent/view_component/issues/2634\"\u003e#2634\u003c/a\u003e from ViewComponent/dependabot/bundler/selenium-webdr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/346937739f4288a6defff13572bb58369d2fe874\"\u003e\u003ccode\u003e3469377\u003c/code\u003e\u003c/a\u003e Rename rails_main-head gemfile to use underscore for appraisal compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/da30a8f7d762e4ec1f4d316de782d5e2f1900c58\"\u003e\u003ccode\u003eda30a8f\u003c/code\u003e\u003c/a\u003e Fix Rails main compatibility issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ViewComponent/view_component/commit/635645d172cd395f9ca574d0d3edf7c456f43495\"\u003e\u003ccode\u003e635645d\u003c/code\u003e\u003c/a\u003e fix\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/viewcomponent/view_component/compare/v3.23.2...v4.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2.1 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.5\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMake \u003ccode\u003edelegate\u003c/code\u003e and \u003ccode\u003edelegate_missing_to\u003c/code\u003e work in BasicObject subclasses.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveSupport::Inflector.humanize\u003c/code\u003e with international characters.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.humanize(\u0026quot;áÉÍÓÚ\u0026quot;)  # =\u0026gt; \u0026quot;Áéíóú\u0026quot;\r\nActiveSupport::Inflector.humanize(\u0026quot;аБВГДЕ\u0026quot;) # =\u0026gt; \u0026quot;Абвгде\u0026quot;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJose Luis Duran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003einsert_all\u003c/code\u003e and \u003ccode\u003eupsert_all\u003c/code\u003e log message when called on anonymous classes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGabriel Sobrinho\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eActiveRecord::SchemaDumper.ignore_tables\u003c/code\u003e when dumping SQLite virtual tables.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHans Schnedlitz\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestore previous instrumenter after \u003ccode\u003eexecute_or_skip\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/eb126bb140127d3589ad9be093a845e24fc4f475\"\u003e\u003ccode\u003eeb126bb\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.5 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f7fe4a5297dac5e1184747ce53e0305c56f487c3\"\u003e\u003ccode\u003ef7fe4a5\u003c/code\u003e\u003c/a\u003e Merge branch '8-0-sec' into 8-0-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/853e56de62dcdec036228e56414b49049da5b83a\"\u003e\u003ccode\u003e853e56d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f64c3d09ace91c011e0628c9d8cf6ea9874ffe9f\"\u003e\u003ccode\u003ef64c3d0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0a8792a661211963068f76bdc5f158b873979927\"\u003e\u003ccode\u003e0a8792a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56389\"\u003e#56389\u003c/a\u003e from bogdan/semantic-file-input-accept\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ea29cee26f240ad46051be4ddf47d0351fce1a18\"\u003e\u003ccode\u003eea29cee\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56316\"\u003e#56316\u003c/a\u003e from shivabhusal/support-closing_parenthesis-in-nex...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/950d80c33c462f16897344f0293039b12fbb54ab\"\u003e\u003ccode\u003e950d80c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56270\"\u003e#56270\u003c/a\u003e from Saidbek/fix-multiline-strict-locals-parsing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2.1 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.5\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMake \u003ccode\u003edelegate\u003c/code\u003e and \u003ccode\u003edelegate_missing_to\u003c/code\u003e work in BasicObject subclasses.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveSupport::Inflector.humanize\u003c/code\u003e with international characters.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.humanize(\u0026quot;áÉÍÓÚ\u0026quot;)  # =\u0026gt; \u0026quot;Áéíóú\u0026quot;\r\nActiveSupport::Inflector.humanize(\u0026quot;аБВГДЕ\u0026quot;) # =\u0026gt; \u0026quot;Абвгде\u0026quot;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJose Luis Duran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003einsert_all\u003c/code\u003e and \u003ccode\u003eupsert_all\u003c/code\u003e log message when called on anonymous classes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGabriel Sobrinho\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eActiveRecord::SchemaDumper.ignore_tables\u003c/code\u003e when dumping SQLite virtual tables.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHans Schnedlitz\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestore previous instrumenter after \u003ccode\u003eexecute_or_skip\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/eb126bb140127d3589ad9be093a845e24fc4f475\"\u003e\u003ccode\u003eeb126bb\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.5 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f7fe4a5297dac5e1184747ce53e0305c56f487c3\"\u003e\u003ccode\u003ef7fe4a5\u003c/code\u003e\u003c/a\u003e Merge branch '8-0-sec' into 8-0-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3dc1be9084c93d5b5990476bd153c18ae0ba3f4f\"\u003e\u003ccode\u003e3dc1be9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56783\"\u003e#56783\u003c/a\u003e from kudoas/fix-activestorage-blob-content-type-nil\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2.1 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.5\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMake \u003ccode\u003edelegate\u003c/code\u003e and \u003ccode\u003edelegate_missing_to\u003c/code\u003e work in BasicObject subclasses.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eRafael Mendonça França\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveSupport::Inflector.humanize\u003c/code\u003e with international characters.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.humanize(\u0026quot;áÉÍÓÚ\u0026quot;)  # =\u0026gt; \u0026quot;Áéíóú\u0026quot;\r\nActiveSupport::Inflector.humanize(\u0026quot;аБВГДЕ\u0026quot;) # =\u0026gt; \u0026quot;Абвгде\u0026quot;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eJose Luis Duran\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003einsert_all\u003c/code\u003e and \u003ccode\u003eupsert_all\u003c/code\u003e log message when called on anonymous classes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGabriel Sobrinho\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRespect \u003ccode\u003eActiveRecord::SchemaDumper.ignore_tables\u003c/code\u003e when dumping SQLite virtual tables.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHans Schnedlitz\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestore previous instrumenter after \u003ccode\u003eexecute_or_skip\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/eb126bb140127d3589ad9be093a845e24fc4f475\"\u003e\u003ccode\u003eeb126bb\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.5 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f7fe4a5297dac5e1184747ce53e0305c56f487c3\"\u003e\u003ccode\u003ef7fe4a5\u003c/code\u003e\u003c/a\u003e Merge branch '8-0-sec' into 8-0-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b0daad4cf655374fff8d7d7c959a0230079c335\"\u003e\u003ccode\u003e0b0daad\u003c/code\u003e\u003c/a\u003e [DOC] Update CHANGELOG with key overwrite precedence note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/40acbf77827bd8196b25d8fc31abc9d129088d03\"\u003e\u003ccode\u003e40acbf7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56679\"\u003e#56679\u003c/a\u003e from Saidbek/fix-overlapping-acronyms-order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `css_parser` from 1.21.1 to 1.22.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/premailer/css_parser/blob/master/CHANGELOG.md\"\u003ecss_parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRuby CSS Parser CHANGELOG\u003c/h2\u003e\n\u003ch3\u003eUnreleased\u003c/h3\u003e\n\u003ch3\u003eVersion 2.2.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAccept CSS \u003ccode\u003e\u0026lt;number\u0026gt;\u003c/code\u003e values with an omitted integer part (e.g. \u003ccode\u003e.1\u003c/code\u003e) inside \u003ccode\u003ergb()\u003c/code\u003e/\u003ccode\u003ergba()\u003c/code\u003e/\u003ccode\u003ehsl()\u003c/code\u003e/\u003ccode\u003ehsla()\u003c/code\u003e. Previously \u003ccode\u003eRE_COLOUR_NUMERIC\u003c/code\u003e and \u003ccode\u003eRE_COLOUR_NUMERIC_ALPHA\u003c/code\u003e required at least one digit before the decimal point, which caused colours such as \u003ccode\u003ergba(0,0,0,.1)\u003c/code\u003e to be silently dropped during shorthand expansion (\u003ccode\u003ebackground-color\u003c/code\u003e from \u003ccode\u003ebackground:\u003c/code\u003e, \u003ccode\u003eborder-*-color\u003c/code\u003e from \u003ccode\u003eborder:\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.1.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate ssl when pulling files via https\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ruby \u0026lt;3.2, fix a memory leak\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/040895b7e554f4afbbf1a0dbd239eb2b85de7c32\"\u003e\u003ccode\u003e040895b\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/5069b71b4258dc9423db0019848654e8a1ea5c9b\"\u003e\u003ccode\u003e5069b71\u003c/code\u003e\u003c/a\u003e bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/e0c95d5abe91b237becb90ff316531a6547ada18\"\u003e\u003ccode\u003ee0c95d5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/premailer/css_parser/issues/186\"\u003e#186\u003c/a\u003e from premailer/grosser/https\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/premailer/css_parser/compare/v1.21.1...v1.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erb` from 5.0.2 to 6.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease not...\n\n_Description has been truncated_","html_url":"https://github.com/EthanThePhoenix38/openproject/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EthanThePhoenix38%2Fopenproject/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"8.0.2.1","new_version":"8.0.4.1","update_type":"patch","path":null,"pr_created_at":"2026-05-08T18:07:18.000Z","version_change":"8.0.2.1 → 8.0.4.1","issue":{"uuid":"4408412988","node_id":"PR_kwDOPmBpWM7ZouAY","number":8,"state":"closed","title":"Bump the bundler group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T00:00:00.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T18:07:18.000Z","updated_at":"2026-05-09T00:00:02.000Z","time_to_close":21162,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":16,"packages":[{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.9","new_version":"1.19.3","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.198.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"actionview","old_version":"8.0.2.1","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2.1","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2.1","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"css_parser","old_version":"1.21.1","new_version":"1.22.0","repository_url":"https://github.com/premailer/css_parser"},{"name":"erb","old_version":"5.0.2","new_version":"6.0.1.1","repository_url":"https://github.com/ruby/erb"},{"name":"faraday","old_version":"2.13.4","new_version":"2.14.1","repository_url":"https://github.com/lostisland/faraday"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [addressable](https://github.com/sporkmonger/addressable), [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [actionview](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [css_parser](https://github.com/premailer/css_parser), [erb](https://github.com/ruby/erb), [faraday](https://github.com/lostisland/faraday), [net-imap](https://github.com/ruby/net-imap), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml), [uri](https://github.com/ruby/uri) and [yard](https://yardoc.org) to permit the latest version.\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.9 to 1.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e46b89e5d7b9e844c2ee360794240c6ea2a4e6fa0c5892a4ed487db621224b639  nokogiri-1.19.3-aarch64-linux-gnu.gem\r\n8392dfdcd21be7a94dbbe9ccc138dea01b97b24cb2dc02a114ca98bfb1d9a0b7  nokogiri-1.19.3-aarch64-linux-musl.gem\r\n3919d5ffc334ad778a4a9eb88fda7dcb8b1fb58c8a52ac640c6dcd2f038e774f  nokogiri-1.19.3-arm-linux-gnu.gem\r\n9ce1cb6346bb9c67b1550eb537aa183ead91e4b6eadb2f36ade02d8dd2a79fb6  nokogiri-1.19.3-arm-linux-musl.gem\r\n71b9bd424b1b7abc18b05052a1a3cfd3627abdca62be280854cc411791357e42  nokogiri-1.19.3-arm64-darwin.gem\r\n40ea6ebf5cf2005dae1dee26dd557d3afb41fb6de6c9764aca8cf06fdb841db1  nokogiri-1.19.3-java.gem\r\n8bb7132cad356c879a1286eaabcb5e68326cb2490317984280fbc62f456d506a  nokogiri-1.19.3-x64-mingw-ucrt.gem\r\n77f3fba57d46c53ab31e62fc6c28f705109d1bf6264356c76f132b2be5728d4d  nokogiri-1.19.3-x86_64-darwin.gem\r\n2f5078620fe12e83669b5b17311b32532a8153d02eee7ad06948b926d6080976  nokogiri-1.19.3-x86_64-linux-gnu.gem\r\n248c906d2166eca5efb56d52fdee5f9a1f51d69a72e2b64fdac647b4ce39ea3f  nokogiri-1.19.3-x86_64-linux-musl.gem\r\n78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8  nokogiri-1.19.3.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSHA256 Checksums\u003c/h3\u003e\n\u003cpre\u003e\u003ccode\u003ec34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19  nokogiri-1.19.2-aarch64-linux-gnu.gem\r\n7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515  nokogiri-1.19.2-aarch64-linux-musl.gem\r\nb7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081  nokogiri-1.19.2-arm-linux-gnu.gem\r\n61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c  nokogiri-1.19.2-arm-linux-musl.gem\r\n58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205  nokogiri-1.19.2-arm64-darwin.gem\r\ne9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717  nokogiri-1.19.2-java.gem\r\n8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a  nokogiri-1.19.2-x64-mingw-ucrt.gem\r\n7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4  nokogiri-1.19.2-x86_64-darwin.gem\r\nfa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f  nokogiri-1.19.2-x86_64-linux-gnu.gem\r\n93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8  nokogiri-1.19.2-x86_64-linux-musl.gem\r\n38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756  nokogiri-1.19.2.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\"\u003ehttps://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/c139a3da0fe0cae7499a0bafa20f2875877c585b\"\u003e\u003ccode\u003ec139a3d\u003c/code\u003e\u003c/a\u003e version bump to v1.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/7501a63b9f4246d12516e35b91fed8be34f854c0\"\u003e\u003ccode\u003e7501a63\u003c/code\u003e\u003c/a\u003e fix: backtracking in CSS tokenizer rules (v1.19.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3627\"\u003e#3627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/03e7968a730a6544ab56a8d6c3e82dd630ad4339\"\u003e\u003ccode\u003e03e7968\u003c/code\u003e\u003c/a\u003e test: skip CSS tokenizer benchmarks on JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b984b7e47f622d1aa97d54c16d5cd596c3eb9538\"\u003e\u003ccode\u003eb984b7e\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer ident rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/00926231e28d5a20e5b4873efba36099aea0d5c6\"\u003e\u003ccode\u003e0092623\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer STRING rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ee17d33aff3adb30c14e71d3d4c8163465acaccf\"\u003e\u003ccode\u003eee17d33\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform (backport to v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ce188a395192e3757d8701949afb643dc025084c\"\u003e\u003ccode\u003ece188a3\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/caeaac41f874f0944f9397c78bf6c1bfac2cb472\"\u003e\u003ccode\u003ecaeaac4\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/25220bf268c9808e28415563ed7f8ea8d5c332bf\"\u003e\u003ccode\u003e25220bf\u003c/code\u003e\u003c/a\u003e dep(test): test against libxml-ruby v6 (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3618\"\u003e#3618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/0caeb21a5c5e9ff45bbede88fb53655f6753bb0e\"\u003e\u003ccode\u003e0caeb21\u003c/code\u003e\u003c/a\u003e doc: add security warnings for untrusted XSLT stylesheets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.9...v1.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.198.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2.1 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9ab450a023290ff50ed37c8561880a78dabbf19a\"\u003e\u003ccode\u003e9ab450a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55490\"\u003e#55490\u003c/a\u003e from Earlopain/bump-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/95bee6a4c8132b4caf53e073f7b01ce5cdeed4a6\"\u003e\u003ccode\u003e95bee6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55738\"\u003e#55738\u003c/a\u003e from skipkayhil/hm-nkxzsnnrqqlyrotw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6409b24dd20ee4076ec3dbefba9edc3376bf13f1\"\u003e\u003ccode\u003e6409b24\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55719\"\u003e#55719\u003c/a\u003e from skipkayhil/hm-fix-label-for-namespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0160f42886e2ebeb7a0680f073b870326f14c12a\"\u003e\u003ccode\u003e0160f42\u003c/code\u003e\u003c/a\u003e Sync CHANGELOGs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2.1 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/82f2c96c394b0cf2c2208a7cbf8ebb4fa591ebd6\"\u003e\u003ccode\u003e82f2c96\u003c/code\u003e\u003c/a\u003e Disable GCS tests in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2.1 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ddf2c97b27d25aa1e450545d59ff867df31253f\"\u003e\u003ccode\u003e0ddf2c9\u003c/code\u003e\u003c/a\u003e Delete test that now fails with new version of benchmark gem\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3c7a8a8208221c3f01bc841a8f7015ea00e86427\"\u003e\u003ccode\u003e3c7a8a8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55864\"\u003e#55864\u003c/a\u003e from RicardoTrindade/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/00e1dfa973ce121d767c299a02d05b028caf8b5c\"\u003e\u003ccode\u003e00e1dfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2.1...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `css_parser` from 1.21.1 to 1.22.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/premailer/css_parser/blob/master/CHANGELOG.md\"\u003ecss_parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRuby CSS Parser CHANGELOG\u003c/h2\u003e\n\u003ch3\u003eUnreleased\u003c/h3\u003e\n\u003ch3\u003eVersion 2.2.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAccept CSS \u003ccode\u003e\u0026lt;number\u0026gt;\u003c/code\u003e values with an omitted integer part (e.g. \u003ccode\u003e.1\u003c/code\u003e) inside \u003ccode\u003ergb()\u003c/code\u003e/\u003ccode\u003ergba()\u003c/code\u003e/\u003ccode\u003ehsl()\u003c/code\u003e/\u003ccode\u003ehsla()\u003c/code\u003e. Previously \u003ccode\u003eRE_COLOUR_NUMERIC\u003c/code\u003e and \u003ccode\u003eRE_COLOUR_NUMERIC_ALPHA\u003c/code\u003e required at least one digit before the decimal point, which caused colours such as \u003ccode\u003ergba(0,0,0,.1)\u003c/code\u003e to be silently dropped during shorthand expansion (\u003ccode\u003ebackground-color\u003c/code\u003e from \u003ccode\u003ebackground:\u003c/code\u003e, \u003ccode\u003eborder-*-color\u003c/code\u003e from \u003ccode\u003eborder:\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.1.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate ssl when pulling files via https\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ruby \u0026lt;3.2, fix a memory leak\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/040895b7e554f4afbbf1a0dbd239eb2b85de7c32\"\u003e\u003ccode\u003e040895b\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/5069b71b4258dc9423db0019848654e8a1ea5c9b\"\u003e\u003ccode\u003e5069b71\u003c/code\u003e\u003c/a\u003e bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/e0c95d5abe91b237becb90ff316531a6547ada18\"\u003e\u003ccode\u003ee0c95d5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/premailer/css_parser/issues/186\"\u003e#186\u003c/a\u003e from premailer/grosser/https\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/premailer/css_parser/compare/v1.21.1...v1.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `erb` from 5.0.2 to 6.0.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/erb/releases\"\u003eerb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v6.0.1...v6.0.1.1\"\u003ehttps://github.com/ruby/erb/compare/v6.0.1...v6.0.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix typo in changelog by \u003ca href=\"https://github.com/hunchr\"\u003e\u003ccode\u003e@​hunchr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/96\"\u003eruby/erb#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/97\"\u003eruby/erb#97\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump step-security/harden-runner from 2.13.1 to 2.13.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/98\"\u003eruby/erb#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed by \u003ccode\u003emisspell -w -error -source=text\u003c/code\u003e by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/99\"\u003eruby/erb#99\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFreeze ERB::Compiler::TrimScanner::ERB_STAG by \u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/100\"\u003eruby/erb#100\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hunchr\"\u003e\u003ccode\u003e@​hunchr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/96\"\u003eruby/erb#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/100\"\u003eruby/erb#100\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/ruby/erb/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the latest versions of actions: push-gem.yml by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/90\"\u003eruby/erb#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in documentation by \u003ca href=\"https://github.com/suy\"\u003e\u003ccode\u003e@​suy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/91\"\u003eruby/erb#91\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag shown in example of ERB expression tag and execution tag by \u003ca href=\"https://github.com/sampart\"\u003e\u003ccode\u003e@​sampart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/92\"\u003eruby/erb#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[DOC] Suppress documentation for internals by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/93\"\u003eruby/erb#93\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace Ruby 3.5 with Ruby 4.0 by \u003ca href=\"https://github.com/yahonda\"\u003e\u003ccode\u003e@​yahonda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/94\"\u003eruby/erb#94\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReapply \u0026quot;Remove safe_level and further positional arguments (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/7\"\u003e#7\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/k0kubun\"\u003e\u003ccode\u003e@​k0kubun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/95\"\u003eruby/erb#95\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suy\"\u003e\u003ccode\u003e@​suy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/91\"\u003eruby/erb#91\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sampart\"\u003e\u003ccode\u003e@​sampart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/92\"\u003eruby/erb#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yahonda\"\u003e\u003ccode\u003e@​yahonda\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/94\"\u003eruby/erb#94\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v5.1.3...v6.0.0\"\u003ehttps://github.com/ruby/erb/compare/v5.1.3...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v5.1.2...v5.1.3\"\u003ehttps://github.com/ruby/erb/compare/v5.1.2...v5.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor html_escape by \u003ca href=\"https://github.com/noteflakes\"\u003e\u003ccode\u003e@​noteflakes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/88\"\u003eruby/erb#88\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echangelog_uri\u003c/code\u003e to spec metadata by \u003ca href=\"https://github.com/jgarber623\"\u003e\u003ccode\u003e@​jgarber623\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/89\"\u003eruby/erb#89\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jgarber623\"\u003e\u003ccode\u003e@​jgarber623\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/erb/pull/89\"\u003eruby/erb#89\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/erb/compare/v5.1.1...v5.1.2\"\u003ehttps://github.com/ruby/erb/compare/v5.1.1...v5.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/erb/blob/master/NEWS.md\"\u003eerb's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProhibit \u003ccode\u003edef_method\u003c/code\u003e on marshal-loaded ERB instances\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFreeze \u003ccode\u003eERB::Compiler::TrimScanner::ERB_STAG\u003c/code\u003e for Ractor compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003esafe_level\u003c/code\u003e and further positional arguments from \u003ccode\u003eERB.new\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated constant \u003ccode\u003eERB::Revision\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v5.1.2 with trusted publishing for JRuby\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003echangelog_uri\u003c/code\u003e to spec metadata \u003ca href=\"https://redirect.github.com/ruby/erb/pull/89\"\u003eruby/erb#89\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix integer overflow that is introduced at v5.1.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ehtml_escape: Avoid buffer allocation for strings with no escapable character \u003ca href=\"https://redirect.github.com/ruby/erb/pull/87\"\u003eruby/erb#87\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate help of erb(1) \u003ca href=\"https://redirect.github.com/ruby/erb/pull/85\"\u003e#85\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/93450765b5319cfb552a3d9719df137e8fbb75e9\"\u003e\u003ccode\u003e9345076\u003c/code\u003e\u003c/a\u003e Version 6.0.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/dd34ce41031327269a5fb83b0bc2c0d852895e9f\"\u003e\u003ccode\u003edd34ce4\u003c/code\u003e\u003c/a\u003e Prohibit def_method on marshal-loaded ERB instances\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/bbde68fcd562f376b24e17ea7fbfcb0ab6f47261\"\u003e\u003ccode\u003ebbde68f\u003c/code\u003e\u003c/a\u003e Version 6.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/43f087659566d04d283cd05d28ba21ed8c24b1e6\"\u003e\u003ccode\u003e43f0876\u003c/code\u003e\u003c/a\u003e Freeze ERB::Compiler::TrimScanner::ERB_STAG (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/2aa3a6800e51182b1967151919e956d7dcff972d\"\u003e\u003ccode\u003e2aa3a68\u003c/code\u003e\u003c/a\u003e Fixed by \u003ccode\u003emisspell -w -error -source=text\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/99\"\u003e#99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/f91b2600a43af8a89c273bd8922289d873d9e259\"\u003e\u003ccode\u003ef91b260\u003c/code\u003e\u003c/a\u003e Bump step-security/harden-runner from 2.13.1 to 2.13.2 (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/543500f238220fdcf414d4a52afc80703bcadf2a\"\u003e\u003ccode\u003e543500f\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/97\"\u003e#97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/b23452a4796ea2cec9d1f92a93e39b50d5efe9bc\"\u003e\u003ccode\u003eb23452a\u003c/code\u003e\u003c/a\u003e Fix typo in changelog (\u003ca href=\"https://redirect.github.com/ruby/erb/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/bbaaf1f51bd1b327f6b74931d41d9a24fe769901\"\u003e\u003ccode\u003ebbaaf1f\u003c/code\u003e\u003c/a\u003e Version 6.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/erb/commit/1f83b2578fd58b98a9abb8540f99cf2843d84dd5\"\u003e\u003ccode\u003e1f83b25\u003c/code\u003e\u003c/a\u003e Drop a deprecated constant ERB::Revision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/erb/compare/v5.0.2...v6.0.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 2.13.4 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.14.1\u003c/h2\u003e\n\u003ch2\u003eSecurity Note\u003c/h2\u003e\n\u003cp\u003eThis release contains a security fix, we recommend all users to upgrade as soon as possible.\nA Security Advisory with more details will be posted shortly.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd RFC document for Options architecture refactoring plan by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1644\"\u003elostisland/faraday#1644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1655\"\u003elostisland/faraday#1655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExplicit top-level namespace reference by \u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1657\"\u003elostisland/faraday#1657\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\"\u003ehttps://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew features ✨\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse newer \u003ccode\u003eUnprocessableContent\u003c/code\u003e naming for 422 by \u003ca href=\"https://github.com/tylerhunt\"\u003e\u003ccode\u003e@​tylerhunt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1638\"\u003elostisland/faraday#1638\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes 🐞\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eConvert strings to UTF-8 by \u003ca h...\n\n_Description has been truncated_","html_url":"https://github.com/EthanThePhoenix38/openproject/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EthanThePhoenix38%2Fopenproject/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}},{"old_version":"8.0.2","new_version":"8.0.4.1","update_type":"patch","path":null,"pr_created_at":"2026-05-08T14:13:08.000Z","version_change":"8.0.2 → 8.0.4.1","issue":{"uuid":"4407025879","node_id":"PR_kwDOOTp4f87ZkHDn","number":11,"state":"closed","title":"Bump the bundler group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-08T23:56:46.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T14:13:08.000Z","updated_at":"2026-05-08T23:56:48.000Z","time_to_close":35018,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":17,"packages":[{"name":"addressable","old_version":"2.8.7","new_version":"2.9.0","repository_url":"https://github.com/sporkmonger/addressable"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.7","new_version":"1.19.3","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.183.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"actionview","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activerecord","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"css_parser","old_version":"1.21.1","new_version":"1.22.0","repository_url":"https://github.com/premailer/css_parser"},{"name":"faraday","old_version":"2.12.2","new_version":"2.14.1","repository_url":"https://github.com/lostisland/faraday"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [addressable](https://github.com/sporkmonger/addressable), [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [actionview](https://github.com/rails/rails), [activerecord](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [css_parser](https://github.com/premailer/css_parser), [faraday](https://github.com/lostisland/faraday), [net-imap](https://github.com/ruby/net-imap), [rack](https://github.com/rack/rack), [rexml](https://github.com/ruby/rexml), [ruby-saml](https://github.com/saml-toolkits/ruby-saml), [uri](https://github.com/ruby/uri) and [yard](https://yardoc.org) to permit the latest version.\nUpdates `addressable` from 2.8.7 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md\"\u003eaddressable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAddressable 2.9.0 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete\nremediation in 2.8.10)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.10 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efixes ReDoS vulnerability in Addressable::Template#match\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAddressable 2.8.9 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNo need for bundler as development dependency (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e, \u003ca href=\"https://github.com/sporkmonger/addressable/commit/5fc1d93\"\u003e5fc1d93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eidna/pure: stop building the useless \u003ccode\u003eCOMPOSITION_TABLE\u003c/code\u003e (removes the \u003ccode\u003eAddressable::IDNA::COMPOSITION_TABLE\u003c/code\u003e constant) (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/569\"\u003esporkmonger/addressable#569\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/571\"\u003e#571\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/571\"\u003esporkmonger/addressable#571\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/564\"\u003e#564\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/564\"\u003esporkmonger/addressable#564\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAddressable 2.8.8 \u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReplace the \u003ccode\u003eunicode.data\u003c/code\u003e blob by a ruby constant (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003epublic_suffix\u003c/code\u003e 7 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/561\"\u003e#561\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/561\"\u003esporkmonger/addressable#561\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/558\"\u003e#558\u003c/a\u003e: \u003ca href=\"https://redirect.github.com/sporkmonger/addressable/pull/558\"\u003esporkmonger/addressable#558\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0c3e8589b23d4402903a9b4e1fdeba4e43c52ca4\"\u003e\u003ccode\u003e0c3e858\u003c/code\u003e\u003c/a\u003e Revving version and changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/91915c1f7aafa3e2c9f42e2f4e21d948c7a861b8\"\u003e\u003ccode\u003e91915c1\u003c/code\u003e\u003c/a\u003e Fixing additional vulnerable paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/a091e39ff02fc321b21dea3a0df585bef2ba3744\"\u003e\u003ccode\u003ea091e39\u003c/code\u003e\u003c/a\u003e Add many more adversarial test cases to ensure we don't have any ReDoS regres...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/463a819665a3b85ce5ce894c90bd7bfa3b9d2e15\"\u003e\u003ccode\u003e463a819\u003c/code\u003e\u003c/a\u003e Regenerate gemspec on newer rubygems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0afcb0b9672bee301e5e96ed850fec05b2fcabb0\"\u003e\u003ccode\u003e0afcb0b\u003c/code\u003e\u003c/a\u003e Improve from O(n^2) to O(n)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/c87f768f22ab00376ed2f8cb106f59c9d0652d3a\"\u003e\u003ccode\u003ec87f768\u003c/code\u003e\u003c/a\u003e Fix a ReDoS vulnerability in URI template matching\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/0d7e9b259fb0940d1a85064b04f678a7984409a5\"\u003e\u003ccode\u003e0d7e9b2\u003c/code\u003e\u003c/a\u003e Fix links for 2.8.9 in CHANGELOG (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/e2091200b31553f19248eb871f071852409796f8\"\u003e\u003ccode\u003ee209120\u003c/code\u003e\u003c/a\u003e Update version, gemspec, and CHANGELOG for 2.8.9 (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/572\"\u003e#572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/387587492b6536748ed12a11c3fdb44a48885f28\"\u003e\u003ccode\u003e3875874\u003c/code\u003e\u003c/a\u003e Reduce gem size by excluding test files (\u003ca href=\"https://redirect.github.com/sporkmonger/addressable/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sporkmonger/addressable/commit/3e57cc6018f94231aabb47fd341acd1b40f1e71a\"\u003e\u003ccode\u003e3e57cc6\u003c/code\u003e\u003c/a\u003e CI: back to \u003ccode\u003ewindows-2022\u003c/code\u003e for MRI job\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.7 to 1.19.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e46b89e5d7b9e844c2ee360794240c6ea2a4e6fa0c5892a4ed487db621224b639  nokogiri-1.19.3-aarch64-linux-gnu.gem\r\n8392dfdcd21be7a94dbbe9ccc138dea01b97b24cb2dc02a114ca98bfb1d9a0b7  nokogiri-1.19.3-aarch64-linux-musl.gem\r\n3919d5ffc334ad778a4a9eb88fda7dcb8b1fb58c8a52ac640c6dcd2f038e774f  nokogiri-1.19.3-arm-linux-gnu.gem\r\n9ce1cb6346bb9c67b1550eb537aa183ead91e4b6eadb2f36ade02d8dd2a79fb6  nokogiri-1.19.3-arm-linux-musl.gem\r\n71b9bd424b1b7abc18b05052a1a3cfd3627abdca62be280854cc411791357e42  nokogiri-1.19.3-arm64-darwin.gem\r\n40ea6ebf5cf2005dae1dee26dd557d3afb41fb6de6c9764aca8cf06fdb841db1  nokogiri-1.19.3-java.gem\r\n8bb7132cad356c879a1286eaabcb5e68326cb2490317984280fbc62f456d506a  nokogiri-1.19.3-x64-mingw-ucrt.gem\r\n77f3fba57d46c53ab31e62fc6c28f705109d1bf6264356c76f132b2be5728d4d  nokogiri-1.19.3-x86_64-darwin.gem\r\n2f5078620fe12e83669b5b17311b32532a8153d02eee7ad06948b926d6080976  nokogiri-1.19.3-x86_64-linux-gnu.gem\r\n248c906d2166eca5efb56d52fdee5f9a1f51d69a72e2b64fdac647b4ce39ea3f  nokogiri-1.19.3-x86_64-linux-musl.gem\r\n78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8  nokogiri-1.19.3.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSHA256 Checksums\u003c/h3\u003e\n\u003cpre\u003e\u003ccode\u003ec34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19  nokogiri-1.19.2-aarch64-linux-gnu.gem\r\n7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515  nokogiri-1.19.2-aarch64-linux-musl.gem\r\nb7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081  nokogiri-1.19.2-arm-linux-gnu.gem\r\n61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c  nokogiri-1.19.2-arm-linux-musl.gem\r\n58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205  nokogiri-1.19.2-arm64-darwin.gem\r\ne9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717  nokogiri-1.19.2-java.gem\r\n8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a  nokogiri-1.19.2-x64-mingw-ucrt.gem\r\n7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4  nokogiri-1.19.2-x86_64-darwin.gem\r\nfa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f  nokogiri-1.19.2-x86_64-linux-gnu.gem\r\n93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8  nokogiri-1.19.2-x86_64-linux-musl.gem\r\n38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756  nokogiri-1.19.2.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\"\u003ehttps://github.com/sparklemotion/nokogiri/compare/v1.19.1...v1.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.3 / 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixed / Security\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress exponential regex backtracking in CSS selector tokenizer. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-c4rq-3m3g-8wgx\"\u003eGHSA-c4rq-3m3g-8wgx\u003c/a\u003e for more information.\u003c/li\u003e\n\u003cli\u003e[CRuby] Address memory leak in \u003ccode\u003eXSLT::Stylesheet#transform\u003c/code\u003e. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v2fc-qm4h-8hqv\"\u003eGHSA-v2fc-qm4h-8hqv\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.2 / 2026-03-19\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3611\"\u003e#3611\u003c/a\u003e \u003ca href=\"https://github.com/flavorjones\"\u003e\u003ccode\u003e@​flavorjones\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/c139a3da0fe0cae7499a0bafa20f2875877c585b\"\u003e\u003ccode\u003ec139a3d\u003c/code\u003e\u003c/a\u003e version bump to v1.19.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/7501a63b9f4246d12516e35b91fed8be34f854c0\"\u003e\u003ccode\u003e7501a63\u003c/code\u003e\u003c/a\u003e fix: backtracking in CSS tokenizer rules (v1.19.x backport) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3627\"\u003e#3627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/03e7968a730a6544ab56a8d6c3e82dd630ad4339\"\u003e\u003ccode\u003e03e7968\u003c/code\u003e\u003c/a\u003e test: skip CSS tokenizer benchmarks on JRuby\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b984b7e47f622d1aa97d54c16d5cd596c3eb9538\"\u003e\u003ccode\u003eb984b7e\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer ident rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/00926231e28d5a20e5b4873efba36099aea0d5c6\"\u003e\u003ccode\u003e0092623\u003c/code\u003e\u003c/a\u003e fix: ReDoS in CSS tokenizer STRING rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ee17d33aff3adb30c14e71d3d4c8163465acaccf\"\u003e\u003ccode\u003eee17d33\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform (backport to v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/ce188a395192e3757d8701949afb643dc025084c\"\u003e\u003ccode\u003ece188a3\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/caeaac41f874f0944f9397c78bf6c1bfac2cb472\"\u003e\u003ccode\u003ecaeaac4\u003c/code\u003e\u003c/a\u003e fix: memory leak in XSLT transform\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/25220bf268c9808e28415563ed7f8ea8d5c332bf\"\u003e\u003ccode\u003e25220bf\u003c/code\u003e\u003c/a\u003e dep(test): test against libxml-ruby v6 (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3618\"\u003e#3618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/0caeb21a5c5e9ff45bbede88fb53655f6753bb0e\"\u003e\u003ccode\u003e0caeb21\u003c/code\u003e\u003c/a\u003e doc: add security warnings for untrusted XSLT stylesheets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.7...v1.19.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.183.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9ab450a023290ff50ed37c8561880a78dabbf19a\"\u003e\u003ccode\u003e9ab450a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55490\"\u003e#55490\u003c/a\u003e from Earlopain/bump-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/95bee6a4c8132b4caf53e073f7b01ce5cdeed4a6\"\u003e\u003ccode\u003e95bee6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55738\"\u003e#55738\u003c/a\u003e from skipkayhil/hm-nkxzsnnrqqlyrotw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6409b24dd20ee4076ec3dbefba9edc3376bf13f1\"\u003e\u003ccode\u003e6409b24\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55719\"\u003e#55719\u003c/a\u003e from skipkayhil/hm-fix-label-for-namespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0160f42886e2ebeb7a0680f073b870326f14c12a\"\u003e\u003ccode\u003e0160f42\u003c/code\u003e\u003c/a\u003e Sync CHANGELOGs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activerecord` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6981fd2fbeadc8bc7db6547604cf2df13cb18a40\"\u003e\u003ccode\u003e6981fd2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55969\"\u003e#55969\u003c/a\u003e from rails/fix-explain-tests-mysql-9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/52347e0467445b350f482838da5bb503c155eb72\"\u003e\u003ccode\u003e52347e0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55938\"\u003e#55938\u003c/a\u003e from aidanharan/truthy-condition-mssql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d2826215f9c9c1fe2f1c91e292171a042be1e9c5\"\u003e\u003ccode\u003ed282621\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55925\"\u003e#55925\u003c/a\u003e from flavorjones/flavorjones/shard-swap-prohibition...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/511dbf2665746e54240c07b93b0d0ddc184873f9\"\u003e\u003ccode\u003e511dbf2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55907\"\u003e#55907\u003c/a\u003e from ruyrocha/fix/sqlite3-data-loss\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bf9219d62aed746260e853cebe98503c8c27cdd5\"\u003e\u003ccode\u003ebf9219d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55918\"\u003e#55918\u003c/a\u003e from baarde/with-bound-sql-literals\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/865bc776d039645bd4b7f2c826ab4e0aaadf51b6\"\u003e\u003ccode\u003e865bc77\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55332\"\u003e#55332\u003c/a\u003e from zzak/re-54882\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/dee79c4a74723ce8016b2e96e3d6d5723f673aa6\"\u003e\u003ccode\u003edee79c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55778\"\u003e#55778\u003c/a\u003e from ianterrell/ianterrell/fix-autosave-changed-via...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/82f2c96c394b0cf2c2208a7cbf8ebb4fa591ebd6\"\u003e\u003ccode\u003e82f2c96\u003c/code\u003e\u003c/a\u003e Disable GCS tests in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ddf2c97b27d25aa1e450545d59ff867df31253f\"\u003e\u003ccode\u003e0ddf2c9\u003c/code\u003e\u003c/a\u003e Delete test that now fails with new version of benchmark gem\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3c7a8a8208221c3f01bc841a8f7015ea00e86427\"\u003e\u003ccode\u003e3c7a8a8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55864\"\u003e#55864\u003c/a\u003e from RicardoTrindade/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/00e1dfa973ce121d767c299a02d05b028caf8b5c\"\u003e\u003ccode\u003e00e1dfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `css_parser` from 1.21.1 to 1.22.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/premailer/css_parser/blob/master/CHANGELOG.md\"\u003ecss_parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRuby CSS Parser CHANGELOG\u003c/h2\u003e\n\u003ch3\u003eUnreleased\u003c/h3\u003e\n\u003ch3\u003eVersion 2.2.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAccept CSS \u003ccode\u003e\u0026lt;number\u0026gt;\u003c/code\u003e values with an omitted integer part (e.g. \u003ccode\u003e.1\u003c/code\u003e) inside \u003ccode\u003ergb()\u003c/code\u003e/\u003ccode\u003ergba()\u003c/code\u003e/\u003ccode\u003ehsl()\u003c/code\u003e/\u003ccode\u003ehsla()\u003c/code\u003e. Previously \u003ccode\u003eRE_COLOUR_NUMERIC\u003c/code\u003e and \u003ccode\u003eRE_COLOUR_NUMERIC_ALPHA\u003c/code\u003e required at least one digit before the decimal point, which caused colours such as \u003ccode\u003ergba(0,0,0,.1)\u003c/code\u003e to be silently dropped during shorthand expansion (\u003ccode\u003ebackground-color\u003c/code\u003e from \u003ccode\u003ebackground:\u003c/code\u003e, \u003ccode\u003eborder-*-color\u003c/code\u003e from \u003ccode\u003eborder:\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.1.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate ssl when pulling files via https\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eVersion 2.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ruby \u0026lt;3.2, fix a memory leak\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/040895b7e554f4afbbf1a0dbd239eb2b85de7c32\"\u003e\u003ccode\u003e040895b\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/5069b71b4258dc9423db0019848654e8a1ea5c9b\"\u003e\u003ccode\u003e5069b71\u003c/code\u003e\u003c/a\u003e bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/premailer/css_parser/commit/e0c95d5abe91b237becb90ff316531a6547ada18\"\u003e\u003ccode\u003ee0c95d5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/premailer/css_parser/issues/186\"\u003e#186\u003c/a\u003e from premailer/grosser/https\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/premailer/css_parser/compare/v1.21.1...v1.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `faraday` from 2.12.2 to 2.14.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lostisland/faraday/releases\"\u003efaraday's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.14.1\u003c/h2\u003e\n\u003ch2\u003eSecurity Note\u003c/h2\u003e\n\u003cp\u003eThis release contains a security fix, we recommend all users to upgrade as soon as possible.\nA Security Advisory with more details will be posted shortly.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd comprehensive AI agent guidelines for Claude, Cursor, and GitHub Copilot by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd RFC document for Options architecture refactoring plan by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1644\"\u003elostisland/faraday#1644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1655\"\u003elostisland/faraday#1655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExplicit top-level namespace reference by \u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1657\"\u003elostisland/faraday#1657\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1642\"\u003elostisland/faraday#1642\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\"\u003ehttps://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew features ✨\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse newer \u003ccode\u003eUnprocessableContent\u003c/code\u003e naming for 422 by \u003ca href=\"https://github.com/tylerhunt\"\u003e\u003ccode\u003e@​tylerhunt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1638\"\u003elostisland/faraday#1638\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes 🐞\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eConvert strings to UTF-8 by \u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1624\"\u003elostisland/faraday#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eResponse#to_hash\u003c/code\u003e when response not finished yet by \u003ca href=\"https://github.com/yykamei\"\u003e\u003ccode\u003e@​yykamei\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1639\"\u003elostisland/faraday#1639\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc/Docs 📄\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eLint: use \u003ccode\u003efilter_map\u003c/code\u003e by \u003ca href=\"https://github.com/olleolleolle\"\u003e\u003ccode\u003e@​olleolleolle\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1637\"\u003elostisland/faraday#1637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eactions/checkout\u003c/code\u003e from v4 to v5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1636\"\u003elostisland/faraday#1636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes documentation by \u003ca href=\"https://github.com/dharamgollapudi\"\u003e\u003ccode\u003e@​dharamgollapudi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1635\"\u003elostisland/faraday#1635\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/c960657\"\u003e\u003ccode\u003e@​c960657\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1624\"\u003elostisland/faraday#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dharamgollapudi\"\u003e\u003ccode\u003e@​dharamgollapudi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1635\"\u003elostisland/faraday#1635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tylerhunt\"\u003e\u003ccode\u003e@​tylerhunt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1638\"\u003elostisland/faraday#1638\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.13.4...v2.14.0\"\u003ehttps://github.com/lostisland/faraday/compare/v2.13.4...v2.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove error handling logic and add missing test coverage by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1633\"\u003elostisland/faraday#1633\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lostisland/faraday/compare/v2.13.3...v2.13.4\"\u003ehttps://github.com/lostisland/faraday/compare/v2.13.3...v2.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix type assumption in \u003ccode\u003eFaraday::Error\u003c/code\u003e by \u003ca href=\"https://github.com/iMacTia\"\u003e\u003ccode\u003e@​iMacTia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lostisland/faraday/pull/1630\"\u003elostisland/faraday#1630\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/16cbd38ef252d25dedf416a4d2510a2f3db10c87\"\u003e\u003ccode\u003e16cbd38\u003c/code\u003e\u003c/a\u003e Version bump to 2.14.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/a6d3a3a0bf59c2ab307d0abd91bc126aef5561bc\"\u003e\u003ccode\u003ea6d3a3a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/b23f710d28c0dba169470f568df4017a1e8beea7\"\u003e\u003ccode\u003eb23f710\u003c/code\u003e\u003c/a\u003e Explicit top-level namespace reference (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1657\"\u003e#1657\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/49ba4ac3a7359baed634c12a82386f6c8c717ea8\"\u003e\u003ccode\u003e49ba4ac\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 5 to 6 (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1655\"\u003e#1655\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/51a49bc99d7df6f724d250d64771e1d710576df7\"\u003e\u003ccode\u003e51a49bc\u003c/code\u003e\u003c/a\u003e Ensure Claude reads the guidelines and allow to plan in a gitignored .ai/PLAN...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/894f65cab8f04bcf35e84a2dfd9fc0286dbce340\"\u003e\u003ccode\u003e894f65c\u003c/code\u003e\u003c/a\u003e Add RFC document for Options architecture refactoring plan (\u003ca href=\"https://redirect.github.com/lostisland/faraday/issues/1644\"\u003e#1644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lostisland/faraday/commit/397e3ded0c5166313bb22f1c0221b36b6023fd0f\"\u003e\u003ccode\u003e397e3de\u003c/code\u003e\u003c/a\u003e Add comprehensive AI agent ...\n\n_Description has been truncated_","html_url":"https://github.com/LelandParker/openproject/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LelandParker%2Fopenproject/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"7.2.3","new_version":"7.2.3.1","update_type":null,"path":"/api","pr_created_at":"2026-04-12T14:13:04.000Z","version_change":"7.2.3 → 7.2.3.1","issue":{"uuid":"4248319616","node_id":"PR_kwDOFPUles7Rxzto","number":182,"state":"open","title":"Bump actionview from 7.2.3 to 7.2.3.1 in /api","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-12T14:13:04.000Z","updated_at":"2026-04-12T14:19:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":"/api","ecosystem":"rubygems"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/zatarain/portfolio/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/zatarain/portfolio/pull/182","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zatarain%2Fportfolio/issues/182","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/182/packages"}},{"old_version":"6.1.7.8","new_version":"8.1.3","update_type":"major","path":null,"pr_created_at":"2026-04-08T01:47:56.000Z","version_change":"6.1.7.8 → 8.1.3","issue":{"uuid":"4221560219","node_id":"PR_kwDOMt-mx87QqrMs","number":18,"state":"closed","title":"Bump the bundler group across 4 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-08T08:21:15.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-08T01:47:56.000Z","updated_at":"2026-04-08T08:21:18.000Z","time_to_close":23599,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":8,"packages":[{"name":"activesupport","old_version":"7.2.1","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"},{"name":"nokogiri","old_version":"1.16.7","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"devise","old_version":"4.9.4","new_version":"5.0.3","repository_url":"https://github.com/heartcombo/devise"},{"name":"actionview","old_version":"6.1.7.8","new_version":"8.1.3"},{"name":"activestorage","old_version":"6.1.7.8","new_version":"8.1.3"},{"name":"activesupport","old_version":"6.1.7.8","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22"},{"name":"nokogiri","old_version":"1.16.7","new_version":"1.19.2","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"rack","old_version":"2.2.9","new_version":"3.2.6"},{"name":"devise","old_version":"4.9.4","new_version":"5.0.3","repository_url":"https://github.com/heartcombo/devise"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the bundler group with 2 updates in the /docs directory: [activesupport](https://github.com/rails/rails) and [nokogiri](https://github.com/sparklemotion/nokogiri).\nBumps the bundler group with 1 update in the /gemfiles/rails_61 directory: [devise](https://github.com/heartcombo/devise).\nBumps the bundler group with 1 update in the /gemfiles/rails_70 directory: [devise](https://github.com/heartcombo/devise).\nBumps the bundler group with 1 update in the /gemfiles/rails_71 directory: [devise](https://github.com/heartcombo/devise).\n\nUpdates `activesupport` from 7.2.1 to 7.2.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b54a4b373c6f042cab6ee2033246b1c9ecc38974\"\u003e\u003ccode\u003eb54a4b3\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c1ad0e8e1972032f3395853a5e99cea035035beb\"\u003e\u003ccode\u003ec1ad0e8\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a\"\u003e\u003ccode\u003eebd6be1\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4a155f1fd7d4a1887b169eda4983a052fb2e2f13\"\u003e\u003ccode\u003e4a155f1\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fe41a9fa77412917ea3f228d6a742f31ad21e26d\"\u003e\u003ccode\u003efe41a9f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/12040a3145012fb312eb2d70fc700f4d34a27934\"\u003e\u003ccode\u003e12040a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55808\"\u003e#55808\u003c/a\u003e from olivier-thatch/fix-enum-sole\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/58630e19ad0fe3c822302ae147ad1f863c95de2e\"\u003e\u003ccode\u003e58630e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55794\"\u003e#55794\u003c/a\u003e from rails/fix-55513\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.1...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.16.7 to 1.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\r\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\r\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\r\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\r\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\r\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\r\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\r\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\r\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\r\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\r\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\r\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\r\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\r\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\r\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\r\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\r\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\r\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\r\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\r\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\r\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.7...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devise` from 4.9.4 to 5.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/releases\"\u003edevise's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0.rc\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/blob/main/CHANGELOG.md\"\u003edevise's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e5.0.3 - 2026-03-16\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity fixes\n\u003cul\u003e\n\u003cli\u003eFix race condition vulnerability on confirmable \u0026quot;change email\u0026quot; which would allow confirming an email they don't own CVE-2026-32700 \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5783\"\u003e#5783\u003c/a\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5784\"\u003e#5784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2 - 2026-02-18\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenhancements\n\u003cul\u003e\n\u003cli\u003eAllow resource class scopes to override the global configuration for \u003ccode\u003esign_in_after_change_password\u003c/code\u003e behaviour. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5825\"\u003e#5825\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eNote\u003c/em\u003e: some users ran into an issue with this change because \u003ccode\u003eRegistrationsController\u003c/code\u003e now relies on a setting from the \u003ccode\u003e:registerable\u003c/code\u003e module. These users were configuring their own routes pointing to the \u003ccode\u003eRegistrationsController\u003c/code\u003e for resource edit/update actions mostly, without relying on the other registration actions (e.g. user sign up.), so they omitted \u003ccode\u003e:registerable\u003c/code\u003e from the model declaration. While using just a portion of the controller functionality is a valid use for \u003ccode\u003e:registerable\u003c/code\u003e (or any module really), the module must still be declared in the model, much like the other modules must be declared if you plan on using just a portion of their behavior. Please check \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5828#issuecomment-3926822788\"\u003ethis issue\u003c/a\u003e for more info.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003esign_in_after_reset_password?\u003c/code\u003e check hook to passwords controller, to allow it to be customized by users. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5826\"\u003e#5826\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1 - 2026-02-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebug fixes\n\u003cul\u003e\n\u003cli\u003eFix translation issue with German \u003ccode\u003eE-Mail\u003c/code\u003e on invalid authentication messages caused by previous fix for incorrect grammar \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5822\"\u003e#5822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0 - 2026-01-23\u003c/h3\u003e\n\u003cp\u003eno changes\u003c/p\u003e\n\u003ch3\u003e5.0.0.rc - 2025-12-31\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Ruby \u0026lt; 2.7\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Rails \u0026lt; 7.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003e:bypass\u003c/code\u003e option from \u003ccode\u003esign_in\u003c/code\u003e helper, use \u003ccode\u003ebypass_sign_in\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003edevise_error_messages!\u003c/code\u003e helper, use \u003ccode\u003erender \u0026quot;devise/shared/error_messages\u0026quot;, resource: resource\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003escope\u003c/code\u003e second argument from \u003ccode\u003esign_in(resource, :admin)\u003c/code\u003e controller test helper, use \u003ccode\u003esign_in(resource, scope: :admin)\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::TestHelpers\u003c/code\u003e, use \u003ccode\u003eDevise::Test::ControllerHelpers\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION\u003c/code\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5598\"\u003e#5598\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise.activerecord51?\u003c/code\u003e method.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eSecretKeyFinder\u003c/code\u003e and use \u003ccode\u003eapp.secret_key_base\u003c/code\u003e as the default secret key for \u003ccode\u003eDevise.secret_key\u003c/code\u003e if a custom \u003ccode\u003eDevise.secret_key\u003c/code\u003e is not provided.\u003c/p\u003e\n\u003cp\u003eThis is potentially a breaking change because Devise previously used the following order to find a secret key:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eapp.credentials.secret_key_base \u0026gt; app.secrets.secret_key_base \u0026gt; application.config.secret_key_base \u0026gt; application.secret_key_base\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eNow, it always uses \u003ccode\u003eapplication.secret_key_base\u003c/code\u003e. Make sure you're using the same secret key after the upgrade; otherwise, previously generated tokens for \u003ccode\u003erecoverable\u003c/code\u003e, \u003ccode\u003elockable\u003c/code\u003e, and \u003ccode\u003econfirmable\u003c/code\u003e will be invalid.\n\u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5645\"\u003e#5645\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChange password instructions button label on devise view from \u003ccode\u003eSend me reset password instructions\u003c/code\u003e to \u003ccode\u003eSend me password reset instructions\u003c/code\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5515\"\u003e#5515\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eChange \u003ccode\u003e\u0026lt;br\u0026gt;\u003c/code\u003e tags separating form elements to wrapping them in \u003ccode\u003e\u0026lt;p\u0026gt;\u003c/code\u003e tags \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5494\"\u003e#5494\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eReplace \u003ccode\u003e[data-turbo-cache=false]\u003c/code\u003e with \u003ccode\u003e[data-turbo-temporary]\u003c/code\u003e on \u003ccode\u003edevise/shared/error_messages\u003c/code\u003e partial. This has been \u003ca href=\"https://github.com/hotwired/turbo/releases/tag/v7.3.0\"\u003edeprecated by Turbo since v7.3.0 (released on Mar 1, 2023)\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIf you are using an older version of Turbo and the default devise template, you'll need to copy it over to your app and change that back to \u003ccode\u003e[data-turbo-cache=false]\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eenhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Rails 8 support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/2f809205b2a9112767e68e1a5666c649a42609c6\"\u003e\u003ccode\u003e2f80920\u003c/code\u003e\u003c/a\u003e Release v5.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/53347074021b38590653b95523f9b7113e5dcfdc\"\u003e\u003ccode\u003e5334707\u003c/code\u003e\u003c/a\u003e Add CVE to changelog [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/02527772bd9adbc3357d9c62fbc16e73e438121d\"\u003e\u003ccode\u003e0252777\u003c/code\u003e\u003c/a\u003e Fix race condition vulnerability, by ensuring the \u003ccode\u003eunconfirmed_email\u003c/code\u003e is alwa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/879f79fceaf2ec6525219ee7bb4057ce4db65729\"\u003e\u003ccode\u003e879f79f\u003c/code\u003e\u003c/a\u003e Bundle update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/0f4493bd0302f85d1662b71c4f2145268fecc200\"\u003e\u003ccode\u003e0f4493b\u003c/code\u003e\u003c/a\u003e Configure default permissions as read-only for the workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/8c785761bd3c717793f0da4146dd630865568567\"\u003e\u003ccode\u003e8c78576\u003c/code\u003e\u003c/a\u003e Ignore test/** folder for GH default code scanning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/c9e655e13253dc53e3c0981a8345f134bcda1fc5\"\u003e\u003ccode\u003ec9e655e\u003c/code\u003e\u003c/a\u003e Bundle update, clear dependabot security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/3fd061095084d8f9d3f8c995c46caabcd15640fd\"\u003e\u003ccode\u003e3fd0610\u003c/code\u003e\u003c/a\u003e Add a note to the changelog about an edge case issue some users ran into\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/5b008ed51c0df3223cf727e7ad07378d6329b12f\"\u003e\u003ccode\u003e5b008ed\u003c/code\u003e\u003c/a\u003e Release v5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/heartcombo/devise/commit/916f94ed4b4bb8e7881d5cf8c6535b7ccb368f7a\"\u003e\u003ccode\u003e916f94e\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003esign_in_after_reset_password?\u003c/code\u003e check hook to passwords controller (\u003ca href=\"https://redirect.github.com/heartcombo/devise/issues/5826\"\u003e#5826\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/heartcombo/devise/compare/v4.9.4...v5.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 6.1.7.8 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix encoding errors for string locals containing non-ASCII characters.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eKataoka Katsuki\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix collection caching to only forward \u003ccode\u003eexpires_in\u003c/code\u003e argument if explicitly set.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePieter Visser\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.2 (January 08, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003efile_field\u003c/code\u003e to join mime types with a comma when provided as Array\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003efile_field(:article, :image, accept: ['image/png', 'image/gif', 'image/jpeg'])\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eNow behaves likes:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003efile_field(:article, :image, accept: 'image/png,image/gif,image/jpeg')\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cem\u003eBogdan Gusiev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix strict locals parsing to handle multiline definitions.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003econtent_security_policy_nonce\u003c/code\u003e error in mailers when using \u003ccode\u003econtent_security_policy_nonce_auto\u003c/code\u003e setting.\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003econtent_security_policy_nonce helper\u003c/code\u003e is provided by \u003ccode\u003eActionController::ContentSecurityPolicy\u003c/code\u003e, and it relies on \u003ccode\u003erequest.content_security_policy_nonc\u003c/code\u003ee. Mailers lack both the module and the request object.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJarrett Lusso\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e598b9427876ba44bd62c48390e6568476b3f8f0\"\u003e\u003ccode\u003ee598b94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c2ea79c21161de7eb271b2789fbed21dde504071\"\u003e\u003ccode\u003ec2ea79c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7c8ae65b7045490965218a994c300aea8dbb079\"\u003e\u003ccode\u003ed7c8ae6\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/27aa94fb4430b8dd9464081ad9b5ca083452570c\"\u003e\u003ccode\u003e27aa94f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56389\"\u003e#56389\u003c/a\u003e from bogdan/semantic-file-input-accept\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v6.1.7.8...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 6.1.7.8 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/activestorage/CHANGELOG.md\"\u003eactivestorage's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eActiveStorage::Blob\u003c/code\u003e content type predicate methods to handle \u003ccode\u003enil\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDaichi KUDO\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFilter user supplied metadata in DirectUploadController\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33173]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eConfigurable maxmimum streaming chunk size\u003c/p\u003e\n\u003cp\u003eMakes sure that byte ranges for blobs don't exceed 100mb by default.\nContent ranges that are too big can result in denial of service.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33174]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eGannon McGibbon\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eLimit range requests to a single range\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33658]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ePrevent path traversal in \u003ccode\u003eDiskService\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eDiskService#path_for\u003c/code\u003e now raises an \u003ccode\u003eInvalidKeyError\u003c/code\u003e when passed keys with dot segments (\u0026quot;.\u0026quot;,\n\u0026quot;..\u0026quot;), or if the resolved path is outside the storage root directory.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003e#path_for\u003c/code\u003e also now consistently raises \u003ccode\u003eInvalidKeyError\u003c/code\u003e if the key is invalid in any way, for\nexample containing null bytes or having an incompatible encoding. Previously, the exception\nraised may have been \u003ccode\u003eArgumentError\u003c/code\u003e or \u003ccode\u003eEncoding::CompatibilityError\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eDiskController\u003c/code\u003e now explicitly rescues \u003ccode\u003eInvalidKeyError\u003c/code\u003e with appropriate HTTP status codes.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33195]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ePrevent glob injection in \u003ccode\u003eDiskService#delete_prefixed\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eEscape glob metacharacters in the resolved path before passing to \u003ccode\u003eDir.glob\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8c9676b803820110548cdb7523800db43bc6874c\"\u003e\u003ccode\u003e8c9676b\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9b06fbc0f504b8afe333f33d19548f3b85fbe655\"\u003e\u003ccode\u003e9b06fbc\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d9502f5214e2198245a4c1defe9cd02a7c8057d0\"\u003e\u003ccode\u003ed9502f5\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/85ec5b1e00d3197d8c69a5e622e1b398a1b10b06\"\u003e\u003ccode\u003e85ec5b1\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/42012eaaa88dfc7d0030161b2bc8074a7bbce92a\"\u003e\u003ccode\u003e42012ea\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/064cea7d610f6020bc8cb97cb693d1fb15ed23c8\"\u003e\u003ccode\u003e064cea7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56783\"\u003e#56783\u003c/a\u003e from kudoas/fix-activestorage-blob-content-type-nil\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v6.1.7.8...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 6.1.7.8 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b54a4b373c6f042cab6ee2033246b1c9ecc38974\"\u003e\u003ccode\u003eb54a4b3\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c1ad0e8e1972032f3395853a5e99cea035035beb\"\u003e\u003ccode\u003ec1ad0e8\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a\"\u003e\u003ccode\u003eebd6be1\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/4a155f1fd7d4a1887b169eda4983a052fb2e2f13\"\u003e\u003ccode\u003e4a155f1\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fe41a9fa77412917ea3f228d6a742f31ad21e26d\"\u003e\u003ccode\u003efe41a9f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/12040a3145012fb312eb2d70fc700f4d34a27934\"\u003e\u003ccode\u003e12040a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55808\"\u003e#55808\u003c/a\u003e from olivier-thatch/fix-enum-sole\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/58630e19ad0fe3c822302ae147ad1f863c95de2e\"\u003e\u003ccode\u003e58630e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55794\"\u003e#55794\u003c/a\u003e from rails/fix-55513\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.1...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.16.7 to 1.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\r\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\r\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\r\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\r\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\r\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\r\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\r\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\r\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\r\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\r\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\r\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\r\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\r\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\r\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\r\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\r\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\r\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\r\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\r\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\r\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.7 / 2025-03-31\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7\"\u003ev2.13.7\u003c/a\u003e, which is a bugfix release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.6 / 2025-03-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.16.7...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rack` from 2.2.9 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/releases\"\u003erack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.2.5...v3.2.6\"\u003ehttps://github.com/rack/rack/compare/v3.2.5...v3.2.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.9.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed ReDoS in Accept header parsing [CVE-2024-26146]\u003c/li\u003e\n\u003cli\u003eFixed ReDoS in Content Type header parsing [CVE-2024-25126]\u003c/li\u003e\n\u003cli\u003eReject Range headers which are too large [CVE-2024-26141]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.9...v3.0.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix content-length calcuation in Rack:Response#write \u003ca href=\"https://redirect.github.com/rack/rack/issues/2150\"\u003e#2150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.8...v3.0.9\"\u003ehttps://github.com/rack/rack/compare/v3.0.8...v3.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Fix some unused variable verbose warnings\u0026quot; by \u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skipkayhil\"\u003e\u003ccode\u003e@​skipkayhil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2084\"\u003erack/rack#2084\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.7...v3.0.8\"\u003ehttps://github.com/rack/rack/compare/v3.0.7...v3.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u0026quot;Make query parameters without = have nil values\u0026quot;. by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2060\"\u003erack/rack#2060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\"\u003ehttps://github.com/rack/rack/compare/v3.0.6.1...v3.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.6.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.0.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\"\u003ehttps://github.com/rack/rack/compare/v3.0.4...v3.0.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/rack/rack/compare/v3.0.3...v3.0.4\"\u003ehttps://github.com/rack/rack/compare/v3.0.3...v3.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRelease v3.0.3 by \u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/rack/rack/pull/2000\"\u003erack/rack#2000\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rack/rack/blob/main/CHANGELOG.md\"\u003erack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.2.6] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-7mqq-6cf9-v2qp\"\u003eCVE-2026-34763\u003c/a\u003e Root directory disclosure via unescaped regex interpolation in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v569-hp3g-36wr\"\u003eCVE-2026-34230\u003c/a\u003e Avoid O(n^2) algorithm in \u003ccode\u003eRack::Utils.select_best_encoding\u003c/code\u003e which could lead to denial of service.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qfgr-crr9-7r49\"\u003eCVE-2026-32762\u003c/a\u003e Forwarded header semicolon injection enables Host and Scheme spoofing.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-vgpv-f759-9wx3\"\u003eCVE-2026-26961\u003c/a\u003e Raise error for multipart requests with multiple boundary parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q4qf-9j86-f5mh\"\u003eCVE-2026-34786\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e \u003ccode\u003eheader_rules\u003c/code\u003e bypass via URL-encoded path mismatch.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-q2ww-5357-x388\"\u003eCVE-2026-34831\u003c/a\u003e \u003ccode\u003eContent-Length\u003c/code\u003e mismatch in \u003ccode\u003eRack::Files\u003c/code\u003e error responses.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-x8cg-fq8g-mxfx\"\u003eCVE-2026-34826\u003c/a\u003e Multipart byte range processing allows denial of service via excessive overlapping ranges.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-g2pf-xv49-m2h5\"\u003eCVE-2026-34835\u003c/a\u003e \u003ccode\u003eRack::Request\u003c/code\u003e accepts invalid Host characters, enabling host allowlist bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-qv7j-4883-hwh7\"\u003eCVE-2026-34830\u003c/a\u003e \u003ccode\u003eRack::Sendfile\u003c/code\u003e header-based \u003ccode\u003eX-Accel-Mapping\u003c/code\u003e regex injection enables unauthorized \u003ccode\u003eX-Accel-Redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-h2jq-g4cq-5ppq\"\u003eCVE-2026-34785\u003c/a\u003e \u003ccode\u003eRack::Static\u003c/code\u003e prefix matching can expose unintended files under the static root.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-8vqr-qjwx-82mw\"\u003eCVE-2026-34829\u003c/a\u003e Multipart parsing without \u003ccode\u003eContent-Length\u003c/code\u003e header allows unbounded chunked file uploads.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-v6x5-cg8r-vv6x\"\u003eCVE-2026-34827\u003c/a\u003e Multipart header parsing allows denial of service via escape-heavy quoted parameters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-rx22-g9mx-qrhv\"\u003eCVE-2026-26962\u003c/a\u003e Improper unfolding of folded multipart headers preserves CRLF in parsed parameter values.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-whrj-4476-wvmp\"\u003eCVE-2026-25500\u003c/a\u003e XSS injection via malicious filename in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-mxw3-3hh2-x2mh\"\u003eCVE-2026-22860\u003c/a\u003e Directory traversal via root prefix bypass in \u003ccode\u003eRack::Directory\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eRack::MockResponse#body\u003c/code\u003e when the body is a Proc. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2420\"\u003e#2420\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/rack/rack/pull/2423\"\u003e#2423\u003c/a\u003e, \u003ca href=\"https://github.com/tavianator\"\u003e\u003ccode\u003e@​tavianator\u003c/code\u003e\u003c/a\u003e, [\u003ca href=\"https://github.com/ioquatix\"\u003e\u003ccode\u003e@​ioquatix\u003c/code\u003e\u003c/a\u003e])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.4] - 2025-11-03\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMultipart parser: limit MIME header size check to the unread buffer region to avoid false \u003ccode\u003emultipart mime part header too large\u003c/code\u003e errors when previously read data accumulates in the scan buffer. (\u003ca href=\"https://redirect.github.com/rack/rack/pull/2392\"\u003e#2392\u003c/a\u003e, \u003ca href=\"https://github.com/alpaca-tc\"\u003e\u003ccode\u003e@​alpaca-tc\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/willnet\"\u003e\u003ccode\u003e@​willnet\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/krororo\"\u003e\u003ccode\u003e@​krororo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.3] - 2025-10-10\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-r657-rxjc-j557\"\u003eCVE-2025-61780\u003c/a\u003e Improper handling of headers in \u003ccode\u003eRack::Sendfile\u003c/code\u003e may allow proxy bypass.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-6xw4-3v39-52mm\"\u003eCVE-2025-61919\u003c/a\u003e Unbounded read in \u003ccode\u003eRack::Request\u003c/code\u003e form parsing can lead to memory exhaustion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.2.2] - 2025-10-07\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-wpv5-97wm-hp9c\"\u003eCVE-2025-61772\u003c/a\u003e Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-w9pc-fmgc-vxvw\"\u003eCVE-2025-61771\u003c/a\u003e Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/advisories/GHSA-p543-xpfm-54cp\"\u003eCVE-2025-61770\u003c/a\u003e Unbounded multipart preamble buffering enables DoS (memory exhaustion)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/e1f22fdbe99afd2126b6fbf05bb12399359574b7\"\u003e\u003ccode\u003ee1f22fd\u003c/code\u003e\u003c/a\u003e Bump patch version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/31989fd7bb6f806fdb3cfa4e9aec1fe8434f47d1\"\u003e\u003ccode\u003e31989fd\u003c/code\u003e\u003c/a\u003e Fix typo in test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d268165e390e17b83573fec916dcdef6304a8b4b\"\u003e\u003ccode\u003ed268165\u003c/code\u003e\u003c/a\u003e Fix test expectation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/8f425de0ee75a2f3cdfbfdd57858c1910b7645ff\"\u003e\u003ccode\u003e8f425de\u003c/code\u003e\u003c/a\u003e Add Ruby v4.0 to the test matrix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bf830426ce5b3daccb5a226b733703c86504ceba\"\u003e\u003ccode\u003ebf83042\u003c/code\u003e\u003c/a\u003e Drop EOL Rubies from external tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/d50c4d3dab62fa80b2a276271d0d4fb338cfa7df\"\u003e\u003ccode\u003ed50c4d3\u003c/code\u003e\u003c/a\u003e Implement OBS unfolding for multipart requests per RFC 5322 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/bfb69142dbe2a1e3298ad52d12935938d1b58205\"\u003e\u003ccode\u003ebfb6914\u003c/code\u003e\u003c/a\u003e Limit the number of quoted escapes during multipart parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/b3e5945c648c5a5b6982e5072b26e51990991229\"\u003e\u003ccode\u003eb3e5945\u003c/code\u003e\u003c/a\u003e Add Content-Length size check in Rack::Multipart::Parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/7a8f32696609b88e2c4c1f09d473a1d2d837ed4b\"\u003e\u003ccode\u003e7a8f326\u003c/code\u003e\u003c/a\u003e Fix root prefix bug in Rack::Static\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rack/rack/commit/a57bc140247f904dc1e3302badedcb73645072c7\"\u003e\u003ccode\u003ea57bc14\u003c/code\u003e\u003c/a\u003e Only do a simple substitution on the x-accel-mapping paths\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rack/rack/compare/v2.2.9...v3.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devise` from 4.9.4 to 5.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/releases\"\u003edevise's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.3/CHANGELOG.md#503---2026-03-16\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.2/CHANGELOG.md#502---2026-02-18\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.1/CHANGELOG.md#501---2026-02-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0/CHANGELOG.md#500---2026-01-23\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0.rc\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\"\u003ehttps://github.com/heartcombo/devise/blob/v5.0.0.rc/CHANGELOG.md#500rc---2025-12-31\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/heartcombo/devise/blob/main/CHANGELOG.md\"\u003edevise's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e5.0.3 - 2026-03-16\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity fixes\n\u003cul\u003e\n\u003cli\u003eFix race condition vulnerability on confirmable \u0026quot;change email\u0026quot; which would allow confirming an email they don't own CVE-2026-32700 \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5783\"\u003e#5783\u003c/a\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5784\"\u003e#5784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2 - 2026-02-18\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenhancements\n\u003cul\u003e\n\u003cli\u003eAllow resource class scopes to override the global configuration for \u003ccode\u003esign_in_after_change_password\u003c/code\u003e behaviour. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5825\"\u003e#5825\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eNote\u003c/em\u003e: some users ran into an issue with this change because \u003ccode\u003eRegistrationsController\u003c/code\u003e now relies on a setting from the \u003ccode\u003e:registerable\u003c/code\u003e module. These users were configuring their own routes pointing to the \u003ccode\u003eRegistrationsController\u003c/code\u003e for resource edit/update actions mostly, without relying on the other registration actions (e.g. user sign up.), so they omitted \u003ccode\u003e:registerable\u003c/code\u003e from the model declaration. While using just a portion of the controller functionality is a valid use for \u003ccode\u003e:registerable\u003c/code\u003e (or any module really), the module must still be declared in the model, much like the other modules must be declared if you plan on using just a portion of their behavior. Please check \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5828#issuecomment-3926822788\"\u003ethis issue\u003c/a\u003e for more info.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003esign_in_after_reset_password?\u003c/code\u003e check hook to passwords controller, to allow it to be customized by users. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5826\"\u003e#5826\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1 - 2026-02-13\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebug fixes\n\u003cul\u003e\n\u003cli\u003eFix translation issue with German \u003ccode\u003eE-Mail\u003c/code\u003e on invalid authentication messages caused by previous fix for incorrect grammar \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5822\"\u003e#5822\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0 - 2026-01-23\u003c/h3\u003e\n\u003cp\u003eno changes\u003c/p\u003e\n\u003ch3\u003e5.0.0.rc - 2025-12-31\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Ruby \u0026lt; 2.7\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support to Rails \u0026lt; 7.0\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003e:bypass\u003c/code\u003e option from \u003ccode\u003esign_in\u003c/code\u003e helper, use \u003ccode\u003ebypass_sign_in\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003edevise_error_messages!\u003c/code\u003e helper, use \u003ccode\u003erender \u0026quot;devise/shared/error_messages\u0026quot;, resource: resource\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003escope\u003c/code\u003e second argument from \u003ccode\u003esign_in(resource, :admin)\u003c/code\u003e controller test helper, use \u003ccode\u003esign_in(resource, scope: :admin)\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::TestHelpers\u003c/code\u003e, use \u003ccode\u003eDevise::Test::ControllerHelpers\u003c/code\u003e instead. \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5803\"\u003e#5803\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION\u003c/code\u003e \u003ca href=\"https://redirect.github.com/heartcombo/devise/pull/5598\"\u003e#5598\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove deprecated \u003ccode\u003eDevise.activerecord51?\u003c/code\u003e method.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eSecretKeyFinder\u003c/code\u003e and use \u003ccode\u003eapp.secre...\n\n_Description has been truncated_","html_url":"https://github.com/waveaccounting/activeadmin/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/waveaccounting%2Factiveadmin/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"}},{"old_version":"8.1.2","new_version":"8.1.2.1","update_type":null,"path":null,"pr_created_at":"2026-03-31T06:22:53.000Z","version_change":"8.1.2 → 8.1.2.1","issue":{"uuid":"4176216222","node_id":"PR_kwDODeLmpc7O16gw","number":706,"state":"closed","title":"Bump actionview from 8.1.2 to 8.1.2.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-01T00:03:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T06:22:53.000Z","updated_at":"2026-04-01T00:03:40.000Z","time_to_close":63645,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"8.1.2","new_version":"8.1.2.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2 to 8.1.2.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2...v8.1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2\u0026new-version=8.1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bio-org-au/editor/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bio-org-au/editor/pull/706","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bio-org-au%2Feditor/issues/706","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/706/packages"}},{"old_version":"8.1.2.1","new_version":"8.1.3","update_type":"patch","path":null,"pr_created_at":"2026-03-25T12:33:45.000Z","version_change":"8.1.2.1 → 8.1.3","issue":{"uuid":"4135090950","node_id":"PR_kwDOAeBT_c7NVYY2","number":178,"state":"open","title":"[bundler] Bump the rails group with 4 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-25T12:33:45.000Z","updated_at":"2026-03-25T12:34:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"[bundler] Bump","group_name":"rails","update_count":4,"packages":[{"name":"activemodel","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"actionpack","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"},{"name":"actionview","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the rails group with 4 updates: [activemodel](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails), [actionpack](https://github.com/rails/rails) and [actionview](https://github.com/rails/rails).\n\nUpdates `activemodel` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivemodel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/activemodel/CHANGELOG.md\"\u003eactivemodel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eEdward Woodcock\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5a3d7d903aba1219f394259c2d9c02949b1b5cd7\"\u003e\u003ccode\u003e5a3d7d9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56943\"\u003e#56943\u003c/a\u003e from yahonda/ruby-16321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/034ca73253a001be8cce523812559012ac341fb8\"\u003e\u003ccode\u003e034ca73\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56867\"\u003e#56867\u003c/a\u003e from hammadxcm/fix-ruby4-delegator-inspect-warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6c23f3bd4e252619010bb13ab2570faa5000ed55\"\u003e\u003ccode\u003e6c23f3b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56768\"\u003e#56768\u003c/a\u003e from RemoteCTO/fix/integer-type-marshal-compat\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/activesupport/CHANGELOG.md\"\u003eactivesupport's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\n  inflect.acronym \u0026quot;USD\u0026quot;\n  inflect.acronym \u0026quot;USDC\u0026quot;\nend\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c315744f2001bdd5cba32d43274adca50b71e289\"\u003e\u003ccode\u003ec315744\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56889\"\u003e#56889\u003c/a\u003e from alpaca-tc/support-spring-on-test-environment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2ac86a8a9e32fff6bfaacd199957ba4ace0a2256\"\u003e\u003ccode\u003e2ac86a8\u003c/code\u003e\u003c/a\u003e Revert benchmark.rb to a silent shim (\u003ca href=\"https://redirect.github.com/rails/rails/issues/56832\"\u003e#56832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8e8c95511610c6316084ccd9bc098acfd5e163b8\"\u003e\u003ccode\u003e8e8c955\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56785\"\u003e#56785\u003c/a\u003e from drsharp/dan/fix-json-encoder-bug\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/38e8df6a5a3244e5a239e33c3a08ed0c52791b73\"\u003e\u003ccode\u003e38e8df6\u003c/code\u003e\u003c/a\u003e Fix activesupport/CHANGELOG.md offense at 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f5266eee6c69972b629cbcdeed8ad34d5410de14\"\u003e\u003ccode\u003ef5266ee\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56679\"\u003e#56679\u003c/a\u003e from Saidbek/fix-overlapping-acronyms-order\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8080d2d6bbbc8d534d2ba57623b8bcf90f7e0caf\"\u003e\u003ccode\u003e8080d2d\u003c/code\u003e\u003c/a\u003e Fix changelog formatting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/594357c4bc3ee1aae1b9413715f99407352e7c19\"\u003e\u003ccode\u003e594357c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56652\"\u003e#56652\u003c/a\u003e from zzak/re-56588\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/055902a00e777d6ed5be51c73181d54aa1251e0a\"\u003e\u003ccode\u003e055902a\u003c/code\u003e\u003c/a\u003e Handle Ruby 4.1 stabby lambda in Proc#source_location start_column\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionpack` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionpack/CHANGELOG.md\"\u003eactionpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/10c6e0eb362d4cd437ea092deb86e67f0d243dfc\"\u003e\u003ccode\u003e10c6e0e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56750\"\u003e#56750\u003c/a\u003e from nicolasva/fix/UnknownHttpMethod\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/cce61db5a22f94e8e820b3d2bf3d96cf0db9412a\"\u003e\u003ccode\u003ecce61db\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56820\"\u003e#56820\u003c/a\u003e from ybiquitous/improve-apidoc-for-ActionDispatch_I...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.1.2.1 to 8.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix encoding errors for string locals containing non-ASCII characters.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eKataoka Katsuki\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix collection caching to only forward \u003ccode\u003eexpires_in\u003c/code\u003e argument if explicitly set.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePieter Visser\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e598b9427876ba44bd62c48390e6568476b3f8f0\"\u003e\u003ccode\u003ee598b94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c2ea79c21161de7eb271b2789fbed21dde504071\"\u003e\u003ccode\u003ec2ea79c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e\n\n\u003c!-- CURSOR_SUMMARY --\u003e\n---\n\n\u003e [!NOTE]\n\u003e **Low Risk**\n\u003e Lockfile-only dependency updates to Rails patch releases and `json` patch version; main risk is unexpected upstream behavior changes in framework internals.\n\u003e \n\u003e **Overview**\n\u003e Updates `Gemfile.lock` to bump the Rails framework gems (`actionpack`, `actionview`, `activemodel`, `activesupport`) from `8.1.2.1` to `8.1.3`, including refreshed checksums.\n\u003e \n\u003e Also bumps the `json` gem from `2.19.2` to `2.19.3`.\n\u003e \n\u003e \u003csup\u003eWritten by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 3ac7be5462b12fd672a340cddd579bbe16ff2ae5. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).\u003c/sup\u003e\n\u003c!-- /CURSOR_SUMMARY --\u003e","html_url":"https://github.com/guideline-tech/subroutine/pull/178","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guideline-tech%2Fsubroutine/issues/178","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/178/packages"}},{"old_version":"8.1.2","new_version":"8.1.2.1","update_type":null,"path":"/src/email","pr_created_at":"2026-03-25T11:51:04.000Z","version_change":"8.1.2 → 8.1.2.1","issue":{"uuid":"4134833841","node_id":"PR_kwDORsWxws7NUp2L","number":5,"state":"closed","title":"chore(deps): bump actionview from 8.1.2 to 8.1.2.1 in /src/email","user":"dependabot[bot]","labels":["dependencies","ruby","Stale"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-04-09T04:06:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T11:51:04.000Z","updated_at":"2026-04-09T04:06:40.000Z","time_to_close":1268126,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actionview","old_version":"8.1.2","new_version":"8.1.2.1","repository_url":"https://github.com/rails/rails"}],"path":"/src/email","ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2 to 8.1.2.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2...v8.1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2\u0026new-version=8.1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pactflow/opentelemetry-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/pactflow/opentelemetry-demo/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pactflow%2Fopentelemetry-demo/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"8.1.2","new_version":"8.1.2.1","update_type":null,"path":null,"pr_created_at":"2026-03-25T11:16:20.000Z","version_change":"8.1.2 → 8.1.2.1","issue":{"uuid":"4134610965","node_id":"PR_kwDOAiV2K87NUB4I","number":335,"state":"open","title":"Bump actionview from 8.1.2 to 8.1.2.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-25T11:16:20.000Z","updated_at":"2026-03-27T19:42:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"8.1.2","new_version":"8.1.2.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2 to 8.1.2.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.2.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.2.1 (March 23, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix possible XSS in DebugExceptions middleware\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33167]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJohn Hawthorn\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1db4b89687cc18311fc3f92623136705df24e671\"\u003e\u003ccode\u003e1db4b89\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.2.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/1c7d1cf0a1ab4142eb20ef30fe2062aad6f72e21\"\u003e\u003ccode\u003e1c7d1cf\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e91694b1f0e176eb01bfcc480a008bffc70f7602\"\u003e\u003ccode\u003ee91694b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG (8.1 only)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63f5ad83edaa0b976f82d46988d745426aa4a42d\"\u003e\u003ccode\u003e63f5ad8\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2...v8.1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2\u0026new-version=8.1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kaspernj/worker_plugins/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/kaspernj/worker_plugins/pull/335","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kaspernj%2Fworker_plugins/issues/335","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/335/packages"}},{"old_version":"8.1.2.1","new_version":"8.1.3","update_type":"patch","path":null,"pr_created_at":"2026-03-25T02:57:53.000Z","version_change":"8.1.2.1 → 8.1.3","issue":{"uuid":"4132022472","node_id":"PR_kwDOAC7Aw87NMnuz","number":4311,"state":"closed","title":":arrow_up: Bump actionview from 8.1.2.1 to 8.1.3","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-03-25T02:59:35.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T02:57:53.000Z","updated_at":"2026-03-25T02:59:36.000Z","time_to_close":102,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":":arrow_up: Bump","packages":[{"name":"actionview","old_version":"8.1.2.1","new_version":"8.1.3","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 8.1.2.1 to 8.1.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.1.3\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eJSONGemCoderEncoder\u003c/code\u003e to correctly serialize custom object hash keys.\u003c/p\u003e\n\u003cp\u003eWhen hash keys are custom objects whose \u003ccode\u003eas_json\u003c/code\u003e returns a Hash,\nthe encoder now calls \u003ccode\u003eto_s\u003c/code\u003e on the original key object instead of\non the \u003ccode\u003eas_json\u003c/code\u003e result.\u003c/p\u003e\n\u003cp\u003eBefore:\nhash = {CustomKey.new(123) =\u0026gt; \u0026quot;value\u0026quot;}\nhash.to_json  # =\u0026gt; {\u0026quot;{:id=\u0026gt;123}\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003eAfter:\nhash.to_json  # =\u0026gt; {\u0026quot;custom_123\u0026quot;:\u0026quot;value\u0026quot;}\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eDan Sharp\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix inflections to better handle overlapping acronyms.\u003c/p\u003e\n\u003cpre lang=\"ruby\"\u003e\u003ccode\u003eActiveSupport::Inflector.inflections(:en) do |inflect|\r\n  inflect.acronym \u0026quot;USD\u0026quot;\r\n  inflect.acronym \u0026quot;USDC\u0026quot;\r\nend\r\n\u003cp\u003e\u0026quot;USDC\u0026quot;.underscore # =\u0026gt; \u0026quot;usdc\u0026quot;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eSaid Kaldybaev\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSilence Dalli 4.0+ warning when using \u003ccode\u003eActiveSupport::Cache::MemCacheStore\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ezzak\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix Ruby 4.0 delegator warning when calling inspect on attributes.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eHammad Khan\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eNoMethodError\u003c/code\u003e when deserialising \u003ccode\u003eType::Integer\u003c/code\u003e objects marshalled under Rails 8.0.\u003c/p\u003e\n\u003cp\u003eThe performance optimisation that replaced \u003ccode\u003e@range\u003c/code\u003e with \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e\nbroke Marshal compatibility. Objects serialised under 8.0 (with \u003ccode\u003e@range\u003c/code\u003e)\nand deserialised under 8.1 (expecting \u003ccode\u003e@max\u003c/code\u003e/\u003ccode\u003e@min\u003c/code\u003e) would crash with\n\u003ccode\u003eundefined method '\u0026lt;=' for nil\u003c/code\u003e because \u003ccode\u003eMarshal.load\u003c/code\u003e restores instance\nvariables without calling \u003ccode\u003einitialize\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md\"\u003eactionview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRails 8.1.3 (March 24, 2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix encoding errors for string locals containing non-ASCII characters.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eKataoka Katsuki\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix collection caching to only forward \u003ccode\u003eexpires_in\u003c/code\u003e argument if explicitly set.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ePieter Visser\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/fa8f0812160665bff083a089d2bb2fc1817ea03e\"\u003e\u003ccode\u003efa8f081\u003c/code\u003e\u003c/a\u003e Preparing for 8.1.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/63cef3de3bd88d5973837ea268dc710e7dbf7b8e\"\u003e\u003ccode\u003e63cef3d\u003c/code\u003e\u003c/a\u003e Merge branch '8-1-sec' into 8-1-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/e598b9427876ba44bd62c48390e6568476b3f8f0\"\u003e\u003ccode\u003ee598b94\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56906\"\u003e#56906\u003c/a\u003e from kataokatsuki/fix-strict-locals-non-ascii-encoding\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c2ea79c21161de7eb271b2789fbed21dde504071\"\u003e\u003ccode\u003ec2ea79c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/56891\"\u003e#56891\u003c/a\u003e from pietervisser/fix-collection-caching-to-preserv...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v8.1.2.1...v8.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=8.1.2.1\u0026new-version=8.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pglombardo/PasswordPusher/pull/4311","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pglombardo%2FPasswordPusher/issues/4311","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4311/packages"}},{"old_version":"8.0.4","new_version":"8.0.5","update_type":"patch","path":null,"pr_created_at":"2026-03-24T21:03:20.000Z","version_change":"8.0.4 → 8.0.5","issue":{"uuid":"4130635026","node_id":"PR_kwDOAHOAqs7NIn70","number":38840,"state":"open","title":"DEPS: Bump the rails group with 8 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T21:03:20.000Z","updated_at":"2026-03-24T21:03:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"DEPS: Bump","group_name":"rails","update_count":8,"packages":[{"name":"actionmailer","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"actionpack","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"actionview","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activemodel","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activerecord","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"railties","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"},{"name":"activejob","old_version":"8.0.4","new_version":"8.0.5","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps the rails group with 8 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actionmailer](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [actionpack](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [actionview](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activemodel](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activerecord](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activesupport](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [railties](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n| [activejob](https://github.com/rails/rails) | `8.0.4` | `8.0.5` |\n\n\nUpdates `actionmailer` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/actionmailer/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `actionpack` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/actionpack/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `actionview` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activemodel` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activemodel/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activerecord` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activerecord/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activesupport` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activesupport/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `railties` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/railties/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)\n\nUpdates `activejob` from 8.0.4 to 8.0.5\n- [Release notes](https://github.com/rails/rails/releases)\n- [Changelog](https://github.com/rails/rails/blob/v8.1.3/activejob/CHANGELOG.md)\n- [Commits](https://github.com/rails/rails/compare/v8.0.4...v8.0.5)","html_url":"https://github.com/discourse/discourse/pull/38840","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/discourse%2Fdiscourse/issues/38840","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/38840/packages"}},{"old_version":"8.0.2","new_version":"8.0.4.1","update_type":"patch","path":null,"pr_created_at":"2026-03-24T19:27:55.000Z","version_change":"8.0.2 → 8.0.4.1","issue":{"uuid":"4130174658","node_id":"PR_kwDOOTp4f87NHPm7","number":4,"state":"closed","title":"Bump the bundler group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-25T22:10:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T19:27:55.000Z","updated_at":"2026-03-25T22:11:00.000Z","time_to_close":96183,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"bundler","update_count":9,"packages":[{"name":"bcrypt","old_version":"3.1.20","new_version":"3.1.22","repository_url":"https://github.com/bcrypt-ruby/bcrypt-ruby"},{"name":"nokogiri","old_version":"1.18.7","new_version":"1.19.1","repository_url":"https://github.com/sparklemotion/nokogiri"},{"name":"carrierwave","old_version":"1.3.4","new_version":"2.2.6","repository_url":"https://github.com/carrierwaveuploader/carrierwave"},{"name":"aws-sdk-s3","old_version":"1.183.0","new_version":"1.208.0","repository_url":"https://github.com/aws/aws-sdk-ruby"},{"name":"actionview","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activerecord","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activestorage","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"activesupport","old_version":"8.0.2","new_version":"8.0.4.1","repository_url":"https://github.com/rails/rails"},{"name":"uri","old_version":"1.0.3","new_version":"1.1.1","repository_url":"https://github.com/ruby/uri"}],"path":null,"ecosystem":"rubygems"},"body":"Updates the requirements on [bcrypt](https://github.com/bcrypt-ruby/bcrypt-ruby), [nokogiri](https://github.com/sparklemotion/nokogiri), [carrierwave](https://github.com/carrierwaveuploader/carrierwave), [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby), [actionview](https://github.com/rails/rails), [activerecord](https://github.com/rails/rails), [activestorage](https://github.com/rails/rails), [activesupport](https://github.com/rails/rails) and [uri](https://github.com/ruby/uri) to permit the latest version.\nUpdates `bcrypt` from 3.1.20 to 3.1.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/releases\"\u003ebcrypt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.22\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove compilation after bundle install by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/291\"\u003ebcrypt-ruby/bcrypt-ruby#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd TruffleRuby in CI by \u003ca href=\"https://github.com/tjschuck\"\u003e\u003ccode\u003e@​tjschuck\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/293\"\u003ebcrypt-ruby/bcrypt-ruby#293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix env url by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/294\"\u003ebcrypt-ruby/bcrypt-ruby#294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.21...v3.1.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.21\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eProvide a 'Changelog' link on rubygems.org/gems/bcrypt by \u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport ruby 3.3 and 3.4.0-preview1 by \u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark as ractor-safe by \u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd == gotcha that can be unintuitive at first by \u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConstant compare by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/282\"\u003ebcrypt-ruby/bcrypt-ruby#282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etry to modernize CI by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/287\"\u003ebcrypt-ruby/bcrypt-ruby#287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry to deal with flaky tests by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/288\"\u003ebcrypt-ruby/bcrypt-ruby#288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigure trusted publishing by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/289\"\u003ebcrypt-ruby/bcrypt-ruby#289\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump version by \u003ca href=\"https://github.com/tenderlove\"\u003e\u003ccode\u003e@​tenderlove\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/290\"\u003ebcrypt-ruby/bcrypt-ruby#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mark-young-atg\"\u003e\u003ccode\u003e@​mark-young-atg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/274\"\u003ebcrypt-ruby/bcrypt-ruby#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/m-nakamura145\"\u003e\u003ccode\u003e@​m-nakamura145\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/276\"\u003ebcrypt-ruby/bcrypt-ruby#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mohamedhafez\"\u003e\u003ccode\u003e@​mohamedhafez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/280\"\u003ebcrypt-ruby/bcrypt-ruby#280\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/federicoaldunate\"\u003e\u003ccode\u003e@​federicoaldunate\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/pull/279\"\u003ebcrypt-ruby/bcrypt-ruby#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\"\u003ehttps://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.21\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/blob/master/CHANGELOG\"\u003ebcrypt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.1.22 Mar 18 2026\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2026-33306] Fix integer overflow in Java extension\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.1.21 Dec 31 2025\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse constant time comparisons\u003c/li\u003e\n\u003cli\u003eMark as Ractor safe\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/831ce64cb0a9502130fa93a28bfd9527a5fa45c4\"\u003e\u003ccode\u003e831ce64\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/32e687ec5f62baad01a62e4634e41d97f8432a61\"\u003e\u003ccode\u003e32e687e\u003c/code\u003e\u003c/a\u003e bump version update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/5faa2748331d3edc661c127ef2fbb3afcb6b02a4\"\u003e\u003ccode\u003e5faa274\u003c/code\u003e\u003c/a\u003e Fix integer overflow in JRuby BCrypt rounds calculation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/aafc0332ac1aa0d774f2c864439596436f92d18d\"\u003e\u003ccode\u003eaafc033\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/294\"\u003e#294\u003c/a\u003e from bcrypt-ruby/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01f947a66ad8c5e20d8c89d9adbc7e3bd49afb70\"\u003e\u003ccode\u003e01f947a\u003c/code\u003e\u003c/a\u003e fix env url\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/92ca1d67deeb8e64dbe779396c52b177e307bc43\"\u003e\u003ccode\u003e92ca1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/293\"\u003e#293\u003c/a\u003e from bcrypt-ruby/truffleruby-ci-alt-implementation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/4d1d95b8ec624d0cf8ed1099402a7edd2f308da2\"\u003e\u003ccode\u003e4d1d95b\u003c/code\u003e\u003c/a\u003e Add TruffleRuby in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/36a04a2278fae3b38100912ff489b86cd0984b8a\"\u003e\u003ccode\u003e36a04a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/291\"\u003e#291\u003c/a\u003e from tenderlove/fix-publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/01cc68835f0bcdd7ef16de477471c112adb417da\"\u003e\u003ccode\u003e01cc688\u003c/code\u003e\u003c/a\u003e Move compilation after bundle install\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/commit/82e6c4c6cf81912768c68d721372e78330ff2c92\"\u003e\u003ccode\u003e82e6c4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/bcrypt-ruby/bcrypt-ruby/issues/290\"\u003e#290\u003c/a\u003e from tenderlove/bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bcrypt-ruby/bcrypt-ruby/compare/v3.1.20...v3.1.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nokogiri` from 1.18.7 to 1.19.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/releases\"\u003enokogiri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003ecfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem\r\n1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem\r\n0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem\r\n3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem\r\ndfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem\r\n1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem\r\n110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem\r\n7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem\r\n1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem\r\n4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem\r\n598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre\u003e\u003ccode\u003e11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem\r\neb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem\r\n572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem\r\n23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem\r\n0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem\r\n5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem\r\n05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem\r\n1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem\r\nf482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem\r\n1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem\r\ne304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md\"\u003enokogiri's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.1 / 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Address unchecked return value from \u003ccode\u003exmlC14NExecute\u003c/code\u003e which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-wx95-c6cv-8532\"\u003eGHSA-wx95-c6cv-8532\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.19.0 / 2025-12-28\u003c/h2\u003e\n\u003ch4\u003eRuby\u003c/h4\u003e\n\u003cp\u003eThis release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce native gem support for Ruby 4.0. \u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3590\"\u003e#3590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnd support for Ruby 3.1, for which \u003ca href=\"https://www.ruby-lang.org/en/downloads/branches/\"\u003eupstream support ended 2025-03-26\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnd support for JRuby 9.4 (which targets Ruby 3.1 compatibility).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.10 / 2025-09-15\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.9\"\u003ev2.13.9\u003c/a\u003e. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.\u003c/li\u003e\n\u003cli\u003e[CRuby] [Windows and MacOS] Vendored libiconv is updated to \u003ca href=\"https://savannah.gnu.org/news/?id=10703\"\u003ev1.18\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.9 / 2025-07-20\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-353f-x4gh-cqq8\"\u003eGHSA-353f-x4gh-cqq8\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.18.8 / 2025-04-21\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[CRuby] Vendored libxml2 is updated to \u003ca href=\"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.8\"\u003ev2.13.8\u003c/a\u003e to address CVE-2025-32414 and CVE-2025-32415. See \u003ca href=\"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-5w6v-399v-w3cc\"\u003eGHSA-5w6v-399v-w3cc\u003c/a\u003e for more information.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d9130457369de8a6efcb764e6da2cb80d5d3b6dd\"\u003e\u003ccode\u003ed913045\u003c/code\u003e\u003c/a\u003e version bump to v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/b81cb9869e8ed7d1785da3363ef490f455da96eb\"\u003e\u003ccode\u003eb81cb98\u003c/code\u003e\u003c/a\u003e doc: update CHANGELOG for upcoming v1.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/8e668095c6147def4a3ec044df5f2a478c8161c3\"\u003e\u003ccode\u003e8e66809\u003c/code\u003e\u003c/a\u003e C14n raise on failure (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3600\"\u003e#3600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/5b77f3d1c48cc09c92d10046c448a0866380eb4a\"\u003e\u003ccode\u003e5b77f3d\u003c/code\u003e\u003c/a\u003e Raise RuntimeError when canonicalization fails\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/edc559565819459d92f6db609f068f50491a57f9\"\u003e\u003ccode\u003eedc5595\u003c/code\u003e\u003c/a\u003e Thank sponsors in the README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d4dc245dfafd7ba42538051b0979306c8e5dc6f2\"\u003e\u003ccode\u003ed4dc245\u003c/code\u003e\u003c/a\u003e dep: update rdoc to v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/d77bfb66302532b90c0f340ed6b4ae74f275dde8\"\u003e\u003ccode\u003ed77bfb6\u003c/code\u003e\u003c/a\u003e version bump to v1.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/1eb5c2c035b360fd1195de0b274e901b6e0c12dd\"\u003e\u003ccode\u003e1eb5c2c\u003c/code\u003e\u003c/a\u003e dev: convert scripts/test-gem-set to use mise\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/88a120fd8198cd49b7cbe6388c92cd92d776407d\"\u003e\u003ccode\u003e88a120f\u003c/code\u003e\u003c/a\u003e dep: Add native Ruby 4 support, drop Ruby 3.1 support (v1.19.x) (\u003ca href=\"https://redirect.github.com/sparklemotion/nokogiri/issues/3592\"\u003e#3592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sparklemotion/nokogiri/commit/f8c8f74e846ea49d2cb221710cc08618842ba21e\"\u003e\u003ccode\u003ef8c8f74\u003c/code\u003e\u003c/a\u003e Skip the parser compression test for Windows system libs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sparklemotion/nokogiri/compare/v1.18.7...v1.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `carrierwave` from 1.3.4 to 2.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/releases\"\u003ecarrierwave's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/blob/v2.2.6/CHANGELOG.md\"\u003ecarrierwave's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.6 - 2024-03-23\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability remained (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e4317871\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-vfmv-jfc5-pjjw\"\u003eGHSA-vfmv-jfc5-pjjw\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.5 - 2023-11-29\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Type allowlist bypass vulnerability, possibly leading to XSS (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e39b282d\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj\"\u003eGHSA-gxhx-g4fq-49hj\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4 - 2023-06-10\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Ruby 2.7 keyword argument warning in uploader process (\u003ca href=\"https://github.com/SuperTux88\"\u003e\u003ccode\u003e@​SuperTux88\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2665\"\u003e#2665\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2636\"\u003e#2636\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2635\"\u003e#2635\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3 - 2022-11-21\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workaround for 'undefined method closed?' error caused by ssrf_filter 1.1 (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c74579d382ad124193e80cc5af71824a23de57e6\"\u003ec74579d\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2628\"\u003e#2628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd workaround for the API change in ssrf_filter 1.1 (\u003ca href=\"https://github.com/BrianHawley\"\u003e\u003ccode\u003e@​BrianHawley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2629\"\u003e#2629\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2625\"\u003e#2625\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2 - 2021-05-28\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eno implicit conversion of CSV into String\u003c/code\u003e error when parsing a CSV object (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2562\"\u003e#2562\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2559\"\u003e#2559\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1 - 2021-03-30\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace mimemagic with marcel due to licensing concern (\u003ca href=\"https://github.com/pjmartorell\"\u003e\u003ccode\u003e@​pjmartorell\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2551\"\u003e#2551\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFog storage's #clean_cache! breaks when non-cache objects exist in cache_dir (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/42c620a1a19afa61e15e617faa7ce9cc89ec1863\"\u003e42c620a1\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2532\"\u003e#2532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0 - 2021-02-23\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elibvips support through \u003ca href=\"https://github.com/janko/image_processing\"\u003eImageProcessing::Vips\u003c/a\u003e and \u003ca href=\"https://github.com/libvips/ruby-vips\"\u003eruby-vips\u003c/a\u003e (\u003ca href=\"https://github.com/rhymes\"\u003e\u003ccode\u003e@​rhymes\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2500\"\u003e#2500\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/e84219787aa1c95a55cbc78ad062b7539d8e5813\"\u003ee8421978\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4ae8dc64ff0dcbcf66c6d79df90268d57438df55\"\u003e4ae8dc64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProvide alternatives to whitelist/blacklist terminology as allowlist/denylist, while old ones are still available but deprecated (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2491\"\u003e#2491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport for the latest version of RMagick (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/88f24451352bda128825f857cde473107d98fca7\"\u003e88f24451\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e#(content_type|extension)_whitelist\u003c/code\u003e, \u003ccode\u003e#(content_type|extension)_blacklist\u003c/code\u003e are deprecated. Use \u003ccode\u003e#(content_type|extension)_allowlist\u003c/code\u003e and \u003ccode\u003e#(content_type|extension)_denylist\u003c/code\u003e instead (\u003ca href=\"https://github.com/grantbdev\"\u003e\u003ccode\u003e@​grantbdev\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2442\"\u003e#2442\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/4c3cac75f3a473e941045c23ebb781f61af67d79\"\u003e4c3cac75\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCalculate Fog expiration taking DST into account (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/f90e14ca91892d677ee6ed42321a21a2fe98f360\"\u003ef90e14ca\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2059\"\u003e#2059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSet correct content type on copy of fog files (\u003ca href=\"https://github.com/ZuevEvgenii\"\u003e\u003ccode\u003e@​ZuevEvgenii\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2503\"\u003e#2503\u003c/a\u003e, \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/6682f7ac5dd480269448a614026a5f4524e61550\"\u003e6682f7ac\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fog-google support to pass acl_header for public read if fog is public (\u003ca href=\"https://github.com/yosiat\"\u003e\u003ccode\u003e@​yosiat\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2525\"\u003e#2525\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2426\"\u003e#2426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix various URL escape issues by escaping on URI parse error only (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/3faf7491e33bd10ae8b3e0010501fc96a76c21c3\"\u003e3faf7491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2457\"\u003e#2457\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2473\"\u003e#2473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix instance variables \u003ccode\u003e@versions_to_*\u003c/code\u003e not initialized warning (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/c10b82ed2f7b20cb58772281e3510dc70c410732\"\u003ec10b82ed\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2493\"\u003e#2493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eSanitizedFile#move_to\u003c/code\u003e wrongly detects content_type based on the path before move (\u003ca href=\"https://github.com/mshibuya\"\u003e\u003ccode\u003e@​mshibuya\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/a42e1b4c504c6f69c4c4c7802ebd45523134c42e\"\u003ea42e1b4c\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2495\"\u003e#2495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix returning invalid content type on text files (\u003ca href=\"https://github.com/inkstak\"\u003e\u003ccode\u003e@​inkstak\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2474\"\u003e#2474\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2424\"\u003e#2424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip content type and extension filters where possible (\u003ca href=\"https://github.com/alexpooley\"\u003e\u003ccode\u003e@​alexpooley\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2464\"\u003e#2464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix file's \u003ccode\u003e#url\u003c/code\u003e being called twice, which might be costly for non-local files (\u003ca href=\"https://github.com/skyeagle\"\u003e\u003ccode\u003e@​skyeagle\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection failing with types which contain \u003ccode\u003e+\u003c/code\u003e symbol, such as \u003ccode\u003eimage/svg+xml\u003c/code\u003e (\u003ca href=\"https://github.com/sylvainbx\"\u003e\u003ccode\u003e@​sylvainbx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2489\"\u003e#2489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e#cached?\u003c/code\u003e to return boolean instead of \u003ccode\u003e@cache_id\u003c/code\u003e value (\u003ca href=\"https://github.com/kmiyake\"\u003e\u003ccode\u003e@​kmiyake\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2510\"\u003e#2510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mime type detection for MS Office files (\u003ca href=\"https://github.com/anthonypenner\"\u003e\u003ccode\u003e@​anthonypenner\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/pull/2447\"\u003e#2447\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/eb6359e79fee43d1c480b0f50d9a585b3c3b1c1c\"\u003e\u003ccode\u003eeb6359e\u003c/code\u003e\u003c/a\u003e Version 2.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/431787193795dda9b01a0ee748bd93e2ec7101c2\"\u003e\u003ccode\u003e4317871\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability remained\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/0fcff94cebce07b856531d6502b11466e8331409\"\u003e\u003ccode\u003e0fcff94\u003c/code\u003e\u003c/a\u003e Version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5\"\u003e\u003ccode\u003e39b282d\u003c/code\u003e\u003c/a\u003e Fix Content-Type allowlist bypass vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f91bee6487d8e5d8bd2c1a88dd25269a2c1e4d0\"\u003e\u003ccode\u003e2f91bee\u003c/code\u003e\u003c/a\u003e Version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/2f2d77a42e9f871ae342920581050cc6669e5c7c\"\u003e\u003ccode\u003e2f2d77a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/carrierwaveuploader/carrierwave/issues/2665\"\u003e#2665\u003c/a\u003e from SuperTux88/backport-kwargs-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/52237f4992c1dd39dca3bdbac7aa6b242947915d\"\u003e\u003ccode\u003e52237f4\u003c/code\u003e\u003c/a\u003e fix: ruby 2.7 kwarg warning in uploader process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/bdb0be021107a75faabdce4121e493ad3efdcea4\"\u003e\u003ccode\u003ebdb0be0\u003c/code\u003e\u003c/a\u003e File.exists? had been deprecated since Ruby 2.1 and has been deleted in Ruby 3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/ed8c518c8ac0186cb25623895ca40706a65bb7cd\"\u003e\u003ccode\u003eed8c518\u003c/code\u003e\u003c/a\u003e Forward to 1.x changelog for older changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/commit/baf5df7d9acea95f46eaea456743241ef3d644f5\"\u003e\u003ccode\u003ebaf5df7\u003c/code\u003e\u003c/a\u003e Version 2.2.3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/carrierwaveuploader/carrierwave/compare/v1.3.4...v2.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-sdk-s3` from 1.183.0 to 1.208.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md\"\u003eaws-sdk-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.208.0 (2025-12-16)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.207.0 (2025-12-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.206.0 (2025-12-02)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - New S3 Storage Class FSX_ONTAP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.205.0 (2025-11-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Enable / Disable ABAC on a general purpose bucket.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.204.0 (2025-11-19)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Adds support for blocking SSE-C writes to general purpose buckets.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.1 (2025-11-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIssue - Deprecated \u003ccode\u003e:checksum_mode\u003c/code\u003e parameter in \u003ccode\u003eFileDownloader#download\u003c/code\u003e. When set to \u0026quot;DISABLED\u0026quot;, a deprecation warning is issued and the parameter is ignored. Use \u003ccode\u003e:response_checksum_validation\u003c/code\u003e on the S3 client instead to control checksum validation behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.203.0 (2025-11-05)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Launch IPv6 dual-stack support for S3 Express\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.202.0 (2025-10-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.201.0 (2025-10-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature - Code Generated Changes, see \u003ccode\u003e./build_tools\u003c/code\u003e or \u003ccode\u003eaws-sdk-core\u003c/code\u003e's CHANGELOG.md for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIssue - Fix multipart upload to respect \u003ccode\u003erequest_checksum_calculation\u003c/code\u003e \u003ccode\u003ewhen_required\u003c/code\u003e mode.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.200.0 (2025-10-15)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws/aws-sdk-ruby/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actionview` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/c79a07df1e88738df8f68cb0ee759ad6128ca924\"\u003e\u003ccode\u003ec79a07d\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/9ab450a023290ff50ed37c8561880a78dabbf19a\"\u003e\u003ccode\u003e9ab450a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55490\"\u003e#55490\u003c/a\u003e from Earlopain/bump-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/95bee6a4c8132b4caf53e073f7b01ce5cdeed4a6\"\u003e\u003ccode\u003e95bee6a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55738\"\u003e#55738\u003c/a\u003e from skipkayhil/hm-nkxzsnnrqqlyrotw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6409b24dd20ee4076ec3dbefba9edc3376bf13f1\"\u003e\u003ccode\u003e6409b24\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55719\"\u003e#55719\u003c/a\u003e from skipkayhil/hm-fix-label-for-namespace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0160f42886e2ebeb7a0680f073b870326f14c12a\"\u003e\u003ccode\u003e0160f42\u003c/code\u003e\u003c/a\u003e Sync CHANGELOGs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activerecord` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactiverecord's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2f3eb21bd6da9a4935314d4a0663c473c4d33700\"\u003e\u003ccode\u003e2f3eb21\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6981fd2fbeadc8bc7db6547604cf2df13cb18a40\"\u003e\u003ccode\u003e6981fd2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55969\"\u003e#55969\u003c/a\u003e from rails/fix-explain-tests-mysql-9.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/52347e0467445b350f482838da5bb503c155eb72\"\u003e\u003ccode\u003e52347e0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55938\"\u003e#55938\u003c/a\u003e from aidanharan/truthy-condition-mssql\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d2826215f9c9c1fe2f1c91e292171a042be1e9c5\"\u003e\u003ccode\u003ed282621\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55925\"\u003e#55925\u003c/a\u003e from flavorjones/flavorjones/shard-swap-prohibition...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/511dbf2665746e54240c07b93b0d0ddc184873f9\"\u003e\u003ccode\u003e511dbf2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55907\"\u003e#55907\u003c/a\u003e from ruyrocha/fix/sqlite3-data-loss\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bf9219d62aed746260e853cebe98503c8c27cdd5\"\u003e\u003ccode\u003ebf9219d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55918\"\u003e#55918\u003c/a\u003e from baarde/with-bound-sql-literals\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/865bc776d039645bd4b7f2c826ab4e0aaadf51b6\"\u003e\u003ccode\u003e865bc77\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55332\"\u003e#55332\u003c/a\u003e from zzak/re-54882\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/dee79c4a74723ce8016b2e96e3d6d5723f673aa6\"\u003e\u003ccode\u003edee79c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55778\"\u003e#55778\u003c/a\u003e from ianterrell/ianterrell/fix-autosave-changed-via...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activestorage` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivestorage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/955284d26e469a9c026a4eee5b21f0414ab0bccf\"\u003e\u003ccode\u003e955284d\u003c/code\u003e\u003c/a\u003e Prevent glob injection in ActiveStorage DiskService#delete_prefixed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a290c8a1ec189d793aa6d7f2570b6a763f675348\"\u003e\u003ccode\u003ea290c8a\u003c/code\u003e\u003c/a\u003e Prevent path traversal in ActiveStorage DiskService\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8fcb934caadc79c8cc4ce53287046d0f67005b3e\"\u003e\u003ccode\u003e8fcb934\u003c/code\u003e\u003c/a\u003e Active Storage: Filter user supplied metadata in DirectUploadController\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/d7da4ef03f99035fba5add8828646f1e9173549c\"\u003e\u003ccode\u003ed7da4ef\u003c/code\u003e\u003c/a\u003e ActiveStorage::Streaming limit range requests to a single range\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2cd933c366b777f873d4d590127da2f4a25e4ba5\"\u003e\u003ccode\u003e2cd933c\u003c/code\u003e\u003c/a\u003e Configurable maxmimum streaming chunk size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/82f2c96c394b0cf2c2208a7cbf8ebb4fa591ebd6\"\u003e\u003ccode\u003e82f2c96\u003c/code\u003e\u003c/a\u003e Disable GCS tests in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/529f933fc8b13114d308dd0752f76a9e293c8537\"\u003e\u003ccode\u003e529f933\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.3 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `activesupport` from 8.0.2 to 8.0.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactivesupport's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.0.4.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/a79efed95797b196575a98845dc989e3106a9acb\"\u003e\u003ccode\u003ea79efed\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ac7979b1183bd659779245eaf2850f666cb8aafe\"\u003e\u003ccode\u003eac7979b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/29154f1097da13d48fdb3200760b3e3da66dcb11\"\u003e\u003ccode\u003e29154f1\u003c/code\u003e\u003c/a\u003e Improve performance of NumberToDelimitedConverter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/6e8a81108001d58043de9e54a06fca58962fc2db\"\u003e\u003ccode\u003e6e8a811\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856\"\u003e\u003ccode\u003eee2c59e\u003c/code\u003e\u003c/a\u003e NumberConverter: reject scientific notation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/5b6ad9db89b30b48753cced1fb261781a716fcb4\"\u003e\u003ccode\u003e5b6ad9d\u003c/code\u003e\u003c/a\u003e Lock some dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/624fe3cdb9ab774ff598af29f408425178da6677\"\u003e\u003ccode\u003e624fe3c\u003c/code\u003e\u003c/a\u003e Preparing for 8.0.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0ddf2c97b27d25aa1e450545d59ff867df31253f\"\u003e\u003ccode\u003e0ddf2c9\u003c/code\u003e\u003c/a\u003e Delete test that now fails with new version of benchmark gem\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/3c7a8a8208221c3f01bc841a8f7015ea00e86427\"\u003e\u003ccode\u003e3c7a8a8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55864\"\u003e#55864\u003c/a\u003e from RicardoTrindade/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/00e1dfa973ce121d767c299a02d05b028caf8b5c\"\u003e\u003ccode\u003e00e1dfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55840\"\u003e#55840\u003c/a\u003e from zzak/asup-xml-mini-bigdecimal-float-precision\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v8.0.2...v8.0.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uri` from 1.0.3 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/uri/releases\"\u003euri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-allow consecutive, leading and trailing dots in EMAIL_REGEXP by \u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/osyoyu\"\u003e\u003ccode\u003e@​osyoyu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/189\"\u003eruby/uri#189\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/ruby/uri/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to use the latest version of setup-ruby and bump up to Ruby 3.4 by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/158\"\u003eruby/uri#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the mention to removed \u003ccode\u003eURI.escape/URI::Escape\u003c/code\u003e by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse a fully qualified name in warning messages by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/150\"\u003eruby/uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eRactor#value\u003c/code\u003e by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/163\"\u003eruby/uri#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved unnecessary workaround  by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/164\"\u003eruby/uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape reserved characters in scheme name by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/148\"\u003eruby/uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[DOC] State that uri library is needed to call Kernel#URI by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/167\"\u003eruby/uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer dedicated assertion methods by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/169\"\u003eruby/uri#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the message for unexpected argument by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/171\"\u003eruby/uri#171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake URI::regexp schemes case sensitive (\u003ca href=\"https://redirect.github.com/ruby/uri/issues/38\"\u003e#38\u003c/a\u003e) by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/170\"\u003eruby/uri#170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe local part should not contain leading or trailing dots in the EMAIL_REGEXP by \u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMore checks in \u003ccode\u003eEMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/172\"\u003eruby/uri#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not allow empty host names, as they are not allowed by RFC 3986 by \u003ca href=\"https://github.com/jeremyevans\"\u003e\u003ccode\u003e@​jeremyevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/116\"\u003eruby/uri#116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove performance of \u003ccode\u003eURI::MailTo::EMAIL_REGEXP\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/173\"\u003eruby/uri#173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePerformance test stability by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/174\"\u003eruby/uri#174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documents that used \u003ccode\u003eURI::Parser\u003c/code\u003e by \u003ca href=\"https://github.com/nobu\"\u003e\u003ccode\u003e@​nobu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/175\"\u003eruby/uri#175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a workflow to sync commits to ruby/ruby by \u003ca href=\"https://github.com/k0kubun\"\u003e\u003ccode\u003e@​k0kubun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/183\"\u003eruby/uri#183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eirb\u003c/code\u003e to the Gemfile to fix the warning by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/182\"\u003eruby/uri#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace reference to the obsolete URI.escape with URI::RFC2396_PARSER.escape by \u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch a parsing behavior completely when switching a parser by \u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/161\"\u003eruby/uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimprove error message by \u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse generic version number to VERSION by \u003ca href=\"https://github.com/hsbt\"\u003e\u003ccode\u003e@​hsbt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/187\"\u003eruby/uri#187\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y-yagi\"\u003e\u003ccode\u003e@​y-yagi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/146\"\u003eruby/uri#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nlevchuk\"\u003e\u003ccode\u003e@​nlevchuk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/124\"\u003eruby/uri#124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vivshaw\"\u003e\u003ccode\u003e@​vivshaw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/166\"\u003eruby/uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/soda92\"\u003e\u003ccode\u003e@​soda92\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ruby/uri/pull/130\"\u003eruby/uri#130\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.4...v1.1.0\"\u003ehttps://github.com/ruby/uri/compare/v1.0.4...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.4\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/\"\u003eCVE-2025-61594\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/f1b05c89ab38667e7564896f994d4d6cfbc67149\"\u003e\u003ccode\u003ef1b05c8\u003c/code\u003e\u003c/a\u003e v1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/8557e8d470ad7b969ba11d210e33b9570919661d\"\u003e\u003ccode\u003e8557e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/189\"\u003e#189\u003c/a\u003e from osyoyu/restore-whatwg-email-regexp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c551d7020bba3cf452e696d55c451ae951d0f24b\"\u003e\u003ccode\u003ec551d70\u003c/code\u003e\u003c/a\u003e Re-allow consecutive, leading and trailing dots in EMAIL_REGEXP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/c41903b3e4df8ba2ceba16a80d3156a97a81e038\"\u003e\u003ccode\u003ec41903b\u003c/code\u003e\u003c/a\u003e v1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/b433f3499202b2abc27c5211554195243d083f88\"\u003e\u003ccode\u003eb433f34\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/187\"\u003e#187\u003c/a\u003e from ruby/switch-version-code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/1fc4f0496a2d44f4af317d8f786a50e9f6918656\"\u003e\u003ccode\u003e1fc4f04\u003c/code\u003e\u003c/a\u003e Use generic version number to VERSION and generate VERSION_CODE from that\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/e8306800d9b58f37f3847e8d598599cb1ef36f3c\"\u003e\u003ccode\u003ee830680\u003c/code\u003e\u003c/a\u003e Exclude dependabot updates from release note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/70d245fa46786b9aa4970c4b815cfe8b1b823bf6\"\u003e\u003ccode\u003e70d245f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/130\"\u003e#130\u003c/a\u003e from soda92/improve-error-message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/d629c8c1541330e4fc50879fbafc0701728e447f\"\u003e\u003ccode\u003ed629c8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/161\"\u003e#161\u003c/a\u003e from y-yagi/fix_changing_parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/uri/commit/fec6733919edb140bbdc429ed4b0492776ebc4a2\"\u003e\u003ccode\u003efec6733\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ruby/uri/issues/166\"\u003e#166\u003c/a\u003e from vivshaw/vivshaw/correct-obsolete-parse\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ruby/uri/compare/v1.0.3...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/LelandParker/openproject/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/LelandParker/openproject/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/LelandParker%2Fopenproject/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"7.2.2.2","new_version":"7.2.3.1","update_type":"patch","path":null,"pr_created_at":"2026-03-24T00:32:21.000Z","version_change":"7.2.2.2 → 7.2.3.1","issue":{"uuid":"4124492502","node_id":"PR_kwDOGBMFYc7M2RAq","number":3265,"state":"open","title":"Bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:32:21.000Z","updated_at":"2026-03-24T00:32:32.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/communitiesuk/submit-social-housing-lettings-and-sales-data/pull/3265","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/communitiesuk%2Fsubmit-social-housing-lettings-and-sales-data/issues/3265","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3265/packages"}},{"old_version":"7.2.2.2","new_version":"7.2.3.1","update_type":"patch","path":null,"pr_created_at":"2026-03-24T00:27:45.000Z","version_change":"7.2.2.2 → 7.2.3.1","issue":{"uuid":"4124479514","node_id":"PR_kwDOBkzfZ87M2OYw","number":746,"state":"open","title":"Bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:27:45.000Z","updated_at":"2026-03-24T00:34:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/curationexperts/cypripedium/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/curationexperts/cypripedium/pull/746","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/curationexperts%2Fcypripedium/issues/746","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/746/packages"}},{"old_version":"7.2.3","new_version":"7.2.3.1","update_type":null,"path":null,"pr_created_at":"2026-03-24T00:27:21.000Z","version_change":"7.2.3 → 7.2.3.1","issue":{"uuid":"4124478281","node_id":"PR_kwDOG_HFPM7M2OIv","number":538,"state":"open","title":"chore(deps): bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:27:21.000Z","updated_at":"2026-03-24T00:29:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aspect-build/bazel-examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/aspect-build/bazel-examples/pull/538","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aspect-build%2Fbazel-examples/issues/538","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/538/packages"}},{"old_version":"7.2.2.2","new_version":"7.2.3.1","update_type":"patch","path":null,"pr_created_at":"2026-03-24T00:25:46.000Z","version_change":"7.2.2.2 → 7.2.3.1","issue":{"uuid":"4124473447","node_id":"PR_kwDOP6mwe87M2NJ3","number":25,"state":"open","title":"chore(deps): bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-24T00:25:46.000Z","updated_at":"2026-03-24T00:26:49.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Bulletdev/prostaff-api/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Bulletdev/prostaff-api/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Bulletdev%2Fprostaff-api/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"}},{"old_version":"7.2.3","new_version":"7.2.3.1","update_type":null,"path":null,"pr_created_at":"2026-03-24T00:23:56.000Z","version_change":"7.2.3 → 7.2.3.1","issue":{"uuid":"4124467330","node_id":"PR_kwDOANpmx87M2L4C","number":316,"state":"closed","title":"Bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-24T06:33:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:23:56.000Z","updated_at":"2026-03-24T06:33:32.000Z","time_to_close":22175,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AlchemyCMS/alchemy-demo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AlchemyCMS/alchemy-demo/pull/316","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AlchemyCMS%2Falchemy-demo/issues/316","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/316/packages"}},{"old_version":"7.2.3","new_version":"7.2.3.1","update_type":null,"path":null,"pr_created_at":"2026-03-24T00:17:35.000Z","version_change":"7.2.3 → 7.2.3.1","issue":{"uuid":"4124448364","node_id":"PR_kwDOA1pUms7M2ISR","number":59,"state":"closed","title":"Bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-17T18:19:20.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:17:35.000Z","updated_at":"2026-05-17T18:19:22.000Z","time_to_close":4730505,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ardell/active_record_rate_limiter/network/alerts).\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.\n","html_url":"https://github.com/ardell/active_record_rate_limiter/pull/59","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ardell%2Factive_record_rate_limiter/issues/59","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/59/packages"}},{"old_version":"7.2.3","new_version":"7.2.3.1","update_type":null,"path":null,"pr_created_at":"2026-03-24T00:14:57.000Z","version_change":"7.2.3 → 7.2.3.1","issue":{"uuid":"4124436492","node_id":"PR_kwDODCDZ8s7M2GfI","number":746,"state":"closed","title":"Bump actionview from 7.2.3 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-31T00:28:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:14:57.000Z","updated_at":"2026-03-31T00:28:08.000Z","time_to_close":605589,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.3","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.3 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.3...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.3\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rdunlop/iuf-membership/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/rdunlop/iuf-membership/pull/746","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rdunlop%2Fiuf-membership/issues/746","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/746/packages"}},{"old_version":"7.2.2.2","new_version":"7.2.3.1","update_type":"patch","path":null,"pr_created_at":"2026-03-24T00:14:00.000Z","version_change":"7.2.2.2 → 7.2.3.1","issue":{"uuid":"4124430430","node_id":"PR_kwDOJb09kc7M2Fkg","number":99,"state":"closed","title":"Bump actionview from 7.2.2.2 to 7.2.3.1","user":"dependabot[bot]","labels":["dependencies","ruby"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-24T01:38:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-24T00:14:00.000Z","updated_at":"2026-03-24T01:38:18.000Z","time_to_close":5057,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actionview","old_version":"7.2.2.2","new_version":"7.2.3.1","repository_url":"https://github.com/rails/rails"}],"path":null,"ecosystem":"rubygems"},"body":"Bumps [actionview](https://github.com/rails/rails) from 7.2.2.2 to 7.2.3.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rails/rails/releases\"\u003eactionview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.2.3.1\u003c/h2\u003e\n\u003ch2\u003eActive Support\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eReject scientific notation in NumberConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33176]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003eSafeBuffer#%\u003c/code\u003e to preserve unsafe status\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33170]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove performance of NumberToDelimitedConverter\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33169]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eJean Boussier\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Model\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Record\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction View\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSkip blank attribute names in tag helpers to avoid generating invalid HTML.\u003c/p\u003e\n\u003cp\u003e[CVE-2026-33168]\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMike Dalessio\u003c/em\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAction Pack\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eActive Job\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/ba76fca032a66f3716ca8a661c9ddb006acaf885\"\u003e\u003ccode\u003eba76fca\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/8a379f43ea3e1c62fc7f6eabc1808ae9f74f726d\"\u003e\u003ccode\u003e8a379f4\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/0b6f8002b52b9c606fd6be9e7915d9f944cf539c\"\u003e\u003ccode\u003e0b6f800\u003c/code\u003e\u003c/a\u003e Skip blank attribute names in Action View tag helpers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/bb2bdef2925433a0c5db31b873f9faddf2e2e65d\"\u003e\u003ccode\u003ebb2bdef\u003c/code\u003e\u003c/a\u003e Preparing for 7.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b5a9a37ecafd4add60e1677ca3c248b020909c6d\"\u003e\u003ccode\u003eb5a9a37\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55809\"\u003e#55809\u003c/a\u003e from zzak/8-0-rubocop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/b14489e818bae071db43e38018b1cc8f757edccc\"\u003e\u003ccode\u003eb14489e\u003c/code\u003e\u003c/a\u003e Sync CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/f96593cdd05cd85ba208ff1603b5b482211765c7\"\u003e\u003ccode\u003ef96593c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55725\"\u003e#55725\u003c/a\u003e from byroot/js-include-type-module-sym\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/788fde003c6433275fe5f3a8d314c305714858e6\"\u003e\u003ccode\u003e788fde0\u003c/code\u003e\u003c/a\u003e Merge branch '7-2-sec' into 7-2-stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/2db40ab3410db940c37611bd2d2d795ba09f7ed3\"\u003e\u003ccode\u003e2db40ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rails/rails/issues/55476\"\u003e#55476\u003c/a\u003e from jonathanhefner/excerpt-with-non-whitespace-sep...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rails/rails/commit/02f0a4a07c31146c8339b0035882e5920ab487d2\"\u003e\u003ccode\u003e02f0a4a\u003c/code\u003e\u003c/a\u003e Replace \u0026quot;mailing list\u0026quot; with \u0026quot;forum\u0026quot; [ci-skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rails/rails/compare/v7.2.2.2...v7.2.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actionview\u0026package-manager=bundler\u0026previous-version=7.2.2.2\u0026new-version=7.2.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/snex/xpg/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/snex/xpg/pull/99","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/snex%2Fxpg/issues/99","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/99/packages"}}]}