Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

actionpack

Ecosystem:
rubygems
Package URL:
pkg:gem/actionpack
Total PRs:
241 Dependabot PRs
Latest PR:
3 months ago
Unique Repositories:
192 repositories
Unique Repos (30 days):
0 repositories
Security Advisories
Actionpack Open Redirect Vulnerability
GHSA-8877-prq4-9xfw CVE-2021-22881 MODERATE published over 5 years ago • updated about 11 hours ago
The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` head...
actionpack is vulnerable to remote bypass authentication
GHSA-p692-7mm3-3fxg CVE-2015-7576 LOW published over 8 years ago • updated about 11 hours ago
The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation...
Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
GHSA-vfg9-r3fq-jvx4 CVE-2024-47887 MODERATE published over 1 year ago • updated 8 days ago
There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier C...
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch
GHSA-x76w-6vjr-8xgj CVE-2024-41128 MODERATE published over 1 year ago • updated 6 days ago
There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE ...
Possible DoS Vulnerability in Action Controller Token Authentication
GHSA-7wjx-3g7j-8584 CVE-2021-22904 HIGH published about 5 years ago • updated about 11 hours ago
There is a possible DoS vulnerability in the Token Authentication logic in Action Controller. Versions Affected: >= 4.0.0 Not affected: < 4...
View all 59 advisories
Recent PRs
RSS Feed
[bundler] Bump the rails group with 4 updates

guideline-tech/subroutine #178

8.1.2.1 → 8.1.3 Patch PR
Open 3 months ago 1 comment
guideline-tech
Bump actionpack from 8.1.2.1 to 8.1.3

ecosyste-ms/summary #899

8.1.2.1 → 8.1.3 Patch PR
Closed 3 months ago 1 comment
ecosyste-ms
DEPS: Bump the rails group with 8 updates

discourse/discourse #38840

8.0.4 → 8.0.5 Patch PR
Open 3 months ago 1 comment
discourse
build(deps): bump actionpack from 8.1.2 to 8.1.2.1

sap-contributions/cloud_controller_ng #506

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
sap-contributions
Bump the bundler group across 1 directory with 7 updates

pboling/rack-cors #11

3.2.19 → 8.1.2.1 Major PR
Closed 3 months ago 1 comment
pboling
Bump the bundler group across 1 directory with 7 updates

saturnflyer/ice_cube_select #10

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
saturnflyer
Bump actionpack from 8.1.2 to 8.1.2.1

hackclub/forge #16

8.1.2 → 8.1.2.1
Closed 3 months ago 5 comments
hackclub
Bump the bundler group across 3 directories with 1 update

mgmodell/devise-multi_email #28

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
mgmodell
Bump actionpack from 8.1.2 to 8.1.2.1

isprambiente/Partecipo #171

8.1.2 → 8.1.2.1
Closed 3 months ago 2 comments
isprambiente
Bump actionpack from 8.1.2 to 8.1.2.1

romkey/pdxhackerspace-gunky #16

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
romkey
Build(deps): bump actionpack from 8.1.2 to 8.1.2.1

alphagov/travel-advice-publisher #2501

8.1.2 → 8.1.2.1
Closed 3 months ago 2 comments
alphagov
Bump actionpack from 8.1.2 to 8.1.2.1

merrelltd72/song-tracker #23

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
merrelltd72
Bump actionpack from 8.1.2 to 8.1.2.1

Grigore-George-Mihai/default_template_r8 #41

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
Grigore-George-Mihai
Bump actionpack from 8.1.2 to 8.1.2.1

bunnymatic/mau #584

8.1.2 → 8.1.2.1
Closed 3 months ago 2 comments
bunnymatic
Bump actionpack from 8.1.2 to 8.1.2.1

unasuke/chachat #172

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
unasuke
Bump actionpack from 8.1.2 to 8.1.2.1

heroku/ruby-getting-started #219

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
heroku
chore(deps-dev): Bump actionpack from 8.1.2 to 8.1.2.1

pooza/mulukhiya-toot-proxy #4180

8.1.2 → 8.1.2.1
Closed 3 months ago 2 comments
pooza
build(deps): bump actionpack from 8.1.2 to 8.1.2.1

ekaraage/or4cle2 #190

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
ekaraage
Bump actionpack from 8.1.2 to 8.1.2.1

Crown-Commercial-Service/crown-marketplace-legacy #2344

8.1.2 → 8.1.2.1
Closed 3 months ago 2 comments
Crown-Commercial-Service
chore(deps): bump actionpack from 8.1.2 to 8.1.2.1

alec-c4/inertia_i18n #5

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
alec-c4
Bump actionpack from 8.1.2 to 8.1.2.1

mockdeep/questlog #2660

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
mockdeep
Bump actionpack from 8.1.2 to 8.1.2.1

katalyst/content #115

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
katalyst
Bump actionpack from 8.1.2 to 8.1.2.1

greasyfork-org/greasyfork #1517

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
greasyfork-org
Bump actionpack from 8.1.2 to 8.1.2.1

activeadmin/demo.activeadmin.info #941

8.1.2 → 8.1.2.1
Closed 3 months ago 2 comments
activeadmin
Bump actionpack from 8.1.2 to 8.1.2.1 in the bundler group across 1 directory

PRX/dovetail-insights #217

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
PRX
build(deps): bump actionpack from 8.1.2 to 8.1.2.1 in the bundler group across 1 directory

ngudbhav/rails-api-boilerplate #230

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
ngudbhav
Bump actionpack from 8.1.2 to 8.1.2.1

ecosyste-ms/ruby #300

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
ecosyste-ms
chore(deps): Bump actionpack from 8.1.2 to 8.1.2.1

openmensa/openmensa #1485

8.1.2 → 8.1.2.1
Open 3 months ago 2 comments
openmensa
build(deps): bump actionpack from 8.1.2 to 8.1.2.1 in the bundler group across 1 directory

nayu7u/toy-rails-sample #113

8.1.2 → 8.1.2.1
Closed 3 months ago 1 comment
nayu7u
Bump actionpack from 8.1.1 to 8.1.2.1

mrballistic/kxdToys #7

8.1.1 → 8.1.2.1 Patch PR
Closed 3 months ago 1 comment
mrballistic
Bump actionpack from 8.1.1 to 8.1.2.1

qbwc/qbwc #166

8.1.1 → 8.1.2.1 Patch PR
Closed 3 months ago 1 comment
qbwc
Bump actionpack from 6.1.5.1 to 7.0.8.7

kaspernj/peakflow_utils #220

6.1.5.1 → 7.0.8.7 Major PR
Closed 5 months ago 1 comment
kaspernj
Bump the dependencies group across 1 directory with 15 updates

moneybird/mail_auto_link_obfuscation #287

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
moneybird
Bump actionpack from 8.1.1 to 8.1.2

kddnewton/rails-pattern_matching #160

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
kddnewton
Bump actionpack from 8.1.1 to 8.1.2

davidrunger/david_runger #8038

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
davidrunger
Bump the bundler group across 1 directory with 4 updates

otvorenesudy/otvorenesudy-prokuratura #46

7.1.4.1 → 7.1.5.1 Patch PR
Closed 6 months ago 1 comment
otvorenesudy
deps(deps): bump the production-dependencies group with 54 updates

patrick204nqh/dbwatcher #79

7.2.2.2 → 7.2.3 Patch PR
Open 6 months ago 3 comments
patrick204nqh
Bump the gem-dependencies group with 12 updates

DFE-Digital/teaching-vacancies #8343

8.0.4 → 8.1.1 Minor PR
Closed 7 months ago 4 comments
DFE-Digital
Bump actionpack from 6.1.7.5 to 7.1.6

peopleforce/validate_params #114

6.1.7.5 → 7.1.6 Major PR
Open 7 months ago 1 comment
peopleforce
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #109

8.0.2.1 → 8.0.4 Patch PR
Open 7 months ago 2 comments
greptile-bench
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #69

8.0.2.1 → 8.0.4 Patch PR
Open 7 months ago 2 comments
greptile-bench
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #13

8.0.2.1 → 8.0.4 Patch PR
Open 7 months ago 4 comments
greptile-bench
build(deps): bump the bundler group with 37 updates

ministryofjustice/laa-apply-for-legal-aid #8125

8.0.3 → 8.1.1 Minor PR
Open 7 months ago 1 comment
ministryofjustice
Chore(deps): Bump the bundler group with 25 updates

ministryofjustice/legal-framework-api #1621

8.0.3 → 8.0.4 Patch PR
Open 7 months ago 1 comment
ministryofjustice
ui-dev: bump actionpack from 7.2.2.2 to 7.2.3 in /server/src/main/webapp/WEB-INF/rails

mjsorribas/gocd #910

7.2.2.2 → 7.2.3 Patch PR
Closed 8 months ago 1 comment
mjsorribas
chore(deps): bump actionpack from 8.0.3 to 8.0.4

mishina2228/oanda-api-rails #2298

8.0.3 → 8.0.4 Patch PR
Closed 8 months ago 1 comment
mishina2228
ui-dev: bump actionpack from 7.2.2.2 to 7.2.3 in /server/src/main/webapp/WEB-INF/rails

gocd/gocd #13946

7.2.2.2 → 7.2.3 Patch PR
Closed 8 months ago 1 comment
gocd
Bump actionpack from 8.0.3 to 8.1.1

excid3/ferrum_pdf #115

8.0.3 → 8.1.1 Minor PR
Closed 8 months ago 2 comments
excid3
Bump actionpack from 8.0.3 to 8.0.4

ecosyste-ms/funds #452

8.0.3 → 8.0.4 Patch PR
Closed 8 months ago 1 comment
ecosyste-ms
[bundler] Bump actionpack from 8.0.3 to 8.1.0

guideline-tech/subroutine #125

8.0.3 → 8.1.0 Minor PR
Closed 8 months ago 2 comments
guideline-tech
Package Details
Name: actionpack
Ecosystem: rubygems
PURL Type: gem
Package URL: pkg:gem/actionpack
JSON API: View JSON
Security Advisories

59

Active advisories
HIGH 11
MODERATE 42
LOW 6
View All gem Advisories
Package Information
Description:

Web apps on Rails. Simple, battle-tested conventions for building and testing MVC web applications. Works with any Rack-compatible server.

Repository: https://github.com/rails/rails
Homepage: https://rubyonrails.org
Latest Release: 8.0.2
over 1 year ago
Dependent Repos: 876,080
Dependent Packages: 1,688
Downloads: 655,515,484
Ranking: Top 0.0123% by dependent repos Top 0.0206% by downloads Top 0.0307% by dependent pkgs
PR Status
Open 87 (36.1%)
Merged 45 (18.7%)
Closed 96 (39.8%)
PR Types
Major 18 (7.5%)
Minor 7 (2.9%)
Patch 90 (37.3%)