Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

activerecord

Ecosystem:
rubygems
Package URL:
pkg:gem/activerecord
Total PRs:
1,385 Dependabot PRs
Latest PR:
5 days ago
Unique Repositories:
1,149 repositories
Unique Repos (30 days):
4 repositories
Security Advisories
Rails ActiveRecord gem vulnerable to SQL injection
GHSA-xf96-32q2-9rw2 CVE-2008-4094 HIGH published over 8 years ago • updated 1 day ago
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) `:limit` ...
Active Record subject to Regular Expression Denial-of-Service (ReDoS)
GHSA-8hc4-xxm3-5ppp CVE-2021-22880 HIGH published almost 5 years ago • updated 1 day ago
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability....
activerecord vulnerable to SQL Injection
GHSA-h6w6-xmqv-7q78 CVE-2011-2930 HIGH published over 8 years ago • updated 3 days ago
Multiple SQL injection vulnerabilities in the `quote_table_name` method in the ActiveRecord adapters in `activerecord/lib/active_record/connection_...
SQL Injection Vulnerability via ActiveRecord comments
GHSA-hq7p-j377-6v63 CVE-2023-22794 HIGH published about 3 years ago • updated 2 days ago
There is a possible vulnerability in ActiveRecord related to the sanitization of comments. This vulnerability has been assigned the CVE identifier ...
Active Record contains deserialization of arbitrary YAML
GHSA-fhj9-cjjh-27vm CVE-2013-0277 CRITICAL published over 8 years ago • updated 2 days ago
ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via...
View all 23 advisories
Recent PRs
RSS Feed
Bump activerecord from `1218814` to `e0e483e`

Shopify/semian #1030

`1218814` → `e0e483e`
Closed 5 days ago 1 comment
Shopify
Bump activerecord from `1218814` to `6174579`

Shopify/semian #1027

`1218814` → `6174579`
Closed 9 days ago 1 comment
Shopify
Bump activerecord from 8.0.2 to 8.0.2.1

Thiagogmr1/Rails-Store #4

8.0.2 → 8.0.2.1
Closed 12 days ago 1 comment
Thiagogmr1
Bump the bundler group across 1 directory with 7 updates

Synxsystemtool/maybe #4

7.2.2.1 → 7.2.2.2
Open 16 days ago 3 comments
Synxsystemtool
Bump the bundler group across 1 directory with 8 updates

Synxsystemtool/maybe #2

7.2.2.1 → 7.2.2.2
Closed 16 days ago 4 comments
Synxsystemtool
Bump activerecord from `1218814` to `49bb5eb`

Shopify/semian #1013

`1218814` → `49bb5eb`
Closed 17 days ago 1 comment
Shopify
Bump activerecord from `1218814` to `2b4feed`

Shopify/semian #1007

`1218814` → `2b4feed`
Closed 19 days ago 1 comment
Shopify
build(deps): bump activerecord from 7.2.2.1 to 7.2.2.2 in /backend

shiba-mountain/minnaka-map #128

7.2.2.1 → 7.2.2.2
Closed 23 days ago 2 comments
shiba-mountain
Bump activerecord from `1218814` to `7f1f459`

Shopify/semian #996

`1218814` → `7f1f459`
Closed 23 days ago 1 comment
Shopify
Bump activerecord from `1218814` to `21ecb99`

Shopify/semian #982

`1218814` → `21ecb99`
Closed 29 days ago 1 comment
Shopify
Bump activerecord from `1218814` to `01fb87c`

Shopify/semian #977

`1218814` → `01fb87c`
Closed about 1 month ago 1 comment
Shopify
Bump activerecord from `1218814` to `3a49610`

Shopify/semian #975

`1218814` → `3a49610`
Closed about 1 month ago 1 comment
Shopify
Bump activerecord from 7.2.2.1 to 7.2.2.2 in the bundler group across 1 directory

Sunriseaiteam/maybe #2

7.2.2.1 → 7.2.2.2
Closed about 1 month ago 1 comment
Sunriseaiteam
Bump the dependencies group across 1 directory with 15 updates

moneybird/mail_auto_link_obfuscation #287

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
moneybird
chore(deps): bump activerecord from 8.0.2 to 8.1.2

WailanTirajoh/dbviewer #50

8.0.2 → 8.1.2 Minor PR
Open about 1 month ago 1 comment
WailanTirajoh
Bump activerecord from 8.1.1 to 8.1.2

ecosyste-ms/funds #543

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
ecosyste-ms
Bump activerecord from 8.1.1 to 8.1.2

ecosyste-ms/timeline #893

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
ecosyste-ms
Bump activerecord from 8.1.1 to 8.1.2

kp-forks/beef #388

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
kp-forks
Bump activerecord from 8.0.2 to 8.0.2.1

acep-aedg/aedg-explorer #165

8.0.2 → 8.0.2.1
Closed about 1 month ago 3 comments
acep-aedg
Bump the bundler group across 1 directory with 5 updates

morooka-cube/rails8-store #81

8.0.2 → 8.0.2.1
Closed about 2 months ago 1 comment
morooka-cube
Bump the bundler group across 1 directory with 4 updates

otvorenesudy/otvorenesudy-prokuratura #46

7.1.4.1 → 7.1.5.1 Patch PR
Closed about 2 months ago 1 comment
otvorenesudy
Bump activerecord from `1218814` to `a9ee16f`

Shopify/semian #949

`1218814` → `a9ee16f`
Closed about 2 months ago 1 comment
Shopify
deps(deps): bump the production-dependencies group with 54 updates

patrick204nqh/dbwatcher #79

7.2.2.2 → 7.2.3 Patch PR
Open about 2 months ago 3 comments
patrick204nqh
Bump activerecord from `1218814` to `e037ed2`

Shopify/semian #928

`1218814` → `e037ed2`
Closed 2 months ago 1 comment
Shopify
Bump activerecord from `1218814` to `01e5a0c`

Shopify/semian #917

`1218814` → `01e5a0c`
Closed 2 months ago 1 comment
Shopify
Bump activerecord from 7.2.1.1 to 7.2.2.2

gac2117/makeup-by-yuna2 #48

7.2.1.1 → 7.2.2.2 Patch PR
Closed 2 months ago 1 comment
gac2117
build(deps): bump the bundler group across 1 directory with 3 updates

DFE-Digital/buy-for-your-school #2399

7.2.2.1 → 7.2.2.2
Open 2 months ago 3 comments
DFE-Digital
Bump activerecord from `7af1254` to `56cec19`

Shopify/semian #901

`7af1254` → `56cec19`
Closed 3 months ago 1 comment
Shopify
Bump the gem-dependencies group with 12 updates

DFE-Digital/teaching-vacancies #8343

8.0.4 → 8.1.1 Minor PR
Closed 3 months ago 4 comments
DFE-Digital
Bump activerecord from `7af1254` to `798ff76`

Shopify/semian #895

`7af1254` → `798ff76`
Closed 3 months ago 1 comment
Shopify
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #109

8.0.2.1 → 8.0.4 Patch PR
Open 3 months ago 2 comments
greptile-bench
Bump activerecord from `7af1254` to `8aebd0b`

Shopify/semian #888

`7af1254` → `8aebd0b`
Closed 3 months ago 1 comment
Shopify
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #69

8.0.2.1 → 8.0.4 Patch PR
Open 3 months ago 2 comments
greptile-bench
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #13

8.0.2.1 → 8.0.4 Patch PR
Open 3 months ago 4 comments
greptile-bench
build(deps): bump the bundler group across 1 directory with 3 updates

DFE-Digital/buy-for-your-school #2376

7.2.2.1 → 7.2.2.2
Open 3 months ago 1 comment
DFE-Digital
Bump activerecord from `7af1254` to `9f466dd`

Shopify/semian #862

`7af1254` → `9f466dd`
Closed 3 months ago 1 comment
Shopify
build(deps): bump the bundler group with 37 updates

ministryofjustice/laa-apply-for-legal-aid #8125

8.0.3 → 8.1.1 Minor PR
Open 3 months ago 1 comment
ministryofjustice
Bump activerecord from `7af1254` to `513b6b1`

Shopify/semian #858

`7af1254` → `513b6b1`
Closed 3 months ago 1 comment
Shopify
Chore(deps): Bump the bundler group with 25 updates

ministryofjustice/legal-framework-api #1621

8.0.3 → 8.0.4 Patch PR
Open 3 months ago 1 comment
ministryofjustice
Bump activerecord from 8.0.2 to 8.0.2.1

janrburgos/rails-app-api-only #45

8.0.2 → 8.0.2.1
Closed 3 months ago 1 comment
janrburgos
build(deps): bump activerecord from 8.0.2 to 8.1.1

rafasoares/human_enum #61

8.0.2 → 8.1.1 Minor PR
Open 3 months ago 2 comments
rafasoares
build(deps): bump activerecord from 8.0.3 to 8.1.1

tk0miya/rbs_activemodel #111

8.0.3 → 8.1.1 Minor PR
Closed 3 months ago 1 comment
tk0miya
ui-dev: bump activerecord from 7.2.2.2 to 7.2.3 in /server/src/main/webapp/WEB-INF/rails

mjsorribas/gocd #909

7.2.2.2 → 7.2.3 Patch PR
Closed 4 months ago 1 comment
mjsorribas
Bump the bundler group across 1 directory with 4 updates

PlaybyCourt/clickhouse_client_fork #1

7.2.2.1 → 7.2.2.2
Closed 4 months ago 1 comment
PlaybyCourt
Bump activerecord from 8.0.3 to 8.1.1

communitiesuk/epb-register-api #736

8.0.3 → 8.1.1 Minor PR
Open 4 months ago 3 comments
communitiesuk
Bump activerecord from 8.0.3 to 8.0.4

cpmurphy/bookmarks #144

8.0.3 → 8.0.4 Patch PR
Closed 4 months ago 1 comment
cpmurphy
Bump activerecord from 8.0.3 to 8.0.4

davidrunger/david_runger #7615

8.0.3 → 8.0.4 Patch PR
Closed 4 months ago 1 comment
davidrunger
Bump activerecord from 8.1.0 to 8.1.1

ecosyste-ms/home #705

8.1.0 → 8.1.1 Patch PR
Closed 4 months ago 1 comment
ecosyste-ms
Bump activerecord from 8.0.2.1 to 8.0.4

prschmid/unified_settings #86

8.0.2.1 → 8.0.4 Patch PR
Closed 4 months ago 2 comments
prschmid
:arrow_up: Bump activerecord from 8.0.3 to 8.0.4

pglombardo/PasswordPusher #3812

8.0.3 → 8.0.4 Patch PR
Closed 4 months ago 3 comments
pglombardo
Package Details
Name: activerecord
Ecosystem: rubygems
PURL Type: gem
Package URL: pkg:gem/activerecord
JSON API: View JSON
Security Advisories

23

Active advisories
CRITICAL 3
HIGH 12
MODERATE 8
View All gem Advisories
Package Information
Description:

Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.

Repository: https://github.com/rails/rails
Homepage: https://rubyonrails.org
Latest Release: 8.0.2
11 months ago
Dependent Repos: 907,371
Dependent Packages: 6,206
Downloads: 628,455,636
Ranking: Top 0.0095% by dependent repos Top 0.0195% by downloads Top 0.0089% by dependent pkgs
PR Status
Open 772 (55.7%)
Merged 273 (19.7%)
Closed 324 (23.4%)
PR Types
Minor 42 (3.0%)
Major 74 (5.3%)
Patch 215 (15.5%)