Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

activerecord

Ecosystem:
rubygems
Package URL:
pkg:gem/activerecord
Total PRs:
1,385 Dependabot PRs
Latest PR:
6 days ago
Unique Repositories:
1,149 repositories
Unique Repos (30 days):
4 repositories
Security Advisories
Rails ActiveRecord gem vulnerable to SQL injection
GHSA-xf96-32q2-9rw2 CVE-2008-4094 HIGH published over 8 years ago • updated 1 day ago
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) `:limit` ...
Active Record subject to Regular Expression Denial-of-Service (ReDoS)
GHSA-8hc4-xxm3-5ppp CVE-2021-22880 HIGH published almost 5 years ago • updated 1 day ago
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability....
activerecord vulnerable to SQL Injection
GHSA-h6w6-xmqv-7q78 CVE-2011-2930 HIGH published over 8 years ago • updated 3 days ago
Multiple SQL injection vulnerabilities in the `quote_table_name` method in the ActiveRecord adapters in `activerecord/lib/active_record/connection_...
SQL Injection Vulnerability via ActiveRecord comments
GHSA-hq7p-j377-6v63 CVE-2023-22794 HIGH published about 3 years ago • updated 2 days ago
There is a possible vulnerability in ActiveRecord related to the sanitization of comments. This vulnerability has been assigned the CVE identifier ...
Active Record contains deserialization of arbitrary YAML
GHSA-fhj9-cjjh-27vm CVE-2013-0277 CRITICAL published over 8 years ago • updated 2 days ago
ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via...
View all 23 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump the dependencies group across 1 directory with 15 updates

moneybird/mail_auto_link_obfuscation #287

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
moneybird
Bump activerecord from 8.1.1 to 8.1.2

ecosyste-ms/funds #543

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
ecosyste-ms
Bump activerecord from 8.1.1 to 8.1.2

ecosyste-ms/timeline #893

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
ecosyste-ms
Bump activerecord from 8.1.1 to 8.1.2

kp-forks/beef #388

8.1.1 → 8.1.2 Patch PR
Closed about 1 month ago 1 comment
kp-forks
Bump the bundler group across 1 directory with 4 updates

otvorenesudy/otvorenesudy-prokuratura #46

7.1.4.1 → 7.1.5.1 Patch PR
Closed about 2 months ago 1 comment
otvorenesudy
deps(deps): bump the production-dependencies group with 54 updates

patrick204nqh/dbwatcher #79

7.2.2.2 → 7.2.3 Patch PR
Open about 2 months ago 3 comments
patrick204nqh
Bump activerecord from 7.2.1.1 to 7.2.2.2

gac2117/makeup-by-yuna2 #48

7.2.1.1 → 7.2.2.2 Patch PR
Closed 2 months ago 1 comment
gac2117
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #109

8.0.2.1 → 8.0.4 Patch PR
Open 3 months ago 2 comments
greptile-bench
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #69

8.0.2.1 → 8.0.4 Patch PR
Open 3 months ago 2 comments
greptile-bench
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #13

8.0.2.1 → 8.0.4 Patch PR
Open 3 months ago 4 comments
greptile-bench
Chore(deps): Bump the bundler group with 25 updates

ministryofjustice/legal-framework-api #1621

8.0.3 → 8.0.4 Patch PR
Open 3 months ago 1 comment
ministryofjustice
ui-dev: bump activerecord from 7.2.2.2 to 7.2.3 in /server/src/main/webapp/WEB-INF/rails

mjsorribas/gocd #909

7.2.2.2 → 7.2.3 Patch PR
Closed 4 months ago 1 comment
mjsorribas
Bump activerecord from 8.0.3 to 8.0.4

cpmurphy/bookmarks #144

8.0.3 → 8.0.4 Patch PR
Closed 4 months ago 1 comment
cpmurphy
Bump activerecord from 8.0.3 to 8.0.4

davidrunger/david_runger #7615

8.0.3 → 8.0.4 Patch PR
Closed 4 months ago 1 comment
davidrunger
Bump activerecord from 8.1.0 to 8.1.1

ecosyste-ms/home #705

8.1.0 → 8.1.1 Patch PR
Closed 4 months ago 1 comment
ecosyste-ms
Bump activerecord from 8.0.2.1 to 8.0.4

prschmid/unified_settings #86

8.0.2.1 → 8.0.4 Patch PR
Closed 4 months ago 2 comments
prschmid
:arrow_up: Bump activerecord from 8.0.3 to 8.0.4

pglombardo/PasswordPusher #3812

8.0.3 → 8.0.4 Patch PR
Closed 4 months ago 3 comments
pglombardo
Bump activerecord from 8.0.3 to 8.0.4

ecosyste-ms/awesome #578

8.0.3 → 8.0.4 Patch PR
Closed 4 months ago 1 comment
ecosyste-ms
Bump activerecord from 8.0.1 to 8.0.2.1 in /driver/riverqueue-activerecord

riverqueue/riverqueue-ruby #48

8.0.1 → 8.0.2.1 Patch PR
Closed 4 months ago 2 comments
riverqueue
Bump the bundler group across 1 directory with 5 updates

rulloa1/beef #8

7.1.2 → 7.1.5.2 Patch PR
Open 4 months ago
rulloa1
Bump activerecord from 8.0.1 to 8.0.2.1 in /examples/rails

francomulatero/bridge-components #2

8.0.1 → 8.0.2.1 Patch PR
Open 4 months ago
francomulatero
Bump activerecord from 7.1.0 to 7.1.5.2

cowfish813/Supertramp #88

7.1.0 → 7.1.5.2 Patch PR
Merged 5 months ago
cowfish813
Bump the ruby group with 6 updates

katalyst/content #99

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
katalyst
Bump the patch-and-minor-dependencies group with 7 updates

simonneutert/sinatras-skeleton #178

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
simonneutert
Bump the development-dependencies group with 2 updates

radanskoric/radanskoric.github.io #48

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
radanskoric
Bump activerecord from 8.0.2.1 to 8.0.3

aha-oida/aha-secret #322

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
aha-oida
Bump activerecord from 8.0.2.1 to 8.0.3

marinazzio/pg_objects #228

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
marinazzio
Bump activerecord from 8.0.2.1 to 8.0.3

Shopify/maintenance_tasks #1288

8.0.2.1 → 8.0.3 Patch PR
Closed 5 months ago 1 comment
Shopify
Bump activerecord from 8.0.2.1 to 8.0.3

SOFware/close_encounters #113

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
SOFware
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/rbs_activerecord #180

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
tk0miya
Bump the semver_updates group with 22 updates

botandrosedesign/rw24 #151

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
botandrosedesign
Bump activerecord from 8.0.2.1 to 8.0.3

relatel/archiving #72

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
relatel
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/ruby-lsp-rbs_rails #16

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
tk0miya
Chore(deps): Bump the bundler group with 25 updates

ministryofjustice/laa-hmrc-interface-service-api #2267

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
ministryofjustice
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/rbs_activemodel #95

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
tk0miya
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/rbs_shrine #148

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
tk0miya
Bump activerecord from 8.0.2.1 to 8.0.3

alphagov/bouncer #704

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago 1 comment
alphagov
Bump activerecord from 8.0.2.1 to 8.0.3

communitiesuk/epb-register-api #719

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
communitiesuk
Bump activerecord from 8.0.2.1 to 8.0.3

seanhogge/active_translation #4

8.0.2.1 → 8.0.3 Patch PR
Closed 5 months ago 1 comment
seanhogge
build(deps): bump the dependencies group across 1 directory with 4 updates

bronko-media/bronko.media.server #440

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
bronko-media
Chore(deps): Bump the bundler group with 23 updates

ministryofjustice/laa-assure-hmrc-data #1627

8.0.2.1 → 8.0.3 Patch PR
Closed 5 months ago 2 comments
ministryofjustice
Bump the bundler group with 21 updates

ministryofjustice/laa-court-data-ui #3093

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago 1 comment
ministryofjustice
build(deps): bump activerecord from 8.0.2 to 8.0.3

codacy/codacy-rubocop #939

8.0.2 → 8.0.3 Patch PR
Open 5 months ago
codacy
Build(deps): Bump the rails group with 8 updates

discourse/discourse #34929

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago 1 comment
discourse
Bump activerecord from 8.0.2.1 to 8.0.3

cberizko/weather-app #6

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
cberizko
build(deps): bump the bundler group with 25 updates

ministryofjustice/laa-apply-for-legal-aid #8049

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
ministryofjustice
Bump activerecord from 8.0.2.1 to 8.0.3

cpmurphy/bookmarks #123

8.0.2.1 → 8.0.3 Patch PR
Closed 5 months ago 1 comment
cpmurphy
Bump activerecord from 8.0.2.1 to 8.0.3

javyliu/ap_new #10

8.0.2.1 → 8.0.3 Patch PR
Open 5 months ago
javyliu
Bump activerecord from 8.0.2.1 to 8.0.3

greysteil/where-is-grey #640

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
greysteil
Bump activerecord from 8.0.2.1 to 8.0.3

kddnewton/rails-pattern_matching #138

8.0.2.1 → 8.0.3 Patch PR
Merged 5 months ago
kddnewton
Package Details
Name: activerecord
Ecosystem: rubygems
PURL Type: gem
Package URL: pkg:gem/activerecord
JSON API: View JSON
Security Advisories

23

Active advisories
CRITICAL 3
HIGH 12
MODERATE 8
View All gem Advisories
Package Information
Description:

Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.

Repository: https://github.com/rails/rails
Homepage: https://rubyonrails.org
Latest Release: 8.0.2
11 months ago
Dependent Repos: 907,371
Dependent Packages: 6,206
Downloads: 628,455,636
Ranking: Top 0.0095% by dependent repos Top 0.0195% by downloads Top 0.0089% by dependent pkgs
PR Status
Open 772 (55.7%)
Merged 273 (19.7%)
Closed 324 (23.4%)
PR Types
Minor 42 (3.0%)
Major 74 (5.3%)
Patch 215 (15.5%)