Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

activerecord

Ecosystem:
rubygems
Package URL:
pkg:gem/activerecord
Total PRs:
1,409 Dependabot PRs
Latest PR:
24 days ago
Unique Repositories:
1,163 repositories
Unique Repos (30 days):
1 repository
Security Advisories
Array data injection vulnerability in activerecord
GHSA-hqf9-rc9j-5fmj CVE-2014-0080 MODERATE published over 8 years ago • updated 3 days ago
SQL injection vulnerability in `activerecord/lib/active_record/connection_adapters/postgresql/cast.rb` in Active Record in Ruby on Rails 4.0.x befo...
Active Record vulnerable to SQL Injection via nested query parameters
GHSA-fh39-v733-mxfr CVE-2012-2661 MODERATE published over 8 years ago • updated 35 minutes ago
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passin...
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
GHSA-579w-22j4-4749 CVE-2022-44566 HIGH published over 3 years ago • updated 4 days ago
There is a potential denial of service vulnerability present in ActiveRecord's PostgreSQL adapter. This has been assigned the CVE identifier CVE-2...
ActiveRecord vulnerable to modification of protected model attributes
GHSA-gr44-7grc-37vq CVE-2013-0276 MODERATE published over 8 years ago • updated 35 minutes ago
ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the `attr_protected` pr...
activerecord vulnerable to SQL Injection
GHSA-76wq-xw4h-f8wj CVE-2012-2695 HIGH published over 8 years ago • updated 35 minutes ago
The Active Record component in Ruby on Rails efore 2.3.15, 3.0.x before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implem...
View all 23 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump the bundler group across 1 directory with 17 updates

LelandParker/openproject #11

8.0.2 → 8.0.4.1 Patch PR
Closed 24 days ago 1 comment
LelandParker
Bump activerecord from 8.1.2 to 8.1.3

communitiesuk/epb-data-warehouse #495

8.1.2 → 8.1.3 Patch PR
Open about 2 months ago 2 comments
communitiesuk
chore(deps): bump activerecord from 8.1.2 to 8.1.3

kazu-2020/narabikae #45

8.1.2 → 8.1.3 Patch PR
Closed 2 months ago 1 comment
kazu-2020
Build(deps): bump activerecord from 8.1.2.1 to 8.1.3

beefproject/beef #3532

8.1.2.1 → 8.1.3 Patch PR
Open 2 months ago 2 comments
beefproject
Build(deps): bump activerecord from 8.1.2.1 to 8.1.3

kp-forks/beef #416

8.1.2.1 → 8.1.3 Patch PR
Open 2 months ago 1 comment
kp-forks
Bump activerecord from 8.1.2.1 to 8.1.3

ecosyste-ms/dotfiles #231

8.1.2.1 → 8.1.3 Patch PR
Closed 2 months ago 1 comment
ecosyste-ms
DEPS: Bump the rails group with 8 updates

discourse/discourse #38840

8.0.4 → 8.0.5 Patch PR
Open 2 months ago 1 comment
discourse
Bump the bundler group across 1 directory with 9 updates

LelandParker/openproject #4

8.0.2 → 8.0.4.1 Patch PR
Closed 2 months ago 1 comment
LelandParker
Bump the bundler group across 4 directories with 13 updates

waveaccounting/activeadmin #7

7.1.4 → 7.1.5.2 Patch PR
Closed 2 months ago 1 comment
waveaccounting
Bump the bundler group across 4 directories with 12 updates

waveaccounting/activeadmin #6

7.1.4 → 7.1.5.2 Patch PR
Closed 2 months ago 1 comment
waveaccounting
Bump activerecord from 7.1.5.1 to 7.1.6

fractalsoft/fractalsoft.org #1259

7.1.5.1 → 7.1.6 Patch PR
Closed 3 months ago 1 comment
fractalsoft
Bump the dependencies group across 1 directory with 15 updates

moneybird/mail_auto_link_obfuscation #287

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
moneybird
Bump activerecord from 8.1.1 to 8.1.2

ecosyste-ms/funds #543

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
ecosyste-ms
Bump activerecord from 8.1.1 to 8.1.2

npezza93/action_push_web #32

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
npezza93
Bump activerecord from 8.1.1 to 8.1.2

ecosyste-ms/timeline #893

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
ecosyste-ms
Bump activerecord from 8.1.1 to 8.1.2

kp-forks/beef #388

8.1.1 → 8.1.2 Patch PR
Closed 5 months ago 1 comment
kp-forks
Bump the bundler group across 1 directory with 4 updates

otvorenesudy/otvorenesudy-prokuratura #46

7.1.4.1 → 7.1.5.1 Patch PR
Closed 5 months ago 1 comment
otvorenesudy
deps(deps): bump the production-dependencies group with 54 updates

patrick204nqh/dbwatcher #79

7.2.2.2 → 7.2.3 Patch PR
Open 5 months ago 3 comments
patrick204nqh
Bump activerecord from 7.2.1.1 to 7.2.2.2

gac2117/makeup-by-yuna2 #48

7.2.1.1 → 7.2.2.2 Patch PR
Closed 6 months ago 1 comment
gac2117
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #109

8.0.2.1 → 8.0.4 Patch PR
Open 6 months ago 2 comments
greptile-bench
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #69

8.0.2.1 → 8.0.4 Patch PR
Open 6 months ago 2 comments
greptile-bench
Build(deps): Bump the rails group with 8 updates

greptile-bench/discourse #13

8.0.2.1 → 8.0.4 Patch PR
Open 6 months ago 4 comments
greptile-bench
Chore(deps): Bump the bundler group with 25 updates

ministryofjustice/legal-framework-api #1621

8.0.3 → 8.0.4 Patch PR
Open 7 months ago 1 comment
ministryofjustice
Bump activerecord from 7.2.2.2 to 7.2.3

hlascelles/que-scheduler #584

7.2.2.2 → 7.2.3 Patch PR
Open 7 months ago 9 comments
hlascelles
ui-dev: bump activerecord from 7.2.2.2 to 7.2.3 in /server/src/main/webapp/WEB-INF/rails

mjsorribas/gocd #909

7.2.2.2 → 7.2.3 Patch PR
Closed 7 months ago 1 comment
mjsorribas
Bump activerecord from 8.0.3 to 8.0.4

cpmurphy/bookmarks #144

8.0.3 → 8.0.4 Patch PR
Closed 7 months ago 1 comment
cpmurphy
Bump activerecord from 8.0.3 to 8.0.4

davidrunger/david_runger #7615

8.0.3 → 8.0.4 Patch PR
Closed 7 months ago 1 comment
davidrunger
Bump activerecord from 8.1.0 to 8.1.1

ecosyste-ms/home #705

8.1.0 → 8.1.1 Patch PR
Closed 7 months ago 1 comment
ecosyste-ms
Bump activerecord from 8.0.2.1 to 8.0.4

prschmid/unified_settings #86

8.0.2.1 → 8.0.4 Patch PR
Closed 7 months ago 2 comments
prschmid
:arrow_up: Bump activerecord from 8.0.3 to 8.0.4

pglombardo/PasswordPusher #3812

8.0.3 → 8.0.4 Patch PR
Closed 7 months ago 3 comments
pglombardo
Bump activerecord from 8.0.3 to 8.0.4

ecosyste-ms/awesome #578

8.0.3 → 8.0.4 Patch PR
Closed 7 months ago 1 comment
ecosyste-ms
Bump activerecord from 8.0.1 to 8.0.2.1 in /driver/riverqueue-activerecord

riverqueue/riverqueue-ruby #48

8.0.1 → 8.0.2.1 Patch PR
Closed 7 months ago 2 comments
riverqueue
Bump the bundler group across 1 directory with 5 updates

rulloa1/beef #8

7.1.2 → 7.1.5.2 Patch PR
Open 8 months ago
rulloa1
Bump activerecord from 8.0.1 to 8.0.2.1 in /examples/rails

francomulatero/bridge-components #2

8.0.1 → 8.0.2.1 Patch PR
Open 8 months ago
francomulatero
Bump activerecord from 7.1.0 to 7.1.5.2

cowfish813/Supertramp #88

7.1.0 → 7.1.5.2 Patch PR
Merged 8 months ago
cowfish813
Bump the ruby group with 6 updates

katalyst/content #99

8.0.2.1 → 8.0.3 Patch PR
Merged 8 months ago
katalyst
Bump the patch-and-minor-dependencies group with 7 updates

simonneutert/sinatras-skeleton #178

8.0.2.1 → 8.0.3 Patch PR
Merged 8 months ago
simonneutert
Bump the development-dependencies group with 2 updates

radanskoric/radanskoric.github.io #48

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
radanskoric
Bump activerecord from 8.0.2.1 to 8.0.3

aha-oida/aha-secret #322

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
aha-oida
Bump activerecord from 8.0.2.1 to 8.0.3

marinazzio/pg_objects #228

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
marinazzio
Bump activerecord from 8.0.2.1 to 8.0.3

Shopify/maintenance_tasks #1288

8.0.2.1 → 8.0.3 Patch PR
Closed 8 months ago 1 comment
Shopify
Bump activerecord from 8.0.2.1 to 8.0.3

SOFware/close_encounters #113

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
SOFware
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/rbs_activerecord #180

8.0.2.1 → 8.0.3 Patch PR
Merged 8 months ago
tk0miya
Bump the semver_updates group with 22 updates

botandrosedesign/rw24 #151

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
botandrosedesign
Bump activerecord from 8.0.2.1 to 8.0.3

relatel/archiving #72

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
relatel
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/ruby-lsp-rbs_rails #16

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
tk0miya
Chore(deps): Bump the bundler group with 25 updates

ministryofjustice/laa-hmrc-interface-service-api #2267

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago
ministryofjustice
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/rbs_activemodel #95

8.0.2.1 → 8.0.3 Patch PR
Merged 8 months ago
tk0miya
build(deps): bump activerecord from 8.0.2.1 to 8.0.3

tk0miya/rbs_shrine #148

8.0.2.1 → 8.0.3 Patch PR
Merged 8 months ago
tk0miya
Bump activerecord from 8.0.2.1 to 8.0.3

alphagov/bouncer #704

8.0.2.1 → 8.0.3 Patch PR
Open 8 months ago 1 comment
alphagov
Package Details
Name: activerecord
Ecosystem: rubygems
PURL Type: gem
Package URL: pkg:gem/activerecord
JSON API: View JSON
Security Advisories

23

Active advisories
CRITICAL 3
HIGH 12
MODERATE 8
View All gem Advisories
Package Information
Description:

Databases on Rails. Build a persistent domain model by mapping database tables to Ruby classes. Strong conventions for associations, validations, aggregations, migrations, and testing come baked-in.

Repository: https://github.com/rails/rails
Homepage: https://rubyonrails.org
Latest Release: 8.0.2
about 1 year ago
Dependent Repos: 907,371
Dependent Packages: 6,206
Downloads: 628,455,636
Ranking: Top 0.0095% by dependent repos Top 0.0195% by downloads Top 0.0089% by dependent pkgs
PR Status
Open 778 (55.2%)
Merged 273 (19.4%)
Closed 342 (24.3%)
PR Types
Major 76 (5.4%)
Minor 45 (3.2%)
Patch 229 (16.3%)