diff --git a/Gemfile.lock b/Gemfile.lock index 166a06a48d86a..37f15c9a92db2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -26,63 +26,63 @@ GIT PATH remote: . specs: - actioncable (5.2.7) - actionpack (= 5.2.7) + actioncable (5.2.7.1) + actionpack (= 5.2.7.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.7) - actionpack (= 5.2.7) - actionview (= 5.2.7) - activejob (= 5.2.7) + actionmailer (5.2.7.1) + actionpack (= 5.2.7.1) + actionview (= 5.2.7.1) + activejob (= 5.2.7.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.7) - actionview (= 5.2.7) - activesupport (= 5.2.7) + actionpack (5.2.7.1) + actionview (= 5.2.7.1) + activesupport (= 5.2.7.1) rack (~> 2.0, >= 2.0.8) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.7) - activesupport (= 5.2.7) + actionview (5.2.7.1) + activesupport (= 5.2.7.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.2.7) - activesupport (= 5.2.7) + activejob (5.2.7.1) + activesupport (= 5.2.7.1) globalid (>= 0.3.6) - activemodel (5.2.7) - activesupport (= 5.2.7) - activerecord (5.2.7) - activemodel (= 5.2.7) - activesupport (= 5.2.7) + activemodel (5.2.7.1) + activesupport (= 5.2.7.1) + activerecord (5.2.7.1) + activemodel (= 5.2.7.1) + activesupport (= 5.2.7.1) arel (>= 9.0) - activestorage (5.2.7) - actionpack (= 5.2.7) - activerecord (= 5.2.7) + activestorage (5.2.7.1) + actionpack (= 5.2.7.1) + activerecord (= 5.2.7.1) marcel (~> 1.0.0) - activesupport (5.2.7) + activesupport (5.2.7.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) - rails (5.2.7) - actioncable (= 5.2.7) - actionmailer (= 5.2.7) - actionpack (= 5.2.7) - actionview (= 5.2.7) - activejob (= 5.2.7) - activemodel (= 5.2.7) - activerecord (= 5.2.7) - activestorage (= 5.2.7) - activesupport (= 5.2.7) + rails (5.2.7.1) + actioncable (= 5.2.7.1) + actionmailer (= 5.2.7.1) + actionpack (= 5.2.7.1) + actionview (= 5.2.7.1) + activejob (= 5.2.7.1) + activemodel (= 5.2.7.1) + activerecord (= 5.2.7.1) + activestorage (= 5.2.7.1) + activesupport (= 5.2.7.1) bundler (>= 1.3.0) - railties (= 5.2.7) + railties (= 5.2.7.1) sprockets-rails (>= 2.0.0) - railties (5.2.7) - actionpack (= 5.2.7) - activesupport (= 5.2.7) + railties (5.2.7.1) + actionpack (= 5.2.7.1) + activesupport (= 5.2.7.1) method_source rake (>= 0.8.7) thor (>= 0.19.0, < 2.0) @@ -274,7 +274,7 @@ GEM rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) ruby_dep (~> 1.2) - loofah (2.14.0) + loofah (2.16.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) diff --git a/RAILS_VERSION b/RAILS_VERSION index 32a40681516ab..120e232312c5c 100644 --- a/RAILS_VERSION +++ b/RAILS_VERSION @@ -1 +1 @@ -5.2.7 +5.2.7.1 diff --git a/actioncable/CHANGELOG.md b/actioncable/CHANGELOG.md index cd3565bb83be1..932fa7d83192c 100644 --- a/actioncable/CHANGELOG.md +++ b/actioncable/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * No changes. diff --git a/actionmailer/CHANGELOG.md b/actionmailer/CHANGELOG.md index 21b06632f88a3..bdf7a884bb4be 100644 --- a/actionmailer/CHANGELOG.md +++ b/actionmailer/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * No changes. diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 7ff479ab28ba6..1b94e862e39f6 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,5 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + * Allow Content Security Policy DSL to generate for API responses. *Tim Wade* diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md index db2590e87d645..aa5e0cfebdd7b 100644 --- a/actionview/CHANGELOG.md +++ b/actionview/CHANGELOG.md @@ -1,3 +1,5 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`. Escape dangerous characters in names of tags and names of attributes in the diff --git a/activejob/CHANGELOG.md b/activejob/CHANGELOG.md index 2930fc428b16c..cbe4d9e8c62bc 100644 --- a/activejob/CHANGELOG.md +++ b/activejob/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * No changes. diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md index cb1952ef02ade..105781aa9edd0 100644 --- a/activemodel/CHANGELOG.md +++ b/activemodel/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * No changes. diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md index 29e9c575cd881..3420c0fb8b9a8 100644 --- a/activerecord/CHANGELOG.md +++ b/activerecord/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * No changes. diff --git a/activestorage/CHANGELOG.md b/activestorage/CHANGELOG.md index 11358061b938b..0a9b0d40267ed 100644 --- a/activestorage/CHANGELOG.md +++ b/activestorage/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * Fix `ActiveStorage.supported_image_processing_methods` and diff --git a/activesupport/CHANGELOG.md b/activesupport/CHANGELOG.md index b580b68a6e9b5..fd008179848c8 100644 --- a/activesupport/CHANGELOG.md +++ b/activesupport/CHANGELOG.md @@ -1,3 +1,5 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + * Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`. Add the method `ERB::Util.xml_name_escape` to escape dangerous characters diff --git a/guides/CHANGELOG.md b/guides/CHANGELOG.md index 4b9c2ce5f192d..068c49f7ee5ea 100644 --- a/guides/CHANGELOG.md +++ b/guides/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * No changes. diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md index e01fa13cf0763..cf3a93a6d57a2 100644 --- a/railties/CHANGELOG.md +++ b/railties/CHANGELOG.md @@ -1,3 +1,8 @@ +## Rails 5.2.7.1 (April 26, 2022) ## + +* No changes. + + ## Rails 5.2.7 (March 10, 2022) ## * No changes.