Title: Bump addressable from 2.8.4 to 2.9.0 by dependabot[bot] · Pull Request #15 · devth/devth.github.com · GitHub
Open Graph Title: Bump addressable from 2.8.4 to 2.9.0 by dependabot[bot] · Pull Request #15 · devth/devth.github.com
X Title: Bump addressable from 2.8.4 to 2.9.0 by dependabot[bot] · Pull Request #15 · devth/devth.github.com
Description: Bumps addressable from 2.8.4 to 2.9.0.
Changelog
Sourced from addressable's changelog.
Addressable 2.9.0
fixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete
remediation in 2.8.10)
Addressable 2.8.10
fixes ReDoS vulnerability in Addressable::Template#match
Addressable 2.8.9
Reduce gem size by excluding test files (#569)
No need for bundler as development dependency (#571, 5fc1d93)
idna/pure: stop building the useless COMPOSITION_TABLE (removes the Addressable::IDNA::COMPOSITION_TABLE constant) (#564)
#569: sporkmonger/addressable#569
#571: sporkmonger/addressable#571
#564: sporkmonger/addressable#564
Addressable 2.8.8
Replace the unicode.data blob by a ruby constant (#561)
Allow public_suffix 7 (#558)
#561: sporkmonger/addressable#561
#558: sporkmonger/addressable#558
Addressable 2.8.7
Allow public_suffix 6 (#535)
#535: sporkmonger/addressable#535
Addressable 2.8.6
Memoize regexps for common character classes (#524)
#524: sporkmonger/addressable#524
Addressable 2.8.5
Fix thread safety issue with encoding tables (#515)
Define URI::NONE as a module to avoid serialization issues (#509)
Fix YAML serialization (#508)
#508: sporkmonger/addressable#508
#509: sporkmonger/addressable#509
#515: sporkmonger/addressable#515
Commits
0c3e858 Revving version and changelog
91915c1 Fixing additional vulnerable paths
a091e39 Add many more adversarial test cases to ensure we don't have any ReDoS regres...
463a819 Regenerate gemspec on newer rubygems
0afcb0b Improve from O(n^2) to O(n)
c87f768 Fix a ReDoS vulnerability in URI template matching
0d7e9b2 Fix links for 2.8.9 in CHANGELOG (#573)
e209120 Update version, gemspec, and CHANGELOG for 2.8.9 (#572)
3875874 Reduce gem size by excluding test files (#569)
3e57cc6 CI: back to windows-2022 for MRI job
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show
Open Graph Description: Bumps addressable from 2.8.4 to 2.9.0. Changelog Sourced from addressable's changelog. Addressable 2.9.0 fixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete remediati...
X Description: Bumps addressable from 2.8.4 to 2.9.0. Changelog Sourced from addressable's changelog. Addressable 2.9.0 fixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete remed...
Opengraph URL: https://github.com/devth/devth.github.com/pull/15
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:ff395222-45d0-3716-5b01-7ece16098019 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | C0B8:178A32:1FA54B:2C2291:6A51137C |
| html-safe-nonce | 99835fc29f125fb0047b7993e51e4a7aafdde2590586fa8335dc409d4aee45ee |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDMEI4OjE3OEEzMjoxRkE1NEI6MkMyMjkxOjZBNTExMzdDIiwidmlzaXRvcl9pZCI6IjU5NjA1MzkwMDk3MDIzNDc0OCIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | cb047f0a5626c24534740f7b9bc71b145cb2033529cd181899e42dcd628e0a2b |
| hovercard-subject-tag | pull_request:3501693497 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/devth/devth.github.com/pull/15/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps addressable from 2.8.4 to 2.9.0. Changelog Sourced from addressable's changelog. Addressable 2.9.0 fixes ReDoS vulnerability in Addressable::Template#match (fixes incomplete remediati... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | b076e100febaa00374cd89239f915d00dd3187f7c68b12bc2b7688181305344d |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/devth/devth.github.com git https://github.com/devth/devth.github.com.git |
| octolytics-dimension-user_id | 86107 |
| octolytics-dimension-user_login | devth |
| octolytics-dimension-repository_id | 483055 |
| octolytics-dimension-repository_nwo | devth/devth.github.com |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 483055 |
| octolytics-dimension-repository_network_root_nwo | devth/devth.github.com |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | f9137f6d981cbbfd780af369f80ce890b2d0d2d4 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width