🚨 [security] Update haml_lint 0.37.0 → 0.59.0 (major) #267
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ haml_lint (0.37.0 → 0.59.0) · Repo · Changelog
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
5.2.2
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 15 commits:
Releasing 5.2.2
Updating changelog
Fix short_identifier on older rails versions
Add support for annotate_rendered_view_with_filenames
adding in supported version notes
add in submodules to test
use jruby 9.2
readme updates and adding more tests to our github actions matrix
Only Support Testing Modern Builds
Fix a typo
Add a GitHub Actions workflow
jruby-9.2 CIs are not working
Drop Haml::Buffer dependency from attributes (#1056)
Document escape_attrs :once
Fix test crashes with ActionView 6.1.0 (#1045)
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
3.1.1 (from changelog)
3.1.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 29 commits:
v3.1.1
fix: Include all lib/ files
Add screenshot of example in README
Update .travis.yml
Update .travis.yml
RuboCop: configure new 0.81.0 rules
Pin RuboCop to 0.81.0 to support Ruby 2.3
v3.1.0
v3.1.0 Changelog
(chore) Add v0.80 RuboCop cops
CI: Use JRuby 9.2.11.0
CI: Update matrix
Fix RuboCop offenses and warnings about .rubocop.yml
Gemspec: List files using Ruby
CI: Use 2.4.6, 2.5.5, 2.6.3, jruby-9.2.7.0 (#94)
Use rubocop latest, drop support for Ruby 2.1, 2.2 (#91)
CI: Allow Bundler 2, add Rubies to CI matrix (#89)
Remove specific TargetRubyVersion from .rubocop.yml (#88)
README: Add cross_out, strike to presenters docs
Add test with non-existent :color (#86)
introducing #cross_out (#84)
Simplify `wrap_with_sgr` method (#85)
Merge pull request #83 from chiting/add-hex-check
Make rubocop happy
Add hexadecimal format checking
Add unit test for non hexadecimal string
Merge pull request #81 from nicolasleger/patch-1
[CI] Test against new Ruby 2.5 and patched
Update changelog
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Security Advisories 🚨
🚨 REXML denial of service vulnerability
🚨 REXML DoS vulnerability
🚨 REXML DoS vulnerability
🚨 REXML denial of service vulnerability
🚨 REXML contains a denial of service vulnerability
Release Notes
3.3.7
3.3.6
3.3.5
3.3.4
3.3.3
3.3.2
3.3.1
3.3.0
3.2.9
3.2.8
3.2.7
3.2.6
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
1.13.0 (from changelog)
1.12.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 49 commits:
Version 0.10.3
Remove test files from the gem package
Add DynamicMerger (#147)
Rakefile: Remove rcov
Version 0.10.2
Update changes
Generator: Do not pass :save_buffer to capture_generator (Fix #145)
Version 0.10.1
Update changes
StringBuffer - generate code compatible with frozen string literals
Add frozen_string_literal magic comments
Update changes
Use same capture_generator across nested captures (#144)
Adds Ruby 3.2 to the CI matrix. Also updates checkout action version. (#142)
Version 0.10.0
Drop obsolete code
Drop support for Rails 3.x and 4.x
ERB: Add StaticAnalyzer
Fix escape_html_safe (Fix #126)
gemspec: remove encoding header
Update changes
RailsOutputBuffer: Only reuse output_buffer if :buffer equals @output_buffer
Treat the capture generator separately from the main generator
Remove escape_utils from Gemfile
Add an missing entry to CHANGES
Version 0.9.1
Swap <%= and <%== in Temple::ERB::Engine
Fix the default value of :capture_generator
Use a better CI idiom
[Bugfix] Use the specified capture_generator even for nested captures (#112)
Readme: Add Yard Docs badge (#115)
Replace the Travis CI badge with GitHub Actions
Migrate bacon to rspec (#140)
pkg/ should be ignored for rake release
v0.9.0
Enable rake release
Test JRuby and TruffleRuby as well
Make the required_ruby_version consistent with CI
Migrate CI to GitHub Actions (#139)
Fix a crash in StringSplitter filter (#138)
Improve compatibility with upcoming Rails 7.1
Drop EscapeUtils.escape_html
Merge pull request #134 from k0kubun/rails-ambles
Support annotate_rendered_view_with_filenames
Use Erubi instead of Erubis.
Fixed depreciated tilt template mime type
update ruby test version
Change default :capture_generator to self
Suppress deprecated warning by Object#=~ since ruby 2.6
Release Notes
2.4.0 (from changelog)
2.1.0 (from changelog)
2.0.11 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
2.6.0 (from changelog)
2.5.0 (from changelog)
2.4.2 (from changelog)
2.4.1 (from changelog)
2.4.0 (from changelog)
2.3.0 (from changelog)
2.2.0 (from changelog)
2.1.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 52 commits:
Release v2.6.0
Update Unicode version number
Unicode 16.0
Update license year
Wait for Windows CI to include 3.3
README: Update list of supported Rubies
Update CI Rubies: Add Ruby 3.3
Release v2.5.0
Update Unicode version number
Unicode 15.1
Re-add 3.2 to Windows CI
README: Update supported Rubies
Release v2.4.2
Avoid overwrite lookup if no overwrites are set
Favor instance_of? over is_a?
Avoid asignment before return result
Optimize lookup of first 4096 codepoints (direct array lookup)
README: Announce that version 2.4.1 is better than ever
Update license year
Release v2.4.1
Improve performance for ASCII and other common chars
Improve performance: Rewrite char lookup
Further improve performance for ASCII-only strings
Release v2.4.0
Performance optimization: Be more specific about forbidden control characters
Add more specs covering all C0 control codes
Require Ruby 2.4, improve Readme, update Changelog
Merge branch 'fatkodima-optimize-ascii'
Optimize for ASCII-only strings without control symbols
Update CI Rubies: Add Ruby 3.2
Merge pull request #25 from mishina2228/ci-on-ruby30
Fix to run CI with Ruby 3.0
Release v2.3.0
Merge pull request #24 from rivo/main
Added a reference to the Golang version.
Update Unicode version number
Unicode 15.0
Update CI Rubies
Release v2.2.0
Update CI Rubies
Add *Hangul Jamo Extended-B* block to zero-width chars
Update license year
Gemspec: Add MFA requirement
GitHub CI: Update Rubies
README: Update list of supported Rubies
Release v2.1.0
GitHub CI: Update Rubies
Update CHANGELOG
Update Unicode version number
Unicode 14.0
README: Update list of supported Rubies
Update license year
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase
.All Depfu comment commands