qpixel

qpixel copied to clipboard

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.5 to 1.13.9. Release notes Sourced from nokogiri's releases. 1.13.9 / 2022-10-18 Security [CRuby] Vendored libxml2 is updated to address CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for...

dependabot[bot]

Bumps [commonmarker](https://github.com/gjtorikian/commonmarker) from 0.21.0 to 0.23.6. Release notes Sourced from commonmarker's releases. v0.23.6 What's Changed This release includes two updates from the upstream cmark-gfm library, namely: DoS vulnerability in autolink...

dependabot[bot]

Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.1 to 1.9.2. Release notes Sourced from omniauth's releases. v1.9.2 Backports a vulnerability fix that was included in Omniauth 2.0 release to the 1.9 channel. https://nvd.nist.gov/vuln/detail/CVE-2020-36599 Current...

dependabot[bot]

Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.8 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...

dependabot[bot]

Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.3. Release notes Sourced from rails-html-sanitizer's releases. 1.4.3 / 2022-06-09 Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. Prevent the combination of select...

dependabot[bot]

Bumps [diffy](https://github.com/samg/diffy) from 3.4.0 to 3.4.1. Changelog Sourced from diffy's changelog. == 3.4.1 == Prevent remote code execution from user controlled diff file paths. This issue was only present in...

dependabot[bot]

Bumps [jmespath](https://github.com/trevorrowe/jmespath.rb) from 1.4.0 to 1.6.1. Release notes Sourced from jmespath's releases. Release v1.6.1 - 2022-03-07 Issue - Use JSON.parse instead of JSON.load. Release v1.6.0 - 2022-02-14 Feature - Add...

dependabot[bot]

Bumps [rack](https://github.com/rack/rack) from 2.2.3 to 2.2.3.1. Changelog Sourced from rack's changelog. Changelog All notable changes to this project will be documented in this file. For info on how to format...

dependabot[bot]

Bumps [rack](https://github.com/rack/rack) from 2.2.3 to 2.2.6.3. Changelog Sourced from rack's changelog. Changelog All notable changes to this project will be documented in this file. For info on how to format...

dependabot[bot]

Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.1 to 2.0.0. Release notes Sourced from omniauth's releases. v2.0.0 Version 2.0 of OmniAuth includes some changes that may be breaking depending on how you use OmniAuth...

dependabot[bot]