localorbit
localorbit copied to clipboard
LocalOrbit
Local Orbit is an open source web application and service that empowers food hubs to efficiently sell and distribute local food.
Bumps [httparty](https://github.com/jnunemaker/httparty) from 0.13.7 to 0.21.0. Changelog Sourced from httparty's changelog. 0.21.0 escape filename in the multipart/form-data Content-Disposition header Fix request marshaling Replace mime-types with mini_mime 0.20.0 Breaking changes Require...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.1. Changelog Sourced from addressable's changelog. Addressable 2.8.1 refactor Addressable::URI.normalize_path to address linter offenses (#430) remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438) update gemspec to...
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.6 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
Bumps [puma](https://github.com/puma/puma) from 3.12.6 to 4.3.12. Release notes Sourced from puma's releases. 4.3.12 Security Close several HTTP Request Smuggling exploits (CVE-2022-24790) 4.3.11 Bugfix/Security Response body will always be closed. (GHSA-rmj8-8hhh-gv5h,...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Regular Expression Denial of Service in Addressable templates Impact...
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot] avatar"){kind=avatar}
Bumps [platform-api](https://github.com/heroku/platform-api) from 2.0.0 to 3.3.0. Changelog Sourced from platform-api's changelog. 3.3.0 Pull latest JSON Schema and regenerated API. 3.2.0 Pull latest JSON Schema and regenerated API. 3.1.0 Pull latest...
_Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then._ Dependabot has...
Bumps [dragonfly](https://github.com/markevans/dragonfly) from 1.0.7 to 1.4.0. Changelog Sourced from dragonfly's changelog. 1.4.0 (2021-05-19) Changes Removed convert processor and generator (which were quite insecure), in favour of utility commands in Dragonfly::ImageMagick::Commands...
Bumps [puma](https://github.com/puma/puma) from 3.12.6 to 4.3.8. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Keepalive Connections Causing Denial Of Service in puma This...
Metadata
Owner
Metadata
Local Orbit is an open source web application and service that empowers food hubs to efficiently sell and distribute local food.