Transit-Talk
Transit-Talk copied to clipboard
TransitTalk
Building tools that improve overall transit user experience by connecting riders to each other, and to the agencies that serve them.
We need to redirect to HTTPS when the user visits the application ## Detailed Description Probably some Heroku configuration ## Context If we do not have this redirect, users will...
Bumps [globalid](https://github.com/rails/globalid) from 0.4.2 to 1.0.1. Release notes Sourced from globalid's releases. v1.0.1 Possible ReDoS based DoS vulnerability in GlobalID There is a ReDoS based DoS vulnerability in the GlobalID...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a...
Bumps [httparty](https://github.com/jnunemaker/httparty) from 0.15.6 to 0.21.0. Changelog Sourced from httparty's changelog. 0.21.0 escape filename in the multipart/form-data Content-Disposition header Fix request marshaling Replace mime-types with mini_mime 0.20.0 Breaking changes Require...
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.4. Release notes Sourced from rails-html-sanitizer's releases. 1.4.4 / 2022-12-13 Address inefficient regular expression complexity with certain configurations of Rails::Html::Sanitizer. Fixes CVE-2022-23517. See GHSA-5x79-w82f-gw8w for...
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.3.1 to 2.19.1. Release notes Sourced from loofah's releases. 2.19.1 / 2022-12-13 Security Address CVE-2022-23514, inefficient regular expression complexity. See GHSA-486f-hjj9-9vhh for more information. Address CVE-2022-23515, improper...
Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: [email protected] deps: [email protected] perf: remove unnecessary...
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...
Bumps [sinatra](https://github.com/sinatra/sinatra) from 2.0.2 to 2.2.3. Changelog Sourced from sinatra's changelog. 2.2.3 / 2022-11-25 Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai Fix: fixed ReDoS for Rack::Protection::IPSpoofing....
Metadata
Owner
Metadata
Building tools that improve overall transit user experience by connecting riders to each other, and to the agencies that serve them.