audits1984
audits1984 copied to clipboard
basecamp
Auditing tool for Rails console sessions
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.3. Release notes Sourced from rails-html-sanitizer's releases. 1.4.3 / 2022-06-09 Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. Prevent the combination of select...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...
Bumps [puma](https://github.com/puma/puma) from 5.5.1 to 5.6.4. Release notes Sourced from puma's releases. 5.6.4 Security Close several HTTP Request Smuggling exploits (CVE-2022-24790) The 5.6.3 release was a mistake (released the wrong...
I don't think there's any need for these to exist.
I'm just recording this in case it helps someone else or, after reviewing, the team tell me a better way! 😄 We use GUIDs as primary key for all tables...
Bumps [activesupport](https://github.com/rails/rails) from 7.0.5 to 7.0.7.2. Release notes Sourced from activesupport's releases. 7.0.7.2 release No changes between this and 7.0.7.2. This release was just to fix file permissions in the...
Bumps [puma](https://github.com/puma/puma) from 6.3.0 to 6.3.1. Release notes Sourced from puma's releases. 6.3.1 Security Address HTTP request smuggling vulnerabilities with zero-length Content Length header and trailer fields (GHSA-68xg-gqqm-vgj8) Changelog Sourced...
Bumps [actionpack](https://github.com/rails/rails) from 7.0.5 to 7.0.5.1. Release notes Sourced from actionpack's releases. v7.0.5.1 Active Support No changes. Active Model No changes. Active Record No changes. Action View No changes. Action...
Hey there! We've followed the setup instructions with the defaults, but we're not able to see what was typed:  Any idea about what could be causing this?
Add a checkbox to filter only to pending sessions which still require an audit. We have a monthly calendar entry to review console sessions - but we may miss some...
