profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/gruz0/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Alexander Kadyrov gruz0 Russia, Moscow https://t.me/kadyrov_dev Hey! My name is Alexander. I love Ruby, WordPress and OSS! :-D

gruz0/hanami-docker 13

Dockerfile and docker-compose.yml for Hanami projects

gruz0/inspirer-web 3

Inspirer Web

gruz0/dotfiles 2

macOS Provisioner on Ansible

gruz0/ansible-debian 1

Debian Rails Server Playbook

gruz0/dotfiles-crashcube 1

My configuration files and provision scripts

gruz0/eat-the-frog 1

Eat the Frog Application

gruz0/All-In-One-Favicon 0

Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).

gruz0/auth-as-wordpress 0

Two-Factor Authentication Plugin for WordPress via auth.as

gruz0/awesome-hanami 0

A collection of awesome Hanami Gems and projects

create barnchgruz0/hound

branch : fix/update-broken-link-to-thoughtbot-guides

created branch time in a day

fork gruz0/hound

Automated code review for GitHub pull requests.

https://houndci.com

fork in a day

startedjtesta/ssh-audit

started time in 3 days

startedscenic-views/scenic

started time in 15 days

startedibraheemdev/modern-unix

started time in a month

startedreacherhq/check-if-email-exists

started time in a month

push eventgruz0/inspirer-web

snyk-bot

commit sha 8ce05e1c590ff620ff226054cf701897fbea2e88

fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242

view details

push time in a month

create barnchgruz0/inspirer-web

branch : snyk-fix-5fcc4f756c694bbb8738ee26eea890f1

created branch time in a month

push eventgruz0/real_estate_agency

snyk-bot

commit sha 80914c063f1d8a331db556133fd540d3cb6d4d19

fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-ADDRESSABLE-1316242

view details

push time in a month

push eventgruz0/real_estate_agency

Alexander Kadyrov

commit sha 0a0389e5f11a13c2ef94d36e1f0efbf889d9b8f7

Remove duplicate ports

view details

push time in a month

push eventgruz0/real_estate_agency

Alexander Kadyrov

commit sha c602bfae9faac02ea127596b2a0b4514a5b2a08a

Remove duplicate ports

view details

push time in a month

create barnchgruz0/real_estate_agency

branch : fix/remove-duplicate-ports

created branch time in a month

push eventgruz0/real_estate_agency

Alexander Kadyrov

commit sha fcd46efc127d1040ca77051206107952838c05ab

Migrate to GitHub Actions

view details

Alexander Kadyrov

commit sha e3644a454a9c5028e6d14536c0c852f1020e8695

Merge pull request #264 from gruz0/feature/migrate-to-github-actions Migrate to GitHub Actions

view details

push time in a month

PR closed gruz0/real_estate_agency

Bump factory_bot_rails from 5.1.1 to 6.2.0 dependencies

Bumps factory_bot_rails from 5.1.1 to 6.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/thoughtbot/factory_bot_rails/releases">factory_bot_rails's releases</a>.</em></p> <blockquote> <h2>v6.2.0</h2> <ul> <li>Changed: factory_bot dependency to ~> 6.2.0</li> </ul> <h2>v6.1.0</h2> <ul> <li>Changed: factory_bot dependency to ~> 6.1.0</li> </ul> <h2>v6.0.0</h2> <ul> <li>Fixed: generate a plural factory name when the <code>--force-plural</code> flag is provided</li> <li>Changed: factory_bot dependency to ~> 6.0.0</li> <li>Removed: <code>"factory_bot.register_reloader"</code> initializer, now registering the reloader after application initialization</li> <li>Removed: support for EOL versions of Ruby (2.3, 2.4) and Rails (4.2)</li> </ul> <h2>v5.2.0</h2> <ul> <li>Changed: factory_bot dependency to ~> 5.2.0</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/thoughtbot/factory_bot_rails/blob/master/NEWS.md">factory_bot_rails's changelog</a>.</em></p> <blockquote> <h2>6.2.0 (May 7, 2021)</h2> <ul> <li>Changed: factory_bot dependency to ~> 6.2.0</li> </ul> <h2>6.1.0 (July 8, 2020)</h2> <ul> <li>Changed: factory_bot dependency to ~> 6.1.0</li> </ul> <h2>6.0.0 (June 18, 2020)</h2> <ul> <li>Fixed: generate a plural factory name when the --force-plural flag is provided</li> <li>Changed: factory_bot dependency to ~> 6.0.0</li> <li>Removed: <code>"factory_bot.register_reloader"</code> initializer, now registering the reloader after application initialization</li> <li>Removed: support for EOL versions of Ruby (2.3, 2.4) and Rails (4.2)</li> </ul> <h2>5.2.0 (April 26, 2020)</h2> <ul> <li>Changed: factory_bot dependency to ~> 5.2.0</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/62cd3aae889d4d835daf451f83ee96a44c229606"><code>62cd3aa</code></a> Bump version to v.6.2.0 [ci skip]</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/8cda0bb04d152b133c1ca47c0353e54f25e956a0"><code>8cda0bb</code></a> Bump factory_bot in Gemfile</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/ae399cdb8b40b9b13740ede312fc954c9e60f7e5"><code>ae399cd</code></a> factory_bot ~> 6.2.0</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/c8b3f90abc65c8758eb5f2023e447fe5c03ea475"><code>c8b3f90</code></a> Run tests on Ruby 3.0 (<a href="https://github-redirect.dependabot.com/thoughtbot/factory_bot_rails/issues/390">#390</a>)</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/a5c7bf300f8f6d59535fad8668211eb9eadf4491"><code>a5c7bf3</code></a> Test against Rails 6.1 (<a href="https://github-redirect.dependabot.com/thoughtbot/factory_bot_rails/issues/388">#388</a>)</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/9de5e2b765679355c266277c5424242d1c815fe4"><code>9de5e2b</code></a> Skip Spring version 2.1.1 (<a href="https://github-redirect.dependabot.com/thoughtbot/factory_bot_rails/issues/389">#389</a>)</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/9f5b5fc9407cd21628071ff2cff3df538ab8e1c7"><code>9f5b5fc</code></a> Update NEWS.md to mention v5.2.0</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/3564a68d6010d8728eeb80fe548f043997c1f6dd"><code>3564a68</code></a> Bump version to v.6.1.0 [ci skip]</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/4b39c910c38277426f26cd1240c93e8175cb7e31"><code>4b39c91</code></a> Bump version to v.6.1.0 [ci skip]</li> <li><a href="https://github.com/thoughtbot/factory_bot_rails/commit/956beb1b04e6c1d73eb21b079917ec5af306337d"><code>956beb1</code></a> Bump all dev dependencies</li> <li>Additional commits viewable in <a href="https://github.com/thoughtbot/factory_bot_rails/compare/v5.1.1...v6.2.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+5 -5

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

PR closed gruz0/real_estate_agency

Bump bootsnap from 1.4.6 to 1.7.5 dependencies

Bumps bootsnap from 1.4.6 to 1.7.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md">bootsnap's changelog</a>.</em></p> <blockquote> <h1>1.7.5</h1> <ul> <li>Handle a regression of Ruby 2.7.3 causing Bootsnap to call the deprecated <code>untaint</code> method. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/360">#360</a>)</li> <li>Gracefully handle read-only file system as well as other errors preventing to persist the load path cache. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/358">#358</a>)</li> </ul> <h1>1.7.4</h1> <ul> <li>Stop raising errors when encoutering various file system errors. The cache is now best effort, if somehow it can't be saved, bootsnapp will gracefully fallback to the original operation (e.g. <code>Kernel.require</code>). (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/353">#353</a>, <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/177">#177</a>, <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/262">#262</a>)</li> </ul> <h1>1.7.3</h1> <ul> <li>Disable YAML precompilation when encountering YAML tags. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/351">#351</a>)</li> </ul> <h1>1.7.2</h1> <ul> <li>Fix compatibility with msgpack < 1. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/349">#349</a>)</li> </ul> <h1>1.7.1</h1> <ul> <li>Warn Ruby 2.5 users if they turn ISeq caching on. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/327">#327</a>, <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/244">#244</a>)</li> <li>Disable ISeq caching for the whole 2.5.x series again.</li> <li>Better handle hashing of Ruby strings. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/318">#318</a>)</li> </ul> <h1>1.7.0</h1> <ul> <li>Fix detection of YAML files in gems.</li> <li>Adds an instrumentation API to monitor cache misses.</li> <li>Allow to control the behavior of <code>require 'bootsnap/setup'</code> using environment variables.</li> <li>Deprecate the <code>disable_trace</code> option.</li> <li>Deprecate the <code>ActiveSupport::Dependencies</code> (AKA Classic autoloader) integration. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/344">#344</a>)</li> </ul> <h1>1.6.0</h1> <ul> <li>Fix a Ruby 2.7/3.0 issue with <code>YAML.load_file</code> keyword arguments. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/342">#342</a>)</li> <li><code>bootsnap precompile</code> CLI use multiple processes to complete faster. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/341">#341</a>)</li> <li><code>bootsnap precompile</code> CLI also precompile YAML files. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/340">#340</a>)</li> <li>Changed the load path cache directory from <code>$BOOTSNAP_CACHE_DIR/bootsnap-load-path-cache</code> to <code>$BOOTSNAP_CACHE_DIR/bootsnap/load-path-cache</code> for ease of use. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/334">#334</a>)</li> <li>Changed the compile cache directory from <code>$BOOTSNAP_CACHE_DIR/bootsnap-compile-cache</code> to <code>$BOOTSNAP_CACHE_DIR/bootsnap/compile-cache</code> for ease of use. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/334">#334</a>)</li> </ul> <h1>1.5.1</h1> <ul> <li>Workaround a Ruby bug in InstructionSequence.compile_file. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/332">#332</a>)</li> </ul> <h1>1.5.0</h1> <ul> <li>Add a command line to statically precompile the ISeq cache. (<a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/326">#326</a>)</li> </ul> <h1>1.4.9</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Shopify/bootsnap/commit/22b81ae866a6376326c1b8cb0371fca8bd7c5e4b"><code>22b81ae</code></a> Release 1.7.5</li> <li><a href="https://github.com/Shopify/bootsnap/commit/11fa1306826483d385e460ece3d90b7175f3263e"><code>11fa130</code></a> Make sure not to call untaint on Ruby 2.7+</li> <li><a href="https://github.com/Shopify/bootsnap/commit/2d40bd35d42aa262c3c2c479cfc789d0bf172d12"><code>2d40bd3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/Shopify/bootsnap/issues/358">#358</a> from metaskills/ReadOnlyFilesystem</li> <li><a href="https://github.com/Shopify/bootsnap/commit/4ccccfc9490deebceabda1c1f56d6c24b6eb9ec2"><code>4ccccfc</code></a> Use SystemCallError vs Errno::EROFS</li> <li><a href="https://github.com/Shopify/bootsnap/commit/4d1a4100a89341250d988258a01a3c69d40db284"><code>4d1a410</code></a> Ignore Read-Only Filesystems</li> <li><a href="https://github.com/Shopify/bootsnap/commit/a7b3628d541be22b4992c0bbc5a07ad4bb714d06"><code>a7b3628</code></a> Add a GitHub issue template to help contributors confirm their issue is with ...</li> <li><a href="https://github.com/Shopify/bootsnap/commit/c834dff885ef58e289b1935d2a6da4302c6d612d"><code>c834dff</code></a> Update rake-compiler</li> <li><a href="https://github.com/Shopify/bootsnap/commit/fa80667838ed9d90ef1c2030899504c49e0b8910"><code>fa80667</code></a> Handle bootsnap being disabled in BOOTSNAP_LOG</li> <li><a href="https://github.com/Shopify/bootsnap/commit/3e94307ebd665d2efdbddb0e99c7796f68cafb55"><code>3e94307</code></a> Release 1.7.4</li> <li><a href="https://github.com/Shopify/bootsnap/commit/503e9d50805769e9fc5034ed175062810e8f8f54"><code>503e9d5</code></a> Tread read errors as cache misses as well</li> <li>Additional commits viewable in <a href="https://github.com/Shopify/bootsnap/compare/v1.4.6...v1.7.5">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+2 -2

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

PR closed gruz0/real_estate_agency

[Snyk] Fix for 2 vulnerabilities

<h3>Snyk has created this PR to fix one or more vulnerable packages in the rubygems dependencies of this project.</h3>

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • Gemfile
    • Gemfile.lock

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 551/1000 <br/> Why? Recently disclosed, Has a fix available, CVSS 5.3 Information Exposure <br/>SNYK-RUBY-ACTIONPACK-1290051 No No Known Exploit
high severity 661/1000 <br/> Why? Recently disclosed, Has a fix available, CVSS 7.5 Denial of Service (DoS) <br/>SNYK-RUBY-ACTIONPACK-1290052 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI5MDg3MGU4ZC05NmM5LTQ5YjUtYTM5ZC02OTc2YzQ2ZWUxNGUiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjkwODcwZThkLTk2YzktNDliNS1hMzlkLTY5NzZjNDZlZTE0ZSJ9fQ==" width="0" height="0"/> 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

+107 -107

0 comment

2 changed files

snyk-bot

pr closed time in a month

PR closed gruz0/real_estate_agency

Bump rails from 5.2.4.3 to 6.0.4 dependencies

Bumps rails from 5.2.4.3 to 6.0.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rails/rails/releases">rails's releases</a>.</em></p> <blockquote> <h2>6.0.4</h2> <h2>Active Support</h2> <ul> <li> <p>Fixed issue in <code>ActiveSupport::Cache::RedisCacheStore</code> not passing options to <code>read_multi</code> causing <code>fetch_multi</code> to not work properly.</p> <p><em>Rajesh Sharma</em></p> </li> <li> <p><code>with_options</code> copies its options hash again to avoid leaking mutations.</p> <p>Fixes <a href="https://github-redirect.dependabot.com/rails/rails/issues/39343">#39343</a>.</p> <p><em>Eugene Kenny</em></p> </li> </ul> <h2>Active Model</h2> <ul> <li>No changes.</li> </ul> <h2>Active Record</h2> <ul> <li> <p>Only warn about negative enums if a positive form that would cause conflicts exists.</p> <p>Fixes <a href="https://github-redirect.dependabot.com/rails/rails/issues/39065">#39065</a>.</p> <p><em>Alex Ghiculescu</em></p> </li> <li> <p>Allow the inverse of a <code>has_one</code> association that was previously autosaved to be loaded.</p> <p>Fixes <a href="https://github-redirect.dependabot.com/rails/rails/issues/34255">#34255</a>.</p> <p><em>Steven Weber</em></p> </li> <li> <p>Reset statement cache for association if <code>table_name</code> is changed.</p> <p>Fixes <a href="https://github-redirect.dependabot.com/rails/rails/issues/36453">#36453</a>.</p> <p><em>Ryuta Kamizono</em></p> </li> <li> <p>Type cast extra select for eager loading.</p> <p><em>Ryuta Kamizono</em></p> </li> <li> <p>Prevent collection associations from being autosaved multiple times.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rails/rails/commit/6e721d79ba9458317c93bb02590bbaa25c5a3649"><code>6e721d7</code></a> Preparing for 6.0.4 release</li> <li><a href="https://github.com/rails/rails/commit/11a35e396faa640d8cbc9f75feb297794b91c1e5"><code>11a35e3</code></a> Update CHANGELOG</li> <li><a href="https://github.com/rails/rails/commit/b869a4e3a6e06c8d741ebf48faecfed6afb550a0"><code>b869a4e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/42244">#42244</a> from hahmed/fix-invalid-statement-compile-error</li> <li><a href="https://github.com/rails/rails/commit/7b5d0b9c057d346e259ec3df9bdc7369376c0005"><code>7b5d0b9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/41528">#41528</a> from yahonda/pg_where_with_set</li> <li><a href="https://github.com/rails/rails/commit/72a0eea37223a71b9695fd75f82fdf60ec99764e"><code>72a0eea</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/42308">#42308</a> from Shopify/fix-ruby-head-builds</li> <li><a href="https://github.com/rails/rails/commit/ef97441036e0ebbe1aa2108d59c408707f998ffd"><code>ef97441</code></a> Escape allow list hosts correctly</li> <li><a href="https://github.com/rails/rails/commit/98a0a12c5d27b86e0c57820ec1c6b4c4459a71e3"><code>98a0a12</code></a> Merge branch '6-0-sec' into 6-0-stable</li> <li><a href="https://github.com/rails/rails/commit/c04aff675d4cd3e8a54e0008dbfca10a8832a414"><code>c04aff6</code></a> Preparing for 6.0.3.7 release</li> <li><a href="https://github.com/rails/rails/commit/59b45665c05f2f1824dccaafea96423edd7b0018"><code>59b4566</code></a> update changelog</li> <li><a href="https://github.com/rails/rails/commit/d861fa8ade353390c4419b53a6c6b41f3005b1f2"><code>d861fa8</code></a> Prevent slow regex when parsing host authorization header</li> <li>Additional commits viewable in <a href="https://github.com/rails/rails/compare/v5.2.4.3...v6.0.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+59 -43

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

PR closed gruz0/real_estate_agency

[Snyk] Fix for 2 vulnerabilities

<h3>Snyk has created this PR to fix one or more vulnerable packages in the rubygems dependencies of this project.</h3>

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • Gemfile

<details> <summary>⚠️ <b>Warning</b></summary>

Failed to update the Gemfile.lock, please update manually before merging.

</details>

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 556/1000 <br/> Why? Recently disclosed, Has a fix available, CVSS 5.4 Open Redirect <br/>SNYK-RUBY-ACTIONPACK-1080916 Yes No Known Exploit
high severity 661/1000 <br/> Why? Recently disclosed, Has a fix available, CVSS 7.5 Regular Expression Denial of Service (ReDoS) <br/>SNYK-RUBY-ACTIVERECORD-1080913 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkNjgzZWZkYy0wNWZlLTQ0MmEtOTRlOS1iMzBkYjk3MmM4ODYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImQ2ODNlZmRjLTA1ZmUtNDQyYS05NGU5LWIzMGRiOTcyYzg4NiJ9fQ==" width="0" height="0"/> 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

+14 -14

0 comment

1 changed file

gruz0

pr closed time in a month

PR closed gruz0/real_estate_agency

[Snyk] Fix for 1 vulnerabilities

<h3>Snyk has created this PR to fix one or more vulnerable packages in the rubygems dependencies of this project.</h3>

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • Gemfile
    • Gemfile.lock

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000 <br/> Why? Recently disclosed, Has a fix available, CVSS 7.5 Denial of Service (DoS) <br/>SNYK-RUBY-NOKOGIRI-1293239 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJhYzg3MTBiMC1hNzlhLTQ1NmItYmIzZC0zMDZiZDYwNGExNGQiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImFjODcxMGIwLWE3OWEtNDU2Yi1iYjNkLTMwNmJkNjA0YTE0ZCJ9fQ==" width="0" height="0"/> 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

+116 -116

0 comment

2 changed files

snyk-bot

pr closed time in a month

PR closed gruz0/real_estate_agency

[Snyk] Security upgrade puma from 4.3.5 to 4.3.8

<h3>Snyk has created this PR to fix one or more vulnerable packages in the rubygems dependencies of this project.</h3>

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • Gemfile

<details> <summary>⚠️ <b>Warning</b></summary>

Failed to update the Gemfile.lock, please update manually before merging.

</details>

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000 <br/> Why? Recently disclosed, Has a fix available, CVSS 7.5 Denial of Service (DoS) <br/>SNYK-RUBY-PUMA-1291014 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIyOWFlZGNjNC04MDYxLTQzY2ItOTNiYS1kNzYyOThmYmIzZTYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjI5YWVkY2M0LTgwNjEtNDNjYi05M2JhLWQ3NjI5OGZiYjNlNiJ9fQ==" width="0" height="0"/> 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

+1 -1

0 comment

1 changed file

snyk-bot

pr closed time in a month

PR closed gruz0/real_estate_agency

Bump bootstrap from 4.5.0 to 5.0.1 dependencies

Bumps bootstrap from 4.5.0 to 5.0.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/73f9c09beb6143c1dcd8dca369982769307b44a8"><code>73f9c09</code></a> Update to v5.0.1</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/73ff03814293da40780b7a858f5f853bc4494280"><code>73ff038</code></a> Update to v5.0.0</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/5be8a01c0c28c5631ad0062ab121e5816466117f"><code>5be8a01</code></a> fix README typo</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/7d23f76ba8c06207a409d889e37b9e77f3a0d2e9"><code>7d23f76</code></a> Bump popper_js version</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/a949bd815df77e48fda2da77b1ecf861a9f71487"><code>a949bd8</code></a> Update to v5.0.0-beta3</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/07bc4774a9725caf12d276ddd3aafbbd393cf576"><code>07bc477</code></a> Updater: Mark util/scrollbar.js as inlined</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/fdef7a019b1a455ab8ce202b744f45147587bd47"><code>fdef7a0</code></a> Updater: log file on network error</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/8b5b57938f0fba0a0eb7d190db2c28ec9848130d"><code>8b5b579</code></a> Bump minimum Popper version to v2.8.6</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/e9fb4c7bc977744a16e74e9133aea0f07e4953c2"><code>e9fb4c7</code></a> travis: Add Rails 6.1</li> <li><a href="https://github.com/twbs/bootstrap-rubygem/commit/c43a4cb312942449be30a3d0abfe324dc9ae6980"><code>c43a4cb</code></a> Update test rails app view</li> <li>Additional commits viewable in <a href="https://github.com/twbs/bootstrap-rubygem/compare/v4.5.0...v5.0.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+7 -7

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in a month

push eventgruz0/real_estate_agency

Alexander Kadyrov

commit sha fcd46efc127d1040ca77051206107952838c05ab

Migrate to GitHub Actions

view details

push time in a month

push eventgruz0/real_estate_agency

Alexander Kadyrov

commit sha a54fb41ab6138a37361032ad31f83fe3a828dc84

Migrate to GitHub Actions

view details

push time in a month

push eventgruz0/real_estate_agency

Alexander Kadyrov

commit sha 046bfb664c319bbd9b17cc13c43e4631752fc6f8

Migrate to GitHub Actions

view details

push time in a month