[openstreetmap/openstreetmap-website] Bump rails from 6.0.3.2 to 6.0.3.3 (#2822)
    dependabot[bot] 
    notifications at github.com
       
    Thu Sep 10 05:01:04 UTC 2020
    
    
  
Bumps [rails](https://github.com/rails/rails) from 6.0.3.2 to 6.0.3.3.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/rails/rails/commit/070d4afacd3e9721b7e3a4634e4d026b5fa2c32c"><code>070d4af</code></a> v6.0.3.3</li>
<li><a href="https://github.com/rails/rails/commit/4ca2027d70ddbab141300e2b8331d2d775c63154"><code>4ca2027</code></a> Fix XSS vulnerability in <code>translate</code> helper</li>
<li>See full diff in <a href="https://github.com/rails/rails/compare/v6.0.3.2...v6.0.3.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
You can view, comment on, or merge this pull request online at:
  https://github.com/openstreetmap/openstreetmap-website/pull/2822
-- Commit Summary --
  * Bump rails from 6.0.3.2 to 6.0.3.3
-- File Changes --
    M Gemfile (2)
    M Gemfile.lock (106)
-- Patch Links --
https://github.com/openstreetmap/openstreetmap-website/pull/2822.patch
https://github.com/openstreetmap/openstreetmap-website/pull/2822.diff
-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/2822
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20200909/7610c663/attachment.htm>
    
    
More information about the rails-dev
mailing list