Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-activestorage-8.0 for
openSUSE:Factory checked in at 2025-08-22 17:49:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-activestorage-8.0 (Old)
and /work/SRC/openSUSE:Factory/.rubygem-activestorage-8.0.new.29662 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-activestorage-8.0"
Fri Aug 22 17:49:23 2025 rev:4 rq:1300934 version:8.0.2.1
Changes:
--------
---
/work/SRC/openSUSE:Factory/rubygem-activestorage-8.0/rubygem-activestorage-8.0.changes
2025-01-21 21:10:28.478977000 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-activestorage-8.0.new.29662/rubygem-activestorage-8.0.changes
2025-08-22 17:50:58.107860487 +0200
@@ -1,0 +2,6 @@
+Thu Aug 14 00:25:16 UTC 2025 - Marcus Rueckert <mrueck...@suse.de>
+
+- Update to version 8.0.2.1:
+
https://rubyonrails.org/2025/8/13/Rails-Versions-8-0-2-1-7-2-2-2-and-7-1-5-2-have-been-released
+
+-------------------------------------------------------------------
Old:
----
activestorage-8.0.1.gem
New:
----
activestorage-8.0.2.1.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-activestorage-8.0.spec ++++++
--- /var/tmp/diff_new_pack.ByieMX/_old 2025-08-22 17:50:58.619881824 +0200
+++ /var/tmp/diff_new_pack.ByieMX/_new 2025-08-22 17:50:58.623881991 +0200
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-activestorage-8.0
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-activestorage-8.0
-Version: 8.0.1
+Version: 8.0.2.1
Release: 0
%define mod_name activestorage
%define mod_full_name %{mod_name}-%{version}
++++++ activestorage-8.0.1.gem -> activestorage-8.0.2.1.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md 2024-12-13 21:02:36.000000000 +0100
+++ new/CHANGELOG.md 1980-01-02 01:00:00.000000000 +0100
@@ -1,3 +1,31 @@
+## Rails 8.0.2.1 (August 13, 2025) ##
+
+ Remove dangerous transformations
+
+ [CVE-2025-24293]
+
+ *Zack Deveau*
+
+## Rails 8.0.2 (March 12, 2025) ##
+
+* No changes.
+
+
+## Rails 8.0.2 (March 12, 2025) ##
+
+* A Blob will no longer autosave associated Attachment.
+
+ This fixes an issue where a record with an attachment would have
+ its dirty attributes reset, preventing your `after commit` callbacks
+ on that record to behave as expected.
+
+ Note that this change doesn't require any changes on your application
+ and is supposed to be internal. Active Storage Attachment will continue
+ to be autosaved (through a different relation).
+
+ *Edouard-chin*
+
+
## Rails 8.0.1 (December 13, 2024) ##
* No changes.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/app/models/active_storage/blob.rb
new/app/models/active_storage/blob.rb
--- old/app/models/active_storage/blob.rb 2024-12-13 21:02:36.000000000
+0100
+++ new/app/models/active_storage/blob.rb 1980-01-02 01:00:00.000000000
+0100
@@ -29,7 +29,7 @@
# :method:
#
# Returns the associated ActiveStorage::Attachment instances.
- has_many :attachments
+ has_many :attachments, autosave: false
##
# :singleton-method:
@@ -151,22 +151,6 @@
combined_blob.save!
end
end
-
- def validate_service_configuration(service_name, model_class,
association_name) # :nodoc:
- if service_name
- services.fetch(service_name) do
- raise ArgumentError, "Cannot configure service
#{service_name.inspect} for #{model_class}##{association_name}"
- end
- else
- validate_global_service_configuration
- end
- end
-
- def validate_global_service_configuration # :nodoc:
- if connected? && table_exists? &&
Rails.configuration.active_storage.service.nil?
- raise RuntimeError, "Missing Active Storage service name. Specify
Active Storage service name for config.active_storage.service in
config/environments/#{Rails.env}.rb"
- end
- end
end
include Analyzable
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/active_storage/attached/changes/create_one.rb
new/lib/active_storage/attached/changes/create_one.rb
--- old/lib/active_storage/attached/changes/create_one.rb 2024-12-13
21:02:36.000000000 +0100
+++ new/lib/active_storage/attached/changes/create_one.rb 1980-01-02
01:00:00.000000000 +0100
@@ -121,7 +121,7 @@
service_name =
record.attachment_reflections[name].options[:service_name]
if service_name.is_a?(Proc)
service_name = service_name.call(record)
- ActiveStorage::Blob.validate_service_configuration(service_name,
record.class, name)
+ Attached::Model.validate_service_configuration(service_name,
record.class, name)
end
service_name
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/active_storage/attached/model.rb
new/lib/active_storage/attached/model.rb
--- old/lib/active_storage/attached/model.rb 2024-12-13 21:02:36.000000000
+0100
+++ new/lib/active_storage/attached/model.rb 1980-01-02 01:00:00.000000000
+0100
@@ -106,7 +106,7 @@
# <tt>active_storage_attachments.record_type</tt> polymorphic type
column of
# the corresponding rows.
def has_one_attached(name, dependent: :purge_later, service: nil,
strict_loading: false)
- ActiveStorage::Blob.validate_service_configuration(service, self,
name) unless service.is_a?(Proc)
+ Attached::Model.validate_service_configuration(service, self, name)
unless service.is_a?(Proc)
generated_association_methods.class_eval <<-CODE, __FILE__, __LINE__ +
1
# frozen_string_literal: true
@@ -208,7 +208,7 @@
# <tt>active_storage_attachments.record_type</tt> polymorphic type
column of
# the corresponding rows.
def has_many_attached(name, dependent: :purge_later, service: nil,
strict_loading: false)
- ActiveStorage::Blob.validate_service_configuration(service, self,
name) unless service.is_a?(Proc)
+ Attached::Model.validate_service_configuration(service, self, name)
unless service.is_a?(Proc)
generated_association_methods.class_eval <<-CODE, __FILE__, __LINE__ +
1
# frozen_string_literal: true
@@ -259,6 +259,25 @@
end
end
+ class << self
+ def validate_service_configuration(service_name, model_class,
association_name) # :nodoc:
+ if service_name
+ ActiveStorage::Blob.services.fetch(service_name) do
+ raise ArgumentError, "Cannot configure service
#{service_name.inspect} for #{model_class}##{association_name}"
+ end
+ else
+ validate_global_service_configuration(model_class)
+ end
+ end
+
+ private
+ def validate_global_service_configuration(model_class)
+ if model_class.connected? && ActiveStorage::Blob.table_exists? &&
Rails.configuration.active_storage.service.nil?
+ raise RuntimeError, "Missing Active Storage service name. Specify
Active Storage service name for config.active_storage.service in
config/environments/#{Rails.env}.rb"
+ end
+ end
+ end
+
def attachment_changes # :nodoc:
@attachment_changes ||= {}
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/active_storage/gem_version.rb
new/lib/active_storage/gem_version.rb
--- old/lib/active_storage/gem_version.rb 2024-12-13 21:02:36.000000000
+0100
+++ new/lib/active_storage/gem_version.rb 1980-01-02 01:00:00.000000000
+0100
@@ -9,8 +9,8 @@
module VERSION
MAJOR = 8
MINOR = 0
- TINY = 1
- PRE = nil
+ TINY = 2
+ PRE = "1"
STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/active_storage.rb new/lib/active_storage.rb
--- old/lib/active_storage.rb 2024-12-13 21:02:36.000000000 +0100
+++ new/lib/active_storage.rb 1980-01-02 01:00:00.000000000 +0100
@@ -72,7 +72,6 @@
"annotate",
"antialias",
"append",
- "apply",
"attenuate",
"authenticate",
"auto_gamma",
@@ -213,7 +212,6 @@
"linewidth",
"liquid_rescale",
"list",
- "loader",
"log",
"loop",
"lowlight_color",
@@ -276,7 +274,6 @@
"rotate",
"sample",
"sampling_factor",
- "saver",
"scale",
"scene",
"screen",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2024-12-13 21:02:36.000000000 +0100
+++ new/metadata 1980-01-02 01:00:00.000000000 +0100
@@ -1,14 +1,13 @@
--- !ruby/object:Gem::Specification
name: activestorage
version: !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
platform: ruby
authors:
- David Heinemeier Hansson
-autorequire:
bindir: bin
cert_chain: []
-date: 2024-12-13 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: activesupport
@@ -16,56 +15,56 @@
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
- !ruby/object:Gem::Dependency
name: actionpack
requirement: !ruby/object:Gem::Requirement
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
- !ruby/object:Gem::Dependency
name: activejob
requirement: !ruby/object:Gem::Requirement
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
- !ruby/object:Gem::Dependency
name: activerecord
requirement: !ruby/object:Gem::Requirement
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - '='
- !ruby/object:Gem::Version
- version: 8.0.1
+ version: 8.0.2.1
- !ruby/object:Gem::Dependency
name: marcel
requirement: !ruby/object:Gem::Requirement
@@ -190,12 +189,11 @@
- MIT
metadata:
bug_tracker_uri: https://github.com/rails/rails/issues
- changelog_uri:
https://github.com/rails/rails/blob/v8.0.1/activestorage/CHANGELOG.md
- documentation_uri: https://api.rubyonrails.org/v8.0.1/
+ changelog_uri:
https://github.com/rails/rails/blob/v8.0.2.1/activestorage/CHANGELOG.md
+ documentation_uri: https://api.rubyonrails.org/v8.0.2.1/
mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
- source_code_uri: https://github.com/rails/rails/tree/v8.0.1/activestorage
+ source_code_uri: https://github.com/rails/rails/tree/v8.0.2.1/activestorage
rubygems_mfa_required: 'true'
-post_install_message:
rdoc_options: []
require_paths:
- lib
@@ -210,8 +208,7 @@
- !ruby/object:Gem::Version
version: '0'
requirements: []
-rubygems_version: 3.5.22
-signing_key:
+rubygems_version: 3.6.9
specification_version: 4
summary: Local and cloud file storage framework.
test_files: []
