Just in case you were wondering, the recent ActiveRecord nested attributes vulnerability (http://groups.google.com/group/rubyonrails- security/browse_thread/thread/f9f913d328dafe0c, patch at http://github.com/rails/rails/commit/9ebe582830fd0386e09a917d81eb6cff494cd590) does not apply to Sequel's nested_attributes plugin. When I initially wrote the nested_attributes plugin, I anticipated the vulnerability and protected against it by checking that the records to be modified were already associated (http://github.com/jeremyevans/sequel/commit/ 412115d8706bba4a25dcda32ffde08f68b5f7ccc#L3R95).
Jeremy -- You received this message because you are subscribed to the Google Groups "sequel-talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/sequel-talk?hl=en.
