@rails/ujs - npm Package Compare versions

Comparing version 6.0.2 to 6.0.3-rc1

CHANGELOG.md

@@ -0,1 +1,27 @@
+## Rails 6.0.3.rc1 (April 30, 2020) ##
+
+*   annotated_source_code returns an empty array so TemplateErrors without a
+    template in the backtrace are surfaced properly by DebugExceptions.
+
+    *Guilherme Mansur*, *Kasper Timm Hansen*
+
+*   Add autoload for SyntaxErrorInTemplate so syntax errors are correctly raised by DebugExceptions.
+
+    *Guilherme Mansur*, *Gannon McGibbon*
+
+
+## Rails 6.0.2.2 (March 19, 2020) ##
+
+*   Fix possible XSS vector in escape_javascript helper
+
+    CVE-2020-5267
+
+    *Aaron Patterson*
+
+
+## Rails 6.0.2.1 (December 18, 2019) ##
+
+*   No changes.
+
+
 ## Rails 6.0.2 (December 13, 2019) ##
@@ -2,0 +28,0 @@

package.json

 {
   "name": "@rails/ujs",
-  "version": "6.0.2",
+  "version": "6.0.3-rc1",
   "description": "Ruby on Rails unobtrusive scripting adapter",
@@ -5,0 +5,0 @@ "main": "lib/assets/compiled/rails-ujs.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

39450

increased by1.46%

Worsened metrics

Number of low quality alerts

1

increased byInfinity%

No dependency changes