diff options
Diffstat (limited to 'actionview/CHANGELOG.md')
-rw-r--r-- | actionview/CHANGELOG.md | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md index 16361fd2eb..be67aff543 100644 --- a/actionview/CHANGELOG.md +++ b/actionview/CHANGELOG.md @@ -1,5 +1,57 @@ +* Only clear ActionView cache in development on file changes + + To speed up development mode, view caches are only cleared when files in + the view paths have changed. Applications which have implemented custom + `ActionView::Resolver` subclasses may need to add their own cache clearing. + + *John Hawthorn* + +* Fix `ActionView::FixtureResolver` so that it handles template variants correctly. + + *Edward Rudd* + + +## Rails 6.0.0.beta3 (March 11, 2019) ## + +* Only accept formats from registered mime types + + A lack of filtering on mime types could allow an attacker to read + arbitrary files on the target server or to perform a denial of service + attack. + + Fixes CVE-2019-5418 + Fixes CVE-2019-5419 + + *John Hawthorn*, *Eileen M. Uchitelle*, *Aaron Patterson* + + +## Rails 6.0.0.beta2 (February 25, 2019) ## + +* `ActionView::Template.finalize_compiled_template_methods` is deprecated with + no replacement. + + *tenderlove* + +* `config.action_view.finalize_compiled_template_methods` is deprecated with + no replacement. + + *tenderlove* + +* Ensure unique DOM IDs for collection inputs with float values. + + Fixes #34974. + + *Mark Edmondson* + + ## Rails 6.0.0.beta1 (January 18, 2019) ## +* [Rename npm package](https://github.com/rails/rails/pull/34905) from + [`rails-ujs`](https://www.npmjs.com/package/rails-ujs) to + [`@rails/ujs`](https://www.npmjs.com/package/@rails/ujs). + + *Javan Makhmali* + * Remove deprecated `image_alt` helper. *Rafael Mendonça França* |