This repository was archived by the owner on Feb 4, 2026. It is now read-only.
[Security] Bump ffi from 1.9.17 to 1.9.25#1017
Merged
lord merged 1 commit intoslatedocs:devfrom Jun 1, 2019
greysteil:dependabot/bundler/ffi-1.9.25
Merged
[Security] Bump ffi from 1.9.17 to 1.9.25#1017lord merged 1 commit intoslatedocs:devfrom greysteil:dependabot/bundler/ffi-1.9.25
lord merged 1 commit intoslatedocs:devfrom
greysteil:dependabot/bundler/ffi-1.9.25
Conversation
Bumps [ffi](https://github.com/ffi/ffi) from 1.9.17 to 1.9.25. **This update includes security fixes.** - [Release notes](https://github.com/ffi/ffi/releases) - [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md) - [Commits](ffi/ffi@1.9.17...1.9.25) Signed-off-by: dependabot[bot] <support@dependabot.com>
|
This was helpful, because older versions of ffi had trouble installing on Mac OS X 10.13 |
|
If this PR is approved and good to go, could you please merge it @lord or @veganstraightedge ? |
Member
|
Thanks, sorry for the long delay! |
lord
pushed a commit
that referenced
this pull request
Oct 20, 2019
Bumps [ffi](https://github.com/ffi/ffi) from 1.9.17 to 1.9.25. **This update includes security fixes.** - [Release notes](https://github.com/ffi/ffi/releases) - [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md) - [Commits](ffi/ffi@1.9.17...1.9.25) Signed-off-by: dependabot[bot] <support@dependabot.com>
curreli
referenced
this pull request
in curreli/slate
Apr 6, 2020
Bumps [ffi](https://github.com/ffi/ffi) from 1.9.17 to 1.9.25. **This update includes security fixes.** - [Release notes](https://github.com/ffi/ffi/releases) - [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md) - [Commits](ffi/ffi@1.9.17...1.9.25) Signed-off-by: dependabot[bot] <support@dependabot.com>
patrickryan79
referenced
this pull request
in patrickryan79/slate
Oct 15, 2020
* Add editorconfig (#891) * Update nav-text to update toc text too, fixes #885 * Add optional NestingUniqueHeadCounter header ID generator * Move nesting generator to separate class * Major bug fix, code simplification * Get rid of global value, use class variable instead. * fixed Markdown code formatting using backticks inside HTML code block in _errors.md (#905) * Parameterize ToC titles, remove html tags from slug (thx seweil), fixes #904 * Fix #837 Chinese, Russian headers, thx finalnova * Fix bug where wrapping the logo in an <a> tag would brake it * remove unneccessary offensive language :hug: (#910) * Update README.md (#919) Fixed typo * Add notes about spectrum * Add changelog for 2.2 * Allow strikethrough with two tildes in markdown, fixes #929 * Upgrade to latest jQuery (3.2.1) (#939) * Fix broken list, replaces #918 * Increase memory of Vagrant, fixes #601 hopefully * Cleans HTML before setting document.title (#946) Fixes slatedocs/slate#945 * Update .editorconfig to allow trailing whitespace in .md files (#947) * Rename OS X as macOS (#950) * Rename OS X to macOS in deploy.sh comment (#951) * Fixes #909, reverts "don't pushState", using replaceState instead (#949) Partially reverts 95f924f. * Remove IBM from "Companies Using Slate" (#964) * Remove outdated Fidor Bank example (#963) * Factor nav-padding into search input width (#967) Hardcoded value of 30px no longer works when navigation padding is changed. This is now calculated dynamically. * Make quotes consistent in Gemfile (#983) * Remove invalid links (#979) * [Security] Bump nokogiri from 1.6.8.1 to 1.8.2 (#980) * Adding js to language bindings in sample intro (#1000) * Fix ToC issues, fix #995 * Cut version 2.3 * Update sprockets, cut version 2.3.1 * Update issue template to direct users to changelog instead of git commits * [Security] Bump nokogiri from 1.8.2 to 1.8.5 (#1026) Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.8.2 to 1.8.5. **This update includes security fixes.** - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md) - [Commits](sparklemotion/nokogiri@v1.8.2...v1.8.5) Signed-off-by: dependabot[bot] <support@dependabot.com> * Update link in .editorconfig to https (#1049) * Fix lowercase "c" in "WooCommerce". (#1043) * [Security] Bump ffi from 1.9.17 to 1.9.25 (#1017) Bumps [ffi](https://github.com/ffi/ffi) from 1.9.17 to 1.9.25. **This update includes security fixes.** - [Release notes](https://github.com/ffi/ffi/releases) - [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md) - [Commits](ffi/ffi@1.9.17...1.9.25) Signed-off-by: dependabot[bot] <support@dependabot.com> * [Security] Bump rack from 2.0.5 to 2.0.6 (#1038) Bumps [rack](https://github.com/rack/rack) from 2.0.5 to 2.0.6. **This update includes security fixes.** - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md) - [Commits](rack/rack@2.0.5...2.0.6) Signed-off-by: dependabot[bot] <support@dependabot.com> * Bundle update; upgrade middleman, add sass gem Patch taken from #1092, thanks jakemack * Update to bundler 2.0 in travis.yml * Update issue templates * updated config.rb to activate asset_hash (#1076) * change example link correctly (#1130) * Change default value of base fork in PR template (#1137) * Updated README.md from lord/slate to slatedocs/slate (#1140) * Update url for travis badge * [Security] Upgrade nokogiri to 1.10.4 (#1150) * Cut version 2.4.0 * Use the full Apache License 2.0 text in LICENSE Per the Apache Software Foundation guidelines for applying the Apache License 2.0: https://www.apache.org/foundation/license-faq.html#Apply-My-Software > You should include a copy of the Apache License, typically in a file called LICENSE, in your work, and consider also including a NOTICE file. * Update GitHub Links on example generated site (#1196) * Update Vagrantfile to Ubuntu 18.04 (#1158) * Slate 2.4 breaks vagrant * Update Vagrantfile * Update Vagrantfile * Ignore generated log file from running Vagrant * Update tested versions of ruby on Travis (#1160) * Fully parse arguments first in deploy (#1153) * Do not build sources when using --help * Use variables for build/push if statements * fix error message * List maintainers in README (#1164) * Install nodejs in Vagrantfile (#1202) Co-authored-by: Matthew Peveler <matt.peveler@gmail.com> * add Dockerfile (#1124) * add Dockerfile add Dockerfile * Update Dockerfile Co-authored-by: Matthew Peveler <matt.peveler@gmail.com> * add instructions to running docker to README Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Remove line in README about Docker wiki Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * update middleman dep to 4.3.6 Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * update middleman-syntax and rouge to ~>3.2 Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * update nokogiri to ~> 1.10.8 Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * add 2.5.0 release to changelog Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * update screenshot in README with new rouge styling (#1228) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * fix bc style breaks from rouge 3.x (#1226) * fix bc style breaks from rouge 3.x Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * use bright_pink for Name::Label Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Change instructions to use templates instead of forking (#1234) * disable asset hash for woff and woff2 files out of the box (#1231) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * switch to using debian for docker base for bash (#1233) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * update sassc to 2.3.0 in Gemfile.lock Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * v2.6.0 release Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Update bug report templates, remove links to Spectrum (#1239) * Replace travis with github actions (#1240) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * add missing middleman build step to deploy gh workflow Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Replace README Getting Started with links to wiki (#1246) * Bump middleman from 4.3.6 to 4.3.7 (#1247) Bumps [middleman](https://github.com/middleman/middleman) from 4.3.6 to 4.3.7. - [Release notes](https://github.com/middleman/middleman/releases) - [Changelog](https://github.com/middleman/middleman/blob/v4.3.7/CHANGELOG.md) - [Commits](middleman/middleman@v4.3.6...v4.3.7) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> * cut v2.6.1 release (#1249) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Fix broken "Getting Started" link in README (#1251) * Fix link to wiki in README (#1253) * master -> main (#1264) * Update deploy.yml (#1265) master -> main branch * Remove outdated special thanks section: README.md (#1267) Fixes #1243 * Fix username typo in changelog (#1256) Correct Github username to jakemack from jackmack * Update JavaScript dependencies (#1248) Signed-off-by: Mike Ralphson <mike.ralphson@gmail.com> * Bump rouge from 3.17.0 to 3.19.0 (#1242) Bumps [rouge](https://github.com/rouge-ruby/rouge) from 3.17.0 to 3.19.0. - [Release notes](https://github.com/rouge-ruby/rouge/releases) - [Changelog](https://github.com/rouge-ruby/rouge/blob/master/CHANGELOG.md) - [Commits](rouge-ruby/rouge@v3.17.0...v3.19.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> * mark files under source/javascripts/lib as vendored by GitHub statistics Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Bump redcarpet from 3.4.0 to 3.5.0 (#1241) Bumps [redcarpet](https://github.com/vmg/redcarpet) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/vmg/redcarpet/releases) - [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md) - [Commits](vmg/redcarpet@v3.4.0...v3.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> * Bump rouge from 3.19.0 to 3.20.0 (#1260) Bumps [rouge](https://github.com/rouge-ruby/rouge) from 3.19.0 to 3.20.0. - [Release notes](https://github.com/rouge-ruby/rouge/releases) - [Changelog](https://github.com/rouge-ruby/rouge/blob/master/CHANGELOG.md) - [Commits](rouge-ruby/rouge@v3.19.0...v3.20.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> * [Security] Bump rack from 2.2.2 to 2.2.3 (#1262) Bumps [rack](https://github.com/rack/rack) from 2.2.2 to 2.2.3. **This update includes a security fix.** - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md) - [Commits](rack/rack@v2.2.2...2.2.3) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> * use different rouge theme for printing (#1259) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * add copy to clipboard icon to code boxes (#1258) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Fix handling ToC selectors that contain punctuation (#1109) Tools like go-swag can produce schemas with IDs that contain '.' and other characters that are used in CSS notation. Those IDs can't be used properly in a jQuery selector unless the special characters are escaped. Co-authored-by: Matthew Peveler <matt.peveler@gmail.com> * fix language bar truncating long list of langs (#1266) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Strip HTML tags from ToC element with regex before showing in title bar (#1120) * cut 2.7.0 release (#1268) Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Remove extra space before date for 2.7.0 Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Fix link from master to main branch Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> * Remove merge conflict lines from README (#1274) * Bump middleman from 4.3.7 to 4.3.8 (#1302) Bumps [middleman](https://github.com/middleman/middleman) from 4.3.7 to 4.3.8. - [Release notes](https://github.com/middleman/middleman/releases) - [Changelog](https://github.com/middleman/middleman/blob/master/CHANGELOG.md) - [Commits](middleman/middleman@v4.3.7...v4.3.8) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> * cut 2.7.1 release Signed-off-by: Matthew Peveler <matt.peveler@gmail.com> Co-authored-by: Jay Thomas <jay@gfax.ch> Co-authored-by: Robert Lord <robert@lord.io> Co-authored-by: Vladimir Morozov <greenhost87@gmail.com> Co-authored-by: Martius <martius.lim.2015@sis.smu.edu.sg> Co-authored-by: Gregor Martynus <gregor@martynus.net> Co-authored-by: Emir Ribić <ribice@gmail.com> Co-authored-by: Tomi Takussaari <tomi.takussaari@gmail.com> Co-authored-by: Dan Levy <397632+justsml@users.noreply.github.com> Co-authored-by: Samuel Cousin <hello@samuelcousin.com> Co-authored-by: Andrey Fedorov <me@anfedorov.com> Co-authored-by: al-tr <al-tr@users.noreply.github.com> Co-authored-by: Jerome Dahdah <developer@dahdah.org> Co-authored-by: Sebastian Zaremba <1636476+vassyz@users.noreply.github.com> Co-authored-by: Ricardo Castro <mccricardo@users.noreply.github.com> Co-authored-by: Grey Baker <greysteil@gmail.com> Co-authored-by: Nick Busey <NickBusey@users.noreply.github.com> Co-authored-by: Christian Oliff <christianoliff@yahoo.com> Co-authored-by: Jeff Stieler <jeff.m.stieler@gmail.com> Co-authored-by: Dan <48282179+dan-os@users.noreply.github.com> Co-authored-by: Sam Gilman <thenengah@gmail.com> Co-authored-by: daniel-korbit <daniel.ji@korbit.co.kr> Co-authored-by: Arun <slash-arun@outlook.com> Co-authored-by: Gustavo Gawryszewski <318831+gawry@users.noreply.github.com> Co-authored-by: Matthew Peveler <matt.peveler@gmail.com> Co-authored-by: BigBlueHat <byoung@bigbluehat.com> Co-authored-by: Alex Mayer <amayer5125@gmail.com> Co-authored-by: Mike Ralphson <mike.ralphson@gmail.com> Co-authored-by: Brad Thurber <brad.thurber@gmail.com> Co-authored-by: Fernando Aguilar <fernando@recargo.com> Co-authored-by: KaliArch <18329903316@163.com> Co-authored-by: lord <lord@users.noreply.github.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: Ritesh Kumar <ritesh99rakesh@gmail.com> Co-authored-by: Simon Marcus <simon@pippa.io> Co-authored-by: jakemack <jakemack@gmail.com> Co-authored-by: Caleb Crane <caleb@gru.is> Co-authored-by: Andrew Lloyd Cartwright <andrewlloydcartwright+atlc@gmail.com> Co-authored-by: McKay Ward <mckay@mckayward.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps ffi from 1.9.17 to 1.9.25. This update includes security fixes.
Vulnerabilities fixed
Sourced from The GitHub Vulnerability Alert Database.
Changelog
Sourced from ffi's changelog.
Commits
aa1b844Prepare for release 1.9.25f1385aeRevert "README: Remove now unnecessary PaX workaround [ci skip]"94441aaRevert "Do closures via libffi"4e1051aRun rspec with dots output onlye70b13dFix integer parameter range specs55ae232Fix several specs where raise_error was called without class8821d4fSpecify error class for several raise_error callsbf48d44Fix missing C declarations causing compiler warningsf569788Replace symlinks for mips r6 with plain filesfedbae0Update CHANGELOGI had Dependabot running on my fork so saw this. Don't think it's exploitable in any way, but still best practice to patch.