Skip to content

Commit

Permalink
Release version 0.13.0
Browse files Browse the repository at this point in the history
  • Loading branch information
nickcharlton committed Mar 13, 2020
1 parent 61f94d6 commit 70a2778
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 3 deletions.
44 changes: 44 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,53 @@
* `[I18n]`: Internationalization. Changes to translations or localizations.
* `[OPTIM]`: Optimization or performance increase.
* `[DOC]`: Documentation changes. No changes to the library's behavior.
* `[SECURITY]`: A change which fixes a security vulnerability.

## Changes

### 0.13.0 (March 13, 2020)

**NOTE:** This release contains the fix for [`CVE-2020-5257`][cve-5257], which
fixes a potential SQL injection on dashboard sorting.

* [SECURITY] Fix Sort order SQL injection.
* [BUGFIX] [#1561] Fix very narrow nested fields.
* [BUGFIX] [#1565] Fix unterminated single quote.
* [UI] [#1537] Provide <title> tags for doc pages.
* [BUGFIX] [#1552] Use the correct foreign key when sorting belongs_to
associations.
* [FEATURE] [#1551] More readable warnings.
* [FEATURE] [#1512] Avoid confusion with class methods and protected/private
modifiers.
* [FEATURE] [#1513] Accessible from templates; avoids having to create new
field types.
* [UI] [#1536] Declare doctype, language and charset.
* [DOC] [#1540] Add new Date field to docs.
* [FEATURE] [#1530] Include Date Field.
* [BUGFIX] [#1522] Align label and data on show page.
* [FEATURE] [#1521] Expose required fields on form.
* [DOC] [#1531] Remove project level rubocop.yml.
* [DOC] [#1534] Move documentation of how to disable some actions on
controller.
* [UI] [#1524] Hide resources without index in the navigation.
* [DOC] [#1523] Update screenshot.
* [UI] [#1376] Add a "back" link to the navigation.
* [DOC] [#1187] Update comment with new namespace.
* [DOC] [#1514] Rewrite the contributing guide.
* [BUGFIX] [#1495] Attempt to fix random CI failures.
* [BUGFIX] [#1507] Remove query from link, to avoid triggering banned params.
* [DOC] [#1479] Document controller APIs.
* [COMPAT] [#1475] Allows running specs individually.
* [UI] [#1484] Double-click to select attribute text.
* [DOC] Configure GitHub Sponsors.
* [COMPAT] [#1457] Fix PhantomJS test behaviour on Linux.
* [BUGFIX] [#920] Remove NameError rescue in page base.
* [BUGFIX] [#1447] Don't pass raw SQL when changing sort order.
* [FEATURE] [#1452] Support Sprockets 4.
* [DOC] [#1426] Add issue templates.

[cve-5257]: https://github.com/thoughtbot/administrate/security/advisories/GHSA-2p5p-m353-833w

### 0.12.0 (September 10, 2019)

* [COMPAT] [#1331] Drop active_job from the dependencies.
Expand Down
4 changes: 2 additions & 2 deletions Gemfile.lock
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
PATH
remote: .
specs:
administrate (0.12.0)
administrate (0.13.0)
actionpack (>= 4.2)
actionview (>= 4.2)
activerecord (>= 4.2)
Expand Down Expand Up @@ -94,7 +94,7 @@ GEM
i18n (>= 1.6, < 2)
faraday (1.0.0)
multipart-post (>= 1.2, < 3)
ffi (1.11.3)
ffi (1.12.2)
formulaic (0.4.1)
activesupport
capybara
Expand Down
2 changes: 1 addition & 1 deletion lib/administrate/version.rb
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
module Administrate
VERSION = "0.12.0".freeze
VERSION = "0.13.0".freeze
end

0 comments on commit 70a2778

Please sign in to comment.