www/ruby-rails60: update to 6.0.4

Ruby on Rails 6.0.4 (2021-06-15), including security fixes.

Active Support

* Fixed issue in ActiveSupport::Cache::RedisCacheStore not passing
  options to read_multi causing fetch_multi to not work properly.
  (Rajesh Sharma)

* with_options copies its options hash again to avoid leaking mutations.
  Fixes #39343.  (Eugene Kenny)

Active Record

* Only warn about negative enums if a positive form that would cause
  conflicts exists.  Fixes #39065.  (Alex Ghiculescu)

* Allow the inverse of a has_one association that was previously
  autosaved to be loaded.  Fixes #34255.  (Steven Weber)

* Reset statement cache for association if table_name is changed.
  Fixes #36453.  (Ryuta Kamizono)

* Type cast extra select for eager loading.  (Ryuta Kamizono)

* Prevent collection associations from being autosaved multiple times.
  Fixes #39173.  (Eugene Kenny)

* Resolve issue with insert_all unique_by option when used with
  expression index.

  When the :unique_by option of ActiveRecord::Persistence.insert_all
  and ActiveRecord::Persistence.upsert_all was used with the name of
  an expression index, an error was raised.  Adding a guard around the
  formatting behavior for the :unique_by corrects this.

  Usage:

	create_table :books, id: :integer, force: true do |t|
	  t.column :name, :string
	  t.index "lower(name)", unique: true
	end

  	Book.insert_all [{ name: "MyTest" }], unique_by: :index_books_on_lower_name

  Fixes #39516.  (Austen Madden)

* Fix preloading for polymorphic association with custom scope.
  (Ryuta Kamizono)

* Allow relations with different SQL comments in the or method.
  (Takumi Shotoku)

* Resolve conflict between counter cache and optimistic locking.

  Bump an Active Record instance's lock version after updating its
  counter cache.  This avoids raising an unnecessary
  ActiveRecord::StaleObjectError upon subsequent transactions by
  maintaining parity with the corresponding database record's
  lock_version column.  Fixes #16449.  (Aaron Lipman)

* Fix through association with source/through scope which has joins.
  (Ryuta Kamizono)

* Fix through association to respect source scope for includes/preload.
  (Ryuta Kamizono)

* Fix eager load with Arel joins to maintain the original joins order.
  (Ryuta Kamizono)

* Fix group by count with eager loading + order + limit/offset.
  (Ryuta Kamizono)

* Fix left joins order when merging multiple left joins from different
  associations.  (Ryuta Kamizono)

* Fix index creation to preserve index comment in bulk change table on
  MySQL.  (Ryuta Kamizono)

* Change remove_foreign_key to not check :validate option if database
  doesn't support the feature.  (Ryuta Kamizono)

* Fix the result of aggregations to maintain duplicated "group by"
  fields.  (Ryuta Kamizono)

* Do not return duplicated records when using preload.  (Bogdan Gusiev)

Action View

* SanitizeHelper.sanitized_allowed_attributes and
  SanitizeHelper.sanitized_allowed_tags call safe_list_sanitizer's
  class method.  Fixes #39586.  (Taufiq Muhammadi)

Action Pack

* Accept base64_urlsafe CSRF tokens to make forward compatible.

* Base64 strict-encoded CSRF tokens are not inherently websafe, which
  makes them difficult to deal with.  For example, the common practice
  of sending the CSRF token to a browser in a client-readable cookie
  does not work properly out of the box: the value has to be
  url-encoded and decoded to survive transport.

  In Rails 6.1, we generate Base64 urlsafe-encoded CSRF tokens, which
  are inherently safe to transport.  Validation accepts both urlsafe
  tokens, and strict-encoded tokens for backwards compatibility.

  In Rails 5.2.5, the CSRF token format is accidentally changed to
  urlsafe-encoded.  If you upgrade apps from 5.2.5, set the config
  urlsafe_csrf_tokens = true.

	Rails.application.config.action_controller.urlsafe_csrf_tokens = true

  (Scott Blum, Étienne Barrié)

* Signed and encrypted cookies can now store false as their value when
  action_dispatch.use_cookies_with_metadata is enabled.  (Rolandas
  Barysas)

Active Storage

* The Poppler PDF previewer renders a preview image using the original
  document's crop box rather than its media box, hiding print
  margins. This matches the behavior of the MuPDF previewer.  (Vincent
  Robert)

Railties

* Allow relative paths with trailing slashes to be passed to rails
  test.  (Eugene Kenny)

* Return a 405 Method Not Allowed response when a request uses an
  unknown HTTP method.  Fixes #38998.  (Loren Norman)

1 files changed, 5 insertions, 5 deletions

diff --git a/mail/ruby-actionmailbox60/distinfo b/mail/ruby-actionmailbox60/distinfo
index d7233b72924..0b00d380c79 100644
--- a/mail/ruby-actionmailbox60/distinfo
+++ b/mail/ruby-actionmailbox60/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.9 2021/05/08 14:02:34 taca Exp $
+$NetBSD: distinfo,v 1.10 2021/07/04 06:58:38 taca Exp $
 
-SHA1 (actionmailbox-6.0.3.7.gem) = fd8de5c098ee2f5b67862225c9a4f29e68e77ae8
-RMD160 (actionmailbox-6.0.3.7.gem) = ae0ad2886bca276bd68d047e855f4154598e8aab
-SHA512 (actionmailbox-6.0.3.7.gem) = 008c76e3510133d116c9c6da1530347db4d4dec19793728701fd6a06f5335502ab59e8c3b0d49b3d8d2e4e97e03d4c20c75960d67f5290d58fa244db227cc0e2
-Size (actionmailbox-6.0.3.7.gem) = 20992 bytes
+SHA1 (actionmailbox-6.0.4.gem) = 4d331f346a5116fc9cc85a9f33858a27842da96b
+RMD160 (actionmailbox-6.0.4.gem) = f5c12271033197bef371ac9881232b10627170e6
+SHA512 (actionmailbox-6.0.4.gem) = 22623afecab17c24286e1c095db5432a9496e7b8654a904bddaa9a9627a024d13cb0788bbc9cbeda553749aa05f68bad6c3e0c234ce0c8b264b096770f80a1ea
+Size (actionmailbox-6.0.4.gem) = 20992 bytes