v2.34.0 - Security release and a few bugfixes
Released June 2023
Hey everyone ๐
Quick release here fixing some security issues and a few bugfixes.
๐ธ Features
- use avo translations as fallback
๐ Bug Fixes
- sidebar broken on mobile view
- actions with locales broken
- Handle missing field_options more gracefully.
๐ Security
- Possible unsafe reflection / partial DoS https://github.com/avo-hq/avo/security/advisories/GHSA-86h2-2g4g-29qx
- Stored XSS (Cross Site Scripting) in html content based fields https://github.com/avo-hq/avo/security/advisories/GHSA-5cr9-5jx3-2g39
Back to work
I just came back from the Rails Saas conference. Fantastic organization, great speakers, and kind attendees. I got a lot of good inspiration for Friendly.rb.
That's it for today. It's time to focus on Avo 3.
Thanks for being awesome!
Adrian and Paul
Release notes: https://avohq.io/releases/2.34
Release video: https://youtu.be/Jlv4PpVg2CA
Twitter: https://twitter.com/avo_hq
Repo: https://github.com/avo-hq/avo
Subscribe to Short Ruby Newsletter: https://shortruby.com/
Subscribe to SupeRails: https://www.youtube.com/@SupeRails
Subscribe to Rails tricks: https://www.railstricks.com/
Friendly.rb: https://friendlyrb.com/
Release notes
More information and release video here
๐ธ Features
- use avo translations as fallback
๐ Bug Fixes
- sidebar broken on mobile view
- actions with locales broken
- Handle missing field_options more gracefully.
๐ Security
- Possible unsafe reflection / partial DoS https://github.com/avo-hq/avo/security/advisories/GHSA-86h2-2g4g-29qx
- Stored XSS (Cross Site Scripting) in html content based fields https://github.com/avo-hq/avo/security/advisories/GHSA-5cr9-5jx3-2g39
