Skip to content

Bump actionview from 8.1.2 to 8.1.3#1690

Merged
marcoroth merged 1 commit into
mainfrom
dependabot/bundler/actionview-8.1.3
May 1, 2026
Merged

Bump actionview from 8.1.2 to 8.1.3#1690
marcoroth merged 1 commit into
mainfrom
dependabot/bundler/actionview-8.1.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 25, 2026

Copy link
Copy Markdown
Contributor

Bumps actionview from 8.1.2 to 8.1.3.

Release notes

Sourced from actionview's releases.

8.1.3

Active Support

  • Fix JSONGemCoderEncoder to correctly serialize custom object hash keys.

    When hash keys are custom objects whose as_json returns a Hash, the encoder now calls to_s on the original key object instead of on the as_json result.

    Before: hash = {CustomKey.new(123) => "value"} hash.to_json # => {"{:id=>123}":"value"}

    After: hash.to_json # => {"custom_123":"value"}

    Dan Sharp

  • Fix inflections to better handle overlapping acronyms.

    ActiveSupport::Inflector.inflections(:en) do |inflect|
      inflect.acronym "USD"
      inflect.acronym "USDC"
    end
    "USDC".underscore # => "usdc"

    Said Kaldybaev

  • Silence Dalli 4.0+ warning when using ActiveSupport::Cache::MemCacheStore.

    zzak

Active Model

  • Fix Ruby 4.0 delegator warning when calling inspect on attributes.

    Hammad Khan

  • Fix NoMethodError when deserialising Type::Integer objects marshalled under Rails 8.0.

    The performance optimisation that replaced @range with @max/@min broke Marshal compatibility. Objects serialised under 8.0 (with @range) and deserialised under 8.1 (expecting @max/@min) would crash with undefined method '<=' for nil because Marshal.load restores instance variables without calling initialize.

... (truncated)

Changelog

Sourced from actionview's changelog.

Rails 8.1.3 (March 24, 2026)

  • Fix encoding errors for string locals containing non-ASCII characters.

    Kataoka Katsuki

  • Fix collection caching to only forward expires_in argument if explicitly set.

    Pieter Visser

Rails 8.1.2.1 (March 23, 2026)

  • Fix possible XSS in DebugExceptions middleware

    [CVE-2026-33167]

    John Hawthorn

  • Skip blank attribute names in tag helpers to avoid generating invalid HTML.

    [CVE-2026-33168]

    Mike Dalessio

Commits
  • fa8f081 Preparing for 8.1.3 release
  • 63cef3d Merge branch '8-1-sec' into 8-1-stable
  • 1db4b89 Preparing for 8.1.2.1 release
  • 1c7d1cf Update changelog
  • e91694b Update CHANGELOG (8.1 only)
  • 63f5ad8 Skip blank attribute names in Action View tag helpers
  • e598b94 Merge pull request #56906 from kataokatsuki/fix-strict-locals-non-ascii-encoding
  • c2ea79c Merge pull request #56891 from pietervisser/fix-collection-caching-to-preserv...
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby labels Apr 25, 2026
Bumps [actionview](https://github.com/rails/rails) from 8.1.2 to 8.1.3.
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v8.1.3/actionview/CHANGELOG.md)
- [Commits](rails/rails@v8.1.2...v8.1.3)

---
updated-dependencies:
- dependency-name: actionview
  dependency-version: 8.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/bundler/actionview-8.1.3 branch from d5a5e65 to bfea03f Compare April 28, 2026 01:09
@marcoroth marcoroth merged commit ad5382b into main May 1, 2026
25 checks passed
@marcoroth marcoroth deleted the dependabot/bundler/actionview-8.1.3 branch May 1, 2026 12:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant