{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":3508590,"defaultBranch":"master","name":"puma","ownerLogin":"looker","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2012-02-21T21:48:35.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1437874?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1726089508.0","currentOid":""},"activityList":{"items":[{"before":null,"after":"42d4ab81ebf5eb08b7eb45389f9eed0f7868826b","ref":"refs/heads/prod-pre-fips","pushedAt":"2024-09-11T21:18:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"copybara-service[bot]","name":null,"path":"/apps/copybara-service","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/44061?s=80&v=4"},"commit":{"message":"Revert \"Refactor minissl to work in FIPS mode\"\n\nThis reverts commit ca85508670df87082ab1e236c21afb5e6b6e9047.\n\nChange-Id: I54ae3a8ed6e673457e331f785cc71f2e8764b34d","shortMessageHtmlLink":"Revert \"Refactor minissl to work in FIPS mode\""}},{"before":"0e0878708479d78dca4fb9454b1d5638739a5541","after":"b3e7f4eadc41d8f4e90b226c8ec3ddb56d800bb5","ref":"refs/heads/v4.3.12_looker_custom","pushedAt":"2023-11-07T17:55:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"copybara-service[bot]","name":null,"path":"/apps/copybara-service","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/44061?s=80&v=4"},"commit":{"message":"Update documentation for master branch\n\nWith this change, master branch has been moved to point\nat the most recent custom looker branch.  This was done\nto avoid scanning vulnerabilities for puma that are on\nmaster but not on the version that Looker uses.\n\nb/302719604\n\nChange-Id: Ida6b63a21a05e144d84b10c155cdd8cb5cb9c313\n(cherry picked from commit 4156506af57532cee123e46096f25db6303fc29c)","shortMessageHtmlLink":"Update documentation for master branch"}},{"before":null,"after":"e74c15730e0299044c1a8e88d8abcae7359b37d7","ref":"refs/heads/master_temp","pushedAt":"2023-11-06T21:57:18.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"copybara-service[bot]","name":null,"path":"/apps/copybara-service","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/44061?s=80&v=4"},"commit":{"message":"added Gemfile.lock to avoid scanner issues","shortMessageHtmlLink":"added Gemfile.lock to avoid scanner issues"}},{"before":"32bc9080596f736716d9b8dfecac6b75d15c8639","after":"0e0878708479d78dca4fb9454b1d5638739a5541","ref":"refs/heads/v4.3.12_looker_custom","pushedAt":"2023-10-04T20:01:58.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"copybara-service[bot]","name":null,"path":"/apps/copybara-service","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/44061?s=80&v=4"},"commit":{"message":"Fix puma for http smuggling vulnerability\n\nThis CL mainly cherry picked from the official fix\nhttps://github.com/puma/puma/commit/7405a219801dcebc0ad6e0aa108d4319ca23f662\nwith some minor changes in the tests to fit into the old version\n\nI was not able to run all the tests locally, but the added tests passed\nand it didn't break other runnable tests.\n\nissue: b/296745890\n\nChange-Id: Iecc1aa77dfd2937233f8e9f0e36d9623d7379b05","shortMessageHtmlLink":"Fix puma for http smuggling vulnerability"}},{"before":"8e9e447969ce0a486e86f65bb753d148c3bebd52","after":"9a678f0da04a7ceaa34ed2a6eb49ceebe4f929eb","ref":"refs/heads/master","pushedAt":"2023-05-08T15:52:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"copybara-service[bot]","name":null,"path":"/apps/copybara-service","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/44061?s=80&v=4"},"commit":{"message":"Update Rack to 2.2.6.4\n\nThis updates rack to 2.2.6.4 which addresses\nhttps://security.snyk.io/vuln/SNYK-RUBY-RACK-2848599\n\nFixes b/279290328\n\nChange-Id: Ib675fcfbc7844d5cca9c288fe1ce9088a1e4a0a4","shortMessageHtmlLink":"Update Rack to 2.2.6.4"}},{"before":"c6bc672b06c4f3b00480aade06395da6039ac551","after":"8e9e447969ce0a486e86f65bb753d148c3bebd52","ref":"refs/heads/master","pushedAt":"2023-04-20T20:54:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"copybara-service[bot]","name":null,"path":"/apps/copybara-service","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/44061?s=80&v=4"},"commit":{"message":"Add Gemfile.lock to avoid compromised dependencies\n\n> A Gemfile without a corresponding Gemfile.lock was found in your repository. Compromised dependencies can lead to remote code execution at build time or runtime. Lockfiles are required to ensure we have visibility into builds, and accurate vulnerability scanning. Please see go/gem-install-remediation to fix this issue.\n\nhttp://vulnstore/#advisories&expand=true&q=publisher:GREP_ON_BORG+reference:MissingLockfile-GEMFILE\n\nUpdating the master branch with this change even though it's not used by helltool so that it satisfies the scanner.\n\nUsing Bundler 2.0.2 / Ruby 2.5.8 to match helltool versions.\n\nb/272517796\n\nChange-Id: I78fa046c13423a42595707d9e4ee9e15f4bc84e7","shortMessageHtmlLink":"Add Gemfile.lock to avoid compromised dependencies"}},{"before":"710c4f0b0e3d753412b136307883f214e39893c2","after":"32bc9080596f736716d9b8dfecac6b75d15c8639","ref":"refs/heads/v4.3.12_looker_custom","pushedAt":"2023-04-18T21:52:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"copybara-service[bot]","name":null,"path":"/apps/copybara-service","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/44061?s=80&v=4"},"commit":{"message":"Add Gemfile.lock to avoid compromised dependencies\n\n> A Gemfile without a corresponding Gemfile.lock was found in your repository. Compromised dependencies can lead to remote code execution at build time or runtime. Lockfiles are required to ensure we have visibility into builds, and accurate vulnerability scanning. Please see go/gem-install-remediation to fix this issue.\n\nhttp://vulnstore/#advisories&expand=true&q=publisher:GREP_ON_BORG+reference:MissingLockfile-GEMFILE\n\nUpdating the `v4.3.12_looker_custom` branch which is the one that is used by helltool:\n\nhttps://looker-internal.git.corp.google.com/cloud-looker/helltool/+/89c437461091657bb60ef636a33b991c18438113/Gemfile#83\n\nUsing Bundler 2.0.2 / Ruby 2.5.8 to match helltool versions.\n\nb/272517796\n\nChange-Id: Id60c0ba7d122a518e84924da1572e98ccc6e5844","shortMessageHtmlLink":"Add Gemfile.lock to avoid compromised dependencies"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0xMVQyMToxODoyOC4wMDAwMDBazwAAAASzrjVV","startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0xMVQyMToxODoyOC4wMDAwMDBazwAAAASzrjVV","endCursor":"Y3Vyc29yOnYyOpK7MjAyMy0wNC0xOFQyMTo1MjoxMS4wMDAwMDBazwAAAAMbiXtn"}},"title":"Activity · looker/puma"}