{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":11829145,"defaultBranch":"main","name":"trix","ownerLogin":"basecamp","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2013-08-01T22:21:30.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/13131?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1715764113.0","currentOid":""},"activityList":{"items":[{"before":"10e8753e8a1a12ea0df99a1617df7a943cef2187","after":"fc2a4b9b4a6a23b14e24bb51ce46a62e6442cd0e","ref":"refs/heads/1-3-stable","pushedAt":"2024-05-15T09:08:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Trix v1.3.2","shortMessageHtmlLink":"Trix v1.3.2"}},{"before":"80a4d4f5ffb392264cd8cc8feba0ab242cb0b08b","after":null,"ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-15T09:00:10.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"}},{"before":"c97f9908321f571c94a4c0f7f2d83f7b7db48e44","after":"10e8753e8a1a12ea0df99a1617df7a943cef2187","ref":"refs/heads/1-3-stable","pushedAt":"2024-05-15T09:00:09.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Merge pull request #1153 from basecamp/GHSA-qjqp-xr96-cj99-1-3-backport\n\nBackport CVE-2024-34341 fixes to v1.3","shortMessageHtmlLink":"Merge pull request #1153 from basecamp/GHSA-qjqp-xr96-cj99-1-3-backport"}},{"before":"542a4f1015c0510f955fe9d512aedf2f6dbe9e9c","after":"80a4d4f5ffb392264cd8cc8feba0ab242cb0b08b","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T16:39:28.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Backport fix for CVE-2024-34341 to v1.3","shortMessageHtmlLink":"Backport fix for CVE-2024-34341 to v1.3"}},{"before":"018f93786351e9c0ea0f0141158ef5fbd7a9b0da","after":"542a4f1015c0510f955fe9d512aedf2f6dbe9e9c","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T16:32:54.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Backport fix for CVE-2024-34341 to v1.3","shortMessageHtmlLink":"Backport fix for CVE-2024-34341 to v1.3"}},{"before":"0be874229618f1b9405bef8a94f9d0c6c2b7fb66","after":"018f93786351e9c0ea0f0141158ef5fbd7a9b0da","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T16:27:31.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Backport fix for CVE-2024-34341 to v1.3","shortMessageHtmlLink":"Backport fix for CVE-2024-34341 to v1.3"}},{"before":"bd85edda480b3551e0e4085a608acf222b5b17f5","after":"0be874229618f1b9405bef8a94f9d0c6c2b7fb66","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T15:57:50.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Update tested browser versions","shortMessageHtmlLink":"Update tested browser versions"}},{"before":"64e08ae6d07f7566c977f881d2b392578519c770","after":"bd85edda480b3551e0e4085a608acf222b5b17f5","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T15:42:25.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Backport fix for CVE-2024-34341 to v1.3","shortMessageHtmlLink":"Backport fix for CVE-2024-34341 to v1.3"}},{"before":"f3fa1aeb6579db8e72a9d9db21db9d046c89d1a5","after":"64e08ae6d07f7566c977f881d2b392578519c770","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T15:23:54.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Backport fix for CVE-2024-34341 to v1.3","shortMessageHtmlLink":"Backport fix for CVE-2024-34341 to v1.3"}},{"before":"29bffd67e5335ad0e66b89b5e96ea3d558ce216b","after":"c97f9908321f571c94a4c0f7f2d83f7b7db48e44","ref":"refs/heads/1-3-stable","pushedAt":"2024-05-14T15:15:01.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Trix 1.3.1","shortMessageHtmlLink":"Trix 1.3.1"}},{"before":null,"after":"29bffd67e5335ad0e66b89b5e96ea3d558ce216b","ref":"refs/heads/1-3-stable","pushedAt":"2024-05-14T15:09:59.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Update dependencies and Ruby version","shortMessageHtmlLink":"Update dependencies and Ruby version"}},{"before":"59df248f00e3dd2dc84fa1cbe5a1c685cd88dea3","after":"f3fa1aeb6579db8e72a9d9db21db9d046c89d1a5","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T15:08:34.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Update node version in CI","shortMessageHtmlLink":"Update node version in CI"}},{"before":null,"after":"59df248f00e3dd2dc84fa1cbe5a1c685cd88dea3","ref":"refs/heads/GHSA-qjqp-xr96-cj99-1-3-backport","pushedAt":"2024-05-14T15:06:05.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Backport tests for CVE-2024-34341 to v1.3","shortMessageHtmlLink":"Backport tests for CVE-2024-34341 to v1.3"}},{"before":"1a5c68a14d48421fc368e30026f4a7918028b7ad","after":"0c79bcb854b8e8ee23e7bec571fe9d8dbfab9e5e","ref":"refs/heads/main","pushedAt":"2024-05-03T09:34:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"v2.1.1","shortMessageHtmlLink":"v2.1.1"}},{"before":"14bac183313e5fb0ea61eafae4eed5de84848d10","after":null,"ref":"refs/heads/paste-html-sanitize","pushedAt":"2024-05-01T14:22:42.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"}},{"before":"841ff19b53f349915100bca8fcb488214ff93554","after":"1a5c68a14d48421fc368e30026f4a7918028b7ad","ref":"refs/heads/main","pushedAt":"2024-05-01T14:22:41.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Merge pull request #1149 from basecamp/paste-html-sanitize\n\nSanitize HTML content in data-trix-* attributes","shortMessageHtmlLink":"Merge pull request #1149 from basecamp/paste-html-sanitize"}},{"before":"aec86444abbd9052e14f730b7305d7c5f6ee3603","after":"14bac183313e5fb0ea61eafae4eed5de84848d10","ref":"refs/heads/paste-html-sanitize","pushedAt":"2024-05-01T13:58:08.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Sanitize HTML content in data-trix-* attributes\n\nPrevents XSS attacks by crafting a malicious HTML content in the\ndata-trix-* attributes.","shortMessageHtmlLink":"Sanitize HTML content in data-trix-* attributes"}},{"before":"58290a9c6a81025dfd183ca6e9e4c4d86e0a2000","after":"aec86444abbd9052e14f730b7305d7c5f6ee3603","ref":"refs/heads/paste-html-sanitize","pushedAt":"2024-05-01T13:56:15.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Sanitize HTML content in data-trix-* attributes\n\nPrevents XSS attacks by crafting a malicious HTML content in the\ndata-trix-* attributes.","shortMessageHtmlLink":"Sanitize HTML content in data-trix-* attributes"}},{"before":null,"after":"58290a9c6a81025dfd183ca6e9e4c4d86e0a2000","ref":"refs/heads/paste-html-sanitize","pushedAt":"2024-05-01T13:51:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Sanitize HTML content in data-trix-* attributes\n\nPrevents XSS attacks by crafting a malicious HTML content in the\ndata-trix-* attributes.","shortMessageHtmlLink":"Sanitize HTML content in data-trix-* attributes"}},{"before":"39d059b50f72ff98db66f44caccd702eafd28096","after":"2651ea18a9483d9dba4cc65086c92d28da05c443","ref":"refs/heads/file-pastes","pushedAt":"2024-05-01T13:22:29.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Prevent duplicate file pastes\n\nThis change prevents duplicate file pastes by checking if the paste event\nis a file paste before handling it. This is necessary because Safari\ndoesn't support `beforeinput.insertFromPaste` for files, so we are handling\nfile pastes in the paste event handler too.\n\nWe need to check in the `beforeinput.insertFromPaste` event handler if the\nevent will be also handled by the paste event handler, to avoid duplicate\nfile pastes.","shortMessageHtmlLink":"Prevent duplicate file pastes"}},{"before":null,"after":"39d059b50f72ff98db66f44caccd702eafd28096","ref":"refs/heads/file-pastes","pushedAt":"2024-05-01T11:08:45.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Prioritize pasting files over pasting HTML content\n\nWhen right clicking and pasting an image the dataTransfer object\ncontains a file and text/html. If we paste the HTML content, the result\nis often a broken image. This change prioritizes pasting the file over\npasting the HTML content.\n\nThe gotcha is that when pasting text from MS Word, the dataTransfer object\ncontains a File with a screenshot of the text and text/html with the\nactual text. We need to check if the paste is from MS Word and if so,\nwe should paste the text instead of the screenshot.","shortMessageHtmlLink":"Prioritize pasting files over pasting HTML content"}},{"before":"5e03f4a7dd5a53969f6b67e0a4c3765cb0b5220d","after":null,"ref":"refs/heads/sanitize-noscript","pushedAt":"2024-04-26T15:10:15.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"}},{"before":"36c7aeb994dae8a6bf1868e73247b7e47b493771","after":"841ff19b53f349915100bca8fcb488214ff93554","ref":"refs/heads/main","pushedAt":"2024-04-26T15:10:14.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Merge pull request #1147 from basecamp/sanitize-noscript\n\nSanitize noscript to prevent copy and paste XSS","shortMessageHtmlLink":"Merge pull request #1147 from basecamp/sanitize-noscript"}},{"before":"331d2e410908a0c239a3fc87943d4a4c1076e51f","after":"96407f6d0fd838595b99ddeb0fe081948f192b10","ref":"refs/heads/sanitize-trix-attachment","pushedAt":"2024-04-26T13:59:08.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"lewispb","name":"Lewis Buckley","path":"/lewispb","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1773614?s=80&v=4"},"commit":{"message":"Test attachment content is sanitized","shortMessageHtmlLink":"Test attachment content is sanitized"}},{"before":"3d1e967adc83749f57ad1d32f619e8cc4baad16b","after":"5e03f4a7dd5a53969f6b67e0a4c3765cb0b5220d","ref":"refs/heads/sanitize-noscript","pushedAt":"2024-04-26T13:57:01.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"lewispb","name":"Lewis Buckley","path":"/lewispb","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1773614?s=80&v=4"},"commit":{"message":"Sanitize noscript to prevent copy and paste XSS","shortMessageHtmlLink":"Sanitize noscript to prevent copy and paste XSS"}},{"before":null,"after":"3d1e967adc83749f57ad1d32f619e8cc4baad16b","ref":"refs/heads/sanitize-noscript","pushedAt":"2024-04-26T13:49:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"lewispb","name":"Lewis Buckley","path":"/lewispb","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1773614?s=80&v=4"},"commit":{"message":"Sanitize noscript to prevent copy and paste XSS","shortMessageHtmlLink":"Sanitize noscript to prevent copy and paste XSS"}},{"before":null,"after":"331d2e410908a0c239a3fc87943d4a4c1076e51f","ref":"refs/heads/sanitize-trix-attachment","pushedAt":"2024-04-26T13:49:04.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"lewispb","name":"Lewis Buckley","path":"/lewispb","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1773614?s=80&v=4"},"commit":{"message":"Test attachment content is sanitized","shortMessageHtmlLink":"Test attachment content is sanitized"}},{"before":"c6023ed325686abb771750fd4935f237f4eb2ae0","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/tar-6.2.1","pushedAt":"2024-04-22T15:04:58.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"}},{"before":"968cedaa989e3feb120fd500abb92e382d980dc7","after":"36c7aeb994dae8a6bf1868e73247b7e47b493771","ref":"refs/heads/main","pushedAt":"2024-04-22T15:04:57.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"afcapel","name":"Alberto Fernández-Capel","path":"/afcapel","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/150107?s=80&v=4"},"commit":{"message":"Merge pull request #1146 from basecamp/dependabot/npm_and_yarn/tar-6.2.1\n\nBump tar from 6.2.0 to 6.2.1","shortMessageHtmlLink":"Merge pull request #1146 from basecamp/dependabot/npm_and_yarn/tar-6.2.1"}},{"before":null,"after":"c6023ed325686abb771750fd4935f237f4eb2ae0","ref":"refs/heads/dependabot/npm_and_yarn/tar-6.2.1","pushedAt":"2024-04-11T12:03:13.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump tar from 6.2.0 to 6.2.1\n\nBumps [tar](https://github.com/isaacs/node-tar) from 6.2.0 to 6.2.1.\n- [Release notes](https://github.com/isaacs/node-tar/releases)\n- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/isaacs/node-tar/compare/v6.2.0...v6.2.1)\n\n---\nupdated-dependencies:\n- dependency-name: tar\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump tar from 6.2.0 to 6.2.1"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAESlSluwA","startCursor":null,"endCursor":null}},"title":"Activity · basecamp/trix"}