v2.11.17
86b70ac
This commit was signed with the committer’s verified signature.
waiting-for-dev
Marc Busqué
Breaking changes
NOTE: This release contains a breaking change due to the backport of the fixes for CVE-2022-32224 in #4455, specifically due to the switch to YAML.safe_load in Spree::LogEntry here.
To ensure compatibility with this change, you may need to update your app configuration for Spree::AppConfiguration#log_entry_permitted_classes and ensure it includes any constants that may be serialized in YAML in addition to the already allowed ones by core or any extensions you may use.
What's Changed
- Fix user restricted stock management v2.11 by @rmparr in #4398
- [v2.11] Backport docker development environment by @waiting-for-dev in #4408
- [v2.11] Remove N+1 from admin users by @tvdeyen in #4422
- [v2.11] Fix delete response in admin users controller by @tvdeyen in #4418
- Support CVE-2022-32224 Rails security updates - backport to v2.11 by @gsmendoza in #4455
Full Changelog: v2.11.16...v2.11.17
Contributors
tvdeyen, waiting-for-dev, and 2 other contributors