From 241dd53411cd6a93d00e8c3c730b812fd1e94417 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javi=20Mart=C3=ADn?= <javim@elretirao.net>
Date: Tue, 26 Jul 2022 21:58:08 +0200
Subject: [PATCH] Bump rails from 5.2.7.1 to 5.2.8.1

This release introduces an incompatibility in order to fix a security
issue when using YAML for serialization. We use YAML to serialize the
`ranges` column in the `legislation_annotations` table, so we have to
allow the `ActiveSupport::HashWithIndifferentAccess` class in order to
properly read this column.

Ideally we'd use a JSONB column for the ranges (like we do in other
places), but that would require migrating existing data.

Bumps [rails](https://github.com/rails/rails) from 5.2.7.1 to 5.2.8.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.7.1...v5.2.8.1)

---
updated-dependencies:
- dependency-name: rails
...
---
 Gemfile               |  2 +-
 Gemfile.lock          | 74 +++++++++++++++++++++----------------------
 config/application.rb |  3 ++
 3 files changed, 41 insertions(+), 38 deletions(-)

diff --git a/Gemfile b/Gemfile
index 7aa670bfe..6becfaf42 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gem "rails", "5.2.7.1"
+gem "rails", "5.2.8.1"
 
 gem "acts-as-taggable-on", "~> 8.1.0"
 gem "acts_as_votable", "~> 0.13.1"
diff --git a/Gemfile.lock b/Gemfile.lock
index 3e557681e..bfc8bd2ac 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -2,43 +2,43 @@ GEM
   remote: https://rubygems.org/
   remote: https://rails-assets.org/
   specs:
-    actioncable (5.2.7.1)
-      actionpack (= 5.2.7.1)
+    actioncable (5.2.8.1)
+      actionpack (= 5.2.8.1)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailer (5.2.7.1)
-      actionpack (= 5.2.7.1)
-      actionview (= 5.2.7.1)
-      activejob (= 5.2.7.1)
+    actionmailer (5.2.8.1)
+      actionpack (= 5.2.8.1)
+      actionview (= 5.2.8.1)
+      activejob (= 5.2.8.1)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.2.7.1)
-      actionview (= 5.2.7.1)
-      activesupport (= 5.2.7.1)
+    actionpack (5.2.8.1)
+      actionview (= 5.2.8.1)
+      activesupport (= 5.2.8.1)
       rack (~> 2.0, >= 2.0.8)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.2.7.1)
-      activesupport (= 5.2.7.1)
+    actionview (5.2.8.1)
+      activesupport (= 5.2.8.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.2.7.1)
-      activesupport (= 5.2.7.1)
+    activejob (5.2.8.1)
+      activesupport (= 5.2.8.1)
       globalid (>= 0.3.6)
-    activemodel (5.2.7.1)
-      activesupport (= 5.2.7.1)
-    activerecord (5.2.7.1)
-      activemodel (= 5.2.7.1)
-      activesupport (= 5.2.7.1)
+    activemodel (5.2.8.1)
+      activesupport (= 5.2.8.1)
+    activerecord (5.2.8.1)
+      activemodel (= 5.2.8.1)
+      activesupport (= 5.2.8.1)
       arel (>= 9.0)
-    activestorage (5.2.7.1)
-      actionpack (= 5.2.7.1)
-      activerecord (= 5.2.7.1)
+    activestorage (5.2.8.1)
+      actionpack (= 5.2.8.1)
+      activerecord (= 5.2.8.1)
       marcel (~> 1.0.0)
-    activesupport (5.2.7.1)
+    activesupport (5.2.8.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
@@ -469,18 +469,18 @@ GEM
       rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (5.2.7.1)
-      actioncable (= 5.2.7.1)
-      actionmailer (= 5.2.7.1)
-      actionpack (= 5.2.7.1)
-      actionview (= 5.2.7.1)
-      activejob (= 5.2.7.1)
-      activemodel (= 5.2.7.1)
-      activerecord (= 5.2.7.1)
-      activestorage (= 5.2.7.1)
-      activesupport (= 5.2.7.1)
+    rails (5.2.8.1)
+      actioncable (= 5.2.8.1)
+      actionmailer (= 5.2.8.1)
+      actionpack (= 5.2.8.1)
+      actionview (= 5.2.8.1)
+      activejob (= 5.2.8.1)
+      activemodel (= 5.2.8.1)
+      activerecord (= 5.2.8.1)
+      activestorage (= 5.2.8.1)
+      activesupport (= 5.2.8.1)
       bundler (>= 1.3.0)
-      railties (= 5.2.7.1)
+      railties (= 5.2.8.1)
       sprockets-rails (>= 2.0.0)
     rails-assets-leaflet (1.5.1)
     rails-assets-markdown-it (9.0.1)
@@ -492,9 +492,9 @@ GEM
     rails-i18n (5.1.3)
       i18n (>= 0.7, < 2)
       railties (>= 5.0, < 6)
-    railties (5.2.7.1)
-      actionpack (= 5.2.7.1)
-      activesupport (= 5.2.7.1)
+    railties (5.2.8.1)
+      actionpack (= 5.2.8.1)
+      activesupport (= 5.2.8.1)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.19.0, < 2.0)
@@ -753,7 +753,7 @@ DEPENDENCIES
   pronto-rubocop (~> 0.11.1)
   pronto-scss (~> 0.11.0)
   puma (~> 4.3.12)
-  rails (= 5.2.7.1)
+  rails (= 5.2.8.1)
   rails-assets-leaflet!
   rails-assets-markdown-it (~> 9.0.1)!
   recipient_interceptor (~> 0.3.0)
diff --git a/config/application.rb b/config/application.rb
index 5859a0fda..731fce0a2 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -21,6 +21,9 @@ module Consul
     # in any CONSUL installations
     config.active_support.use_authenticated_message_encryption = false
 
+    # Keep reading existing data in the legislation_annotations ranges column
+    config.active_record.yaml_column_permitted_classes = [ActiveSupport::HashWithIndifferentAccess]
+
     # Handle custom exceptions
     config.action_dispatch.rescue_responses["FeatureFlags::FeatureDisabled"] = :forbidden