SECURITY: Bump Rails to 7.0.3.1 (#17469)

https://discuss.rubyonrails.org/t/81017

Gemfile

@@ -18,7 +18,7 @@ else
   # this allows us to include the bits of rails we use without pieces we do not.
   #
   # To issue a rails update bump the version number here
-  rails_version = '7.0.3'
+  rails_version = '7.0.3.1'
   gem 'actionmailer', rails_version
   gem 'actionpack', rails_version
   gem 'actionview', rails_version

Gemfile.lock

@@ -8,25 +8,25 @@ GIT
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (7.0.3)
+    actionmailer (7.0.3.1)
-      actionpack (= 7.0.3)
+      actionpack (= 7.0.3.1)
-      actionview (= 7.0.3)
+      actionview (= 7.0.3.1)
-      activejob (= 7.0.3)
+      activejob (= 7.0.3.1)
-      activesupport (= 7.0.3)
+      activesupport (= 7.0.3.1)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (7.0.3)
+    actionpack (7.0.3.1)
-      actionview (= 7.0.3)
+      actionview (= 7.0.3.1)
-      activesupport (= 7.0.3)
+      activesupport (= 7.0.3.1)
       rack (~> 2.0, >= 2.2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (7.0.3)
+    actionview (7.0.3.1)
-      activesupport (= 7.0.3)
+      activesupport (= 7.0.3.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -35,15 +35,15 @@ GEM
       actionview (>= 6.0.a)
     active_model_serializers (0.8.4)
       activemodel (>= 3.0)
-    activejob (7.0.3)
+    activejob (7.0.3.1)
-      activesupport (= 7.0.3)
+      activesupport (= 7.0.3.1)
       globalid (>= 0.3.6)
-    activemodel (7.0.3)
+    activemodel (7.0.3.1)
-      activesupport (= 7.0.3)
+      activesupport (= 7.0.3.1)
-    activerecord (7.0.3)
+    activerecord (7.0.3.1)
-      activemodel (= 7.0.3)
+      activemodel (= 7.0.3.1)
-      activesupport (= 7.0.3)
+      activesupport (= 7.0.3.1)
-    activesupport (7.0.3)
+    activesupport (7.0.3.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -349,9 +349,9 @@ GEM
     rails_multisite (4.0.1)
       activerecord (> 5.0, < 7.1)
       railties (> 5.0, < 7.1)
-    railties (7.0.3)
+    railties (7.0.3.1)
-      actionpack (= 7.0.3)
+      actionpack (= 7.0.3.1)
-      activesupport (= 7.0.3)
+      activesupport (= 7.0.3.1)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
@@ -510,14 +510,14 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
-  actionmailer (= 7.0.3)
+  actionmailer (= 7.0.3.1)
-  actionpack (= 7.0.3)
+  actionpack (= 7.0.3.1)
-  actionview (= 7.0.3)
+  actionview (= 7.0.3.1)
   actionview_precompiler
   active_model_serializers (~> 0.8.3)
-  activemodel (= 7.0.3)
+  activemodel (= 7.0.3.1)
-  activerecord (= 7.0.3)
+  activerecord (= 7.0.3.1)
-  activesupport (= 7.0.3)
+  activesupport (= 7.0.3.1)
   addressable
   annotate
   aws-sdk-s3
@@ -597,7 +597,7 @@ DEPENDENCIES
   rack-protection
   rails_failover
   rails_multisite
-  railties (= 7.0.3)
+  railties (= 7.0.3.1)
   rake
   rb-fsevent
   rbtrace

config/application.rb

@@ -102,6 +102,7 @@ module Discourse
     config.action_controller.forgery_protection_origin_check = false
     config.active_record.belongs_to_required_by_default = false
     config.active_record.legacy_connection_handling = true
+    config.active_record.yaml_column_permitted_classes = [Hash, HashWithIndifferentAccess]
 
     # we skip it cause we configure it in the initializer
     # the railtie for message_bus would insert it in the