From 32dfa90dc73a515f089e87441f6246b0d5ffebf9 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Thu, 11 Jan 2024 16:45:51 +0000 Subject: [PATCH 01/13] Add session_keys_to_persist config option --- README.md | 3 ++- app/controllers/rpi_auth/auth_controller.rb | 14 ++++++++++- lib/rpi_auth/configuration.rb | 1 + spec/dummy/config/initializers/rpi_auth.rb | 1 + spec/dummy/spec/requests/auth_request_spec.rb | 24 +++++++++++++++++++ 5 files changed, 41 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cf527ed..c91e4f0 100644 --- a/README.md +++ b/README.md @@ -33,6 +33,7 @@ RpiAuth.configure do |config| config.identity_url = 'http://localhost:3002' # The url for the profile instance being used for auth config.user_model = 'User' # The name of the user model in the host app being used, use the name as a string, not the model itself config.scope = 'openid email profile force-consent' # The required OIDC scopes + config.session_keys_to_persist = 'foo bar' # Optional: any session keys to persist across sessions (as the session is reset upon log in) config.success_redirect = '/' # After succesful login the route the user should be redirected to; this will override redirecting the user back to where they were when they started the log in / sign up flow (via `omniauth.origin`), so should be used rarely / with caution. This can be a string or a proc, which is executed in the context of the RpiAuth::AuthController. config.bypass_auth = false # Should auth be bypassed and a default user logged in end @@ -130,7 +131,7 @@ registration form, then you should supply a parameter called `returnTo` which is then used to redirect after log in/sign up are successful. ```ruby -button_to 'Log in to start registraion', rpi_auth_login_path, params: { returnTo: '/registration_form' } +button_to 'Log in to start registration', rpi_auth_login_path, params: { returnTo: '/registration_form' } ``` If this parameter is missing [Omniauth uses the HTTP Referer diff --git a/app/controllers/rpi_auth/auth_controller.rb b/app/controllers/rpi_auth/auth_controller.rb index 9026361..d38dafd 100644 --- a/app/controllers/rpi_auth/auth_controller.rb +++ b/app/controllers/rpi_auth/auth_controller.rb @@ -10,9 +10,21 @@ class AuthController < ActionController::Base def callback # Prevent session fixation. If the session has been initialized before - # this, and we need to keep the data, then we should copy values over. + # this, and certain data needs to be persisted, then the client should + # pass the keys via config.session_keys_to_persist + old_session = session.to_hash + puts "Old session: #{old_session} \n\n" + reset_session + keys_to_persist = RpiAuth.configuration.session_keys_to_persist + + unless keys_to_persist.nil? || keys_to_persist.empty? + keys_to_persist.split.each do |key| + session[key] = old_session[key] + end + end + auth = request.env['omniauth.auth'] self.current_user = RpiAuth.user_model.from_omniauth(auth) diff --git a/lib/rpi_auth/configuration.rb b/lib/rpi_auth/configuration.rb index 2df8a37..79f4310 100644 --- a/lib/rpi_auth/configuration.rb +++ b/lib/rpi_auth/configuration.rb @@ -16,6 +16,7 @@ class Configuration :identity_url, :response_type, :scope, + :session_keys_to_persist, :success_redirect, :user_model diff --git a/spec/dummy/config/initializers/rpi_auth.rb b/spec/dummy/config/initializers/rpi_auth.rb index d8aefd5..2dd5877 100644 --- a/spec/dummy/config/initializers/rpi_auth.rb +++ b/spec/dummy/config/initializers/rpi_auth.rb @@ -6,6 +6,7 @@ config.brand = 'codeclub' config.host_url = 'http://localhost:3009' config.identity_url = 'http://localhost:3002' + config.session_keys_to_persist = %w[foo bar] config.user_model = 'User' # Redurect to the next URL diff --git a/spec/dummy/spec/requests/auth_request_spec.rb b/spec/dummy/spec/requests/auth_request_spec.rb index f4ec330..aa41ac4 100644 --- a/spec/dummy/spec/requests/auth_request_spec.rb +++ b/spec/dummy/spec/requests/auth_request_spec.rb @@ -17,6 +17,7 @@ let(:bypass_auth) { false } let(:identity_url) { 'https://my.example.com' } + let(:session_keys_to_persist) {} # We need to make sure we match the hostname Rails uses in test requests # here, otherwise `returnTo` redirects will fail after login/logout. let(:host_url) { 'https://www.example.com' } @@ -29,6 +30,7 @@ # This would normally be in the initializer, but because we're toggling the # option on or off, we need to explicitly call it here. RpiAuth.configuration.enable_auth_bypass + RpiAuth.configuration.session_keys_to_persist = session_keys_to_persist OmniAuth.config.test_mode = true end @@ -180,6 +182,28 @@ expect(session.id).not_to eq previous_id end + context 'when session_keys_to_persist is set' do + let(:session_keys_to_persist) { 'foo bar' } + + it 'persists provided session keys on login' do + get '/' # create the session + + session[:foo] = 'bar' + previous_foo = session[:foo] + puts "Initial session #{session.to_hash} \n\n" + + post '/auth/rpi' + puts "/auth/rpi session #{session.to_hash} \n\n" + + expect(response).to redirect_to('/rpi_auth/auth/callback') + follow_redirect! + + puts "/rpi_auth/auth/callback session: #{session.to_hash} \n\n" + + expect(session[:foo]).to eq previous_foo + end + end + context 'when having visited a page first' do it 'redirects back to the original page' do post '/auth/rpi', headers: { Referer: 'http://www.example.com/foo#foo' } From a8f68809418652a10336660842f8444f6cb4633b Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Thu, 11 Jan 2024 16:48:06 +0000 Subject: [PATCH 02/13] Rubocop --- app/controllers/rpi_auth/auth_controller.rb | 2 +- spec/dummy/spec/requests/auth_request_spec.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/rpi_auth/auth_controller.rb b/app/controllers/rpi_auth/auth_controller.rb index d38dafd..8544abd 100644 --- a/app/controllers/rpi_auth/auth_controller.rb +++ b/app/controllers/rpi_auth/auth_controller.rb @@ -24,7 +24,7 @@ def callback session[key] = old_session[key] end end - + auth = request.env['omniauth.auth'] self.current_user = RpiAuth.user_model.from_omniauth(auth) diff --git a/spec/dummy/spec/requests/auth_request_spec.rb b/spec/dummy/spec/requests/auth_request_spec.rb index aa41ac4..c6280ed 100644 --- a/spec/dummy/spec/requests/auth_request_spec.rb +++ b/spec/dummy/spec/requests/auth_request_spec.rb @@ -183,11 +183,11 @@ end context 'when session_keys_to_persist is set' do - let(:session_keys_to_persist) { 'foo bar' } + let(:session_keys_to_persist) { 'foo bar' } it 'persists provided session keys on login' do get '/' # create the session - + session[:foo] = 'bar' previous_foo = session[:foo] puts "Initial session #{session.to_hash} \n\n" From ba60cac69b36804786ad70cec415d3bb4edb778d Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Thu, 11 Jan 2024 17:11:08 +0000 Subject: [PATCH 03/13] Remove unneeded GET / in test --- app/controllers/rpi_auth/auth_controller.rb | 2 +- spec/dummy/spec/requests/auth_request_spec.rb | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/app/controllers/rpi_auth/auth_controller.rb b/app/controllers/rpi_auth/auth_controller.rb index 8544abd..b3f3363 100644 --- a/app/controllers/rpi_auth/auth_controller.rb +++ b/app/controllers/rpi_auth/auth_controller.rb @@ -13,7 +13,7 @@ def callback # this, and certain data needs to be persisted, then the client should # pass the keys via config.session_keys_to_persist old_session = session.to_hash - puts "Old session: #{old_session} \n\n" + puts "Old / pre-reset_session session: #{old_session} \n\n" reset_session diff --git a/spec/dummy/spec/requests/auth_request_spec.rb b/spec/dummy/spec/requests/auth_request_spec.rb index c6280ed..cfd7b7a 100644 --- a/spec/dummy/spec/requests/auth_request_spec.rb +++ b/spec/dummy/spec/requests/auth_request_spec.rb @@ -186,15 +186,12 @@ let(:session_keys_to_persist) { 'foo bar' } it 'persists provided session keys on login' do - get '/' # create the session + post '/auth/rpi' session[:foo] = 'bar' previous_foo = session[:foo] puts "Initial session #{session.to_hash} \n\n" - post '/auth/rpi' - puts "/auth/rpi session #{session.to_hash} \n\n" - expect(response).to redirect_to('/rpi_auth/auth/callback') follow_redirect! From 8ddfe50c2597a9183d024eaeed8d9fba249dd877 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 14:12:47 +0000 Subject: [PATCH 04/13] Add ability to override session creation in request specs --- spec/dummy/app/controllers/sessions_controller.rb | 10 ++++++++++ spec/dummy/config/routes.rb | 2 ++ spec/dummy/spec/requests/auth_request_spec.rb | 3 +-- spec/support/request_helpers.rb | 9 +++++++++ 4 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 spec/dummy/app/controllers/sessions_controller.rb diff --git a/spec/dummy/app/controllers/sessions_controller.rb b/spec/dummy/app/controllers/sessions_controller.rb new file mode 100644 index 0000000..69a1654 --- /dev/null +++ b/spec/dummy/app/controllers/sessions_controller.rb @@ -0,0 +1,10 @@ +# Used to modify session variables within request tests +class SessionsController < ApplicationController + def create + vars = params.permit(session_vars: {}) + vars[:session_vars].each do |var, value| + session[var] = value + end + head :created + end +end diff --git a/spec/dummy/config/routes.rb b/spec/dummy/config/routes.rb index b2236aa..2fff33c 100644 --- a/spec/dummy/config/routes.rb +++ b/spec/dummy/config/routes.rb @@ -2,6 +2,8 @@ # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html root to: 'home#show' + resource :session, only: %i[create] + # Make sure we don't match auth routes get '/*slug', to: 'home#show', constraints: { slug: /(?!(rpi_)?auth\/).*/ } end diff --git a/spec/dummy/spec/requests/auth_request_spec.rb b/spec/dummy/spec/requests/auth_request_spec.rb index cfd7b7a..896e882 100644 --- a/spec/dummy/spec/requests/auth_request_spec.rb +++ b/spec/dummy/spec/requests/auth_request_spec.rb @@ -186,9 +186,8 @@ let(:session_keys_to_persist) { 'foo bar' } it 'persists provided session keys on login' do + set_session(foo: 'bar') post '/auth/rpi' - - session[:foo] = 'bar' previous_foo = session[:foo] puts "Initial session #{session.to_hash} \n\n" diff --git a/spec/support/request_helpers.rb b/spec/support/request_helpers.rb index ff22e24..6356a53 100644 --- a/spec/support/request_helpers.rb +++ b/spec/support/request_helpers.rb @@ -13,4 +13,13 @@ def sign_in(user) post '/auth/rpi' follow_redirect! end + + def set_session(vars = {}) + post session_path, params: { session_vars: vars } + expect(response).to have_http_status(:created) + + vars.each_key do |var| + expect(session[var]).to be_present + end + end end From 694d1ac2aaf954af3fd5520dd6f49510c8288969 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 14:15:53 +0000 Subject: [PATCH 05/13] Remove debug --- app/controllers/rpi_auth/auth_controller.rb | 1 - spec/dummy/spec/requests/auth_request_spec.rb | 5 +---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/app/controllers/rpi_auth/auth_controller.rb b/app/controllers/rpi_auth/auth_controller.rb index b3f3363..25d1cee 100644 --- a/app/controllers/rpi_auth/auth_controller.rb +++ b/app/controllers/rpi_auth/auth_controller.rb @@ -13,7 +13,6 @@ def callback # this, and certain data needs to be persisted, then the client should # pass the keys via config.session_keys_to_persist old_session = session.to_hash - puts "Old / pre-reset_session session: #{old_session} \n\n" reset_session diff --git a/spec/dummy/spec/requests/auth_request_spec.rb b/spec/dummy/spec/requests/auth_request_spec.rb index 896e882..5eae3b2 100644 --- a/spec/dummy/spec/requests/auth_request_spec.rb +++ b/spec/dummy/spec/requests/auth_request_spec.rb @@ -183,19 +183,16 @@ end context 'when session_keys_to_persist is set' do - let(:session_keys_to_persist) { 'foo bar' } + let(:session_keys_to_persist) { 'foo' } it 'persists provided session keys on login' do set_session(foo: 'bar') post '/auth/rpi' previous_foo = session[:foo] - puts "Initial session #{session.to_hash} \n\n" expect(response).to redirect_to('/rpi_auth/auth/callback') follow_redirect! - puts "/rpi_auth/auth/callback session: #{session.to_hash} \n\n" - expect(session[:foo]).to eq previous_foo end end From 709eab143f6efdf16a2e6ca77d8ffc3814b7287b Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 14:17:16 +0000 Subject: [PATCH 06/13] Changelog entry for session_keys_to_persist --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1794344..16ff96a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +- Adds `session_keys_to_persist` config option to allow for specific session keys to be persisted across logins (since logging in will reset the session: https://guides.rubyonrails.org/security.html#session-fixation-countermeasures) + ## [v3.4.0] - Removes `v1_signup` param as it is no longer required (https://github.com/RaspberryPiFoundation/profile/pull/1512) From 55a2bff9363a87ddd3d830c35a8524e78521b0c1 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 14:19:52 +0000 Subject: [PATCH 07/13] Bump Gems --- Gemfile.lock | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index f814c98..d546133 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - rpi_auth (3.3.0) + rpi_auth (3.4.0) omniauth-rails_csrf_protection (~> 1.0.0) omniauth_openid_connect (~> 0.7.1) rails (>= 6.1.4) @@ -76,7 +76,7 @@ GEM tzinfo (~> 2.0) aes_key_wrap (1.1.0) ast (2.4.2) - attr_required (1.0.1) + attr_required (1.0.2) base64 (0.2.0) bindata (2.4.15) builder (3.2.4) @@ -86,14 +86,15 @@ GEM crass (1.0.6) diff-lcs (1.5.0) docile (1.4.0) + email_validator (2.2.4) + activemodel erubi (1.11.0) - faraday (2.7.12) - base64 - faraday-net_http (>= 2.0, < 3.1) - ruby2_keywords (>= 0.0.4) + faraday (2.9.0) + faraday-net_http (>= 2.0, < 3.2) faraday-follow_redirects (0.3.0) faraday (>= 1, < 3) - faraday-net_http (3.0.2) + faraday-net_http (3.1.0) + net-http ffi (1.15.5) globalid (1.1.0) activesupport (>= 5.0) @@ -101,9 +102,10 @@ GEM i18n (1.13.0) concurrent-ruby (~> 1.0) json (2.6.2) - json-jwt (1.16.3) + json-jwt (1.16.5) activesupport (>= 4.2) aes_key_wrap + base64 bindata faraday (~> 2.0) faraday-follow_redirects @@ -119,6 +121,8 @@ GEM method_source (1.0.0) mini_mime (1.1.2) minitest (5.18.0) + net-http (0.4.1) + uri net-imap (0.3.1) net-protocol net-pop (0.1.2) @@ -132,7 +136,7 @@ GEM racc (~> 1.4) nokogiri (1.14.3-x86_64-linux) racc (~> 1.4) - omniauth (2.1.1) + omniauth (2.1.2) hashie (>= 3.4.6) rack (>= 2.2.3) rack-protection @@ -142,17 +146,17 @@ GEM omniauth_openid_connect (0.7.1) omniauth (>= 1.9, < 3) openid_connect (~> 2.2) - openid_connect (2.2.0) + openid_connect (2.3.0) activemodel attr_required (>= 1.0.0) + email_validator faraday (~> 2.0) faraday-follow_redirects json-jwt (>= 1.16) - net-smtp + mail rack-oauth2 (~> 2.2) swd (~> 2.0) tzinfo - validate_email validate_url webfinger (~> 2.0) parallel (1.22.1) @@ -169,14 +173,15 @@ GEM nio4r (~> 2.0) racc (1.6.2) rack (2.2.7) - rack-oauth2 (2.2.0) + rack-oauth2 (2.2.1) activesupport attr_required faraday (~> 2.0) faraday-follow_redirects json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (3.1.0) + rack-protection (3.2.0) + base64 (>= 0.1.0) rack (~> 2.2, >= 2.2.4) rack-test (2.0.2) rack (>= 1.3) @@ -254,14 +259,13 @@ GEM rubocop-rspec (2.15.0) rubocop (~> 1.33) ruby-progressbar (1.11.0) - ruby2_keywords (0.0.5) simplecov (0.21.2) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - swd (2.0.2) + swd (2.0.3) activesupport (>= 3) attr_required (>= 0.0.5) faraday (~> 2.0) @@ -271,13 +275,11 @@ GEM tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.3.0) - validate_email (0.1.6) - activemodel (>= 3.0) - mail (>= 2.2.5) + uri (0.13.0) validate_url (1.0.15) activemodel (>= 3.0.0) public_suffix - webfinger (2.1.2) + webfinger (2.1.3) activesupport faraday (~> 2.0) faraday-follow_redirects From c2763810686145b9ac94f845b18664d6d3806587 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 14:24:13 +0000 Subject: [PATCH 08/13] Bundle update --- Gemfile.lock | 305 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 177 insertions(+), 128 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d546133..dde713d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,99 +9,117 @@ PATH GEM remote: https://rubygems.org/ specs: - actioncable (7.0.4) - actionpack (= 7.0.4) - activesupport (= 7.0.4) + actioncable (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.4) - actionpack (= 7.0.4) - activejob (= 7.0.4) - activerecord (= 7.0.4) - activestorage (= 7.0.4) - activesupport (= 7.0.4) + zeitwerk (~> 2.6) + actionmailbox (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.4) - actionpack (= 7.0.4) - actionview (= 7.0.4) - activejob (= 7.0.4) - activesupport (= 7.0.4) + actionmailer (7.1.2) + actionpack (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activesupport (= 7.1.2) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.4) - actionview (= 7.0.4) - activesupport (= 7.0.4) - rack (~> 2.0, >= 2.2.0) + rails-dom-testing (~> 2.2) + actionpack (7.1.2) + actionview (= 7.1.2) + activesupport (= 7.1.2) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.4) - actionpack (= 7.0.4) - activerecord (= 7.0.4) - activestorage (= 7.0.4) - activesupport (= 7.0.4) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.2) + actionpack (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.4) - activesupport (= 7.0.4) + actionview (7.1.2) + activesupport (= 7.1.2) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (7.0.4) - activesupport (= 7.0.4) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + activejob (7.1.2) + activesupport (= 7.1.2) globalid (>= 0.3.6) - activemodel (7.0.4) - activesupport (= 7.0.4) - activerecord (7.0.4) - activemodel (= 7.0.4) - activesupport (= 7.0.4) - activestorage (7.0.4) - actionpack (= 7.0.4) - activejob (= 7.0.4) - activerecord (= 7.0.4) - activesupport (= 7.0.4) + activemodel (7.1.2) + activesupport (= 7.1.2) + activerecord (7.1.2) + activemodel (= 7.1.2) + activesupport (= 7.1.2) + timeout (>= 0.4.0) + activestorage (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activesupport (= 7.1.2) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.4) + activesupport (7.1.2) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) aes_key_wrap (1.1.0) ast (2.4.2) attr_required (1.0.2) base64 (0.2.0) + bigdecimal (3.1.5) bindata (2.4.15) builder (3.2.4) byebug (11.1.3) coderay (1.1.3) - concurrent-ruby (1.2.2) + concurrent-ruby (1.2.3) + connection_pool (2.4.1) crass (1.0.6) + date (3.3.4) diff-lcs (1.5.0) docile (1.4.0) + drb (2.2.0) + ruby2_keywords email_validator (2.2.4) activemodel - erubi (1.11.0) + erubi (1.12.0) faraday (2.9.0) faraday-net_http (>= 2.0, < 3.2) faraday-follow_redirects (0.3.0) faraday (>= 1, < 3) faraday-net_http (3.1.0) net-http - ffi (1.15.5) - globalid (1.1.0) - activesupport (>= 5.0) + ffi (1.16.3) + globalid (1.2.1) + activesupport (>= 6.1) hashie (5.0.0) - i18n (1.13.0) + i18n (1.14.1) concurrent-ruby (~> 1.0) - json (2.6.2) + io-console (0.7.1) + irb (1.11.1) + rdoc + reline (>= 0.4.2) + json (2.7.1) json-jwt (1.16.5) activesupport (>= 4.2) aes_key_wrap @@ -109,32 +127,38 @@ GEM bindata faraday (~> 2.0) faraday-follow_redirects - listen (3.7.1) + language_server-protocol (3.17.0.3) + listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.19.1) + loofah (2.22.0) crass (~> 1.0.2) - nokogiri (>= 1.5.9) - mail (2.7.1) + nokogiri (>= 1.12.0) + mail (2.8.1) mini_mime (>= 0.1.1) + net-imap + net-pop + net-smtp marcel (1.0.2) method_source (1.0.0) - mini_mime (1.1.2) - minitest (5.18.0) + mini_mime (1.1.5) + minitest (5.21.1) + mutex_m (0.2.0) net-http (0.4.1) uri - net-imap (0.3.1) + net-imap (0.4.9.1) + date net-protocol net-pop (0.1.2) net-protocol - net-protocol (0.1.3) + net-protocol (0.2.2) timeout - net-smtp (0.3.3) + net-smtp (0.4.0.1) net-protocol - nio4r (2.5.8) - nokogiri (1.14.3-arm64-darwin) + nio4r (2.7.0) + nokogiri (1.16.0-arm64-darwin) racc (~> 1.4) - nokogiri (1.14.3-x86_64-linux) + nokogiri (1.16.0-x86_64-linux) racc (~> 1.4) omniauth (2.1.2) hashie (>= 3.4.6) @@ -159,20 +183,23 @@ GEM tzinfo validate_url webfinger (~> 2.0) - parallel (1.22.1) - parser (3.1.3.0) + parallel (1.24.0) + parser (3.3.0.4) ast (~> 2.4.1) - pry (0.14.1) + racc + pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) pry-byebug (3.10.1) byebug (~> 11.0) pry (>= 0.13, < 0.15) + psych (5.1.2) + stringio public_suffix (5.0.4) - puma (6.2.2) + puma (6.4.2) nio4r (~> 2.0) - racc (1.6.2) - rack (2.2.7) + racc (1.7.3) + rack (3.0.8) rack-oauth2 (2.2.1) activesupport attr_required @@ -180,101 +207,122 @@ GEM faraday-follow_redirects json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (3.2.0) - base64 (>= 0.1.0) - rack (~> 2.2, >= 2.2.4) - rack-test (2.0.2) + rack-protection (3.0.6) + rack + rack-session (2.0.0) + rack (>= 3.0.0) + rack-test (2.1.0) rack (>= 1.3) - rails (7.0.4) - actioncable (= 7.0.4) - actionmailbox (= 7.0.4) - actionmailer (= 7.0.4) - actionpack (= 7.0.4) - actiontext (= 7.0.4) - actionview (= 7.0.4) - activejob (= 7.0.4) - activemodel (= 7.0.4) - activerecord (= 7.0.4) - activestorage (= 7.0.4) - activesupport (= 7.0.4) + rackup (2.1.0) + rack (>= 3) + webrick (~> 1.8) + rails (7.1.2) + actioncable (= 7.1.2) + actionmailbox (= 7.1.2) + actionmailer (= 7.1.2) + actionpack (= 7.1.2) + actiontext (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activemodel (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) bundler (>= 1.15.0) - railties (= 7.0.4) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + railties (= 7.1.2) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.4.4) - loofah (~> 2.19, >= 2.19.1) - railties (7.0.4) - actionpack (= 7.0.4) - activesupport (= 7.0.4) - method_source + rails-html-sanitizer (1.6.0) + loofah (~> 2.21) + nokogiri (~> 1.14) + railties (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) - rake (13.0.6) + rake (13.1.0) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - regexp_parser (2.6.1) - rexml (3.2.5) - rspec-core (3.12.0) + rdoc (6.6.2) + psych (>= 4.0.0) + regexp_parser (2.9.0) + reline (0.4.2) + io-console (~> 0.5) + rexml (3.2.6) + rspec-core (3.12.2) rspec-support (~> 3.12.0) - rspec-expectations (3.12.0) + rspec-expectations (3.12.3) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-mocks (3.12.0) + rspec-mocks (3.12.6) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-rails (6.0.1) + rspec-rails (6.1.0) actionpack (>= 6.1) activesupport (>= 6.1) railties (>= 6.1) - rspec-core (~> 3.11) - rspec-expectations (~> 3.11) - rspec-mocks (~> 3.11) - rspec-support (~> 3.11) - rspec-support (3.12.0) + rspec-core (~> 3.12) + rspec-expectations (~> 3.12) + rspec-mocks (~> 3.12) + rspec-support (~> 3.12) + rspec-support (3.12.1) rspec_junit_formatter (0.6.0) rspec-core (>= 2, < 4, != 2.12.0) - rubocop (1.39.0) + rubocop (1.60.0) json (~> 2.3) + language_server-protocol (>= 3.17.0) parallel (~> 1.10) - parser (>= 3.1.2.1) + parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.23.0, < 2.0) + rubocop-ast (>= 1.30.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.24.0) - parser (>= 3.1.1.0) - rubocop-performance (1.15.1) - rubocop (>= 1.7.0, < 2.0) - rubocop-ast (>= 0.4.0) - rubocop-rails (2.17.3) + unicode-display_width (>= 2.4.0, < 3.0) + rubocop-ast (1.30.0) + parser (>= 3.2.1.0) + rubocop-capybara (2.20.0) + rubocop (~> 1.41) + rubocop-factory_bot (2.25.1) + rubocop (~> 1.41) + rubocop-performance (1.20.2) + rubocop (>= 1.48.1, < 2.0) + rubocop-ast (>= 1.30.0, < 2.0) + rubocop-rails (2.23.1) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-rspec (2.15.0) - rubocop (~> 1.33) - ruby-progressbar (1.11.0) - simplecov (0.21.2) + rubocop-ast (>= 1.30.0, < 2.0) + rubocop-rspec (2.26.1) + rubocop (~> 1.40) + rubocop-capybara (~> 2.17) + rubocop-factory_bot (~> 2.22) + ruby-progressbar (1.13.0) + ruby2_keywords (0.0.5) + simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) + stringio (3.1.0) swd (2.0.3) activesupport (>= 3) attr_required (>= 0.0.5) faraday (~> 2.0) faraday-follow_redirects - thor (1.2.1) - timeout (0.3.0) + thor (1.3.0) + timeout (0.4.1) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.3.0) + unicode-display_width (2.5.0) uri (0.13.0) validate_url (1.0.15) activemodel (>= 3.0.0) @@ -283,10 +331,11 @@ GEM activesupport faraday (~> 2.0) faraday-follow_redirects - websocket-driver (0.7.5) + webrick (1.8.1) + websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.6) + zeitwerk (2.6.12) PLATFORMS arm64-darwin-22 From 8ac2f22a444887690a2dbc2b0481f426487fd073 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 14:25:35 +0000 Subject: [PATCH 09/13] Update Gemfile.lock --- Gemfile.lock | 307 ++++++++++++++++++++++----------------------------- 1 file changed, 130 insertions(+), 177 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index dde713d..20e10b1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,117 +9,99 @@ PATH GEM remote: https://rubygems.org/ specs: - actioncable (7.1.2) - actionpack (= 7.1.2) - activesupport (= 7.1.2) + actioncable (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - zeitwerk (~> 2.6) - actionmailbox (7.1.2) - actionpack (= 7.1.2) - activejob (= 7.1.2) - activerecord (= 7.1.2) - activestorage (= 7.1.2) - activesupport (= 7.1.2) + actionmailbox (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.1.2) - actionpack (= 7.1.2) - actionview (= 7.1.2) - activejob (= 7.1.2) - activesupport (= 7.1.2) + actionmailer (7.0.4) + actionpack (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activesupport (= 7.0.4) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.2) - actionpack (7.1.2) - actionview (= 7.1.2) - activesupport (= 7.1.2) - nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4) - rack-session (>= 1.0.1) + rails-dom-testing (~> 2.0) + actionpack (7.0.4) + actionview (= 7.0.4) + activesupport (= 7.0.4) + rack (~> 2.0, >= 2.2.0) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.2) - rails-html-sanitizer (~> 1.6) - actiontext (7.1.2) - actionpack (= 7.1.2) - activerecord (= 7.1.2) - activestorage (= 7.1.2) - activesupport (= 7.1.2) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (7.0.4) + actionpack (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.2) - activesupport (= 7.1.2) + actionview (7.0.4) + activesupport (= 7.0.4) builder (~> 3.1) - erubi (~> 1.11) - rails-dom-testing (~> 2.2) - rails-html-sanitizer (~> 1.6) - activejob (7.1.2) - activesupport (= 7.1.2) + erubi (~> 1.4) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (7.0.4) + activesupport (= 7.0.4) globalid (>= 0.3.6) - activemodel (7.1.2) - activesupport (= 7.1.2) - activerecord (7.1.2) - activemodel (= 7.1.2) - activesupport (= 7.1.2) - timeout (>= 0.4.0) - activestorage (7.1.2) - actionpack (= 7.1.2) - activejob (= 7.1.2) - activerecord (= 7.1.2) - activesupport (= 7.1.2) + activemodel (7.0.4) + activesupport (= 7.0.4) + activerecord (7.0.4) + activemodel (= 7.0.4) + activesupport (= 7.0.4) + activestorage (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activesupport (= 7.0.4) marcel (~> 1.0) - activesupport (7.1.2) - base64 - bigdecimal + mini_mime (>= 1.1.0) + activesupport (7.0.4) concurrent-ruby (~> 1.0, >= 1.0.2) - connection_pool (>= 2.2.5) - drb i18n (>= 1.6, < 2) minitest (>= 5.1) - mutex_m tzinfo (~> 2.0) aes_key_wrap (1.1.0) ast (2.4.2) attr_required (1.0.2) base64 (0.2.0) - bigdecimal (3.1.5) bindata (2.4.15) builder (3.2.4) byebug (11.1.3) coderay (1.1.3) - concurrent-ruby (1.2.3) - connection_pool (2.4.1) + concurrent-ruby (1.2.2) crass (1.0.6) - date (3.3.4) diff-lcs (1.5.0) docile (1.4.0) - drb (2.2.0) - ruby2_keywords email_validator (2.2.4) activemodel - erubi (1.12.0) + erubi (1.11.0) faraday (2.9.0) faraday-net_http (>= 2.0, < 3.2) faraday-follow_redirects (0.3.0) faraday (>= 1, < 3) faraday-net_http (3.1.0) net-http - ffi (1.16.3) - globalid (1.2.1) - activesupport (>= 6.1) + ffi (1.15.5) + globalid (1.1.0) + activesupport (>= 5.0) hashie (5.0.0) - i18n (1.14.1) + i18n (1.13.0) concurrent-ruby (~> 1.0) - io-console (0.7.1) - irb (1.11.1) - rdoc - reline (>= 0.4.2) - json (2.7.1) + json (2.6.2) json-jwt (1.16.5) activesupport (>= 4.2) aes_key_wrap @@ -127,38 +109,32 @@ GEM bindata faraday (~> 2.0) faraday-follow_redirects - language_server-protocol (3.17.0.3) - listen (3.8.0) + listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.22.0) + loofah (2.19.1) crass (~> 1.0.2) - nokogiri (>= 1.12.0) - mail (2.8.1) + nokogiri (>= 1.5.9) + mail (2.7.1) mini_mime (>= 0.1.1) - net-imap - net-pop - net-smtp marcel (1.0.2) method_source (1.0.0) - mini_mime (1.1.5) - minitest (5.21.1) - mutex_m (0.2.0) + mini_mime (1.1.2) + minitest (5.18.0) net-http (0.4.1) uri - net-imap (0.4.9.1) - date + net-imap (0.3.1) net-protocol net-pop (0.1.2) net-protocol - net-protocol (0.2.2) + net-protocol (0.1.3) timeout - net-smtp (0.4.0.1) + net-smtp (0.3.3) net-protocol - nio4r (2.7.0) - nokogiri (1.16.0-arm64-darwin) + nio4r (2.5.8) + nokogiri (1.14.3-arm64-darwin) racc (~> 1.4) - nokogiri (1.16.0-x86_64-linux) + nokogiri (1.14.3-x86_64-linux) racc (~> 1.4) omniauth (2.1.2) hashie (>= 3.4.6) @@ -183,23 +159,20 @@ GEM tzinfo validate_url webfinger (~> 2.0) - parallel (1.24.0) - parser (3.3.0.4) + parallel (1.22.1) + parser (3.1.3.0) ast (~> 2.4.1) - racc - pry (0.14.2) + pry (0.14.1) coderay (~> 1.1) method_source (~> 1.0) pry-byebug (3.10.1) byebug (~> 11.0) pry (>= 0.13, < 0.15) - psych (5.1.2) - stringio public_suffix (5.0.4) - puma (6.4.2) + puma (6.2.2) nio4r (~> 2.0) - racc (1.7.3) - rack (3.0.8) + racc (1.6.2) + rack (2.2.7) rack-oauth2 (2.2.1) activesupport attr_required @@ -207,122 +180,101 @@ GEM faraday-follow_redirects json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (3.0.6) - rack - rack-session (2.0.0) - rack (>= 3.0.0) - rack-test (2.1.0) + rack-protection (3.2.0) + base64 (>= 0.1.0) + rack (~> 2.2, >= 2.2.4) + rack-test (2.0.2) rack (>= 1.3) - rackup (2.1.0) - rack (>= 3) - webrick (~> 1.8) - rails (7.1.2) - actioncable (= 7.1.2) - actionmailbox (= 7.1.2) - actionmailer (= 7.1.2) - actionpack (= 7.1.2) - actiontext (= 7.1.2) - actionview (= 7.1.2) - activejob (= 7.1.2) - activemodel (= 7.1.2) - activerecord (= 7.1.2) - activestorage (= 7.1.2) - activesupport (= 7.1.2) + rails (7.0.4) + actioncable (= 7.0.4) + actionmailbox (= 7.0.4) + actionmailer (= 7.0.4) + actionpack (= 7.0.4) + actiontext (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activemodel (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) bundler (>= 1.15.0) - railties (= 7.1.2) - rails-dom-testing (2.2.0) - activesupport (>= 5.0.0) - minitest + railties (= 7.0.4) + rails-dom-testing (2.0.3) + activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.6.0) - loofah (~> 2.21) - nokogiri (~> 1.14) - railties (7.1.2) - actionpack (= 7.1.2) - activesupport (= 7.1.2) - irb - rackup (>= 1.0.0) + rails-html-sanitizer (1.4.4) + loofah (~> 2.19, >= 2.19.1) + railties (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) + method_source rake (>= 12.2) - thor (~> 1.0, >= 1.2.2) - zeitwerk (~> 2.6) + thor (~> 1.0) + zeitwerk (~> 2.5) rainbow (3.1.1) - rake (13.1.0) + rake (13.0.6) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - rdoc (6.6.2) - psych (>= 4.0.0) - regexp_parser (2.9.0) - reline (0.4.2) - io-console (~> 0.5) - rexml (3.2.6) - rspec-core (3.12.2) + regexp_parser (2.6.1) + rexml (3.2.5) + rspec-core (3.12.0) rspec-support (~> 3.12.0) - rspec-expectations (3.12.3) + rspec-expectations (3.12.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-mocks (3.12.6) + rspec-mocks (3.12.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-rails (6.1.0) + rspec-rails (6.0.1) actionpack (>= 6.1) activesupport (>= 6.1) railties (>= 6.1) - rspec-core (~> 3.12) - rspec-expectations (~> 3.12) - rspec-mocks (~> 3.12) - rspec-support (~> 3.12) - rspec-support (3.12.1) + rspec-core (~> 3.11) + rspec-expectations (~> 3.11) + rspec-mocks (~> 3.11) + rspec-support (~> 3.11) + rspec-support (3.12.0) rspec_junit_formatter (0.6.0) rspec-core (>= 2, < 4, != 2.12.0) - rubocop (1.60.0) + rubocop (1.39.0) json (~> 2.3) - language_server-protocol (>= 3.17.0) parallel (~> 1.10) - parser (>= 3.3.0.2) + parser (>= 3.1.2.1) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.30.0, < 2.0) + rubocop-ast (>= 1.23.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.30.0) - parser (>= 3.2.1.0) - rubocop-capybara (2.20.0) - rubocop (~> 1.41) - rubocop-factory_bot (2.25.1) - rubocop (~> 1.41) - rubocop-performance (1.20.2) - rubocop (>= 1.48.1, < 2.0) - rubocop-ast (>= 1.30.0, < 2.0) - rubocop-rails (2.23.1) + unicode-display_width (>= 1.4.0, < 3.0) + rubocop-ast (1.24.0) + parser (>= 3.1.1.0) + rubocop-performance (1.15.1) + rubocop (>= 1.7.0, < 2.0) + rubocop-ast (>= 0.4.0) + rubocop-rails (2.17.3) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-ast (>= 1.30.0, < 2.0) - rubocop-rspec (2.26.1) - rubocop (~> 1.40) - rubocop-capybara (~> 2.17) - rubocop-factory_bot (~> 2.22) - ruby-progressbar (1.13.0) - ruby2_keywords (0.0.5) - simplecov (0.22.0) + rubocop-rspec (2.15.0) + rubocop (~> 1.33) + ruby-progressbar (1.11.0) + simplecov (0.21.2) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - stringio (3.1.0) swd (2.0.3) activesupport (>= 3) attr_required (>= 0.0.5) faraday (~> 2.0) faraday-follow_redirects - thor (1.3.0) - timeout (0.4.1) + thor (1.2.1) + timeout (0.3.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.5.0) + unicode-display_width (2.3.0) uri (0.13.0) validate_url (1.0.15) activemodel (>= 3.0.0) @@ -331,14 +283,15 @@ GEM activesupport faraday (~> 2.0) faraday-follow_redirects - webrick (1.8.1) - websocket-driver (0.7.6) + websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.12) + zeitwerk (2.6.6) PLATFORMS arm64-darwin-22 + arm64-darwin-22 + x86_64-linux x86_64-linux DEPENDENCIES From d75141ca06208cb165b90b561105072ce5cf6037 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 17:25:35 +0000 Subject: [PATCH 10/13] Revert "Update Gemfile.lock" This reverts commit 8ac2f22a444887690a2dbc2b0481f426487fd073. --- Gemfile.lock | 307 +++++++++++++++++++++++++++++---------------------- 1 file changed, 177 insertions(+), 130 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 20e10b1..dde713d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,99 +9,117 @@ PATH GEM remote: https://rubygems.org/ specs: - actioncable (7.0.4) - actionpack (= 7.0.4) - activesupport (= 7.0.4) + actioncable (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.4) - actionpack (= 7.0.4) - activejob (= 7.0.4) - activerecord (= 7.0.4) - activestorage (= 7.0.4) - activesupport (= 7.0.4) + zeitwerk (~> 2.6) + actionmailbox (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.4) - actionpack (= 7.0.4) - actionview (= 7.0.4) - activejob (= 7.0.4) - activesupport (= 7.0.4) + actionmailer (7.1.2) + actionpack (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activesupport (= 7.1.2) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.4) - actionview (= 7.0.4) - activesupport (= 7.0.4) - rack (~> 2.0, >= 2.2.0) + rails-dom-testing (~> 2.2) + actionpack (7.1.2) + actionview (= 7.1.2) + activesupport (= 7.1.2) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.4) - actionpack (= 7.0.4) - activerecord (= 7.0.4) - activestorage (= 7.0.4) - activesupport (= 7.0.4) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.2) + actionpack (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.4) - activesupport (= 7.0.4) + actionview (7.1.2) + activesupport (= 7.1.2) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (7.0.4) - activesupport (= 7.0.4) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + activejob (7.1.2) + activesupport (= 7.1.2) globalid (>= 0.3.6) - activemodel (7.0.4) - activesupport (= 7.0.4) - activerecord (7.0.4) - activemodel (= 7.0.4) - activesupport (= 7.0.4) - activestorage (7.0.4) - actionpack (= 7.0.4) - activejob (= 7.0.4) - activerecord (= 7.0.4) - activesupport (= 7.0.4) + activemodel (7.1.2) + activesupport (= 7.1.2) + activerecord (7.1.2) + activemodel (= 7.1.2) + activesupport (= 7.1.2) + timeout (>= 0.4.0) + activestorage (7.1.2) + actionpack (= 7.1.2) + activejob (= 7.1.2) + activerecord (= 7.1.2) + activesupport (= 7.1.2) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.4) + activesupport (7.1.2) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) aes_key_wrap (1.1.0) ast (2.4.2) attr_required (1.0.2) base64 (0.2.0) + bigdecimal (3.1.5) bindata (2.4.15) builder (3.2.4) byebug (11.1.3) coderay (1.1.3) - concurrent-ruby (1.2.2) + concurrent-ruby (1.2.3) + connection_pool (2.4.1) crass (1.0.6) + date (3.3.4) diff-lcs (1.5.0) docile (1.4.0) + drb (2.2.0) + ruby2_keywords email_validator (2.2.4) activemodel - erubi (1.11.0) + erubi (1.12.0) faraday (2.9.0) faraday-net_http (>= 2.0, < 3.2) faraday-follow_redirects (0.3.0) faraday (>= 1, < 3) faraday-net_http (3.1.0) net-http - ffi (1.15.5) - globalid (1.1.0) - activesupport (>= 5.0) + ffi (1.16.3) + globalid (1.2.1) + activesupport (>= 6.1) hashie (5.0.0) - i18n (1.13.0) + i18n (1.14.1) concurrent-ruby (~> 1.0) - json (2.6.2) + io-console (0.7.1) + irb (1.11.1) + rdoc + reline (>= 0.4.2) + json (2.7.1) json-jwt (1.16.5) activesupport (>= 4.2) aes_key_wrap @@ -109,32 +127,38 @@ GEM bindata faraday (~> 2.0) faraday-follow_redirects - listen (3.7.1) + language_server-protocol (3.17.0.3) + listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.19.1) + loofah (2.22.0) crass (~> 1.0.2) - nokogiri (>= 1.5.9) - mail (2.7.1) + nokogiri (>= 1.12.0) + mail (2.8.1) mini_mime (>= 0.1.1) + net-imap + net-pop + net-smtp marcel (1.0.2) method_source (1.0.0) - mini_mime (1.1.2) - minitest (5.18.0) + mini_mime (1.1.5) + minitest (5.21.1) + mutex_m (0.2.0) net-http (0.4.1) uri - net-imap (0.3.1) + net-imap (0.4.9.1) + date net-protocol net-pop (0.1.2) net-protocol - net-protocol (0.1.3) + net-protocol (0.2.2) timeout - net-smtp (0.3.3) + net-smtp (0.4.0.1) net-protocol - nio4r (2.5.8) - nokogiri (1.14.3-arm64-darwin) + nio4r (2.7.0) + nokogiri (1.16.0-arm64-darwin) racc (~> 1.4) - nokogiri (1.14.3-x86_64-linux) + nokogiri (1.16.0-x86_64-linux) racc (~> 1.4) omniauth (2.1.2) hashie (>= 3.4.6) @@ -159,20 +183,23 @@ GEM tzinfo validate_url webfinger (~> 2.0) - parallel (1.22.1) - parser (3.1.3.0) + parallel (1.24.0) + parser (3.3.0.4) ast (~> 2.4.1) - pry (0.14.1) + racc + pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) pry-byebug (3.10.1) byebug (~> 11.0) pry (>= 0.13, < 0.15) + psych (5.1.2) + stringio public_suffix (5.0.4) - puma (6.2.2) + puma (6.4.2) nio4r (~> 2.0) - racc (1.6.2) - rack (2.2.7) + racc (1.7.3) + rack (3.0.8) rack-oauth2 (2.2.1) activesupport attr_required @@ -180,101 +207,122 @@ GEM faraday-follow_redirects json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (3.2.0) - base64 (>= 0.1.0) - rack (~> 2.2, >= 2.2.4) - rack-test (2.0.2) + rack-protection (3.0.6) + rack + rack-session (2.0.0) + rack (>= 3.0.0) + rack-test (2.1.0) rack (>= 1.3) - rails (7.0.4) - actioncable (= 7.0.4) - actionmailbox (= 7.0.4) - actionmailer (= 7.0.4) - actionpack (= 7.0.4) - actiontext (= 7.0.4) - actionview (= 7.0.4) - activejob (= 7.0.4) - activemodel (= 7.0.4) - activerecord (= 7.0.4) - activestorage (= 7.0.4) - activesupport (= 7.0.4) + rackup (2.1.0) + rack (>= 3) + webrick (~> 1.8) + rails (7.1.2) + actioncable (= 7.1.2) + actionmailbox (= 7.1.2) + actionmailer (= 7.1.2) + actionpack (= 7.1.2) + actiontext (= 7.1.2) + actionview (= 7.1.2) + activejob (= 7.1.2) + activemodel (= 7.1.2) + activerecord (= 7.1.2) + activestorage (= 7.1.2) + activesupport (= 7.1.2) bundler (>= 1.15.0) - railties (= 7.0.4) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + railties (= 7.1.2) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.4.4) - loofah (~> 2.19, >= 2.19.1) - railties (7.0.4) - actionpack (= 7.0.4) - activesupport (= 7.0.4) - method_source + rails-html-sanitizer (1.6.0) + loofah (~> 2.21) + nokogiri (~> 1.14) + railties (7.1.2) + actionpack (= 7.1.2) + activesupport (= 7.1.2) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) - rake (13.0.6) + rake (13.1.0) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - regexp_parser (2.6.1) - rexml (3.2.5) - rspec-core (3.12.0) + rdoc (6.6.2) + psych (>= 4.0.0) + regexp_parser (2.9.0) + reline (0.4.2) + io-console (~> 0.5) + rexml (3.2.6) + rspec-core (3.12.2) rspec-support (~> 3.12.0) - rspec-expectations (3.12.0) + rspec-expectations (3.12.3) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-mocks (3.12.0) + rspec-mocks (3.12.6) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-rails (6.0.1) + rspec-rails (6.1.0) actionpack (>= 6.1) activesupport (>= 6.1) railties (>= 6.1) - rspec-core (~> 3.11) - rspec-expectations (~> 3.11) - rspec-mocks (~> 3.11) - rspec-support (~> 3.11) - rspec-support (3.12.0) + rspec-core (~> 3.12) + rspec-expectations (~> 3.12) + rspec-mocks (~> 3.12) + rspec-support (~> 3.12) + rspec-support (3.12.1) rspec_junit_formatter (0.6.0) rspec-core (>= 2, < 4, != 2.12.0) - rubocop (1.39.0) + rubocop (1.60.0) json (~> 2.3) + language_server-protocol (>= 3.17.0) parallel (~> 1.10) - parser (>= 3.1.2.1) + parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.23.0, < 2.0) + rubocop-ast (>= 1.30.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.24.0) - parser (>= 3.1.1.0) - rubocop-performance (1.15.1) - rubocop (>= 1.7.0, < 2.0) - rubocop-ast (>= 0.4.0) - rubocop-rails (2.17.3) + unicode-display_width (>= 2.4.0, < 3.0) + rubocop-ast (1.30.0) + parser (>= 3.2.1.0) + rubocop-capybara (2.20.0) + rubocop (~> 1.41) + rubocop-factory_bot (2.25.1) + rubocop (~> 1.41) + rubocop-performance (1.20.2) + rubocop (>= 1.48.1, < 2.0) + rubocop-ast (>= 1.30.0, < 2.0) + rubocop-rails (2.23.1) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-rspec (2.15.0) - rubocop (~> 1.33) - ruby-progressbar (1.11.0) - simplecov (0.21.2) + rubocop-ast (>= 1.30.0, < 2.0) + rubocop-rspec (2.26.1) + rubocop (~> 1.40) + rubocop-capybara (~> 2.17) + rubocop-factory_bot (~> 2.22) + ruby-progressbar (1.13.0) + ruby2_keywords (0.0.5) + simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) + stringio (3.1.0) swd (2.0.3) activesupport (>= 3) attr_required (>= 0.0.5) faraday (~> 2.0) faraday-follow_redirects - thor (1.2.1) - timeout (0.3.0) + thor (1.3.0) + timeout (0.4.1) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.3.0) + unicode-display_width (2.5.0) uri (0.13.0) validate_url (1.0.15) activemodel (>= 3.0.0) @@ -283,15 +331,14 @@ GEM activesupport faraday (~> 2.0) faraday-follow_redirects - websocket-driver (0.7.5) + webrick (1.8.1) + websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.6) + zeitwerk (2.6.12) PLATFORMS arm64-darwin-22 - arm64-darwin-22 - x86_64-linux x86_64-linux DEPENDENCIES From 17c56375d506be5e6998d837e7651a05d6026f88 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 17:25:46 +0000 Subject: [PATCH 11/13] Revert "Bundle update" This reverts commit c2763810686145b9ac94f845b18664d6d3806587. --- Gemfile.lock | 305 +++++++++++++++++++++------------------------------ 1 file changed, 128 insertions(+), 177 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index dde713d..d546133 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,117 +9,99 @@ PATH GEM remote: https://rubygems.org/ specs: - actioncable (7.1.2) - actionpack (= 7.1.2) - activesupport (= 7.1.2) + actioncable (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - zeitwerk (~> 2.6) - actionmailbox (7.1.2) - actionpack (= 7.1.2) - activejob (= 7.1.2) - activerecord (= 7.1.2) - activestorage (= 7.1.2) - activesupport (= 7.1.2) + actionmailbox (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.1.2) - actionpack (= 7.1.2) - actionview (= 7.1.2) - activejob (= 7.1.2) - activesupport (= 7.1.2) + actionmailer (7.0.4) + actionpack (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activesupport (= 7.0.4) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.2) - actionpack (7.1.2) - actionview (= 7.1.2) - activesupport (= 7.1.2) - nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4) - rack-session (>= 1.0.1) + rails-dom-testing (~> 2.0) + actionpack (7.0.4) + actionview (= 7.0.4) + activesupport (= 7.0.4) + rack (~> 2.0, >= 2.2.0) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.2) - rails-html-sanitizer (~> 1.6) - actiontext (7.1.2) - actionpack (= 7.1.2) - activerecord (= 7.1.2) - activestorage (= 7.1.2) - activesupport (= 7.1.2) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (7.0.4) + actionpack (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.2) - activesupport (= 7.1.2) + actionview (7.0.4) + activesupport (= 7.0.4) builder (~> 3.1) - erubi (~> 1.11) - rails-dom-testing (~> 2.2) - rails-html-sanitizer (~> 1.6) - activejob (7.1.2) - activesupport (= 7.1.2) + erubi (~> 1.4) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (7.0.4) + activesupport (= 7.0.4) globalid (>= 0.3.6) - activemodel (7.1.2) - activesupport (= 7.1.2) - activerecord (7.1.2) - activemodel (= 7.1.2) - activesupport (= 7.1.2) - timeout (>= 0.4.0) - activestorage (7.1.2) - actionpack (= 7.1.2) - activejob (= 7.1.2) - activerecord (= 7.1.2) - activesupport (= 7.1.2) + activemodel (7.0.4) + activesupport (= 7.0.4) + activerecord (7.0.4) + activemodel (= 7.0.4) + activesupport (= 7.0.4) + activestorage (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activesupport (= 7.0.4) marcel (~> 1.0) - activesupport (7.1.2) - base64 - bigdecimal + mini_mime (>= 1.1.0) + activesupport (7.0.4) concurrent-ruby (~> 1.0, >= 1.0.2) - connection_pool (>= 2.2.5) - drb i18n (>= 1.6, < 2) minitest (>= 5.1) - mutex_m tzinfo (~> 2.0) aes_key_wrap (1.1.0) ast (2.4.2) attr_required (1.0.2) base64 (0.2.0) - bigdecimal (3.1.5) bindata (2.4.15) builder (3.2.4) byebug (11.1.3) coderay (1.1.3) - concurrent-ruby (1.2.3) - connection_pool (2.4.1) + concurrent-ruby (1.2.2) crass (1.0.6) - date (3.3.4) diff-lcs (1.5.0) docile (1.4.0) - drb (2.2.0) - ruby2_keywords email_validator (2.2.4) activemodel - erubi (1.12.0) + erubi (1.11.0) faraday (2.9.0) faraday-net_http (>= 2.0, < 3.2) faraday-follow_redirects (0.3.0) faraday (>= 1, < 3) faraday-net_http (3.1.0) net-http - ffi (1.16.3) - globalid (1.2.1) - activesupport (>= 6.1) + ffi (1.15.5) + globalid (1.1.0) + activesupport (>= 5.0) hashie (5.0.0) - i18n (1.14.1) + i18n (1.13.0) concurrent-ruby (~> 1.0) - io-console (0.7.1) - irb (1.11.1) - rdoc - reline (>= 0.4.2) - json (2.7.1) + json (2.6.2) json-jwt (1.16.5) activesupport (>= 4.2) aes_key_wrap @@ -127,38 +109,32 @@ GEM bindata faraday (~> 2.0) faraday-follow_redirects - language_server-protocol (3.17.0.3) - listen (3.8.0) + listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.22.0) + loofah (2.19.1) crass (~> 1.0.2) - nokogiri (>= 1.12.0) - mail (2.8.1) + nokogiri (>= 1.5.9) + mail (2.7.1) mini_mime (>= 0.1.1) - net-imap - net-pop - net-smtp marcel (1.0.2) method_source (1.0.0) - mini_mime (1.1.5) - minitest (5.21.1) - mutex_m (0.2.0) + mini_mime (1.1.2) + minitest (5.18.0) net-http (0.4.1) uri - net-imap (0.4.9.1) - date + net-imap (0.3.1) net-protocol net-pop (0.1.2) net-protocol - net-protocol (0.2.2) + net-protocol (0.1.3) timeout - net-smtp (0.4.0.1) + net-smtp (0.3.3) net-protocol - nio4r (2.7.0) - nokogiri (1.16.0-arm64-darwin) + nio4r (2.5.8) + nokogiri (1.14.3-arm64-darwin) racc (~> 1.4) - nokogiri (1.16.0-x86_64-linux) + nokogiri (1.14.3-x86_64-linux) racc (~> 1.4) omniauth (2.1.2) hashie (>= 3.4.6) @@ -183,23 +159,20 @@ GEM tzinfo validate_url webfinger (~> 2.0) - parallel (1.24.0) - parser (3.3.0.4) + parallel (1.22.1) + parser (3.1.3.0) ast (~> 2.4.1) - racc - pry (0.14.2) + pry (0.14.1) coderay (~> 1.1) method_source (~> 1.0) pry-byebug (3.10.1) byebug (~> 11.0) pry (>= 0.13, < 0.15) - psych (5.1.2) - stringio public_suffix (5.0.4) - puma (6.4.2) + puma (6.2.2) nio4r (~> 2.0) - racc (1.7.3) - rack (3.0.8) + racc (1.6.2) + rack (2.2.7) rack-oauth2 (2.2.1) activesupport attr_required @@ -207,122 +180,101 @@ GEM faraday-follow_redirects json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (3.0.6) - rack - rack-session (2.0.0) - rack (>= 3.0.0) - rack-test (2.1.0) + rack-protection (3.2.0) + base64 (>= 0.1.0) + rack (~> 2.2, >= 2.2.4) + rack-test (2.0.2) rack (>= 1.3) - rackup (2.1.0) - rack (>= 3) - webrick (~> 1.8) - rails (7.1.2) - actioncable (= 7.1.2) - actionmailbox (= 7.1.2) - actionmailer (= 7.1.2) - actionpack (= 7.1.2) - actiontext (= 7.1.2) - actionview (= 7.1.2) - activejob (= 7.1.2) - activemodel (= 7.1.2) - activerecord (= 7.1.2) - activestorage (= 7.1.2) - activesupport (= 7.1.2) + rails (7.0.4) + actioncable (= 7.0.4) + actionmailbox (= 7.0.4) + actionmailer (= 7.0.4) + actionpack (= 7.0.4) + actiontext (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activemodel (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) bundler (>= 1.15.0) - railties (= 7.1.2) - rails-dom-testing (2.2.0) - activesupport (>= 5.0.0) - minitest + railties (= 7.0.4) + rails-dom-testing (2.0.3) + activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.6.0) - loofah (~> 2.21) - nokogiri (~> 1.14) - railties (7.1.2) - actionpack (= 7.1.2) - activesupport (= 7.1.2) - irb - rackup (>= 1.0.0) + rails-html-sanitizer (1.4.4) + loofah (~> 2.19, >= 2.19.1) + railties (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) + method_source rake (>= 12.2) - thor (~> 1.0, >= 1.2.2) - zeitwerk (~> 2.6) + thor (~> 1.0) + zeitwerk (~> 2.5) rainbow (3.1.1) - rake (13.1.0) + rake (13.0.6) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - rdoc (6.6.2) - psych (>= 4.0.0) - regexp_parser (2.9.0) - reline (0.4.2) - io-console (~> 0.5) - rexml (3.2.6) - rspec-core (3.12.2) + regexp_parser (2.6.1) + rexml (3.2.5) + rspec-core (3.12.0) rspec-support (~> 3.12.0) - rspec-expectations (3.12.3) + rspec-expectations (3.12.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-mocks (3.12.6) + rspec-mocks (3.12.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-rails (6.1.0) + rspec-rails (6.0.1) actionpack (>= 6.1) activesupport (>= 6.1) railties (>= 6.1) - rspec-core (~> 3.12) - rspec-expectations (~> 3.12) - rspec-mocks (~> 3.12) - rspec-support (~> 3.12) - rspec-support (3.12.1) + rspec-core (~> 3.11) + rspec-expectations (~> 3.11) + rspec-mocks (~> 3.11) + rspec-support (~> 3.11) + rspec-support (3.12.0) rspec_junit_formatter (0.6.0) rspec-core (>= 2, < 4, != 2.12.0) - rubocop (1.60.0) + rubocop (1.39.0) json (~> 2.3) - language_server-protocol (>= 3.17.0) parallel (~> 1.10) - parser (>= 3.3.0.2) + parser (>= 3.1.2.1) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.30.0, < 2.0) + rubocop-ast (>= 1.23.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.30.0) - parser (>= 3.2.1.0) - rubocop-capybara (2.20.0) - rubocop (~> 1.41) - rubocop-factory_bot (2.25.1) - rubocop (~> 1.41) - rubocop-performance (1.20.2) - rubocop (>= 1.48.1, < 2.0) - rubocop-ast (>= 1.30.0, < 2.0) - rubocop-rails (2.23.1) + unicode-display_width (>= 1.4.0, < 3.0) + rubocop-ast (1.24.0) + parser (>= 3.1.1.0) + rubocop-performance (1.15.1) + rubocop (>= 1.7.0, < 2.0) + rubocop-ast (>= 0.4.0) + rubocop-rails (2.17.3) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-ast (>= 1.30.0, < 2.0) - rubocop-rspec (2.26.1) - rubocop (~> 1.40) - rubocop-capybara (~> 2.17) - rubocop-factory_bot (~> 2.22) - ruby-progressbar (1.13.0) - ruby2_keywords (0.0.5) - simplecov (0.22.0) + rubocop-rspec (2.15.0) + rubocop (~> 1.33) + ruby-progressbar (1.11.0) + simplecov (0.21.2) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - stringio (3.1.0) swd (2.0.3) activesupport (>= 3) attr_required (>= 0.0.5) faraday (~> 2.0) faraday-follow_redirects - thor (1.3.0) - timeout (0.4.1) + thor (1.2.1) + timeout (0.3.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.5.0) + unicode-display_width (2.3.0) uri (0.13.0) validate_url (1.0.15) activemodel (>= 3.0.0) @@ -331,11 +283,10 @@ GEM activesupport faraday (~> 2.0) faraday-follow_redirects - webrick (1.8.1) - websocket-driver (0.7.6) + websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.12) + zeitwerk (2.6.6) PLATFORMS arm64-darwin-22 From 78c45e1de6f08acbafc86bf3d5519a9553de8dba Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Tue, 16 Jan 2024 17:25:56 +0000 Subject: [PATCH 12/13] Revert "Bump Gems" This reverts commit 55a2bff9363a87ddd3d830c35a8524e78521b0c1. --- Gemfile.lock | 42 ++++++++++++++++++++---------------------- 1 file changed, 20 insertions(+), 22 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d546133..f814c98 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - rpi_auth (3.4.0) + rpi_auth (3.3.0) omniauth-rails_csrf_protection (~> 1.0.0) omniauth_openid_connect (~> 0.7.1) rails (>= 6.1.4) @@ -76,7 +76,7 @@ GEM tzinfo (~> 2.0) aes_key_wrap (1.1.0) ast (2.4.2) - attr_required (1.0.2) + attr_required (1.0.1) base64 (0.2.0) bindata (2.4.15) builder (3.2.4) @@ -86,15 +86,14 @@ GEM crass (1.0.6) diff-lcs (1.5.0) docile (1.4.0) - email_validator (2.2.4) - activemodel erubi (1.11.0) - faraday (2.9.0) - faraday-net_http (>= 2.0, < 3.2) + faraday (2.7.12) + base64 + faraday-net_http (>= 2.0, < 3.1) + ruby2_keywords (>= 0.0.4) faraday-follow_redirects (0.3.0) faraday (>= 1, < 3) - faraday-net_http (3.1.0) - net-http + faraday-net_http (3.0.2) ffi (1.15.5) globalid (1.1.0) activesupport (>= 5.0) @@ -102,10 +101,9 @@ GEM i18n (1.13.0) concurrent-ruby (~> 1.0) json (2.6.2) - json-jwt (1.16.5) + json-jwt (1.16.3) activesupport (>= 4.2) aes_key_wrap - base64 bindata faraday (~> 2.0) faraday-follow_redirects @@ -121,8 +119,6 @@ GEM method_source (1.0.0) mini_mime (1.1.2) minitest (5.18.0) - net-http (0.4.1) - uri net-imap (0.3.1) net-protocol net-pop (0.1.2) @@ -136,7 +132,7 @@ GEM racc (~> 1.4) nokogiri (1.14.3-x86_64-linux) racc (~> 1.4) - omniauth (2.1.2) + omniauth (2.1.1) hashie (>= 3.4.6) rack (>= 2.2.3) rack-protection @@ -146,17 +142,17 @@ GEM omniauth_openid_connect (0.7.1) omniauth (>= 1.9, < 3) openid_connect (~> 2.2) - openid_connect (2.3.0) + openid_connect (2.2.0) activemodel attr_required (>= 1.0.0) - email_validator faraday (~> 2.0) faraday-follow_redirects json-jwt (>= 1.16) - mail + net-smtp rack-oauth2 (~> 2.2) swd (~> 2.0) tzinfo + validate_email validate_url webfinger (~> 2.0) parallel (1.22.1) @@ -173,15 +169,14 @@ GEM nio4r (~> 2.0) racc (1.6.2) rack (2.2.7) - rack-oauth2 (2.2.1) + rack-oauth2 (2.2.0) activesupport attr_required faraday (~> 2.0) faraday-follow_redirects json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (3.2.0) - base64 (>= 0.1.0) + rack-protection (3.1.0) rack (~> 2.2, >= 2.2.4) rack-test (2.0.2) rack (>= 1.3) @@ -259,13 +254,14 @@ GEM rubocop-rspec (2.15.0) rubocop (~> 1.33) ruby-progressbar (1.11.0) + ruby2_keywords (0.0.5) simplecov (0.21.2) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - swd (2.0.3) + swd (2.0.2) activesupport (>= 3) attr_required (>= 0.0.5) faraday (~> 2.0) @@ -275,11 +271,13 @@ GEM tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.3.0) - uri (0.13.0) + validate_email (0.1.6) + activemodel (>= 3.0) + mail (>= 2.2.5) validate_url (1.0.15) activemodel (>= 3.0.0) public_suffix - webfinger (2.1.3) + webfinger (2.1.2) activesupport faraday (~> 2.0) faraday-follow_redirects From a5ea1ba2bd53eae9746a79548cce4218e544a0e9 Mon Sep 17 00:00:00 2001 From: Greg Annandale Date: Wed, 17 Jan 2024 15:18:03 +0000 Subject: [PATCH 13/13] Consistent use of string type for session_keys_to_persist --- spec/dummy/config/initializers/rpi_auth.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/dummy/config/initializers/rpi_auth.rb b/spec/dummy/config/initializers/rpi_auth.rb index 2dd5877..d3355c4 100644 --- a/spec/dummy/config/initializers/rpi_auth.rb +++ b/spec/dummy/config/initializers/rpi_auth.rb @@ -6,7 +6,7 @@ config.brand = 'codeclub' config.host_url = 'http://localhost:3009' config.identity_url = 'http://localhost:3002' - config.session_keys_to_persist = %w[foo bar] + config.session_keys_to_persist = 'foo bar' config.user_model = 'User' # Redurect to the next URL