From 4134c4809275f0dab3981d9aac3460409ecbbe74 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 03:03:13 +0000 Subject: [PATCH 01/88] build(deps): bump aws-sdk-cognitoidentityprovider from 1.70.0 to 1.72.0 Bumps [aws-sdk-cognitoidentityprovider](https://github.com/aws/aws-sdk-ruby) from 1.70.0 to 1.72.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-cognitoidentityprovider/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-cognitoidentityprovider dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Gemfile b/Gemfile index 82d30277..577cc899 100644 --- a/Gemfile +++ b/Gemfile @@ -20,7 +20,7 @@ gem 'jbuilder', '~> 2.11', '>= 2.11.5' # Use Active Model has_secure_password # gem 'bcrypt', '~> 3.1.7' # for cognito -gem 'aws-sdk-cognitoidentityprovider', '~> 1.70.0' +gem 'aws-sdk-cognitoidentityprovider', '~> 1.72.0' # importing creds gem 'aws-sdk-s3', '~> 1' # Reduces boot times through caching; required in config/boot.rb diff --git a/Gemfile.lock b/Gemfile.lock index c1887089..2bb155b2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,14 +75,14 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.626.0) - aws-sdk-cognitoidentityprovider (1.70.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-partitions (1.653.0) + aws-sdk-cognitoidentityprovider (1.72.0) + aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.140.0) + aws-sdk-core (3.166.0) aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.525.0) - aws-sigv4 (~> 1.1) + aws-partitions (~> 1, >= 1.651.0) + aws-sigv4 (~> 1.5) jmespath (~> 1, >= 1.6.1) aws-sdk-kms (1.56.0) aws-sdk-core (~> 3, >= 3.127.0) @@ -94,7 +94,7 @@ GEM aws-sdk-ssm (1.142.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sigv4 (1.5.1) + aws-sigv4 (1.5.2) aws-eventstream (~> 1, >= 1.0.2) better_html (2.0.1) actionview (>= 6.0) @@ -338,7 +338,7 @@ PLATFORMS DEPENDENCIES activerecord-postgis-adapter (~> 7.1.1) arask (= 1.2.3) - aws-sdk-cognitoidentityprovider (~> 1.70.0) + aws-sdk-cognitoidentityprovider (~> 1.72.0) aws-sdk-s3 (~> 1) aws-sdk-ssm bootsnap (>= 1.4.2) From bdc7822f164ba05c587e8714d2dae7270c236a2d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 03:03:28 +0000 Subject: [PATCH 02/88] build(deps-dev): bump rubocop from 1.37.0 to 1.37.1 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.37.0 to 1.37.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.37.0...v1.37.1) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 2bb155b2..d16a2e38 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -264,14 +264,14 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.37.0) + rubocop (1.37.1) json (~> 2.3) parallel (~> 1.10) parser (>= 3.1.2.1) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.22.0, < 2.0) + rubocop-ast (>= 1.23.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) rubocop-ast (1.23.0) From 82ad77ceec638e5251cc1ed23604b5c5742ea608 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 03:03:47 +0000 Subject: [PATCH 03/88] build(deps-dev): bump rubocop-rails from 2.17.0 to 2.17.2 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.17.0 to 2.17.2. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.17.0...v2.17.2) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index d16a2e38..f8748b1f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -279,7 +279,7 @@ GEM rubocop-performance (1.15.0) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) - rubocop-rails (2.17.0) + rubocop-rails (2.17.2) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) From 6cc4f3089c18d4bf64d8d5e7e26209966476b660 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 03:04:10 +0000 Subject: [PATCH 04/88] build(deps): bump rollbar from 3.3.1 to 3.3.2 Bumps [rollbar](https://github.com/rollbar/rollbar-gem) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/rollbar/rollbar-gem/releases) - [Changelog](https://github.com/rollbar/rollbar-gem/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollbar/rollbar-gem/compare/v3.3.1...v3.3.2) --- updated-dependencies: - dependency-name: rollbar dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index f8748b1f..61368d56 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -243,7 +243,7 @@ GEM rgeo-activerecord (7.0.1) activerecord (>= 5.0) rgeo (>= 1.0.0) - rollbar (3.3.1) + rollbar (3.3.2) roo (2.9.0) nokogiri (~> 1) rubyzip (>= 1.3.0, < 3.0.0) From 582ccbfef9856af86ae3713ea6869a223a786844 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 3 Nov 2022 10:12:01 +0000 Subject: [PATCH 05/88] build(deps): bump aws-sdk-ssm from 1.142.0 to 1.143.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.142.0 to 1.143.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 61368d56..48267b78 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.653.0) + aws-partitions (1.655.0) aws-sdk-cognitoidentityprovider (1.72.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) @@ -91,8 +91,8 @@ GEM aws-sdk-core (~> 3, >= 3.127.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) - aws-sdk-ssm (1.142.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-ssm (1.143.0) + aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.5.2) aws-eventstream (~> 1, >= 1.0.2) From 9593155c68e8614820785a5b457f490251e19469 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Nov 2022 03:01:48 +0000 Subject: [PATCH 06/88] build(deps-dev): bump rubocop from 1.37.1 to 1.38.0 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.37.1 to 1.38.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.37.1...v1.38.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 48267b78..12801b06 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -264,7 +264,7 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.37.1) + rubocop (1.38.0) json (~> 2.3) parallel (~> 1.10) parser (>= 3.1.2.1) From 43ea5c88d8662d5b3befd7baba2dea898c0f4e06 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Nov 2022 03:02:52 +0000 Subject: [PATCH 07/88] build(deps): bump aws-sdk-s3 from 1.114.0 to 1.117.1 Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.114.0 to 1.117.1. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 12801b06..182513a0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.655.0) + aws-partitions (1.656.0) aws-sdk-cognitoidentityprovider (1.72.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) @@ -84,11 +84,11 @@ GEM aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.56.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-kms (1.59.0) + aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.114.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-s3 (1.117.1) + aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) aws-sdk-ssm (1.143.0) From 7867e939efa3e34fc9bc69aea35a8cd90bcc86c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Nov 2022 02:54:03 +0000 Subject: [PATCH 08/88] build(deps): bump loader-utils from 1.4.0 to 1.4.1 Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.1/CHANGELOG.md) - [Commits](https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: loader-utils dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/yarn.lock b/yarn.lock index 04c19c16..d4cf98a1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4101,9 +4101,9 @@ loader-runner@^2.4.0: integrity sha512-Jsmr89RcXGIwivFY21FcRrisYZfvLMTWx5kOLc+JTxtpBOG6xML0vzbc6SEQG2FO9/4Fc3wW4LVcB5DmGflaRw== loader-utils@^1.1.0, loader-utils@^1.2.3, loader-utils@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.4.0.tgz#c579b5e34cb34b1a74edc6c1fb36bfa371d5a613" - integrity sha512-qH0WSMBtn/oHuwjy/NucEgbx5dbxxnxup9s4PVXJUDHZBQY+s0NWA9rJf53RBnQZxfch7euUui7hpoAPvALZdA== + version "1.4.1" + resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.4.1.tgz#278ad7006660bccc4d2c0c1578e17c5c78d5c0e0" + integrity sha512-1Qo97Y2oKaU+Ro2xnDMR26g1BwMT29jNbem1EvcujW2jqt+j5COXyscjM7bLQkM9HaxI7pkWeW7gnI072yMI9Q== dependencies: big.js "^5.2.2" emojis-list "^3.0.0" @@ -4382,7 +4382,12 @@ minimatch@^3.0.4: dependencies: brace-expansion "^1.1.7" -minimist@^1.2.0, minimist@^1.2.5: +minimist@^1.2.0: + version "1.2.7" + resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18" + integrity sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g== + +minimist@^1.2.5: version "1.2.6" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44" integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q== From d3097590d307c7a1d48fe80d43b11b7287c8a229 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Nov 2022 03:01:17 +0000 Subject: [PATCH 09/88] build(deps-dev): bump rubocop-rspec from 2.13.2 to 2.15.0 Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.13.2 to 2.15.0. - [Release notes](https://github.com/rubocop/rubocop-rspec/releases) - [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.13.2...v2.15.0) --- updated-dependencies: - dependency-name: rubocop-rspec dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 182513a0..bcff4d37 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -283,7 +283,7 @@ GEM activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-rspec (2.13.2) + rubocop-rspec (2.15.0) rubocop (~> 1.33) ruby-progressbar (1.11.0) rubyzip (2.3.2) From c9bf91b0444294eb6511472f1b7c34690d76021b Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Fri, 11 Nov 2022 10:22:23 +0000 Subject: [PATCH 10/88] Make fix for rubocop --- spec/controllers/home_controller_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/controllers/home_controller_spec.rb b/spec/controllers/home_controller_spec.rb index fda88b56..fdebcff2 100644 --- a/spec/controllers/home_controller_spec.rb +++ b/spec/controllers/home_controller_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -RSpec.describe HomeController, type: :controller do +RSpec.describe HomeController do describe 'GET accessibility_statement' do it 'renders the accessibility_statement page' do get :accessibility_statement From 1474e77f65746cd9231dd4dc49f9b11321a60a29 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 14 Nov 2022 03:01:09 +0000 Subject: [PATCH 11/88] build(deps): bump aws-sdk-ssm from 1.143.0 to 1.144.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.143.0 to 1.144.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index bcff4d37..a4ed11cd 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,11 +75,11 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.656.0) + aws-partitions (1.660.0) aws-sdk-cognitoidentityprovider (1.72.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.166.0) + aws-sdk-core (3.167.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) @@ -91,7 +91,7 @@ GEM aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) - aws-sdk-ssm (1.143.0) + aws-sdk-ssm (1.144.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.5.2) From 448a6f6cbe6ec46bcc51ea86d83be61098251921 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Nov 2022 03:04:47 +0000 Subject: [PATCH 12/88] build(deps): bump govuk-frontend from 4.3.1 to 4.4.0 Bumps [govuk-frontend](https://github.com/alphagov/govuk-frontend) from 4.3.1 to 4.4.0. - [Release notes](https://github.com/alphagov/govuk-frontend/releases) - [Changelog](https://github.com/alphagov/govuk-frontend/blob/main/CHANGELOG.md) - [Commits](https://github.com/alphagov/govuk-frontend/compare/v4.3.1...v4.4.0) --- updated-dependencies: - dependency-name: govuk-frontend dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index e2c8abbe..c4bc9413 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "@rails/ujs": "^7.0.4", "@rails/webpacker": "5.4.3", "accessible-autocomplete": "^2.0.4", - "govuk-frontend": "^4.3.1", + "govuk-frontend": "^4.4.0", "jquery": "^3.6.1", "js-cookie": "^3.0.1" }, diff --git a/yarn.lock b/yarn.lock index d4cf98a1..2cec5fd8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3388,10 +3388,10 @@ globals@^11.1.0: resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e" integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA== -govuk-frontend@^4.3.1: - version "4.3.1" - resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.3.1.tgz#d9c581aca3d23bbfe9bd27c25fee65322b276393" - integrity sha512-uD0KVFds7drOwLEvfp4zRBOXuHCxkWLYDQcYvlbG+2baZ9po2TGZz8WjfzhfueYjo9+Uwk+bM0NQT6g4cg/Q+A== +govuk-frontend@^4.4.0: + version "4.4.0" + resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.4.0.tgz#36531ae3b12798267e5a72409c7e4b3b10565102" + integrity sha512-3Hg4GePCdlynd7F6a3YPOEJx0lDPPP6iBv1S893tv3+efYGWLGvsSFdCG0uob8Xc1O7ckL19dSsFpFhBWUkTNA== graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.2.6: version "4.2.9" From f7cd4796d727e37f911698c83d40b96f792a568f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Nov 2022 03:05:18 +0000 Subject: [PATCH 13/88] build(deps-dev): bump rubocop-performance from 1.15.0 to 1.15.1 Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.15.0 to 1.15.1. - [Release notes](https://github.com/rubocop/rubocop-performance/releases) - [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.15.0...v1.15.1) --- updated-dependencies: - dependency-name: rubocop-performance dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index a4ed11cd..0fc1e8c8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -232,7 +232,7 @@ GEM rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - regexp_parser (2.6.0) + regexp_parser (2.6.1) rest-client (2.1.0) http-accept (>= 1.7.0, < 2.0) http-cookie (>= 1.0.2, < 2.0) @@ -276,7 +276,7 @@ GEM unicode-display_width (>= 1.4.0, < 3.0) rubocop-ast (1.23.0) parser (>= 3.1.1.0) - rubocop-performance (1.15.0) + rubocop-performance (1.15.1) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) rubocop-rails (2.17.2) From 4859060d42ebc54d27a4da1373ca6db905c229f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Nov 2022 03:05:36 +0000 Subject: [PATCH 14/88] build(deps): bump aws-sdk-ssm from 1.144.0 to 1.145.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.144.0 to 1.145.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 0fc1e8c8..a20a84fe 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,11 +75,11 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.660.0) + aws-partitions (1.664.0) aws-sdk-cognitoidentityprovider (1.72.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.167.0) + aws-sdk-core (3.168.1) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) @@ -91,7 +91,7 @@ GEM aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) - aws-sdk-ssm (1.144.0) + aws-sdk-ssm (1.145.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.5.2) From 9b798f03ebe1942d92d9dd3de54b6edce0590f15 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Nov 2022 03:05:58 +0000 Subject: [PATCH 15/88] build(deps): bump bootsnap from 1.13.0 to 1.14.0 Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/Shopify/bootsnap/releases) - [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md) - [Commits](https://github.com/Shopify/bootsnap/compare/v1.13.0...v1.14.0) --- updated-dependencies: - dependency-name: bootsnap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index a20a84fe..687abaf7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -104,7 +104,7 @@ GEM parser (>= 2.4) smart_properties bindex (0.8.1) - bootsnap (1.13.0) + bootsnap (1.14.0) msgpack (~> 1.2) brakeman (5.3.1) builder (3.2.4) @@ -168,7 +168,7 @@ GEM mini_mime (1.1.2) mini_portile2 (2.8.0) minitest (5.16.3) - msgpack (1.5.4) + msgpack (1.6.0) netrc (0.11.0) nio4r (2.5.8) nokogiri (1.13.9) From fa3eb8059ffbfb2fe6761c0f35e16c2c6b1a4eb2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 16 Nov 2022 02:38:05 +0000 Subject: [PATCH 16/88] build(deps): bump loader-utils from 1.4.1 to 1.4.2 Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.1 to 1.4.2. - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2) --- updated-dependencies: - dependency-name: loader-utils dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index 2cec5fd8..f2dea7f7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4101,9 +4101,9 @@ loader-runner@^2.4.0: integrity sha512-Jsmr89RcXGIwivFY21FcRrisYZfvLMTWx5kOLc+JTxtpBOG6xML0vzbc6SEQG2FO9/4Fc3wW4LVcB5DmGflaRw== loader-utils@^1.1.0, loader-utils@^1.2.3, loader-utils@^1.4.0: - version "1.4.1" - resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.4.1.tgz#278ad7006660bccc4d2c0c1578e17c5c78d5c0e0" - integrity sha512-1Qo97Y2oKaU+Ro2xnDMR26g1BwMT29jNbem1EvcujW2jqt+j5COXyscjM7bLQkM9HaxI7pkWeW7gnI072yMI9Q== + version "1.4.2" + resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.4.2.tgz#29a957f3a63973883eb684f10ffd3d151fec01a3" + integrity sha512-I5d00Pd/jwMD2QCduo657+YM/6L3KZu++pmX9VFncxaxvHcru9jx1lBaFft+r4Mt2jK0Yhp41XlRAihzPxHNCg== dependencies: big.js "^5.2.2" emojis-list "^3.0.0" From 131bf4e87f2399054e74c9f570d5a6d383ed4423 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Nov 2022 03:05:08 +0000 Subject: [PATCH 17/88] build(deps): bump pg from 1.4.4 to 1.4.5 Bumps [pg](https://github.com/ged/ruby-pg) from 1.4.4 to 1.4.5. - [Release notes](https://github.com/ged/ruby-pg/releases) - [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc) - [Commits](https://github.com/ged/ruby-pg/compare/v1.4.4...v1.4.5) --- updated-dependencies: - dependency-name: pg dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 577cc899..87644ac7 100644 --- a/Gemfile +++ b/Gemfile @@ -31,7 +31,7 @@ gem 'arask', '1.2.3' # for postgresql gem 'activerecord-postgis-adapter', '~> 7.1.1' -gem 'pg', '~> 1.4.4' +gem 'pg', '~> 1.4.5' # remove if not option two taken in project gem 'jwt' gem 'rest-client', '~> 2.1' diff --git a/Gemfile.lock b/Gemfile.lock index 687abaf7..5dd34f26 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -177,7 +177,7 @@ GEM parallel (1.22.1) parser (3.1.2.1) ast (~> 2.4.1) - pg (1.4.4) + pg (1.4.5) pry (0.13.1) coderay (~> 1.1) method_source (~> 1.0) @@ -350,7 +350,7 @@ DEPENDENCIES jbuilder (~> 2.11, >= 2.11.5) jwt listen (~> 3.7) - pg (~> 1.4.4) + pg (~> 1.4.5) pry-rails puma (~> 6.0) rack-attack From e1bb9e5524035f0e7246a648c8b1447c1ecf0ddf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Nov 2022 08:49:22 +0000 Subject: [PATCH 18/88] build(deps-dev): bump rubocop from 1.38.0 to 1.39.0 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.38.0 to 1.39.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.38.0...v1.39.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5dd34f26..01fe097c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -264,7 +264,7 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.38.0) + rubocop (1.39.0) json (~> 2.3) parallel (~> 1.10) parser (>= 3.1.2.1) From 0b2d86069ec6bbaaacddb7fe6439050af1c4c065 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 21 Nov 2022 09:27:29 +0000 Subject: [PATCH 19/88] Fix rubocop --- app/models/concerns/password_validator.rb | 2 +- app/services/pwned_passwords.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/models/concerns/password_validator.rb b/app/models/concerns/password_validator.rb index 39ae48c0..1c31565e 100644 --- a/app/models/concerns/password_validator.rb +++ b/app/models/concerns/password_validator.rb @@ -13,7 +13,7 @@ module PasswordValidator private - VALID_SYMBOLS = %r{^[=+\-\^$*.\[\]{}()?"!@\#%&/\\,><':;|_~`]+$}.freeze + VALID_SYMBOLS = %r{^[=+-\^$*.\[\]{}()?"!@\#%&/\\,><':;|_~`]+$}.freeze def validate_symbols password_symbols = password.delete('0-9a-zA-Z') diff --git a/app/services/pwned_passwords.rb b/app/services/pwned_passwords.rb index 2b37bef9..8146749b 100644 --- a/app/services/pwned_passwords.rb +++ b/app/services/pwned_passwords.rb @@ -14,7 +14,7 @@ def initialize(password) private - VALID_SYMBOLS = %r{^[=+\-\^$*.\[\]{}()?"!@\#%&/\\,><':;|_~`]+$}.freeze + VALID_SYMBOLS = %r{^[=+-\^$*.\[\]{}()?"!@\#%&/\\,><':;|_~`]+$}.freeze def validate_symbols password_symbols = password.delete('0-9a-zA-Z') From 684ebfe9ef6d6a534bd0208bad16bcac6375f6c5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Nov 2022 03:00:59 +0000 Subject: [PATCH 20/88] build(deps): bump sqlite3 from 1.5.3 to 1.5.4 Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby) from 1.5.3 to 1.5.4. - [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases) - [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 01fe097c..df534eeb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -306,7 +306,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - sqlite3 (1.5.3) + sqlite3 (1.5.4) mini_portile2 (~> 2.8.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) From 1fe1a35a122829c53303cca6eb5d8fb19336d74d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Nov 2022 03:01:10 +0000 Subject: [PATCH 21/88] build(deps): bump bootsnap from 1.14.0 to 1.15.0 Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.14.0 to 1.15.0. - [Release notes](https://github.com/Shopify/bootsnap/releases) - [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md) - [Commits](https://github.com/Shopify/bootsnap/compare/v1.14.0...v1.15.0) --- updated-dependencies: - dependency-name: bootsnap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index df534eeb..f4665c68 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -104,7 +104,7 @@ GEM parser (>= 2.4) smart_properties bindex (0.8.1) - bootsnap (1.14.0) + bootsnap (1.15.0) msgpack (~> 1.2) brakeman (5.3.1) builder (3.2.4) From 229bb01ce21d1897bdee03de026febc1c9178a71 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Nov 2022 10:55:28 +0000 Subject: [PATCH 22/88] build(deps): bump minimatch from 3.0.4 to 3.1.2 Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/yarn.lock b/yarn.lock index f2dea7f7..5137555c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1707,9 +1707,9 @@ babel-plugin-polyfill-regenerator@^0.2.2: "@babel/helper-define-polyfill-provider" "^0.2.2" balanced-match@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" - integrity sha1-ibTRmasr7kneFk6gK4nORi1xt2c= + version "1.0.2" + resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee" + integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw== base64-js@^1.0.2: version "1.3.1" @@ -2269,7 +2269,7 @@ compression@^1.7.4: concat-map@0.0.1: version "0.0.1" resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s= + integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg== concat-stream@^1.5.0: version "1.6.2" @@ -4376,9 +4376,9 @@ minimalistic-crypto-utils@^1.0.1: integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo= minimatch@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" - integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA== + version "3.1.2" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" + integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw== dependencies: brace-expansion "^1.1.7" From a842108193aeff40ee290f0cd35c59359e7a092e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Nov 2022 10:55:45 +0000 Subject: [PATCH 23/88] build(deps-dev): bump brakeman from 5.3.1 to 5.4.0 Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.3.1 to 5.4.0. - [Release notes](https://github.com/presidentbeef/brakeman/releases) - [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md) - [Commits](https://github.com/presidentbeef/brakeman/compare/v5.3.1...v5.4.0) --- updated-dependencies: - dependency-name: brakeman dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index f4665c68..d78918a6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -106,7 +106,7 @@ GEM bindex (0.8.1) bootsnap (1.15.0) msgpack (~> 1.2) - brakeman (5.3.1) + brakeman (5.4.0) builder (3.2.4) byebug (11.1.3) coderay (1.1.3) From 41cc3726b5d0deb19850863c7e25377ea96d8dd7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Nov 2022 03:01:19 +0000 Subject: [PATCH 24/88] build(deps-dev): bump rubocop-rails from 2.17.2 to 2.17.3 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.17.2 to 2.17.3. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.17.2...v2.17.3) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d78918a6..00f3383a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -175,7 +175,7 @@ GEM mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) - parser (3.1.2.1) + parser (3.1.3.0) ast (~> 2.4.1) pg (1.4.5) pry (0.13.1) @@ -279,7 +279,7 @@ GEM rubocop-performance (1.15.1) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) - rubocop-rails (2.17.2) + rubocop-rails (2.17.3) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) @@ -330,7 +330,7 @@ GEM websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.1) + zeitwerk (2.6.6) PLATFORMS ruby From 36f792583f08c975b0b58db6bd255fe24804fd1b Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 28 Nov 2022 11:05:26 +0000 Subject: [PATCH 25/88] Fix rubocop --- spec/rails_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 0ed52e66..4573090f 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -32,7 +32,7 @@ end RSpec.configure do |config| # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures - config.fixture_path = "#{::Rails.root}/spec/fixtures" + config.fixture_path = ::Rails.root.join('spec/fixtures') # If you're not using ActiveRecord, or you'd prefer not to run each of your # examples within a transaction, remove the following line or assign false From 53c1f56e7e94518b0e38a2975d9ee4f53250d78c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Dec 2022 03:01:15 +0000 Subject: [PATCH 26/88] build(deps): bump aws-sdk-s3 from 1.117.1 to 1.117.2 Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.117.1 to 1.117.2. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 00f3383a..95a195d4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,19 +75,19 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.664.0) + aws-partitions (1.670.0) aws-sdk-cognitoidentityprovider (1.72.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.168.1) + aws-sdk-core (3.168.3) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.59.0) + aws-sdk-kms (1.60.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.117.1) + aws-sdk-s3 (1.117.2) aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) @@ -149,7 +149,7 @@ GEM jbuilder (2.11.5) actionview (>= 5.0.0) activesupport (>= 5.0.0) - jmespath (1.6.1) + jmespath (1.6.2) json (2.6.2) jwt (2.5.0) listen (3.7.1) From 750c7da69e8ee7b6dd16894fc04bb4486038d179 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Dec 2022 08:53:28 +0000 Subject: [PATCH 27/88] build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2) --- updated-dependencies: - dependency-name: decode-uri-component dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index 5137555c..da2c069a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2654,9 +2654,9 @@ decamelize@^1.2.0: integrity sha1-9lNNFRSCabIDUue+4m9QH5oZEpA= decode-uri-component@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/decode-uri-component/-/decode-uri-component-0.2.0.tgz#eb3913333458775cb84cd1a1fae062106bb87545" - integrity sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU= + version "0.2.2" + resolved "https://registry.yarnpkg.com/decode-uri-component/-/decode-uri-component-0.2.2.tgz#e69dbe25d37941171dd540e024c444cd5188e1e9" + integrity sha512-FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ== default-gateway@^6.0.3: version "6.0.3" From 350e6330d2c021b534ebca4bc4e509094c50b140 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Dec 2022 04:24:18 +0000 Subject: [PATCH 28/88] build(deps): bump nokogiri from 1.13.9 to 1.13.10 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.9 to 1.13.10. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.9...v1.13.10) --- updated-dependencies: - dependency-name: nokogiri dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 95a195d4..b7a2e67c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -171,7 +171,7 @@ GEM msgpack (1.6.0) netrc (0.11.0) nio4r (2.5.8) - nokogiri (1.13.9) + nokogiri (1.13.10) mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) @@ -186,7 +186,7 @@ GEM puma (6.0.0) nio4r (~> 2.0) raabro (1.4.0) - racc (1.6.0) + racc (1.6.1) rack (2.2.4) rack-attack (6.6.1) rack (>= 1.0, < 3) From ce892a550b9f161793450f02f70d4addb79a9e17 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Dec 2022 03:01:18 +0000 Subject: [PATCH 29/88] build(deps-dev): bump rubocop from 1.39.0 to 1.40.0 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.39.0 to 1.40.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.39.0...v1.40.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index b7a2e67c..5d681025 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -150,7 +150,7 @@ GEM actionview (>= 5.0.0) activesupport (>= 5.0.0) jmespath (1.6.2) - json (2.6.2) + json (2.6.3) jwt (2.5.0) listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) @@ -264,7 +264,7 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.39.0) + rubocop (1.40.0) json (~> 2.3) parallel (~> 1.10) parser (>= 3.1.2.1) @@ -274,7 +274,7 @@ GEM rubocop-ast (>= 1.23.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.23.0) + rubocop-ast (1.24.0) parser (>= 3.1.1.0) rubocop-performance (1.15.1) rubocop (>= 1.7.0, < 2.0) From 687be831f748640a59d5b512a117ae54df424369 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 12 Dec 2022 08:34:58 +0000 Subject: [PATCH 30/88] Fix for rubocop --- spec/rails_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 4573090f..58b4940d 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -32,7 +32,7 @@ end RSpec.configure do |config| # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures - config.fixture_path = ::Rails.root.join('spec/fixtures') + config.fixture_path = Rails.root.join('spec/fixtures') # If you're not using ActiveRecord, or you'd prefer not to run each of your # examples within a transaction, remove the following line or assign false From 72c477a7ca203f31052446979ca18cd365c145a2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 13 Dec 2022 20:27:04 +0000 Subject: [PATCH 31/88] build(deps): bump loofah from 2.19.0 to 2.19.1 Bumps [loofah](https://github.com/flavorjones/loofah) from 2.19.0 to 2.19.1. - [Release notes](https://github.com/flavorjones/loofah/releases) - [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md) - [Commits](https://github.com/flavorjones/loofah/compare/v2.19.0...v2.19.1) --- updated-dependencies: - dependency-name: loofah dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5d681025..2bfeb6f0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -155,7 +155,7 @@ GEM listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.19.0) + loofah (2.19.1) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) From deacd47a1f733c5efb38f45de15931f1d1042772 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Dec 2022 14:41:59 +0000 Subject: [PATCH 32/88] build(deps): bump rails-html-sanitizer from 1.4.3 to 1.4.4 Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.4.3 to 1.4.4. - [Release notes](https://github.com/rails/rails-html-sanitizer/releases) - [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md) - [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.4.3...v1.4.4) --- updated-dependencies: - dependency-name: rails-html-sanitizer dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 2bfeb6f0..7b731520 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -216,8 +216,8 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.4.3) - loofah (~> 2.3) + rails-html-sanitizer (1.4.4) + loofah (~> 2.19, >= 2.19.1) rails-i18n (7.0.5) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) From 14fcddb7b0397571f5ad696a89b6785688e9a456 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Dec 2022 03:01:25 +0000 Subject: [PATCH 33/88] build(deps-dev): bump rubocop-rspec from 2.15.0 to 2.16.0 Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.15.0 to 2.16.0. - [Release notes](https://github.com/rubocop/rubocop-rspec/releases) - [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.15.0...v2.16.0) --- updated-dependencies: - dependency-name: rubocop-rspec dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 7b731520..4023be20 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -283,7 +283,7 @@ GEM activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-rspec (2.15.0) + rubocop-rspec (2.16.0) rubocop (~> 1.33) ruby-progressbar (1.11.0) rubyzip (2.3.2) From ab1885ef8f63f76624d1463fe20ce7b3d9516312 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Dec 2022 03:01:29 +0000 Subject: [PATCH 34/88] build(deps): bump jquery from 3.6.1 to 3.6.3 Bumps [jquery](https://github.com/jquery/jquery) from 3.6.1 to 3.6.3. - [Release notes](https://github.com/jquery/jquery/releases) - [Commits](https://github.com/jquery/jquery/compare/3.6.1...3.6.3) --- updated-dependencies: - dependency-name: jquery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index c4bc9413..db8202ad 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "@rails/webpacker": "5.4.3", "accessible-autocomplete": "^2.0.4", "govuk-frontend": "^4.4.0", - "jquery": "^3.6.1", + "jquery": "^3.6.3", "js-cookie": "^3.0.1" }, "version": "0.1.0", diff --git a/yarn.lock b/yarn.lock index da2c069a..e5439526 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3978,10 +3978,10 @@ jest-worker@^26.5.0: merge-stream "^2.0.0" supports-color "^7.0.0" -jquery@^3.6.1: - version "3.6.1" - resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.1.tgz#fab0408f8b45fc19f956205773b62b292c147a16" - integrity sha512-opJeO4nCucVnsjiXOE+/PcCgYw9Gwpvs/a6B1LL/lQhwWwpbVEVYDZ1FokFr8PRc7ghYlrFPuyHuiiDNTQxmcw== +jquery@^3.6.3: + version "3.6.3" + resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.3.tgz#23ed2ffed8a19e048814f13391a19afcdba160e6" + integrity sha512-bZ5Sy3YzKo9Fyc8wH2iIQK4JImJ6R0GWI9kL1/k7Z91ZBNgkRXE6U0JfHIizZbort8ZunhSI3jw9I6253ahKfg== js-cookie@^3.0.1: version "3.0.1" From 0900e23066f40066112d0f5f4b02460a0ad5cf4f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Dec 2022 03:01:52 +0000 Subject: [PATCH 35/88] build(deps): bump jwt from 2.5.0 to 2.6.0 Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/jwt/ruby-jwt/releases) - [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md) - [Commits](https://github.com/jwt/ruby-jwt/compare/v2.5.0...v2.6.0) --- updated-dependencies: - dependency-name: jwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 4023be20..874dd5dd 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -151,7 +151,7 @@ GEM activesupport (>= 5.0.0) jmespath (1.6.2) json (2.6.3) - jwt (2.5.0) + jwt (2.6.0) listen (3.7.1) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) From 763331201743ab59c77f7796204f7291416cee01 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 Jan 2023 16:02:33 +0000 Subject: [PATCH 36/88] build(deps): bump json5 from 1.0.1 to 1.0.2 Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/yarn.lock b/yarn.lock index e5439526..08b90c95 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4040,9 +4040,9 @@ json-schema-traverse@^1.0.0: integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug== json5@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/json5/-/json5-1.0.1.tgz#779fb0018604fa854eacbf6252180d83543e3dbe" - integrity sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow== + version "1.0.2" + resolved "https://registry.yarnpkg.com/json5/-/json5-1.0.2.tgz#63d98d60f21b313b77c4d6da18bfa69d80e1d593" + integrity sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA== dependencies: minimist "^1.2.0" @@ -4382,16 +4382,11 @@ minimatch@^3.0.4: dependencies: brace-expansion "^1.1.7" -minimist@^1.2.0: +minimist@^1.2.0, minimist@^1.2.5: version "1.2.7" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18" integrity sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g== -minimist@^1.2.5: - version "1.2.6" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44" - integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q== - minipass-collect@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/minipass-collect/-/minipass-collect-1.0.2.tgz#22b813bf745dc6edba2576b940022ad6edc8c617" From ac6e8a0fd6721239eafd6890e39856da3f76854e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Jan 2023 03:02:04 +0000 Subject: [PATCH 37/88] build(deps): bump rollbar from 3.3.2 to 3.4.0 Bumps [rollbar](https://github.com/rollbar/rollbar-gem) from 3.3.2 to 3.4.0. - [Release notes](https://github.com/rollbar/rollbar-gem/releases) - [Changelog](https://github.com/rollbar/rollbar-gem/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollbar/rollbar-gem/compare/v3.3.2...v3.4.0) --- updated-dependencies: - dependency-name: rollbar dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 874dd5dd..cd29c418 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -243,7 +243,7 @@ GEM rgeo-activerecord (7.0.1) activerecord (>= 5.0) rgeo (>= 1.0.0) - rollbar (3.3.2) + rollbar (3.4.0) roo (2.9.0) nokogiri (~> 1) rubyzip (>= 1.3.0, < 3.0.0) From de340574e69805498a3790a81a780763c9db3cc9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Jan 2023 08:33:55 +0000 Subject: [PATCH 38/88] build(deps): bump govuk-frontend from 4.4.0 to 4.4.1 Bumps [govuk-frontend](https://github.com/alphagov/govuk-frontend) from 4.4.0 to 4.4.1. - [Release notes](https://github.com/alphagov/govuk-frontend/releases) - [Changelog](https://github.com/alphagov/govuk-frontend/blob/main/CHANGELOG.md) - [Commits](https://github.com/alphagov/govuk-frontend/compare/v4.4.0...v4.4.1) --- updated-dependencies: - dependency-name: govuk-frontend dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index db8202ad..1b5750e3 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "@rails/ujs": "^7.0.4", "@rails/webpacker": "5.4.3", "accessible-autocomplete": "^2.0.4", - "govuk-frontend": "^4.4.0", + "govuk-frontend": "^4.4.1", "jquery": "^3.6.3", "js-cookie": "^3.0.1" }, diff --git a/yarn.lock b/yarn.lock index 08b90c95..a4d1017d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3388,10 +3388,10 @@ globals@^11.1.0: resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e" integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA== -govuk-frontend@^4.4.0: - version "4.4.0" - resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.4.0.tgz#36531ae3b12798267e5a72409c7e4b3b10565102" - integrity sha512-3Hg4GePCdlynd7F6a3YPOEJx0lDPPP6iBv1S893tv3+efYGWLGvsSFdCG0uob8Xc1O7ckL19dSsFpFhBWUkTNA== +govuk-frontend@^4.4.1: + version "4.4.1" + resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.4.1.tgz#88857c4ad8508255a4e983030a3964d6e1674107" + integrity sha512-Jm1LUWiH9vy47b6HSH/ksSb4ueBrtTTgyLBk+3X2qqAmmFUc1AXWLSYHid07YYu1tvn9RnodWk5Bac5Ywqk6tA== graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.2.6: version "4.2.9" From ccd6b3bd6d03f92fb33775f60ec2a2d9771d11e6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 14 Dec 2022 19:25:27 +0000 Subject: [PATCH 39/88] fix: Gemfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168317 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168318 - https://snyk.io/vuln/SNYK-RUBY-LOOFAH-3168649 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168316 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168646 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168647 - https://snyk.io/vuln/SNYK-RUBY-RAILSHTMLSANITIZER-3168648 --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 87644ac7..ced81ee2 100644 --- a/Gemfile +++ b/Gemfile @@ -53,7 +53,7 @@ group :development, :test do gem 'byebug', platforms: %i[mri mingw x64_mingw] gem 'dotenv-rails', '>= 2.8.1' gem 'i18n-tasks', '>= 1.0.12' - gem 'rspec-rails', '>= 5.1.2' + gem 'rspec-rails', '>= 6.0.1' gem 'rubocop', '>= 0.91.1' gem 'rubocop-performance', '>= 1.8.1' gem 'rubocop-rails', '>= 2.16.1' From 1d613b1891187bf46a94b3623cccade021ee7d80 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 9 Jan 2023 09:17:32 +0000 Subject: [PATCH 40/88] Run bundle install --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index cd29c418..56a855fe 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -359,7 +359,7 @@ DEPENDENCIES rest-client (~> 2.1) rollbar roo (~> 2.9.0) - rspec-rails (>= 5.1.2) + rspec-rails (>= 6.0.1) rubocop (>= 0.91.1) rubocop-performance (>= 1.8.1) rubocop-rails (>= 2.16.1) From 8a593655b31b52d8385f3be0473fe1cc6b2e4e95 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Jan 2023 03:02:33 +0000 Subject: [PATCH 41/88] build(deps-dev): bump rubocop-performance from 1.15.1 to 1.15.2 Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.15.1 to 1.15.2. - [Release notes](https://github.com/rubocop/rubocop-performance/releases) - [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.15.1...v1.15.2) --- updated-dependencies: - dependency-name: rubocop-performance dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 56a855fe..928ecb5b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -175,7 +175,7 @@ GEM mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) - parser (3.1.3.0) + parser (3.2.0.0) ast (~> 2.4.1) pg (1.4.5) pry (0.13.1) @@ -274,9 +274,9 @@ GEM rubocop-ast (>= 1.23.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.24.0) + rubocop-ast (1.24.1) parser (>= 3.1.1.0) - rubocop-performance (1.15.1) + rubocop-performance (1.15.2) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) rubocop-rails (2.17.3) @@ -316,7 +316,7 @@ GEM unf (0.1.4) unf_ext unf_ext (0.0.7.7) - unicode-display_width (2.3.0) + unicode-display_width (2.4.2) web-console (4.2.0) actionview (>= 6.0.0) activemodel (>= 6.0.0) From 6a2ebf0c38f21364759ae7b13a66d0f86629b276 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Jan 2023 03:04:07 +0000 Subject: [PATCH 42/88] build(deps): bump aws-sdk-ssm from 1.145.0 to 1.147.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.145.0 to 1.147.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 928ecb5b..2436140f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,11 +75,11 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.670.0) + aws-partitions (1.693.0) aws-sdk-cognitoidentityprovider (1.72.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.168.3) + aws-sdk-core (3.168.4) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) @@ -91,7 +91,7 @@ GEM aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) - aws-sdk-ssm (1.145.0) + aws-sdk-ssm (1.147.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.5.2) From a3f1e56e9eac7fc0c56244fd4178f0d4c51165f9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Jan 2023 03:04:51 +0000 Subject: [PATCH 43/88] build(deps-dev): bump simplecov from 0.21.2 to 0.22.0 Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.21.2 to 0.22.0. - [Release notes](https://github.com/simplecov-ruby/simplecov/releases) - [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md) - [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.21.2...v0.22.0) --- updated-dependencies: - dependency-name: simplecov dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 2436140f..9a2ef0de 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -288,12 +288,12 @@ GEM ruby-progressbar (1.11.0) rubyzip (2.3.2) semantic_range (3.0.0) - simplecov (0.21.2) + simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) - simplecov_json_formatter (0.1.3) + simplecov_json_formatter (0.1.4) smart_properties (1.17.0) spring (4.1.0) spring-watcher-listen (2.1.0) From 66b696991323d70f145941a690609c72fd85026d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Jan 2023 03:05:30 +0000 Subject: [PATCH 44/88] build(deps): bump sqlite3 from 1.5.4 to 1.6.0 Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby) from 1.5.4 to 1.6.0. - [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases) - [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v1.5.4...v1.6.0) --- updated-dependencies: - dependency-name: sqlite3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index ced81ee2..fbc302d2 100644 --- a/Gemfile +++ b/Gemfile @@ -8,7 +8,7 @@ ruby '2.7.6' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' gem 'rails', '~> 6.1.7' # Use sqlite3 as the database for Active Record -gem 'sqlite3', '~> 1.5' +gem 'sqlite3', '~> 1.6' # Use Puma as the app server gem 'puma', '~> 6.0' # Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker diff --git a/Gemfile.lock b/Gemfile.lock index 9a2ef0de..3114435d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -166,7 +166,7 @@ GEM mime-types-data (~> 3.2015) mime-types-data (3.2020.0512) mini_mime (1.1.2) - mini_portile2 (2.8.0) + mini_portile2 (2.8.1) minitest (5.16.3) msgpack (1.6.0) netrc (0.11.0) @@ -306,7 +306,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - sqlite3 (1.5.4) + sqlite3 (1.6.0) mini_portile2 (~> 2.8.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) @@ -367,7 +367,7 @@ DEPENDENCIES simplecov (>= 0.16.1) spring spring-watcher-listen (~> 2.1.0) - sqlite3 (~> 1.5) + sqlite3 (~> 1.6) web-console (>= 4.2.0) webpacker (~> 5.4, >= 5.4.3) From 10165c7ac4086f3452866edff4990f476efd808b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Jan 2023 12:38:10 +0000 Subject: [PATCH 45/88] build(deps-dev): bump rubocop from 1.40.0 to 1.43.0 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.40.0 to 1.43.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.40.0...v1.43.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 3114435d..ef27efec 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -264,16 +264,16 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.40.0) + rubocop (1.43.0) json (~> 2.3) parallel (~> 1.10) - parser (>= 3.1.2.1) + parser (>= 3.2.0.0) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.23.0, < 2.0) + rubocop-ast (>= 1.24.1, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 1.4.0, < 3.0) + unicode-display_width (>= 2.4.0, < 3.0) rubocop-ast (1.24.1) parser (>= 3.1.1.0) rubocop-performance (1.15.2) From 467cf12f4529192762567bcd901ee198a3992ec1 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 16 Jan 2023 12:39:49 +0000 Subject: [PATCH 46/88] Make rubocop corrections --- app/controllers/api/v1/organisation_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/api/v1/organisation_controller.rb b/app/controllers/api/v1/organisation_controller.rb index b16ac4aa..35892356 100644 --- a/app/controllers/api/v1/organisation_controller.rb +++ b/app/controllers/api/v1/organisation_controller.rb @@ -9,7 +9,7 @@ def search result = Organisation.search_organisations(params[:search]) Rails.logger.debug result.length if result.length < 200 - render json: { summary_lines: result, no_results: result.length.zero? } + render json: { summary_lines: result, no_results: result.empty? } else render json: { summary_lines: [], no_results: false } end From 53902c3dafaf65728fc6202dc638ddf133c949e4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Jan 2023 00:57:35 +0000 Subject: [PATCH 47/88] build(deps): bump rack from 2.2.4 to 2.2.6.2 Bumps [rack](https://github.com/rack/rack) from 2.2.4 to 2.2.6.2. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/2.2.4...v2.2.6.2) --- updated-dependencies: - dependency-name: rack dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index ef27efec..ce0e61f5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -187,7 +187,7 @@ GEM nio4r (~> 2.0) raabro (1.4.0) racc (1.6.1) - rack (2.2.4) + rack (2.2.6.2) rack-attack (6.6.1) rack (>= 1.0, < 3) rack-proxy (0.7.4) From d29eb5b80bd194f12d234973972dbaade1d30e4b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Jan 2023 22:46:24 +0000 Subject: [PATCH 48/88] build(deps): bump globalid from 1.0.0 to 1.0.1 Bumps [globalid](https://github.com/rails/globalid) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/rails/globalid/releases) - [Commits](https://github.com/rails/globalid/compare/v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: globalid dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ce0e61f5..49d572ce 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -127,7 +127,7 @@ GEM fugit (1.7.1) et-orbi (~> 1, >= 1.2.7) raabro (~> 1.4) - globalid (1.0.0) + globalid (1.0.1) activesupport (>= 5.0) highline (2.0.3) http-accept (1.7.0) @@ -167,7 +167,7 @@ GEM mime-types-data (3.2020.0512) mini_mime (1.1.2) mini_portile2 (2.8.1) - minitest (5.16.3) + minitest (5.17.0) msgpack (1.6.0) netrc (0.11.0) nio4r (2.5.8) From 81118185b8093ab205cc467aaeef6957de00e795 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Jan 2023 03:09:09 +0000 Subject: [PATCH 49/88] build(deps-dev): bump listen from 3.7.1 to 3.8.0 Bumps [listen](https://github.com/guard/listen) from 3.7.1 to 3.8.0. - [Release notes](https://github.com/guard/listen/releases) - [Commits](https://github.com/guard/listen/compare/v3.7.1...v3.8.0) --- updated-dependencies: - dependency-name: listen dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index fbc302d2..f86ef1b7 100644 --- a/Gemfile +++ b/Gemfile @@ -64,7 +64,7 @@ end group :development do # Access an interactive console on exception pages or by calling 'console' anywhere in the code. - gem 'listen', '~> 3.7' + gem 'listen', '~> 3.8' gem 'web-console', '>= 4.2.0' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring gem 'spring' diff --git a/Gemfile.lock b/Gemfile.lock index 49d572ce..8280ec1b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -152,7 +152,7 @@ GEM jmespath (1.6.2) json (2.6.3) jwt (2.6.0) - listen (3.7.1) + listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) loofah (2.19.1) @@ -349,7 +349,7 @@ DEPENDENCIES i18n-tasks (>= 1.0.12) jbuilder (~> 2.11, >= 2.11.5) jwt - listen (~> 3.7) + listen (~> 3.8) pg (~> 1.4.5) pry-rails puma (~> 6.0) From 6364a49f5ac927fa36dfa2aa40f9026fd2932447 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Jan 2023 03:09:57 +0000 Subject: [PATCH 50/88] build(deps): bump aws-sdk-cognitoidentityprovider from 1.72.0 to 1.73.0 Bumps [aws-sdk-cognitoidentityprovider](https://github.com/aws/aws-sdk-ruby) from 1.72.0 to 1.73.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-cognitoidentityprovider/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-cognitoidentityprovider dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index f86ef1b7..c6dcd2dd 100644 --- a/Gemfile +++ b/Gemfile @@ -20,7 +20,7 @@ gem 'jbuilder', '~> 2.11', '>= 2.11.5' # Use Active Model has_secure_password # gem 'bcrypt', '~> 3.1.7' # for cognito -gem 'aws-sdk-cognitoidentityprovider', '~> 1.72.0' +gem 'aws-sdk-cognitoidentityprovider', '~> 1.73.0' # importing creds gem 'aws-sdk-s3', '~> 1' # Reduces boot times through caching; required in config/boot.rb diff --git a/Gemfile.lock b/Gemfile.lock index 8280ec1b..d9397a2d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,11 +75,11 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.693.0) - aws-sdk-cognitoidentityprovider (1.72.0) + aws-partitions (1.697.0) + aws-sdk-cognitoidentityprovider (1.73.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.168.4) + aws-sdk-core (3.169.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) @@ -338,7 +338,7 @@ PLATFORMS DEPENDENCIES activerecord-postgis-adapter (~> 7.1.1) arask (= 1.2.3) - aws-sdk-cognitoidentityprovider (~> 1.72.0) + aws-sdk-cognitoidentityprovider (~> 1.73.0) aws-sdk-s3 (~> 1) aws-sdk-ssm bootsnap (>= 1.4.2) From a465075288c7088eef492cbda9edf06e1710689a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Jan 2023 08:28:23 +0000 Subject: [PATCH 51/88] build(deps): bump rails from 6.1.7 to 6.1.7.1 Bumps [rails](https://github.com/rails/rails) from 6.1.7 to 6.1.7.1. - [Release notes](https://github.com/rails/rails/releases) - [Commits](https://github.com/rails/rails/compare/v6.1.7...v6.1.7.1) --- updated-dependencies: - dependency-name: rails dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 134 ++++++++++++++++++++++++++++----------------------- 1 file changed, 74 insertions(+), 60 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d9397a2d..f6703ea5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,63 +8,63 @@ GIT GEM remote: https://rubygems.org/ specs: - actioncable (6.1.7) - actionpack (= 6.1.7) - activesupport (= 6.1.7) + actioncable (6.1.7.1) + actionpack (= 6.1.7.1) + activesupport (= 6.1.7.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7) - actionpack (= 6.1.7) - activejob (= 6.1.7) - activerecord (= 6.1.7) - activestorage (= 6.1.7) - activesupport (= 6.1.7) + actionmailbox (6.1.7.1) + actionpack (= 6.1.7.1) + activejob (= 6.1.7.1) + activerecord (= 6.1.7.1) + activestorage (= 6.1.7.1) + activesupport (= 6.1.7.1) mail (>= 2.7.1) - actionmailer (6.1.7) - actionpack (= 6.1.7) - actionview (= 6.1.7) - activejob (= 6.1.7) - activesupport (= 6.1.7) + actionmailer (6.1.7.1) + actionpack (= 6.1.7.1) + actionview (= 6.1.7.1) + activejob (= 6.1.7.1) + activesupport (= 6.1.7.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (6.1.7) - actionview (= 6.1.7) - activesupport (= 6.1.7) + actionpack (6.1.7.1) + actionview (= 6.1.7.1) + activesupport (= 6.1.7.1) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7) - actionpack (= 6.1.7) - activerecord (= 6.1.7) - activestorage (= 6.1.7) - activesupport (= 6.1.7) + actiontext (6.1.7.1) + actionpack (= 6.1.7.1) + activerecord (= 6.1.7.1) + activestorage (= 6.1.7.1) + activesupport (= 6.1.7.1) nokogiri (>= 1.8.5) - actionview (6.1.7) - activesupport (= 6.1.7) + actionview (6.1.7.1) + activesupport (= 6.1.7.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.7) - activesupport (= 6.1.7) + activejob (6.1.7.1) + activesupport (= 6.1.7.1) globalid (>= 0.3.6) - activemodel (6.1.7) - activesupport (= 6.1.7) - activerecord (6.1.7) - activemodel (= 6.1.7) - activesupport (= 6.1.7) + activemodel (6.1.7.1) + activesupport (= 6.1.7.1) + activerecord (6.1.7.1) + activemodel (= 6.1.7.1) + activesupport (= 6.1.7.1) activerecord-postgis-adapter (7.1.1) activerecord (~> 6.1) rgeo-activerecord (~> 7.0.0) - activestorage (6.1.7) - actionpack (= 6.1.7) - activejob (= 6.1.7) - activerecord (= 6.1.7) - activesupport (= 6.1.7) + activestorage (6.1.7.1) + actionpack (= 6.1.7.1) + activejob (= 6.1.7.1) + activerecord (= 6.1.7.1) + activesupport (= 6.1.7.1) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.7) + activesupport (6.1.7.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -112,6 +112,7 @@ GEM coderay (1.1.3) concurrent-ruby (1.1.10) crass (1.0.6) + date (3.3.3) diff-lcs (1.5.0) docile (1.4.0) domain_name (0.5.20190701) @@ -120,7 +121,7 @@ GEM dotenv-rails (2.8.1) dotenv (= 2.8.1) railties (>= 3.2) - erubi (1.11.0) + erubi (1.12.0) et-orbi (1.2.7) tzinfo ffi (1.15.5) @@ -158,8 +159,11 @@ GEM loofah (2.19.1) crass (~> 1.0.2) nokogiri (>= 1.5.9) - mail (2.7.1) + mail (2.8.0.1) mini_mime (>= 0.1.1) + net-imap + net-pop + net-smtp marcel (1.0.2) method_source (1.0.0) mime-types (3.3.1) @@ -169,9 +173,18 @@ GEM mini_portile2 (2.8.1) minitest (5.17.0) msgpack (1.6.0) + net-imap (0.3.4) + date + net-protocol + net-pop (0.1.2) + net-protocol + net-protocol (0.2.1) + timeout + net-smtp (0.3.3) + net-protocol netrc (0.11.0) nio4r (2.5.8) - nokogiri (1.13.10) + nokogiri (1.14.0) mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) @@ -186,7 +199,7 @@ GEM puma (6.0.0) nio4r (~> 2.0) raabro (1.4.0) - racc (1.6.1) + racc (1.6.2) rack (2.2.6.2) rack-attack (6.6.1) rack (>= 1.0, < 3) @@ -194,20 +207,20 @@ GEM rack rack-test (2.0.2) rack (>= 1.3) - rails (6.1.7) - actioncable (= 6.1.7) - actionmailbox (= 6.1.7) - actionmailer (= 6.1.7) - actionpack (= 6.1.7) - actiontext (= 6.1.7) - actionview (= 6.1.7) - activejob (= 6.1.7) - activemodel (= 6.1.7) - activerecord (= 6.1.7) - activestorage (= 6.1.7) - activesupport (= 6.1.7) + rails (6.1.7.1) + actioncable (= 6.1.7.1) + actionmailbox (= 6.1.7.1) + actionmailer (= 6.1.7.1) + actionpack (= 6.1.7.1) + actiontext (= 6.1.7.1) + actionview (= 6.1.7.1) + activejob (= 6.1.7.1) + activemodel (= 6.1.7.1) + activerecord (= 6.1.7.1) + activestorage (= 6.1.7.1) + activesupport (= 6.1.7.1) bundler (>= 1.15.0) - railties (= 6.1.7) + railties (= 6.1.7.1) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) @@ -216,14 +229,14 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.4.4) + rails-html-sanitizer (1.5.0) loofah (~> 2.19, >= 2.19.1) rails-i18n (7.0.5) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) - railties (6.1.7) - actionpack (= 6.1.7) - activesupport (= 6.1.7) + railties (6.1.7.1) + actionpack (= 6.1.7.1) + activesupport (= 6.1.7.1) method_source rake (>= 12.2) thor (~> 1.0) @@ -299,9 +312,9 @@ GEM spring-watcher-listen (2.1.0) listen (>= 2.7, < 4.0) spring (>= 4) - sprockets (4.1.1) + sprockets (4.2.0) concurrent-ruby (~> 1.0) - rack (> 1, < 3) + rack (>= 2.2.4, < 4) sprockets-rails (3.4.2) actionpack (>= 5.2) activesupport (>= 5.2) @@ -311,6 +324,7 @@ GEM terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) thor (1.2.1) + timeout (0.3.1) tzinfo (2.0.5) concurrent-ruby (~> 1.0) unf (0.1.4) From c6f85d1c58a2c0d9268ecdaec35f2b9b28bd5f33 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jan 2023 03:00:58 +0000 Subject: [PATCH 52/88] build(deps-dev): bump rubocop-rails from 2.17.3 to 2.17.4 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.17.3 to 2.17.4. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.17.3...v2.17.4) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index f6703ea5..5cdb91e8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -110,7 +110,7 @@ GEM builder (3.2.4) byebug (11.1.3) coderay (1.1.3) - concurrent-ruby (1.1.10) + concurrent-ruby (1.2.0) crass (1.0.6) date (3.3.3) diff-lcs (1.5.0) @@ -245,7 +245,7 @@ GEM rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - regexp_parser (2.6.1) + regexp_parser (2.6.2) rest-client (2.1.0) http-accept (>= 1.7.0, < 2.0) http-cookie (>= 1.0.2, < 2.0) @@ -292,7 +292,7 @@ GEM rubocop-performance (1.15.2) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) - rubocop-rails (2.17.3) + rubocop-rails (2.17.4) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) @@ -325,7 +325,7 @@ GEM unicode-display_width (>= 1.1.1, < 3) thor (1.2.1) timeout (0.3.1) - tzinfo (2.0.5) + tzinfo (2.0.6) concurrent-ruby (~> 1.0) unf (0.1.4) unf_ext From 53201f41f41e30bcd28b9f5816101ef972bf318a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jan 2023 03:01:22 +0000 Subject: [PATCH 53/88] build(deps-dev): bump spring from 4.1.0 to 4.1.1 Bumps [spring](https://github.com/rails/spring) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/rails/spring/releases) - [Changelog](https://github.com/rails/spring/blob/main/CHANGELOG.md) - [Commits](https://github.com/rails/spring/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: spring dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5cdb91e8..0f2e2f5a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -308,7 +308,7 @@ GEM simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) smart_properties (1.17.0) - spring (4.1.0) + spring (4.1.1) spring-watcher-listen (2.1.0) listen (>= 2.7, < 4.0) spring (>= 4) From 2737f830a9e09d3c53158d80bc0779a3796981bf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jan 2023 03:03:29 +0000 Subject: [PATCH 54/88] build(deps-dev): bump rubocop-rspec from 2.16.0 to 2.18.1 Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.16.0 to 2.18.1. - [Release notes](https://github.com/rubocop/rubocop-rspec/releases) - [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.16.0...v2.18.1) --- updated-dependencies: - dependency-name: rubocop-rspec dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 0f2e2f5a..56463e29 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -289,6 +289,8 @@ GEM unicode-display_width (>= 2.4.0, < 3.0) rubocop-ast (1.24.1) parser (>= 3.1.1.0) + rubocop-capybara (2.17.0) + rubocop (~> 1.41) rubocop-performance (1.15.2) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) @@ -296,8 +298,9 @@ GEM activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-rspec (2.16.0) + rubocop-rspec (2.18.1) rubocop (~> 1.33) + rubocop-capybara (~> 2.17) ruby-progressbar (1.11.0) rubyzip (2.3.2) semantic_range (3.0.0) From c039f1c8a9e97181e0bb8eac5cd8a4c26c823cb4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jan 2023 03:04:22 +0000 Subject: [PATCH 55/88] build(deps): bump aws-sdk-s3 from 1.117.2 to 1.119.0 Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.117.2 to 1.119.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 56463e29..51d7637a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,19 +75,19 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.697.0) + aws-partitions (1.701.0) aws-sdk-cognitoidentityprovider (1.73.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.169.0) + aws-sdk-core (3.170.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.60.0) + aws-sdk-kms (1.62.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.117.2) + aws-sdk-s3 (1.119.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) From 8233dc9ada9ed0cb8b19aa46bfc4b5cf07ac8a03 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jan 2023 08:52:41 +0000 Subject: [PATCH 56/88] build(deps): bump rails from 6.1.7.1 to 6.1.7.2 Bumps [rails](https://github.com/rails/rails) from 6.1.7.1 to 6.1.7.2. - [Release notes](https://github.com/rails/rails/releases) - [Commits](https://github.com/rails/rails/compare/v6.1.7.1...v6.1.7.2) --- updated-dependencies: - dependency-name: rails dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 108 +++++++++++++++++++++++++-------------------------- 1 file changed, 54 insertions(+), 54 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 51d7637a..5156f67e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,63 +8,63 @@ GIT GEM remote: https://rubygems.org/ specs: - actioncable (6.1.7.1) - actionpack (= 6.1.7.1) - activesupport (= 6.1.7.1) + actioncable (6.1.7.2) + actionpack (= 6.1.7.2) + activesupport (= 6.1.7.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.1) - actionpack (= 6.1.7.1) - activejob (= 6.1.7.1) - activerecord (= 6.1.7.1) - activestorage (= 6.1.7.1) - activesupport (= 6.1.7.1) + actionmailbox (6.1.7.2) + actionpack (= 6.1.7.2) + activejob (= 6.1.7.2) + activerecord (= 6.1.7.2) + activestorage (= 6.1.7.2) + activesupport (= 6.1.7.2) mail (>= 2.7.1) - actionmailer (6.1.7.1) - actionpack (= 6.1.7.1) - actionview (= 6.1.7.1) - activejob (= 6.1.7.1) - activesupport (= 6.1.7.1) + actionmailer (6.1.7.2) + actionpack (= 6.1.7.2) + actionview (= 6.1.7.2) + activejob (= 6.1.7.2) + activesupport (= 6.1.7.2) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (6.1.7.1) - actionview (= 6.1.7.1) - activesupport (= 6.1.7.1) + actionpack (6.1.7.2) + actionview (= 6.1.7.2) + activesupport (= 6.1.7.2) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7.1) - actionpack (= 6.1.7.1) - activerecord (= 6.1.7.1) - activestorage (= 6.1.7.1) - activesupport (= 6.1.7.1) + actiontext (6.1.7.2) + actionpack (= 6.1.7.2) + activerecord (= 6.1.7.2) + activestorage (= 6.1.7.2) + activesupport (= 6.1.7.2) nokogiri (>= 1.8.5) - actionview (6.1.7.1) - activesupport (= 6.1.7.1) + actionview (6.1.7.2) + activesupport (= 6.1.7.2) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.7.1) - activesupport (= 6.1.7.1) + activejob (6.1.7.2) + activesupport (= 6.1.7.2) globalid (>= 0.3.6) - activemodel (6.1.7.1) - activesupport (= 6.1.7.1) - activerecord (6.1.7.1) - activemodel (= 6.1.7.1) - activesupport (= 6.1.7.1) + activemodel (6.1.7.2) + activesupport (= 6.1.7.2) + activerecord (6.1.7.2) + activemodel (= 6.1.7.2) + activesupport (= 6.1.7.2) activerecord-postgis-adapter (7.1.1) activerecord (~> 6.1) rgeo-activerecord (~> 7.0.0) - activestorage (6.1.7.1) - actionpack (= 6.1.7.1) - activejob (= 6.1.7.1) - activerecord (= 6.1.7.1) - activesupport (= 6.1.7.1) + activestorage (6.1.7.2) + actionpack (= 6.1.7.2) + activejob (= 6.1.7.2) + activerecord (= 6.1.7.2) + activesupport (= 6.1.7.2) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.7.1) + activesupport (6.1.7.2) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -128,7 +128,7 @@ GEM fugit (1.7.1) et-orbi (~> 1, >= 1.2.7) raabro (~> 1.4) - globalid (1.0.1) + globalid (1.1.0) activesupport (>= 5.0) highline (2.0.3) http-accept (1.7.0) @@ -207,20 +207,20 @@ GEM rack rack-test (2.0.2) rack (>= 1.3) - rails (6.1.7.1) - actioncable (= 6.1.7.1) - actionmailbox (= 6.1.7.1) - actionmailer (= 6.1.7.1) - actionpack (= 6.1.7.1) - actiontext (= 6.1.7.1) - actionview (= 6.1.7.1) - activejob (= 6.1.7.1) - activemodel (= 6.1.7.1) - activerecord (= 6.1.7.1) - activestorage (= 6.1.7.1) - activesupport (= 6.1.7.1) + rails (6.1.7.2) + actioncable (= 6.1.7.2) + actionmailbox (= 6.1.7.2) + actionmailer (= 6.1.7.2) + actionpack (= 6.1.7.2) + actiontext (= 6.1.7.2) + actionview (= 6.1.7.2) + activejob (= 6.1.7.2) + activemodel (= 6.1.7.2) + activerecord (= 6.1.7.2) + activestorage (= 6.1.7.2) + activesupport (= 6.1.7.2) bundler (>= 1.15.0) - railties (= 6.1.7.1) + railties (= 6.1.7.2) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) @@ -234,9 +234,9 @@ GEM rails-i18n (7.0.5) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) - railties (6.1.7.1) - actionpack (= 6.1.7.1) - activesupport (= 6.1.7.1) + railties (6.1.7.2) + actionpack (= 6.1.7.2) + activesupport (= 6.1.7.2) method_source rake (>= 12.2) thor (~> 1.0) From 2497fcc3aff8962522ea0d4d484201c8531958a2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Feb 2023 03:01:04 +0000 Subject: [PATCH 57/88] build(deps): bump webpacker from 5.4.3 to 5.4.4 Bumps [webpacker](https://github.com/rails/webpacker) from 5.4.3 to 5.4.4. - [Release notes](https://github.com/rails/webpacker/releases) - [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md) - [Commits](https://github.com/rails/webpacker/compare/v5.4.3...v5.4.4) --- updated-dependencies: - dependency-name: webpacker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index c6dcd2dd..664060ea 100644 --- a/Gemfile +++ b/Gemfile @@ -12,7 +12,7 @@ gem 'sqlite3', '~> 1.6' # Use Puma as the app server gem 'puma', '~> 6.0' # Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker -gem 'webpacker', '~> 5.4', '>= 5.4.3' +gem 'webpacker', '~> 5.4' # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks # gem 'turbolinks', '~> 5' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder diff --git a/Gemfile.lock b/Gemfile.lock index 5156f67e..a5c8ef35 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -184,7 +184,7 @@ GEM net-protocol netrc (0.11.0) nio4r (2.5.8) - nokogiri (1.14.0) + nokogiri (1.14.1) mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) @@ -203,7 +203,7 @@ GEM rack (2.2.6.2) rack-attack (6.6.1) rack (>= 1.0, < 3) - rack-proxy (0.7.4) + rack-proxy (0.7.6) rack rack-test (2.0.2) rack (>= 1.3) @@ -339,7 +339,7 @@ GEM activemodel (>= 6.0.0) bindex (>= 0.4.0) railties (>= 6.0.0) - webpacker (5.4.3) + webpacker (5.4.4) activesupport (>= 5.2) rack-proxy (>= 0.6.1) railties (>= 5.2) @@ -386,7 +386,7 @@ DEPENDENCIES spring-watcher-listen (~> 2.1.0) sqlite3 (~> 1.6) web-console (>= 4.2.0) - webpacker (~> 5.4, >= 5.4.3) + webpacker (~> 5.4) RUBY VERSION ruby 2.7.6p219 From d7fcce9fcf4973b59736832fd9ad92871fec9a96 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Feb 2023 03:01:24 +0000 Subject: [PATCH 58/88] build(deps): bump aws-sdk-ssm from 1.147.0 to 1.148.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.147.0 to 1.148.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index a5c8ef35..a11a02de 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.701.0) + aws-partitions (1.705.0) aws-sdk-cognitoidentityprovider (1.73.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) @@ -91,7 +91,7 @@ GEM aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) - aws-sdk-ssm (1.147.0) + aws-sdk-ssm (1.148.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.5.2) From 9000932cdd0b07f9f528e54f7b2d007294ab62e6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Feb 2023 03:01:53 +0000 Subject: [PATCH 59/88] build(deps): bump bootsnap from 1.15.0 to 1.16.0 Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.15.0 to 1.16.0. - [Release notes](https://github.com/Shopify/bootsnap/releases) - [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md) - [Commits](https://github.com/Shopify/bootsnap/compare/v1.15.0...v1.16.0) --- updated-dependencies: - dependency-name: bootsnap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index a11a02de..6f5cd4f9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -104,7 +104,7 @@ GEM parser (>= 2.4) smart_properties bindex (0.8.1) - bootsnap (1.15.0) + bootsnap (1.16.0) msgpack (~> 1.2) brakeman (5.4.0) builder (3.2.4) From 6ed9c92a009e75fc13cf756c65d7572f22ca257a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Feb 2023 03:02:01 +0000 Subject: [PATCH 60/88] build(deps): bump govuk-frontend from 4.4.1 to 4.5.0 Bumps [govuk-frontend](https://github.com/alphagov/govuk-frontend) from 4.4.1 to 4.5.0. - [Release notes](https://github.com/alphagov/govuk-frontend/releases) - [Changelog](https://github.com/alphagov/govuk-frontend/blob/main/CHANGELOG.md) - [Commits](https://github.com/alphagov/govuk-frontend/compare/v4.4.1...v4.5.0) --- updated-dependencies: - dependency-name: govuk-frontend dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 1b5750e3..1f58a760 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "@rails/ujs": "^7.0.4", "@rails/webpacker": "5.4.3", "accessible-autocomplete": "^2.0.4", - "govuk-frontend": "^4.4.1", + "govuk-frontend": "^4.5.0", "jquery": "^3.6.3", "js-cookie": "^3.0.1" }, diff --git a/yarn.lock b/yarn.lock index a4d1017d..22bba2ff 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3388,10 +3388,10 @@ globals@^11.1.0: resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e" integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA== -govuk-frontend@^4.4.1: - version "4.4.1" - resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.4.1.tgz#88857c4ad8508255a4e983030a3964d6e1674107" - integrity sha512-Jm1LUWiH9vy47b6HSH/ksSb4ueBrtTTgyLBk+3X2qqAmmFUc1AXWLSYHid07YYu1tvn9RnodWk5Bac5Ywqk6tA== +govuk-frontend@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.5.0.tgz#64759e39efbaa81f9cb7a35cc6cff6fd9fa619ef" + integrity sha512-gZHDqf5vdlHjmx0NGJiNT12XLyR3d5KCS4AnlC3xTWOObJ0kQROrkIFyp3w4/PY3EQiYdgacVaJ6lizzygnzYw== graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.2.6: version "4.2.9" From 43e4ed71f813e85aec55efb59b8c9fb7669fd20b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Feb 2023 03:04:34 +0000 Subject: [PATCH 61/88] build(deps): bump jwt from 2.6.0 to 2.7.0 Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.6.0 to 2.7.0. - [Release notes](https://github.com/jwt/ruby-jwt/releases) - [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md) - [Commits](https://github.com/jwt/ruby-jwt/compare/v2.6.0...v2.7.0) --- updated-dependencies: - dependency-name: jwt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6f5cd4f9..4e85b190 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -152,7 +152,7 @@ GEM activesupport (>= 5.0.0) jmespath (1.6.2) json (2.6.3) - jwt (2.6.0) + jwt (2.7.0) listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) From 57d14a50143faf526a2d0877285173b38c5244b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Feb 2023 03:57:02 +0000 Subject: [PATCH 62/88] build(deps): bump roo from 2.9.0 to 2.10.0 Bumps [roo](https://github.com/roo-rb/roo) from 2.9.0 to 2.10.0. - [Release notes](https://github.com/roo-rb/roo/releases) - [Changelog](https://github.com/roo-rb/roo/blob/master/CHANGELOG.md) - [Commits](https://github.com/roo-rb/roo/compare/v2.9.0...v2.10.0) --- updated-dependencies: - dependency-name: roo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 664060ea..5d39c449 100644 --- a/Gemfile +++ b/Gemfile @@ -36,7 +36,7 @@ gem 'pg', '~> 1.4.5' gem 'jwt' gem 'rest-client', '~> 2.1' gem 'rollbar' -gem 'roo', '~> 2.9.0' +gem 'roo', '~> 2.10.0' # remove if not option two taken in project # For canonical urls diff --git a/Gemfile.lock b/Gemfile.lock index 4e85b190..e24b5978 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -257,7 +257,7 @@ GEM activerecord (>= 5.0) rgeo (>= 1.0.0) rollbar (3.4.0) - roo (2.9.0) + roo (2.10.0) nokogiri (~> 1) rubyzip (>= 1.3.0, < 3.0.0) rspec-core (3.11.0) @@ -375,7 +375,7 @@ DEPENDENCIES rails-controller-testing (>= 1.0.5) rest-client (~> 2.1) rollbar - roo (~> 2.9.0) + roo (~> 2.10.0) rspec-rails (>= 6.0.1) rubocop (>= 0.91.1) rubocop-performance (>= 1.8.1) From 9a6c8cf3ba9802190c8fbf2450bacfd92683213a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Feb 2023 09:38:57 +0000 Subject: [PATCH 63/88] build(deps-dev): bump rubocop-performance from 1.15.2 to 1.16.0 Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.15.2 to 1.16.0. - [Release notes](https://github.com/rubocop/rubocop-performance/releases) - [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.15.2...v1.16.0) --- updated-dependencies: - dependency-name: rubocop-performance dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e24b5978..82a0c34e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -188,7 +188,7 @@ GEM mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) - parser (3.2.0.0) + parser (3.2.1.0) ast (~> 2.4.1) pg (1.4.5) pry (0.13.1) @@ -245,7 +245,7 @@ GEM rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - regexp_parser (2.6.2) + regexp_parser (2.7.0) rest-client (2.1.0) http-accept (>= 1.7.0, < 2.0) http-cookie (>= 1.0.2, < 2.0) @@ -287,11 +287,11 @@ GEM rubocop-ast (>= 1.24.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.24.1) - parser (>= 3.1.1.0) + rubocop-ast (1.26.0) + parser (>= 3.2.1.0) rubocop-capybara (2.17.0) rubocop (~> 1.41) - rubocop-performance (1.15.2) + rubocop-performance (1.16.0) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) rubocop-rails (2.17.4) From 02339f64d67f9009f2e1ceffae7b4f9def4a064e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Feb 2023 03:59:49 +0000 Subject: [PATCH 64/88] build(deps): bump canonical-rails from `c062988` to `7d6d958` Bumps [canonical-rails](https://github.com/jumph4x/canonical-rails) from `c062988` to `7d6d958`. - [Release notes](https://github.com/jumph4x/canonical-rails/releases) - [Commits](https://github.com/jumph4x/canonical-rails/compare/c062988ccfe2669a12f29bcb615ad9790380bcf7...7d6d958a3b53c794ed2f7ecc04e3e7fe670bd86a) --- updated-dependencies: - dependency-name: canonical-rails dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 82a0c34e..f2e5cfda 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,9 +1,12 @@ GIT remote: https://github.com/jumph4x/canonical-rails.git - revision: c062988ccfe2669a12f29bcb615ad9790380bcf7 + revision: 7d6d958a3b53c794ed2f7ecc04e3e7fe670bd86a specs: canonical-rails (0.2.14) - rails (>= 4.1, <= 7.1) + actionmailer (>= 4.1, <= 7.1) + activerecord (>= 4.1, <= 7.1) + railties (>= 4.1, <= 7.1) + sprockets-rails (~> 3.0) GEM remote: https://rubygems.org/ @@ -159,7 +162,7 @@ GEM loofah (2.19.1) crass (~> 1.0.2) nokogiri (>= 1.5.9) - mail (2.8.0.1) + mail (2.8.1) mini_mime (>= 0.1.1) net-imap net-pop @@ -347,7 +350,7 @@ GEM websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.6) + zeitwerk (2.6.7) PLATFORMS ruby From 7bf798be663573f84ed02b7061512fabbbe4a3c5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Feb 2023 09:43:36 +0000 Subject: [PATCH 65/88] build(deps-dev): bump rubocop from 1.43.0 to 1.45.1 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.43.0 to 1.45.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.43.0...v1.45.1) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index f2e5cfda..1f16f2e5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -280,7 +280,7 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.43.0) + rubocop (1.45.1) json (~> 2.3) parallel (~> 1.10) parser (>= 3.2.0.0) From ba122b05f37c77f59beba5d42c0e8a554b68b104 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 16 Feb 2023 09:45:20 +0000 Subject: [PATCH 66/88] fix: Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-1061917 --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 1f16f2e5..57b5bceb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -187,7 +187,7 @@ GEM net-protocol netrc (0.11.0) nio4r (2.5.8) - nokogiri (1.14.1) + nokogiri (1.14.2) mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) @@ -330,7 +330,7 @@ GEM terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) thor (1.2.1) - timeout (0.3.1) + timeout (0.3.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unf (0.1.4) From d04feadb2b5045fe0cd41e805a8c1cb472229974 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Feb 2023 03:57:05 +0000 Subject: [PATCH 67/88] build(deps): bump @rails/webpacker from 5.4.3 to 5.4.4 Bumps [@rails/webpacker](https://github.com/rails/webpacker) from 5.4.3 to 5.4.4. - [Release notes](https://github.com/rails/webpacker/releases) - [Changelog](https://github.com/rails/webpacker/blob/v5.4.4/CHANGELOG.md) - [Commits](https://github.com/rails/webpacker/compare/v5.4.3...v5.4.4) --- updated-dependencies: - dependency-name: "@rails/webpacker" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 48 ++++++++---------------------------------------- 2 files changed, 9 insertions(+), 41 deletions(-) diff --git a/package.json b/package.json index 1f58a760..a83a5eef 100644 --- a/package.json +++ b/package.json @@ -3,7 +3,7 @@ "private": true, "dependencies": { "@rails/ujs": "^7.0.4", - "@rails/webpacker": "5.4.3", + "@rails/webpacker": "5.4.4", "accessible-autocomplete": "^2.0.4", "govuk-frontend": "^4.5.0", "jquery": "^3.6.3", diff --git a/yarn.lock b/yarn.lock index 22bba2ff..c64e909a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -996,20 +996,13 @@ "@babel/types" "^7.4.4" esutils "^2.0.2" -"@babel/runtime@^7.15.3": +"@babel/runtime@^7.15.3", "@babel/runtime@^7.7.2", "@babel/runtime@^7.8.4": version "7.15.4" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.15.4.tgz#fd17d16bfdf878e6dd02d19753a39fa8a8d9c84a" integrity sha512-99catp6bHCaxr4sJ/DbTGgHS4+Rs2RVd2g7iOap6SLGPDknRK9ztKNsE/Fg6QhSeh1FGE5f6gHGQmvvn3I3xhw== dependencies: regenerator-runtime "^0.13.4" -"@babel/runtime@^7.7.2", "@babel/runtime@^7.8.4": - version "7.11.2" - resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.11.2.tgz#f549c13c754cc40b87644b9fa9f09a6a95fe0736" - integrity sha512-TeWkU52so0mPtDcaCTxNBI/IHiz0pZgr8VEFqXFtZWpYD08ZB6FaSwVAS8MKRQAP3bYKiVjwysOJgMFY28o6Tw== - dependencies: - regenerator-runtime "^0.13.4" - "@babel/template@^7.12.13": version "7.12.13" resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.12.13.tgz#530265be8a2589dbb37523844c5bcb55947fb327" @@ -1106,10 +1099,10 @@ resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.0.4.tgz#7fe5387d2d82b0547fdfc6667b424ec119c86b1e" integrity sha512-UY9yQxBvtqXzXScslgPwZoQd16T0+z3P6BQS4lZDJFg5xVuMIgHkHQI6dhyWEt5l/qwbGaYX+YiZu6J+oxWPOw== -"@rails/webpacker@5.4.3": - version "5.4.3" - resolved "https://registry.yarnpkg.com/@rails/webpacker/-/webpacker-5.4.3.tgz#cfe2d8faffe7db5001bad50a1534408b4f2efb2f" - integrity sha512-tEM8tpUtfx6FxKwcuQ9+v6pzgqM5LeAdhT6IJ4Te3BPKFO1xrGrXugqeRuZ+gE8ASDZRTOK6yuQkapOpuX5JdA== +"@rails/webpacker@5.4.4": + version "5.4.4" + resolved "https://registry.yarnpkg.com/@rails/webpacker/-/webpacker-5.4.4.tgz#971a41b987c096c908ce4088accd57c1a9a7e2f7" + integrity sha512-hp9myb2MChYFPfE5Fd/3gF4q2m4wpxC+WWCkxcg6My3HYCptWuqMVXRwrBZ5EJHYiL/WRyMLvVNWwlFV47xhUw== dependencies: "@babel/core" "^7.15.0" "@babel/plugin-proposal-class-properties" "^7.14.5" @@ -3323,19 +3316,7 @@ glob-parent@~5.1.2: dependencies: is-glob "^4.0.1" -glob@^7.1.3, glob@^7.1.4: - version "7.1.6" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6" - integrity sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA== - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.4" - once "^1.3.0" - path-is-absolute "^1.0.0" - -glob@^7.1.7: +glob@^7.1.3, glob@^7.1.4, glob@^7.1.7: version "7.1.7" resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.7.tgz#3b193e9233f01d42d0b3f78294bbeeb418f94a90" integrity sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ== @@ -3993,15 +3974,7 @@ js-tokens@^4.0.0: resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== -js-yaml@^3.13.1: - version "3.14.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.0.tgz#a7a34170f26a21bb162424d8adacb4113a69e482" - integrity sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A== - dependencies: - argparse "^1.0.7" - esprima "^4.0.0" - -js-yaml@^3.14.1: +js-yaml@^3.13.1, js-yaml@^3.14.1: version "3.14.1" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537" integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g== @@ -5824,12 +5797,7 @@ regenerate@^1.4.0: resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.1.tgz#cad92ad8e6b591773485fbe05a485caf4f457e6f" integrity sha512-j2+C8+NtXQgEKWk49MMP5P/u2GhnahTtVkRIHr5R5lVRlbKvmQ+oS+A5aLKWp2ma5VkT8sh6v+v4hbH0YHR66A== -regenerator-runtime@^0.13.4: - version "0.13.7" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz#cac2dacc8a1ea675feaabaeb8ae833898ae46f55" - integrity sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew== - -regenerator-runtime@^0.13.9: +regenerator-runtime@^0.13.4, regenerator-runtime@^0.13.9: version "0.13.9" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.9.tgz#8925742a98ffd90814988d7566ad30ca3b263b52" integrity sha512-p3VT+cOEgxFsRRA9X4lkI1E+k2/CtnKtU4gcxyaCUreilL/vqI6CdZ3wxVUx3UOUg+gnUOQQcRI7BmSI656MYA== From 32be62fe417af5c71b8c0c1f41ec787e9ec57ee9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Feb 2023 03:57:58 +0000 Subject: [PATCH 68/88] build(deps): bump aws-sdk-s3 from 1.119.0 to 1.119.1 Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.119.0 to 1.119.1. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 57b5bceb..1b1b7654 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -78,7 +78,7 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.705.0) + aws-partitions (1.714.0) aws-sdk-cognitoidentityprovider (1.73.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) @@ -90,7 +90,7 @@ GEM aws-sdk-kms (1.62.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.119.0) + aws-sdk-s3 (1.119.1) aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) From 1721a2f48080a919cee096c98247cc420760825b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Feb 2023 03:59:50 +0000 Subject: [PATCH 69/88] build(deps): bump puma from 6.0.0 to 6.1.0 Bumps [puma](https://github.com/puma/puma) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v6.0.0...v6.1.0) --- updated-dependencies: - dependency-name: puma dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 5d39c449..d96c68f4 100644 --- a/Gemfile +++ b/Gemfile @@ -10,7 +10,7 @@ gem 'rails', '~> 6.1.7' # Use sqlite3 as the database for Active Record gem 'sqlite3', '~> 1.6' # Use Puma as the app server -gem 'puma', '~> 6.0' +gem 'puma', '~> 6.1' # Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker gem 'webpacker', '~> 5.4' # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks diff --git a/Gemfile.lock b/Gemfile.lock index 1b1b7654..1f52e92b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -199,7 +199,7 @@ GEM method_source (~> 1.0) pry-rails (0.3.9) pry (>= 0.10.4) - puma (6.0.0) + puma (6.1.0) nio4r (~> 2.0) raabro (1.4.0) racc (1.6.2) @@ -372,7 +372,7 @@ DEPENDENCIES listen (~> 3.8) pg (~> 1.4.5) pry-rails - puma (~> 6.0) + puma (~> 6.1) rack-attack rails (~> 6.1.7) rails-controller-testing (>= 1.0.5) From f815926827b8b970bde7161384b43b57f64d7e90 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 03:57:05 +0000 Subject: [PATCH 70/88] build(deps): bump pg from 1.4.5 to 1.4.6 Bumps [pg](https://github.com/ged/ruby-pg) from 1.4.5 to 1.4.6. - [Release notes](https://github.com/ged/ruby-pg/releases) - [Changelog](https://github.com/ged/ruby-pg/blob/master/History.md) - [Commits](https://github.com/ged/ruby-pg/compare/v1.4.5...v1.4.6) --- updated-dependencies: - dependency-name: pg dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index d96c68f4..4acf8fd8 100644 --- a/Gemfile +++ b/Gemfile @@ -31,7 +31,7 @@ gem 'arask', '1.2.3' # for postgresql gem 'activerecord-postgis-adapter', '~> 7.1.1' -gem 'pg', '~> 1.4.5' +gem 'pg', '~> 1.4.6' # remove if not option two taken in project gem 'jwt' gem 'rest-client', '~> 2.1' diff --git a/Gemfile.lock b/Gemfile.lock index 1f52e92b..57691cd4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -193,7 +193,7 @@ GEM parallel (1.22.1) parser (3.2.1.0) ast (~> 2.4.1) - pg (1.4.5) + pg (1.4.6) pry (0.13.1) coderay (~> 1.1) method_source (~> 1.0) @@ -370,7 +370,7 @@ DEPENDENCIES jbuilder (~> 2.11, >= 2.11.5) jwt listen (~> 3.8) - pg (~> 1.4.5) + pg (~> 1.4.6) pry-rails puma (~> 6.1) rack-attack From 9ebc60ec6192f271ae7c2cb886029cdd6c2c4355 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 03:57:20 +0000 Subject: [PATCH 71/88] build(deps): bump sqlite3 from 1.6.0 to 1.6.1 Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby) from 1.6.0 to 1.6.1. - [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases) - [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v1.6.0...v1.6.1) --- updated-dependencies: - dependency-name: sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 57691cd4..494f6c93 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -325,7 +325,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - sqlite3 (1.6.0) + sqlite3 (1.6.1) mini_portile2 (~> 2.8.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) From 405a821a8f32e04b86a2ea1992a50dfde317d84a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 03:59:00 +0000 Subject: [PATCH 72/88] build(deps-dev): bump rubocop-rails from 2.17.4 to 2.18.0 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.17.4 to 2.18.0. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.17.4...v2.18.0) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 494f6c93..65d902f4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -113,7 +113,7 @@ GEM builder (3.2.4) byebug (11.1.3) coderay (1.1.3) - concurrent-ruby (1.2.0) + concurrent-ruby (1.2.2) crass (1.0.6) date (3.3.3) diff-lcs (1.5.0) @@ -297,7 +297,7 @@ GEM rubocop-performance (1.16.0) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) - rubocop-rails (2.17.4) + rubocop-rails (2.18.0) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) From 420e8de3b145fb348a21491317d90d50a4c25f22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 08:43:59 +0000 Subject: [PATCH 73/88] build(deps-dev): bump rubocop from 1.45.1 to 1.46.0 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.45.1 to 1.46.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.45.1...v1.46.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 65d902f4..a8bf941b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -280,14 +280,14 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.45.1) + rubocop (1.46.0) json (~> 2.3) parallel (~> 1.10) parser (>= 3.2.0.0) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.24.1, < 2.0) + rubocop-ast (>= 1.26.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) rubocop-ast (1.26.0) From 6bba398a4cdc1a66e74f435bfb8303e341710749 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 13 Mar 2023 10:12:30 +0000 Subject: [PATCH 74/88] Use GitHub actions to run unit tests instead of Travis CI --- .github/workflows/rubyonrails.yml | 52 +++++++++++++++++++ .travis.yml | 5 ++ .../api/v1/organisation_controller_spec.rb | 2 +- 3 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/rubyonrails.yml diff --git a/.github/workflows/rubyonrails.yml b/.github/workflows/rubyonrails.yml new file mode 100644 index 00000000..0fe70632 --- /dev/null +++ b/.github/workflows/rubyonrails.yml @@ -0,0 +1,52 @@ +name: "Ruby on Rails CI" + +on: + push: + branches-ignore: + - develop + - staging + - main + pull_request: + +jobs: + unit-test: + runs-on: ubuntu-20.04 + + services: + postgres: + image: postgis/postgis:11-2.5 + ports: + - "5432:5432" + env: + POSTGRES_DB: rails_test + POSTGRES_USER: rails + POSTGRES_PASSWORD: password + + env: + RAILS_ENV: test + DATABASE_URL: "postgis://rails:password@localhost:5432/rails_test" + CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install Ruby and gems + uses: ruby/setup-ruby@v1.138.0 + with: + bundler-cache: true + + - name: Set up database schema + run: bin/rails db:test:prepare + + - name: Compile assets + run: NODE_OPTIONS=--openssl-legacy-provider bin/rails assets:precompile + + - name: Run unit tests + run: bin/rake + + - name: publish code coverage + uses: paambaati/codeclimate-action@v3.2.0 + with: + debug: true + if: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'develop' }} diff --git a/.travis.yml b/.travis.yml index 7026d9ac..433162fd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,6 +16,11 @@ deploy: repo: Crown-Commercial-Service/pmp-idam all_branches: true condition: $DEPLOY_BRANCH = TRUE +branches: + only: + - develop + - staging + - main env: global: - RAILS_ENV=test diff --git a/spec/controllers/api/v1/organisation_controller_spec.rb b/spec/controllers/api/v1/organisation_controller_spec.rb index 68ba11bd..c40ef98a 100644 --- a/spec/controllers/api/v1/organisation_controller_spec.rb +++ b/spec/controllers/api/v1/organisation_controller_spec.rb @@ -2,7 +2,7 @@ RSpec.describe Api::V1::OrganisationController do describe 'GET search' do - let(:result) { JSON.parse(response.body) } + let(:result) { response.parsed_body } before { get :search, params: { search: search } } From 96c9d673afc3a0f752fc749ca30b32019a0104c1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 10:53:36 +0000 Subject: [PATCH 75/88] build(deps): bump dns-packet from 5.3.1 to 5.4.0 Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 5.3.1 to 5.4.0. - [Release notes](https://github.com/mafintosh/dns-packet/releases) - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](https://github.com/mafintosh/dns-packet/compare/v5.3.1...5.4.0) --- updated-dependencies: - dependency-name: dns-packet dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index c64e909a..5e8f7d25 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2735,9 +2735,9 @@ dns-equal@^1.0.0: integrity sha1-s55/HabrCnW6nBcySzR1PEfgZU0= dns-packet@^5.2.2: - version "5.3.1" - resolved "https://registry.yarnpkg.com/dns-packet/-/dns-packet-5.3.1.tgz#eb94413789daec0f0ebe2fcc230bdc9d7c91b43d" - integrity sha512-spBwIj0TK0Ey3666GwIdWVfUpLyubpU53BTCu8iPn4r4oXd9O14Hjg3EHw3ts2oed77/SeckunUYCyRlSngqHw== + version "5.4.0" + resolved "https://registry.yarnpkg.com/dns-packet/-/dns-packet-5.4.0.tgz#1f88477cf9f27e78a213fb6d118ae38e759a879b" + integrity sha512-EgqGeaBB8hLiHLZtp/IbaDQTL8pZ0+IvwzSHA6d7VyMDM+B9hgddEMa9xjK5oYnw0ci0JQ6g2XCD7/f6cafU6g== dependencies: "@leichtgewicht/ip-codec" "^2.0.1" From 3058f3f95c480c6bfc12563540ee78a149bd88d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 10:53:59 +0000 Subject: [PATCH 76/88] build(deps): bump aws-sdk-ssm from 1.148.0 to 1.149.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.148.0 to 1.149.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index a8bf941b..075c1406 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -78,7 +78,7 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.714.0) + aws-partitions (1.725.0) aws-sdk-cognitoidentityprovider (1.73.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) @@ -94,7 +94,7 @@ GEM aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) - aws-sdk-ssm (1.148.0) + aws-sdk-ssm (1.149.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.5.2) From 3e772476bc7fd697ec9cf2de5ffef8da5cba39e1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 10:54:08 +0000 Subject: [PATCH 77/88] build(deps): bump puma from 6.1.0 to 6.1.1 Bumps [puma](https://github.com/puma/puma) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v6.1.0...v6.1.1) --- updated-dependencies: - dependency-name: puma dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 075c1406..081a24b1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -199,7 +199,7 @@ GEM method_source (~> 1.0) pry-rails (0.3.9) pry (>= 0.10.4) - puma (6.1.0) + puma (6.1.1) nio4r (~> 2.0) raabro (1.4.0) racc (1.6.2) From 10678cdc20742981b7b510b23ad8c408f885c960 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 10:54:11 +0000 Subject: [PATCH 78/88] build(deps-dev): bump brakeman from 5.4.0 to 5.4.1 Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.4.0 to 5.4.1. - [Release notes](https://github.com/presidentbeef/brakeman/releases) - [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md) - [Commits](https://github.com/presidentbeef/brakeman/compare/v5.4.0...v5.4.1) --- updated-dependencies: - dependency-name: brakeman dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 081a24b1..a3d20f23 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -109,7 +109,7 @@ GEM bindex (0.8.1) bootsnap (1.16.0) msgpack (~> 1.2) - brakeman (5.4.0) + brakeman (5.4.1) builder (3.2.4) byebug (11.1.3) coderay (1.1.3) From bd54c1169e46381e8af0ceeac25ecd06fcffc246 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 10:54:16 +0000 Subject: [PATCH 79/88] build(deps): bump rack from 2.2.6.2 to 2.2.6.3 Bumps [rack](https://github.com/rack/rack) from 2.2.6.2 to 2.2.6.3. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.6.2...v2.2.6.3) --- updated-dependencies: - dependency-name: rack dependency-type: indirect ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index a3d20f23..098cd500 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -203,7 +203,7 @@ GEM nio4r (~> 2.0) raabro (1.4.0) racc (1.6.2) - rack (2.2.6.2) + rack (2.2.6.3) rack-attack (6.6.1) rack (>= 1.0, < 3) rack-proxy (0.7.6) From d632f815b84f48ce5aa2a9608f6dade867210403 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 10:54:38 +0000 Subject: [PATCH 80/88] build(deps): bump jquery from 3.6.3 to 3.6.4 Bumps [jquery](https://github.com/jquery/jquery) from 3.6.3 to 3.6.4. - [Release notes](https://github.com/jquery/jquery/releases) - [Commits](https://github.com/jquery/jquery/compare/3.6.3...3.6.4) --- updated-dependencies: - dependency-name: jquery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index a83a5eef..0718db67 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "@rails/webpacker": "5.4.4", "accessible-autocomplete": "^2.0.4", "govuk-frontend": "^4.5.0", - "jquery": "^3.6.3", + "jquery": "^3.6.4", "js-cookie": "^3.0.1" }, "version": "0.1.0", diff --git a/yarn.lock b/yarn.lock index 5e8f7d25..4b1d353c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3959,10 +3959,10 @@ jest-worker@^26.5.0: merge-stream "^2.0.0" supports-color "^7.0.0" -jquery@^3.6.3: - version "3.6.3" - resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.3.tgz#23ed2ffed8a19e048814f13391a19afcdba160e6" - integrity sha512-bZ5Sy3YzKo9Fyc8wH2iIQK4JImJ6R0GWI9kL1/k7Z91ZBNgkRXE6U0JfHIizZbort8ZunhSI3jw9I6253ahKfg== +jquery@^3.6.4: + version "3.6.4" + resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.4.tgz#ba065c188142100be4833699852bf7c24dc0252f" + integrity sha512-v28EW9DWDFpzcD9O5iyJXg3R3+q+mET5JhnjJzQUZMHOv67bpSIHq81GEYpPNZHG+XXHsfSme3nxp/hndKEcsQ== js-cookie@^3.0.1: version "3.0.1" From 6f1e6e16502e3e80770f181fd11e0d5238f3906b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 10:54:41 +0000 Subject: [PATCH 81/88] build(deps-dev): bump rubocop from 1.46.0 to 1.48.1 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.46.0 to 1.48.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.46.0...v1.48.1) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 098cd500..45a1e7af 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -191,7 +191,7 @@ GEM mini_portile2 (~> 2.8.0) racc (~> 1.4) parallel (1.22.1) - parser (3.2.1.0) + parser (3.2.1.1) ast (~> 2.4.1) pg (1.4.6) pry (0.13.1) @@ -280,7 +280,7 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.11.1) - rubocop (1.46.0) + rubocop (1.48.1) json (~> 2.3) parallel (~> 1.10) parser (>= 3.2.0.0) @@ -290,7 +290,7 @@ GEM rubocop-ast (>= 1.26.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.26.0) + rubocop-ast (1.27.0) parser (>= 3.2.1.0) rubocop-capybara (2.17.0) rubocop (~> 1.41) @@ -304,7 +304,7 @@ GEM rubocop-rspec (2.18.1) rubocop (~> 1.33) rubocop-capybara (~> 2.17) - ruby-progressbar (1.11.0) + ruby-progressbar (1.13.0) rubyzip (2.3.2) semantic_range (3.0.0) simplecov (0.22.0) From d65de3091dea9a6dfe6f3d4669dc8126c691748e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 8 Mar 2023 23:46:59 +0000 Subject: [PATCH 82/88] fix: Gemfile & Gemfile.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-RACK-3356639 --- Gemfile | 6 +++--- Gemfile.lock | 28 ++++++++++++++-------------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/Gemfile b/Gemfile index 4acf8fd8..ba6cb07c 100644 --- a/Gemfile +++ b/Gemfile @@ -6,13 +6,13 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '2.7.6' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 6.1.7' +gem 'rails', '~> 6.1.7', '>= 6.1.7.2' # Use sqlite3 as the database for Active Record gem 'sqlite3', '~> 1.6' # Use Puma as the app server gem 'puma', '~> 6.1' # Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker -gem 'webpacker', '~> 5.4' +gem 'webpacker', '~> 5.4', '>= 5.4.4' # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks # gem 'turbolinks', '~> 5' # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder @@ -56,7 +56,7 @@ group :development, :test do gem 'rspec-rails', '>= 6.0.1' gem 'rubocop', '>= 0.91.1' gem 'rubocop-performance', '>= 1.8.1' - gem 'rubocop-rails', '>= 2.16.1' + gem 'rubocop-rails', '>= 2.18.0' gem 'rubocop-rspec', '>= 1.43.2' # or gem 'rubocop-minitest' gem 'brakeman' gem 'pry-rails' diff --git a/Gemfile.lock b/Gemfile.lock index 45a1e7af..9026f48d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -128,12 +128,12 @@ GEM et-orbi (1.2.7) tzinfo ffi (1.15.5) - fugit (1.7.1) + fugit (1.8.1) et-orbi (~> 1, >= 1.2.7) raabro (~> 1.4) globalid (1.1.0) activesupport (>= 5.0) - highline (2.0.3) + highline (2.1.0) http-accept (1.7.0) http-cookie (1.0.3) domain_name (~> 0.5) @@ -174,7 +174,7 @@ GEM mime-types-data (3.2020.0512) mini_mime (1.1.2) mini_portile2 (2.8.1) - minitest (5.17.0) + minitest (5.18.0) msgpack (1.6.0) net-imap (0.3.4) date @@ -234,7 +234,7 @@ GEM nokogiri (>= 1.6) rails-html-sanitizer (1.5.0) loofah (~> 2.19, >= 2.19.1) - rails-i18n (7.0.5) + rails-i18n (7.0.6) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) railties (6.1.7.2) @@ -263,14 +263,14 @@ GEM roo (2.10.0) nokogiri (~> 1) rubyzip (>= 1.3.0, < 3.0.0) - rspec-core (3.11.0) - rspec-support (~> 3.11.0) - rspec-expectations (3.11.1) + rspec-core (3.12.1) + rspec-support (~> 3.12.0) + rspec-expectations (3.12.2) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.11.0) - rspec-mocks (3.11.2) + rspec-support (~> 3.12.0) + rspec-mocks (3.12.3) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.11.0) + rspec-support (~> 3.12.0) rspec-rails (6.0.1) actionpack (>= 6.1) activesupport (>= 6.1) @@ -279,7 +279,7 @@ GEM rspec-expectations (~> 3.11) rspec-mocks (~> 3.11) rspec-support (~> 3.11) - rspec-support (3.11.1) + rspec-support (3.12.0) rubocop (1.48.1) json (~> 2.3) parallel (~> 1.10) @@ -374,7 +374,7 @@ DEPENDENCIES pry-rails puma (~> 6.1) rack-attack - rails (~> 6.1.7) + rails (~> 6.1.7, >= 6.1.7.2) rails-controller-testing (>= 1.0.5) rest-client (~> 2.1) rollbar @@ -382,14 +382,14 @@ DEPENDENCIES rspec-rails (>= 6.0.1) rubocop (>= 0.91.1) rubocop-performance (>= 1.8.1) - rubocop-rails (>= 2.16.1) + rubocop-rails (>= 2.18.0) rubocop-rspec (>= 1.43.2) simplecov (>= 0.16.1) spring spring-watcher-listen (~> 2.1.0) sqlite3 (~> 1.6) web-console (>= 4.2.0) - webpacker (~> 5.4) + webpacker (~> 5.4, >= 5.4.4) RUBY VERSION ruby 2.7.6p219 From 85d7b5fc583fdaf5cae84d243df36676217d08e5 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 13 Mar 2023 11:32:13 +0000 Subject: [PATCH 83/88] Update dependabot checks --- .github/dependabot.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e0ed9cbb..913939d7 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,10 +1,17 @@ version: 2 updates: - - package-ecosystem: "bundler" + - package-ecosystem: bundler directory: "/" schedule: - interval: "weekly" - - package-ecosystem: "npm" + interval: weekly + day: sunday + - package-ecosystem: npm + directory: "/" + schedule: + interval: weekly + day: sunday + - package-ecosystem: github-actions directory: "/" schedule: interval: weekly + day: sunday From 9cf3b6e438ad8b0e8dc8595a81478dd4cca10e48 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 11:41:06 +0000 Subject: [PATCH 84/88] build(deps): bump ruby/setup-ruby from 1.138.0 to 1.144.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.138.0 to 1.144.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Commits](https://github.com/ruby/setup-ruby/compare/v1.138.0...v1.144.0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/rubyonrails.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rubyonrails.yml b/.github/workflows/rubyonrails.yml index 0fe70632..9ae36f8d 100644 --- a/.github/workflows/rubyonrails.yml +++ b/.github/workflows/rubyonrails.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@v3 - name: Install Ruby and gems - uses: ruby/setup-ruby@v1.138.0 + uses: ruby/setup-ruby@v1.144.0 with: bundler-cache: true From 552095fda19b4a36d30531aad72a90eaa5cedf17 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 11:41:25 +0000 Subject: [PATCH 85/88] build(deps-dev): bump rubocop-rspec from 2.18.1 to 2.19.0 Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.18.1 to 2.19.0. - [Release notes](https://github.com/rubocop/rubocop-rspec/releases) - [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.18.1...v2.19.0) --- updated-dependencies: - dependency-name: rubocop-rspec dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 9026f48d..8cddced7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -292,7 +292,7 @@ GEM unicode-display_width (>= 2.4.0, < 3.0) rubocop-ast (1.27.0) parser (>= 3.2.1.0) - rubocop-capybara (2.17.0) + rubocop-capybara (2.17.1) rubocop (~> 1.41) rubocop-performance (1.16.0) rubocop (>= 1.7.0, < 2.0) @@ -301,7 +301,7 @@ GEM activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-rspec (2.18.1) + rubocop-rspec (2.19.0) rubocop (~> 1.33) rubocop-capybara (~> 2.17) ruby-progressbar (1.13.0) From 6defd2c3fdcec2d60beb5f20c6c552b3bd06fbc7 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 13 Mar 2023 12:38:25 +0000 Subject: [PATCH 86/88] Make sure all email domains are lower case when we import them --- app/services/salesforce_import/domains.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/services/salesforce_import/domains.rb b/app/services/salesforce_import/domains.rb index 5bb1b79d..977bbf1a 100644 --- a/app/services/salesforce_import/domains.rb +++ b/app/services/salesforce_import/domains.rb @@ -61,7 +61,7 @@ def self.csv_path def self.get_email_domain_row(url) { - url: url, + url: url.downcase, active: true, created_at: DateTime.current, updated_at: DateTime.current From 78eea2ec7004715e6d86c65decaff7d33ae839a9 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 13 Mar 2023 13:02:03 +0000 Subject: [PATCH 87/88] Fix issue with browser list npm module which was preventing deployments --- yarn.lock | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/yarn.lock b/yarn.lock index 4b1d353c..4f13c581 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2046,15 +2046,10 @@ caniuse-api@^3.0.0: lodash.memoize "^4.1.2" lodash.uniq "^4.5.0" -caniuse-lite@^1.0.0, caniuse-lite@^1.0.30000981, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001219: - version "1.0.30001233" - resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001233.tgz#b7cb4a377a4b12ed240d2fa5c792951a06e5f2c4" - integrity sha512-BmkbxLfStqiPA7IEzQpIk0UFZFf3A4E6fzjPJ6OR+bFC2L8ES9J8zGA/asoi47p8XDVkev+WJo2I2Nc8c/34Yg== - -caniuse-lite@^1.0.30001254: - version "1.0.30001256" - resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001256.tgz#182410b5f024e0ab99c72ec648f234a9986bd548" - integrity sha512-QirrvMLmB4txNnxiaG/xbm6FSzv9LqOZ3Jp9VtCYb3oPIfCHpr/oGn38pFq0udwlkctvXQgPthaXqJ76DaYGnA== +caniuse-lite@^1.0.0, caniuse-lite@^1.0.30000981, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001219, caniuse-lite@^1.0.30001254: + version "1.0.30001465" + resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001465.tgz" + integrity sha512-HvjgL3MYAJjceTDCcjRnQGjwUz/5qec9n7JPOzUursUoOTIsYCSDOb1l7RsnZE8mjbxG78zVRCKfrBXyvChBag== case-sensitive-paths-webpack-plugin@^2.4.0: version "2.4.0" From 37d1fc0137747c4c8cb5267bbe69181e8c7fb5e2 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 13 Mar 2023 14:09:11 +0000 Subject: [PATCH 88/88] Specify the node version we wish to use as 16 --- .nvmrc | 1 + 1 file changed, 1 insertion(+) create mode 100644 .nvmrc diff --git a/.nvmrc b/.nvmrc new file mode 100644 index 00000000..b6a7d89c --- /dev/null +++ b/.nvmrc @@ -0,0 +1 @@ +16