From ae71cfc30c9257e38718ac9157746a8a8eee770a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 18 Jun 2023 03:56:45 +0000 Subject: [PATCH 01/42] build(deps): bump jwt from 2.7.0 to 2.7.1 Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.7.0 to 2.7.1. - [Release notes](https://github.com/jwt/ruby-jwt/releases) - [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md) - [Commits](https://github.com/jwt/ruby-jwt/compare/v2.7.0...v2.7.1) --- updated-dependencies: - dependency-name: jwt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index bca75eee..a73c7c00 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -155,7 +155,7 @@ GEM activesupport (>= 5.0.0) jmespath (1.6.2) json (2.6.3) - jwt (2.7.0) + jwt (2.7.1) listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) From 5111b02bd93381dd0cd4842d3bab5301f381363c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 18 Jun 2023 03:58:02 +0000 Subject: [PATCH 02/42] build(deps-dev): bump rubocop from 1.50.2 to 1.52.1 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.50.2 to 1.52.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.50.2...v1.52.1) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index a73c7c00..29572c35 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -203,7 +203,7 @@ GEM puma (6.2.2) nio4r (~> 2.0) raabro (1.4.0) - racc (1.6.2) + racc (1.7.1) rack (2.2.7) rack-attack (6.6.1) rack (>= 1.0, < 3) @@ -281,10 +281,10 @@ GEM rspec-mocks (~> 3.11) rspec-support (~> 3.11) rspec-support (3.12.0) - rubocop (1.50.2) + rubocop (1.52.1) json (~> 2.3) parallel (~> 1.10) - parser (>= 3.2.0.0) + parser (>= 3.2.2.3) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) From 7f255b3ad17eb7b5bfcb354c789a290cef1fea26 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 18 Jun 2023 03:59:05 +0000 Subject: [PATCH 03/42] build(deps): bump ruby/setup-ruby from 1.151.0 to 1.152.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.151.0 to 1.152.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Commits](https://github.com/ruby/setup-ruby/compare/v1.151.0...v1.152.0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/rubyonrails.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rubyonrails.yml b/.github/workflows/rubyonrails.yml index 2ca63830..95a46e8d 100644 --- a/.github/workflows/rubyonrails.yml +++ b/.github/workflows/rubyonrails.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@v3 - name: Install Ruby and gems - uses: ruby/setup-ruby@v1.151.0 + uses: ruby/setup-ruby@v1.152.0 with: bundler-cache: true From adec5350e56fe4f14932c236f229a7e714ff9988 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 18 Jun 2023 03:57:41 +0000 Subject: [PATCH 04/42] build(deps): bump canonical-rails from `7d6d958` to `52fbad6` Bumps [canonical-rails](https://github.com/jumph4x/canonical-rails) from `7d6d958` to `52fbad6`. - [Commits](https://github.com/jumph4x/canonical-rails/compare/7d6d958a3b53c794ed2f7ecc04e3e7fe670bd86a...52fbad653f665d999f1849e322903557d39d9ef2) --- updated-dependencies: - dependency-name: canonical-rails dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 29572c35..34f8430d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,6 +1,6 @@ GIT remote: https://github.com/jumph4x/canonical-rails.git - revision: 7d6d958a3b53c794ed2f7ecc04e3e7fe670bd86a + revision: 52fbad653f665d999f1849e322903557d39d9ef2 specs: canonical-rails (0.2.14) actionmailer (>= 4.1, <= 7.1) @@ -137,7 +137,7 @@ GEM http-accept (1.7.0) http-cookie (1.0.3) domain_name (~> 0.5) - i18n (1.13.0) + i18n (1.14.1) concurrent-ruby (~> 1.0) i18n-tasks (1.0.12) activesupport (>= 4.0.2) @@ -159,9 +159,9 @@ GEM listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.19.1) + loofah (2.21.3) crass (~> 1.0.2) - nokogiri (>= 1.5.9) + nokogiri (>= 1.12.0) mail (2.8.1) mini_mime (>= 0.1.1) net-imap @@ -173,10 +173,10 @@ GEM mime-types-data (~> 3.2015) mime-types-data (3.2020.0512) mini_mime (1.1.2) - mini_portile2 (2.8.1) - minitest (5.18.0) + mini_portile2 (2.8.2) + minitest (5.18.1) msgpack (1.6.0) - net-imap (0.3.4) + net-imap (0.3.6) date net-protocol net-pop (0.1.2) @@ -187,8 +187,8 @@ GEM net-protocol netrc (0.11.0) nio4r (2.5.9) - nokogiri (1.14.3) - mini_portile2 (~> 2.8.0) + nokogiri (1.15.2) + mini_portile2 (~> 2.8.2) racc (~> 1.4) parallel (1.23.0) parser (3.2.2.3) @@ -233,8 +233,9 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.5.0) - loofah (~> 2.19, >= 2.19.1) + rails-html-sanitizer (1.6.0) + loofah (~> 2.21) + nokogiri (~> 1.14) rails-i18n (7.0.6) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) @@ -333,7 +334,7 @@ GEM mini_portile2 (~> 2.8.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) - thor (1.2.1) + thor (1.2.2) timeout (0.3.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) From 6bbdd58a3c2495b8ca522527fdc7d416828f3a5f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 03:14:28 +0000 Subject: [PATCH 05/42] build(deps): bump paambaati/codeclimate-action from 4.0.0 to 5.0.0 Bumps [paambaati/codeclimate-action](https://github.com/paambaati/codeclimate-action) from 4.0.0 to 5.0.0. - [Release notes](https://github.com/paambaati/codeclimate-action/releases) - [Changelog](https://github.com/paambaati/codeclimate-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/paambaati/codeclimate-action/compare/v4.0.0...v5.0.0) --- updated-dependencies: - dependency-name: paambaati/codeclimate-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/rubyonrails.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rubyonrails.yml b/.github/workflows/rubyonrails.yml index 95a46e8d..d93045f8 100644 --- a/.github/workflows/rubyonrails.yml +++ b/.github/workflows/rubyonrails.yml @@ -46,7 +46,7 @@ jobs: run: bin/rake - name: publish code coverage - uses: paambaati/codeclimate-action@v4.0.0 + uses: paambaati/codeclimate-action@v5.0.0 with: debug: true if: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'develop' }} From bf00eff9aae00adc419f305490541ef646dd723a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 03:07:40 +0000 Subject: [PATCH 06/42] build(deps): bump govuk-frontend from 4.6.0 to 4.7.0 Bumps [govuk-frontend](https://github.com/alphagov/govuk-frontend) from 4.6.0 to 4.7.0. - [Release notes](https://github.com/alphagov/govuk-frontend/releases) - [Changelog](https://github.com/alphagov/govuk-frontend/blob/main/CHANGELOG.md) - [Commits](https://github.com/alphagov/govuk-frontend/compare/v4.6.0...v4.7.0) --- updated-dependencies: - dependency-name: govuk-frontend dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 0ac8c2d2..751b33a1 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "@rails/ujs": "^7.0.5", "@rails/webpacker": "5.4.4", "accessible-autocomplete": "^2.0.4", - "govuk-frontend": "^4.6.0", + "govuk-frontend": "^4.7.0", "jquery": "^3.7.0", "js-cookie": "^3.0.5" }, diff --git a/yarn.lock b/yarn.lock index a6ce9240..94aef11f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3364,10 +3364,10 @@ globals@^11.1.0: resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e" integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA== -govuk-frontend@^4.6.0: - version "4.6.0" - resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.6.0.tgz#662b41f7c468bb5468441218c720f0b31c948cbd" - integrity sha512-pLJVHVvfsTmNDBH/YBCMyuqSMCQmOrNQXoThdcAzhXJVbuaWnGc1URvjOR7EJeZyOm101fHDjzTkTvpEy6zfiw== +govuk-frontend@^4.7.0: + version "4.7.0" + resolved "https://registry.yarnpkg.com/govuk-frontend/-/govuk-frontend-4.7.0.tgz#69950b6c2e69f435ffe9aa60d8dee232dac977de" + integrity sha512-0OsdCusF5qvLWwKziU8zqxiC0nq6WP0ZQuw51ymZ/1V0tO71oIKMlSLN2S9bm8RcEGSoidPt2A34gKxePrLjvg== graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.2.6: version "4.2.9" From c2646c2d8139d6e566691c805f01394f979af1c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 10 Sep 2023 03:52:40 +0000 Subject: [PATCH 07/42] build(deps): bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/rubyonrails.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rubyonrails.yml b/.github/workflows/rubyonrails.yml index d93045f8..0b4b80db 100644 --- a/.github/workflows/rubyonrails.yml +++ b/.github/workflows/rubyonrails.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install Ruby and gems uses: ruby/setup-ruby@v1.152.0 From 1edcb61e7e0663345518f8dc2d4876f23b2853ae Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 11 Sep 2023 09:19:12 +0100 Subject: [PATCH 08/42] Remove google analytics (not Google Tag Manager) --- app/views/layouts/application.html.erb | 1 - app/views/layouts/error.html.erb | 1 - app/views/shared/google/_analytics.html.erb | 13 ------------- config/application.rb | 4 ---- 4 files changed, 19 deletions(-) delete mode 100644 app/views/shared/google/_analytics.html.erb diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 91240f77..eb1041b2 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -25,7 +25,6 @@ - <%= render partial: '/shared/google/analytics' if cookie_preferences_settings['google_analytics_enabled'] && PmpIdam.google_analytics_tracking_id.present? %> <%= render partial: '/shared/google/tag_manager_head' if PmpIdam.google_tag_manager_tracking_id.present? %> <%= canonical_tag %> diff --git a/app/views/layouts/error.html.erb b/app/views/layouts/error.html.erb index 6a587ecb..17295365 100644 --- a/app/views/layouts/error.html.erb +++ b/app/views/layouts/error.html.erb @@ -25,7 +25,6 @@ - <%= render partial: '/shared/google/analytics' if cookie_preferences_settings['google_analytics_enabled'] && PmpIdam.google_analytics_tracking_id.present? %> <%= render partial: '/shared/google/tag_manager_head' if PmpIdam.google_tag_manager_tracking_id.present? %> <%= canonical_tag %> diff --git a/app/views/shared/google/_analytics.html.erb b/app/views/shared/google/_analytics.html.erb deleted file mode 100644 index 272c83c5..00000000 --- a/app/views/shared/google/_analytics.html.erb +++ /dev/null @@ -1,13 +0,0 @@ -<% if PmpIdam.google_analytics_tracking_id.present? %> - - - - -<% end %> \ No newline at end of file diff --git a/config/application.rb b/config/application.rb index d3cef75c..ca7cbada 100644 --- a/config/application.rb +++ b/config/application.rb @@ -59,10 +59,6 @@ class Application < Rails::Application end end - def self.google_analytics_tracking_id - @google_analytics_tracking_id ||= ENV.fetch('GOOGLE_ANALYTICS_ID', nil) - end - def self.google_tag_manager_tracking_id @google_tag_manager_tracking_id ||= ENV.fetch('GTM_TRACKING_ID', nil) end From 1f04c723ca268ffd53bfce773a9f253a37519db5 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 11 Sep 2023 09:32:19 +0100 Subject: [PATCH 09/42] Update rails version and run rails update. I have also added any extra tasks related to the update steps --- Gemfile | 4 +- Gemfile.lock | 157 +++++++++--------- bin/rails | 11 +- bin/rake | 9 +- bin/setup | 27 ++- config/application.rb | 2 +- config/environments/development.rb | 30 ++-- config/environments/production.rb | 32 +--- config/environments/test.rb | 23 ++- .../initializers/content_security_policy.rb | 48 +++--- config/initializers/cookie_rotator.rb | 19 +++ .../initializers/filter_parameter_logging.rb | 10 +- config/initializers/inflections.rb | 9 +- config/initializers/permissions_policy.rb | 11 ++ db/schema.rb | 2 +- package.json | 2 +- yarn.lock | 8 +- 17 files changed, 211 insertions(+), 193 deletions(-) create mode 100644 config/initializers/cookie_rotator.rb create mode 100644 config/initializers/permissions_policy.rb diff --git a/Gemfile b/Gemfile index 5a49cc8b..34cdb7b5 100644 --- a/Gemfile +++ b/Gemfile @@ -6,7 +6,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby '3.0.6' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 6.1.7' +gem 'rails', '~> 7.0.8' # Use sqlite3 as the database for Active Record gem 'sqlite3', '~> 1.6' # Use Puma as the app server @@ -30,7 +30,7 @@ gem 'bootsnap', '>= 1.4.2', require: false gem 'arask', '1.2.3' # for postgresql -gem 'activerecord-postgis-adapter', '~> 7.1.1' +gem 'activerecord-postgis-adapter', '~> 8.0.2' gem 'pg', '~> 1.5.3' # remove if not option two taken in project gem 'jwt' diff --git a/Gemfile.lock b/Gemfile.lock index 34f8430d..d484cd35 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -11,68 +11,74 @@ GIT GEM remote: https://rubygems.org/ specs: - actioncable (6.1.7.3) - actionpack (= 6.1.7.3) - activesupport (= 6.1.7.3) + actioncable (7.0.8) + actionpack (= 7.0.8) + activesupport (= 7.0.8) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.3) - actionpack (= 6.1.7.3) - activejob (= 6.1.7.3) - activerecord (= 6.1.7.3) - activestorage (= 6.1.7.3) - activesupport (= 6.1.7.3) + actionmailbox (7.0.8) + actionpack (= 7.0.8) + activejob (= 7.0.8) + activerecord (= 7.0.8) + activestorage (= 7.0.8) + activesupport (= 7.0.8) mail (>= 2.7.1) - actionmailer (6.1.7.3) - actionpack (= 6.1.7.3) - actionview (= 6.1.7.3) - activejob (= 6.1.7.3) - activesupport (= 6.1.7.3) + net-imap + net-pop + net-smtp + actionmailer (7.0.8) + actionpack (= 7.0.8) + actionview (= 7.0.8) + activejob (= 7.0.8) + activesupport (= 7.0.8) mail (~> 2.5, >= 2.5.4) + net-imap + net-pop + net-smtp rails-dom-testing (~> 2.0) - actionpack (6.1.7.3) - actionview (= 6.1.7.3) - activesupport (= 6.1.7.3) - rack (~> 2.0, >= 2.0.9) + actionpack (7.0.8) + actionview (= 7.0.8) + activesupport (= 7.0.8) + rack (~> 2.0, >= 2.2.4) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7.3) - actionpack (= 6.1.7.3) - activerecord (= 6.1.7.3) - activestorage (= 6.1.7.3) - activesupport (= 6.1.7.3) + actiontext (7.0.8) + actionpack (= 7.0.8) + activerecord (= 7.0.8) + activestorage (= 7.0.8) + activesupport (= 7.0.8) + globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (6.1.7.3) - activesupport (= 6.1.7.3) + actionview (7.0.8) + activesupport (= 7.0.8) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.7.3) - activesupport (= 6.1.7.3) + activejob (7.0.8) + activesupport (= 7.0.8) globalid (>= 0.3.6) - activemodel (6.1.7.3) - activesupport (= 6.1.7.3) - activerecord (6.1.7.3) - activemodel (= 6.1.7.3) - activesupport (= 6.1.7.3) - activerecord-postgis-adapter (7.1.1) - activerecord (~> 6.1) + activemodel (7.0.8) + activesupport (= 7.0.8) + activerecord (7.0.8) + activemodel (= 7.0.8) + activesupport (= 7.0.8) + activerecord-postgis-adapter (8.0.2) + activerecord (~> 7.0.0) rgeo-activerecord (~> 7.0.0) - activestorage (6.1.7.3) - actionpack (= 6.1.7.3) - activejob (= 6.1.7.3) - activerecord (= 6.1.7.3) - activesupport (= 6.1.7.3) + activestorage (7.0.8) + actionpack (= 7.0.8) + activejob (= 7.0.8) + activerecord (= 7.0.8) + activesupport (= 7.0.8) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.7.3) + activesupport (7.0.8) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) - zeitwerk (~> 2.3) arask (1.2.3) fugit (~> 1.1) rails (>= 5.0) @@ -131,8 +137,8 @@ GEM fugit (1.8.1) et-orbi (~> 1, >= 1.2.7) raabro (~> 1.4) - globalid (1.1.0) - activesupport (>= 5.0) + globalid (1.2.1) + activesupport (>= 6.1) highline (2.1.0) http-accept (1.7.0) http-cookie (1.0.3) @@ -172,11 +178,11 @@ GEM mime-types (3.3.1) mime-types-data (~> 3.2015) mime-types-data (3.2020.0512) - mini_mime (1.1.2) - mini_portile2 (2.8.2) - minitest (5.18.1) + mini_mime (1.1.5) + mini_portile2 (2.8.4) + minitest (5.20.0) msgpack (1.6.0) - net-imap (0.3.6) + net-imap (0.3.7) date net-protocol net-pop (0.1.2) @@ -187,7 +193,7 @@ GEM net-protocol netrc (0.11.0) nio4r (2.5.9) - nokogiri (1.15.2) + nokogiri (1.15.4) mini_portile2 (~> 2.8.2) racc (~> 1.4) parallel (1.23.0) @@ -204,34 +210,34 @@ GEM nio4r (~> 2.0) raabro (1.4.0) racc (1.7.1) - rack (2.2.7) + rack (2.2.8) rack-attack (6.6.1) rack (>= 1.0, < 3) rack-proxy (0.7.6) rack rack-test (2.1.0) rack (>= 1.3) - rails (6.1.7.3) - actioncable (= 6.1.7.3) - actionmailbox (= 6.1.7.3) - actionmailer (= 6.1.7.3) - actionpack (= 6.1.7.3) - actiontext (= 6.1.7.3) - actionview (= 6.1.7.3) - activejob (= 6.1.7.3) - activemodel (= 6.1.7.3) - activerecord (= 6.1.7.3) - activestorage (= 6.1.7.3) - activesupport (= 6.1.7.3) + rails (7.0.8) + actioncable (= 7.0.8) + actionmailbox (= 7.0.8) + actionmailer (= 7.0.8) + actionpack (= 7.0.8) + actiontext (= 7.0.8) + actionview (= 7.0.8) + activejob (= 7.0.8) + activemodel (= 7.0.8) + activerecord (= 7.0.8) + activestorage (= 7.0.8) + activesupport (= 7.0.8) bundler (>= 1.15.0) - railties (= 6.1.7.3) - sprockets-rails (>= 2.0.0) + railties (= 7.0.8) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) activesupport (>= 5.0.1.rc1) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) rails-html-sanitizer (1.6.0) loofah (~> 2.21) @@ -239,12 +245,13 @@ GEM rails-i18n (7.0.6) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) - railties (6.1.7.3) - actionpack (= 6.1.7.3) - activesupport (= 6.1.7.3) + railties (7.0.8) + actionpack (= 7.0.8) + activesupport (= 7.0.8) method_source rake (>= 12.2) thor (~> 1.0) + zeitwerk (~> 2.5) rainbow (3.1.1) rake (13.0.6) rb-fsevent (0.11.2) @@ -257,7 +264,7 @@ GEM mime-types (>= 1.16, < 4.0) netrc (~> 0.8) rexml (3.2.5) - rgeo (2.4.0) + rgeo (3.0.0) rgeo-activerecord (7.0.1) activerecord (>= 5.0) rgeo (>= 1.0.0) @@ -323,7 +330,7 @@ GEM spring-watcher-listen (2.1.0) listen (>= 2.7, < 4.0) spring (>= 4) - sprockets (4.2.0) + sprockets (4.2.1) concurrent-ruby (~> 1.0) rack (>= 2.2.4, < 4) sprockets-rails (3.4.2) @@ -335,7 +342,7 @@ GEM terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) thor (1.2.2) - timeout (0.3.2) + timeout (0.4.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unf (0.1.4) @@ -352,16 +359,16 @@ GEM rack-proxy (>= 0.6.1) railties (>= 5.2) semantic_range (>= 2.3.0) - websocket-driver (0.7.5) + websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.8) + zeitwerk (2.6.11) PLATFORMS ruby DEPENDENCIES - activerecord-postgis-adapter (~> 7.1.1) + activerecord-postgis-adapter (~> 8.0.2) arask (= 1.2.3) aws-sdk-cognitoidentityprovider (~> 1.73.0) aws-sdk-s3 (~> 1) @@ -379,7 +386,7 @@ DEPENDENCIES pry-rails puma (~> 6.2) rack-attack - rails (~> 6.1.7) + rails (~> 7.0.8) rails-controller-testing (>= 1.0.5) rest-client (~> 2.1) rollbar diff --git a/bin/rails b/bin/rails index 5badb2fd..efc03774 100755 --- a/bin/rails +++ b/bin/rails @@ -1,9 +1,4 @@ #!/usr/bin/env ruby -begin - load File.expand_path('../spring', __FILE__) -rescue LoadError => e - raise unless e.message.include?('spring') -end -APP_PATH = File.expand_path('../config/application', __dir__) -require_relative '../config/boot' -require 'rails/commands' +APP_PATH = File.expand_path("../config/application", __dir__) +require_relative "../config/boot" +require "rails/commands" diff --git a/bin/rake b/bin/rake index d87d5f57..4fbf10b9 100755 --- a/bin/rake +++ b/bin/rake @@ -1,9 +1,4 @@ #!/usr/bin/env ruby -begin - load File.expand_path('../spring', __FILE__) -rescue LoadError => e - raise unless e.message.include?('spring') -end -require_relative '../config/boot' -require 'rake' +require_relative "../config/boot" +require "rake" Rake.application.run diff --git a/bin/setup b/bin/setup index 5853b5ea..ec47b79b 100755 --- a/bin/setup +++ b/bin/setup @@ -1,36 +1,33 @@ #!/usr/bin/env ruby -require 'fileutils' +require "fileutils" # path to your application root. -APP_ROOT = File.expand_path('..', __dir__) +APP_ROOT = File.expand_path("..", __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") end FileUtils.chdir APP_ROOT do - # This script is a way to setup or update your development environment automatically. - # This script is idempotent, so that you can run it at anytime and get an expectable outcome. + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. - puts '== Installing dependencies ==' - system! 'gem install bundler --conservative' - system('bundle check') || system!('bundle install') - - # Install JavaScript dependencies - # system('bin/yarn') + puts "== Installing dependencies ==" + system! "gem install bundler --conservative" + system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" - # unless File.exist?('config/database.yml') - # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" # end puts "\n== Preparing database ==" - system! 'bin/rails db:prepare' + system! "bin/rails db:prepare" puts "\n== Removing old logs and tempfiles ==" - system! 'bin/rails log:clear tmp:clear' + system! "bin/rails log:clear tmp:clear" puts "\n== Restarting application server ==" - system! 'bin/rails restart' + system! "bin/rails restart" end diff --git a/config/application.rb b/config/application.rb index ca7cbada..15590671 100644 --- a/config/application.rb +++ b/config/application.rb @@ -24,7 +24,7 @@ module PmpIdam class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 6.1 + config.load_defaults 7.0 # config.web_console.whitelisted_ips = '' # Settings in config/environments/* take precedence over those specified here. diff --git a/config/environments/development.rb b/config/environments/development.rb index 9fe070d4..5cb511bd 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,21 +1,25 @@ -# frozen_string_literal: true +require "active_support/core_ext/integer/time" Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded on - # every request. This slows down response time but is perfect for development + # In the development environment your application's code is reloaded any time + # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. config.cache_classes = false config.public_file_server.enabled = true - + # Do not eager load code on boot. config.eager_load = false # Show full error reports. config.consider_all_requests_local = true - config.hosts.clear + config.hosts << /[a-z0-9\-.]+\.ngrok\.io/ + + # Enable server timing + config.server_timing = true + # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. if Rails.root.join('tmp', 'caching-dev.txt').exist? @@ -40,6 +44,12 @@ # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load @@ -47,11 +57,11 @@ config.active_record.verbose_query_logs = true # Raises error for missing translations. - # config.action_view.raise_on_missing_translations = true + # config.i18n.raise_on_missing_translations = true - # Use an evented file watcher to asynchronously detect changes in source code, - # routes, locales, etc. This feature depends on the listen gem. - config.file_watcher = ActiveSupport::EventedFileUpdateChecker + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true - # config.force_ssl = true + # Uncomment if you wish to allow Action Cable access from any origin. + # config.action_cable.disable_request_forgery_protection = true end diff --git a/config/environments/production.rb b/config/environments/production.rb index dd7f9dd8..bf8e2d63 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -1,4 +1,4 @@ -# frozen_string_literal: true +require "active_support/core_ext/integer/time" Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. @@ -25,7 +25,7 @@ config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.action_controller.asset_host = 'http://assets.example.com' + # config.asset_host = 'http://assets.example.com' # Specifies the header that your server uses for sending files. # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache @@ -34,8 +34,8 @@ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true - # Use the lowest log level to ensure availability of diagnostic information - # when problems arise. + # Include generic and useful information about system operation, but avoid logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). config.log_level = :debug # Prepend all log lines with the following tags. @@ -58,8 +58,8 @@ # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify + # Don't log any deprecations. + config.active_support.report_deprecations = false # Use default logging formatter so that PID and timestamp are not suppressed. config.log_formatter = ::Logger::Formatter.new @@ -77,26 +77,6 @@ # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false - # Inserts middleware to perform automatic connection switching. - # The `database_selector` hash is used to pass options to the DatabaseSelector - # middleware. The `delay` is used to determine how long to wait after a write - # to send a subsequent read to the primary. - # - # The `database_resolver` class is used by the middleware to determine which - # database is appropriate to use based on the time delay. - # - # The `database_resolver_context` class is used by the middleware to set - # timestamps for the last write to the primary. The resolver uses the context - # class timestamps to determine how long to wait before reading from the - # replica. - # - # By default Rails will store a last write timestamp in the session. The - # DatabaseSelector middleware is designed as such you can define your own - # strategy for connection switching and pass that into the middleware through - # these configuration options. - # config.active_record.database_selector = { delay: 2.seconds } - # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver - # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session config.action_dispatch.default_headers = { 'X-Frame-Options' => 'SAMEORIGIN', 'X-XSS-Protection' => '1; mode=block', diff --git a/config/environments/test.rb b/config/environments/test.rb index ea562d65..e9ead915 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,4 +1,4 @@ -# frozen_string_literal: true +require "active_support/core_ext/integer/time" # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that @@ -8,13 +8,13 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. + # Turn false under Spring and add config.action_view.cache_template_loading = true. config.cache_classes = false - config.action_view.cache_template_loading = true - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + # Eager loading loads your whole application. When running a single test locally, + # this probably isn't necessary. It's a good idea to do in a continuous integration + # system, or in some way before deploying your code. + config.eager_load = ENV["CI"].present? # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true @@ -43,6 +43,15 @@ # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + # Raises error for missing translations. - # config.action_view.raise_on_missing_translations = true + # config.i18n.raise_on_missing_translations = true + + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index f3bcce54..54f47cf1 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -1,31 +1,25 @@ -# frozen_string_literal: true # Be sure to restart your server when you modify this file. -# Define an application-wide content security policy -# For further information see the following documentation -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header -# Rails.application.config.content_security_policy do |policy| -# policy.default_src :self, :https -# policy.font_src :self, :https, :data -# policy.img_src :self, :https, :data -# policy.object_src :none -# policy.script_src :self, :https -# policy.style_src :self, :https -# # If you are using webpack-dev-server then specify webpack-dev-server host -# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? - -# # Specify URI for violation reports -# # policy.report_uri "/csp-violation-report-endpoint" +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap and inline scripts +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src) +# +# # Report violations without enforcing the policy. +# # config.content_security_policy_report_only = true # end - -# If you are using UJS then enable automatic nonce generation -# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } - -# Set the nonce only to specific directives -# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) - -# Report CSP violations to a specified URI -# For further information see the following documentation: -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only -# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/cookie_rotator.rb b/config/initializers/cookie_rotator.rb new file mode 100644 index 00000000..abc1f7ff --- /dev/null +++ b/config/initializers/cookie_rotator.rb @@ -0,0 +1,19 @@ +Rails.application.config.after_initialize do + Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies| + authenticated_encrypted_cookie_salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt + signed_cookie_salt = Rails.application.config.action_dispatch.signed_cookie_salt + + secret_key_base = Rails.application.secret_key_base + + key_generator = ActiveSupport::KeyGenerator.new( + secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1 + ) + key_len = ActiveSupport::MessageEncryptor.key_len + + old_encrypted_secret = key_generator.generate_key(authenticated_encrypted_cookie_salt, key_len) + old_signed_secret = key_generator.generate_key(signed_cookie_salt) + + cookies.rotate :encrypted, old_encrypted_secret + cookies.rotate :signed, old_signed_secret + end +end diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 7a4f47b4..166997c5 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,6 +1,8 @@ -# frozen_string_literal: true - # Be sure to restart your server when you modify this file. -# Configure sensitive parameters which will be filtered from the log file. -Rails.application.config.filter_parameters += [:password] +# Configure parameters to be filtered from the log file. Use this to limit dissemination of +# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported +# notations and behaviors. +Rails.application.config.filter_parameters += %i[ + passw secret token _key crypt salt certificate otp ssn +] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index aa7435fb..3860f659 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -1,17 +1,16 @@ -# frozen_string_literal: true # Be sure to restart your server when you modify this file. # Add new inflection rules using the following format. Inflections # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.plural /^(ox)$/i, '\1en' -# inflect.singular /^(ox)en/i, '\1' -# inflect.irregular 'person', 'people' +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" # inflect.uncountable %w( fish sheep ) # end # These inflection rules are supported but not enabled by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.acronym 'RESTful' +# inflect.acronym "RESTful" # end diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb new file mode 100644 index 00000000..00f64d71 --- /dev/null +++ b/config/initializers/permissions_policy.rb @@ -0,0 +1,11 @@ +# Define an application-wide HTTP permissions policy. For further +# information see https://developers.google.com/web/updates/2018/06/feature-policy +# +# Rails.application.config.permissions_policy do |f| +# f.camera :none +# f.gyroscope :none +# f.microphone :none +# f.usb :none +# f.fullscreen :self +# f.payment :self, "https://secure.example.com" +# end diff --git a/db/schema.rb b/db/schema.rb index 62812fbd..3cafe155 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2022_05_03_113745) do +ActiveRecord::Schema[6.1].define(version: 2022_05_03_113745) do # These are extensions that must be enabled in order to support this database enable_extension "pgcrypto" diff --git a/package.json b/package.json index 751b33a1..404073d4 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "pmp_idam", "private": true, "dependencies": { - "@rails/ujs": "^7.0.5", + "@rails/ujs": "^7.0.8", "@rails/webpacker": "5.4.4", "accessible-autocomplete": "^2.0.4", "govuk-frontend": "^4.7.0", diff --git a/yarn.lock b/yarn.lock index 94aef11f..e111952f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1094,10 +1094,10 @@ mkdirp "^1.0.4" rimraf "^3.0.2" -"@rails/ujs@^7.0.5": - version "7.0.5" - resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.0.5.tgz#d35a71fe6ecd4ab88bbe4bc6c2f287c992c2de4c" - integrity sha512-/wQ6v4DGxhxflPWoLwGkOQoKbtIXx/LsVNKd8shRM+/HXxlVBEb+F5znN99TlxX8e/R3dN6anTPAqA+mfA5YtQ== +"@rails/ujs@^7.0.8": + version "7.0.8" + resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.0.8.tgz#59853367d0827b3955d2c4bedfd5eba4a79d3422" + integrity sha512-tOQQBVH8LsUpGXqDnk+kaOGVsgZ8maHAhEiw3Git3p88q+c0Slgu47HuDnL6sVxeCfz24zbq7dOjsVYDiTpDIA== "@rails/webpacker@5.4.4": version "5.4.4" From 2db115f13a4de170e93f2404e554051655c6ba92 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Jul 2023 01:25:48 +0000 Subject: [PATCH 10/42] build(deps): bump semver from 5.7.1 to 5.7.2 Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] --- yarn.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/yarn.lock b/yarn.lock index e111952f..8e3fedb5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6090,19 +6090,19 @@ semver@7.0.0: integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A== semver@^5.5.0, semver@^5.6.0: - version "5.7.1" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" - integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== + version "5.7.2" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8" + integrity sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g== semver@^6.0.0, semver@^6.1.1, semver@^6.1.2, semver@^6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" - integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== + version "6.3.1" + resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" + integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== semver@^7.3.2: - version "7.3.5" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7" - integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ== + version "7.5.4" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.4.tgz#483986ec4ed38e1c6c48c34894a9182dbff68a6e" + integrity sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA== dependencies: lru-cache "^6.0.0" From e98d08d7630a16e694b02f3ae4d99d90081330e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 3 Sep 2023 03:16:38 +0000 Subject: [PATCH 11/42] build(deps): bump jquery from 3.7.0 to 3.7.1 Bumps [jquery](https://github.com/jquery/jquery) from 3.7.0 to 3.7.1. - [Release notes](https://github.com/jquery/jquery/releases) - [Commits](https://github.com/jquery/jquery/compare/3.7.0...3.7.1) --- updated-dependencies: - dependency-name: jquery dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 404073d4..e712194c 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "@rails/webpacker": "5.4.4", "accessible-autocomplete": "^2.0.4", "govuk-frontend": "^4.7.0", - "jquery": "^3.7.0", + "jquery": "^3.7.1", "js-cookie": "^3.0.5" }, "version": "0.1.0", diff --git a/yarn.lock b/yarn.lock index 8e3fedb5..08d363f4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3954,10 +3954,10 @@ jest-worker@^26.5.0: merge-stream "^2.0.0" supports-color "^7.0.0" -jquery@^3.7.0: - version "3.7.0" - resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.7.0.tgz#fe2c01a05da500709006d8790fe21c8a39d75612" - integrity sha512-umpJ0/k8X0MvD1ds0P9SfowREz2LenHsQaxSohMZ5OMNEU2r0tf8pdeEFTHMFxWVxKNyU9rTtK3CWzUCTKJUeQ== +jquery@^3.7.1: + version "3.7.1" + resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.7.1.tgz#083ef98927c9a6a74d05a6af02806566d16274de" + integrity sha512-m4avr8yL8kmFN8psrbFFFmB/If14iN5o9nw/NgnnM+kybDJpRsAynV2BsfpTYrTRysYUdADVD7CkUUizgkpLfg== js-cookie@^3.0.5: version "3.0.5" From c64c05b669661feb415285c0a3be6e5b38612d28 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:18:30 +0000 Subject: [PATCH 12/42] build(deps): bump puma from 6.2.2 to 6.3.1 Bumps [puma](https://github.com/puma/puma) from 6.2.2 to 6.3.1. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v6.2.2...v6.3.1) --- updated-dependencies: - dependency-name: puma dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 34cdb7b5..b0ca1f2f 100644 --- a/Gemfile +++ b/Gemfile @@ -10,7 +10,7 @@ gem 'rails', '~> 7.0.8' # Use sqlite3 as the database for Active Record gem 'sqlite3', '~> 1.6' # Use Puma as the app server -gem 'puma', '~> 6.2' +gem 'puma', '~> 6.3' # Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker gem 'webpacker', '~> 5.4', '>= 5.4.4' # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks diff --git a/Gemfile.lock b/Gemfile.lock index d484cd35..6d43796f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -206,7 +206,7 @@ GEM method_source (~> 1.0) pry-rails (0.3.9) pry (>= 0.10.4) - puma (6.2.2) + puma (6.3.1) nio4r (~> 2.0) raabro (1.4.0) racc (1.7.1) @@ -384,7 +384,7 @@ DEPENDENCIES listen (~> 3.8) pg (~> 1.5.3) pry-rails - puma (~> 6.2) + puma (~> 6.3) rack-attack rails (~> 7.0.8) rails-controller-testing (>= 1.0.5) From ca71b0e402ec7bde45da4850416bd10a456b683a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:18:00 +0000 Subject: [PATCH 13/42] build(deps-dev): bump rubocop-performance from 1.17.1 to 1.19.0 Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.17.1 to 1.19.0. - [Release notes](https://github.com/rubocop/rubocop-performance/releases) - [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.17.1...v1.19.0) --- updated-dependencies: - dependency-name: rubocop-performance dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6d43796f..f24554cf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -263,7 +263,7 @@ GEM http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - rexml (3.2.5) + rexml (3.2.6) rgeo (3.0.0) rgeo-activerecord (7.0.1) activerecord (>= 5.0) @@ -305,7 +305,7 @@ GEM rubocop (~> 1.41) rubocop-factory_bot (2.23.1) rubocop (~> 1.33) - rubocop-performance (1.17.1) + rubocop-performance (1.19.0) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) rubocop-rails (2.19.1) From b65baa7defcd48fd494a8d84d718fc7b3ad9ace0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:25:06 +0000 Subject: [PATCH 14/42] build(deps-dev): bump rspec-rails from 6.0.1 to 6.0.3 Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 6.0.1 to 6.0.3. - [Release notes](https://github.com/rspec/rspec-rails/releases) - [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md) - [Commits](https://github.com/rspec/rspec-rails/compare/v6.0.1...v6.0.3) --- updated-dependencies: - dependency-name: rspec-rails dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index f24554cf..ee118ad9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -272,23 +272,23 @@ GEM roo (2.10.0) nokogiri (~> 1) rubyzip (>= 1.3.0, < 3.0.0) - rspec-core (3.12.1) + rspec-core (3.12.2) rspec-support (~> 3.12.0) - rspec-expectations (3.12.2) + rspec-expectations (3.12.3) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-mocks (3.12.3) + rspec-mocks (3.12.6) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.12.0) - rspec-rails (6.0.1) + rspec-rails (6.0.3) actionpack (>= 6.1) activesupport (>= 6.1) railties (>= 6.1) - rspec-core (~> 3.11) - rspec-expectations (~> 3.11) - rspec-mocks (~> 3.11) - rspec-support (~> 3.11) - rspec-support (3.12.0) + rspec-core (~> 3.12) + rspec-expectations (~> 3.12) + rspec-mocks (~> 3.12) + rspec-support (~> 3.12) + rspec-support (3.12.1) rubocop (1.52.1) json (~> 2.3) parallel (~> 1.10) From 77d7d6c77bbbccee1d64335f991bcacd853254ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:25:41 +0000 Subject: [PATCH 15/42] build(deps): bump aws-sdk-ssm from 1.150.0 to 1.156.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.150.0 to 1.156.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ee118ad9..30f438d1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -84,11 +84,11 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.743.0) + aws-partitions (1.820.0) aws-sdk-cognitoidentityprovider (1.73.0) aws-sdk-core (~> 3, >= 3.165.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.171.0) + aws-sdk-core (3.181.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) @@ -100,10 +100,10 @@ GEM aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) - aws-sdk-ssm (1.150.0) - aws-sdk-core (~> 3, >= 3.165.0) + aws-sdk-ssm (1.156.0) + aws-sdk-core (~> 3, >= 3.177.0) aws-sigv4 (~> 1.1) - aws-sigv4 (1.5.2) + aws-sigv4 (1.6.0) aws-eventstream (~> 1, >= 1.0.2) better_html (2.0.1) actionview (>= 6.0) From 58b9142451bf63e8b8ed815e0e982d89adcf93b9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:33:52 +0000 Subject: [PATCH 16/42] build(deps): bump aws-sdk-cognitoidentityprovider from 1.73.0 to 1.81.0 Bumps [aws-sdk-cognitoidentityprovider](https://github.com/aws/aws-sdk-ruby) from 1.73.0 to 1.81.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-cognitoidentityprovider/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-cognitoidentityprovider dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index b0ca1f2f..f1a22692 100644 --- a/Gemfile +++ b/Gemfile @@ -20,7 +20,7 @@ gem 'jbuilder', '~> 2.11', '>= 2.11.5' # Use Active Model has_secure_password # gem 'bcrypt', '~> 3.1.7' # for cognito -gem 'aws-sdk-cognitoidentityprovider', '~> 1.73.0' +gem 'aws-sdk-cognitoidentityprovider', '~> 1.81.0' # importing creds gem 'aws-sdk-s3', '~> 1' # Reduces boot times through caching; required in config/boot.rb diff --git a/Gemfile.lock b/Gemfile.lock index 30f438d1..0960d9e9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -85,8 +85,8 @@ GEM ast (2.4.2) aws-eventstream (1.2.0) aws-partitions (1.820.0) - aws-sdk-cognitoidentityprovider (1.73.0) - aws-sdk-core (~> 3, >= 3.165.0) + aws-sdk-cognitoidentityprovider (1.81.0) + aws-sdk-core (~> 3, >= 3.177.0) aws-sigv4 (~> 1.1) aws-sdk-core (3.181.0) aws-eventstream (~> 1, >= 1.0.2) @@ -370,7 +370,7 @@ PLATFORMS DEPENDENCIES activerecord-postgis-adapter (~> 8.0.2) arask (= 1.2.3) - aws-sdk-cognitoidentityprovider (~> 1.73.0) + aws-sdk-cognitoidentityprovider (~> 1.81.0) aws-sdk-s3 (~> 1) aws-sdk-ssm bootsnap (>= 1.4.2) From 20cc773575921c37f06412e46cfdbb2d2962d7d8 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 11 Sep 2023 11:24:17 +0100 Subject: [PATCH 17/42] Fix issue with error summary due to deprecated methods --- app/views/shared/_error_summary.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/shared/_error_summary.html.erb b/app/views/shared/_error_summary.html.erb index 9a479e7c..1f92dafe 100644 --- a/app/views/shared/_error_summary.html.erb +++ b/app/views/shared/_error_summary.html.erb @@ -5,7 +5,7 @@
    - <% errors.keys.each do |attribute| %> + <% errors.attribute_names.each do |attribute| %>
  • <%= link_to "#{errors[attribute].first}", "##{error_id(attribute)}"%>
    • From 6636cc8d6de8dbb9beffd526cfa667509143ef76 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 11 Sep 2023 11:37:24 +0100 Subject: [PATCH 18/42] Update to Ruby v3.2.1 and run rubocop --- .rubocop.yml | 172 +----------------- .ruby-version | 2 +- .travis.yml | 2 +- Gemfile | 41 ++--- Gemfile.lock | 49 +++-- app/models/organisation.rb | 2 +- app/models/pwned_password.rb | 2 +- app/services/cognito/base_service.rb | 4 +- app/services/pwned_passwords.rb | 2 +- .../api/v1/organisation_controller_spec.rb | 2 +- .../base/passwords_controller_spec.rb | 2 +- spec/models/organisation_spec.rb | 2 +- .../cognito/confirm_password_reset_spec.rb | 8 +- spec/services/cognito/confirm_sign_up_spec.rb | 4 +- spec/services/cognito/sign_up_user_spec.rb | 12 +- 15 files changed, 68 insertions(+), 238 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 5513f43c..c37c3d73 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -4,7 +4,7 @@ require: - rubocop-rspec # or rubocop-minitest AllCops: NewCops: enable - TargetRubyVersion: 3.0 + TargetRubyVersion: 3.2 Exclude: - 'db/**/*' - 'script/**/*' @@ -132,173 +132,11 @@ RSpec/MultipleMemoizedHelpers: Metrics/ParameterLists: Max: 6 + Metrics/ModuleLength: Exclude: - 'spec/models/**/*' - 'spec/controllers/**/*' -Layout/BeginEndAlignment: # (new in 0.91) - Enabled: true -Layout/EmptyLinesAroundAttributeAccessor: # (new in 0.83) - Enabled: true -Layout/SpaceAroundMethodCallOperator: # (new in 0.82) - Enabled: true -Lint/BinaryOperatorWithIdenticalOperands: # (new in 0.89) - Enabled: true -Lint/ConstantDefinitionInBlock: # (new in 0.91) - Enabled: true -Lint/DeprecatedOpenSSLConstant: # (new in 0.84) - Enabled: true -Lint/DuplicateElsifCondition: # (new in 0.88) - Enabled: true -Lint/DuplicateRequire: # (new in 0.90) - Enabled: true -Lint/DuplicateRescueException: # (new in 0.89) - Enabled: true -Lint/EmptyConditionalBody: # (new in 0.89) - Enabled: true -Lint/EmptyFile: # (new in 0.90) - Enabled: true -Lint/FloatComparison: # (new in 0.89) - Enabled: true -Lint/HashCompareByIdentity: # (new in 0.93) - Enabled: true -Lint/IdentityComparison: # (new in 0.91) - Enabled: true -Lint/MissingSuper: # (new in 0.89) - Enabled: true -Lint/MixedRegexpCaptureTypes: # (new in 0.85) - Enabled: true -Lint/OutOfRangeRegexpRef: # (new in 0.89) - Enabled: true -Lint/RaiseException: # (new in 0.81) - Enabled: true -Lint/RedundantSafeNavigation: # (new in 0.93) - Enabled: true -Lint/SelfAssignment: # (new in 0.89) - Enabled: true -Lint/StructNewOverride: # (new in 0.81) - Enabled: true -Lint/TopLevelReturnWithArgument: # (new in 0.89) - Enabled: true -Lint/TrailingCommaInAttributeDeclaration: # (new in 0.90) - Enabled: true -Lint/UnreachableLoop: # (new in 0.89) - Enabled: true -Lint/UselessMethodDefinition: # (new in 0.90) - Enabled: true -Lint/UselessTimes: # (new in 0.91) - Enabled: true -Style/AccessorGrouping: # (new in 0.87) - Enabled: true -Style/ArrayCoercion: # (new in 0.88) - Enabled: true -Style/BisectedAttrAccessor: # (new in 0.87) - Enabled: true -Style/CaseLikeIf: # (new in 0.88) - Enabled: true -Style/ClassEqualityComparison: # (new in 0.93) - Enabled: true -Style/CombinableLoops: # (new in 0.90) - Enabled: true -Style/ExplicitBlockArgument: # (new in 0.89) - Enabled: true -Style/ExponentialNotation: # (new in 0.82) - Enabled: true -Style/GlobalStdStream: # (new in 0.89) - Enabled: true -Style/HashAsLastArrayItem: # (new in 0.88) - Enabled: true -Style/HashEachMethods: # (new in 0.80) - Enabled: true -Style/HashLikeCase: # (new in 0.88) - Enabled: true -Style/HashTransformKeys: # (new in 0.80) - Enabled: true -Style/HashTransformValues: # (new in 0.80) - Enabled: true -Style/KeywordParametersOrder: # (new in 0.90) - Enabled: true -Style/OptionalBooleanParameter: # (new in 0.89) - Enabled: true -Style/RedundantAssignment: # (new in 0.87) - Enabled: true -Style/RedundantFetchBlock: # (new in 0.86) - Enabled: true -Style/RedundantFileExtensionInRequire: # (new in 0.88) - Enabled: true -Style/RedundantRegexpCharacterClass: # (new in 0.85) - Enabled: true -Style/RedundantRegexpEscape: # (new in 0.85) - Enabled: true -Style/RedundantSelfAssignment: # (new in 0.90) - Enabled: true -Style/SingleArgumentDig: # (new in 0.89) - Enabled: true -Style/SlicingWithRange: # (new in 0.83) - Enabled: true -Style/SoleNestedConditional: # (new in 0.89) - Enabled: true -Style/StringConcatenation: # (new in 0.89) - Enabled: true -Performance/AncestorsInclude: # (new in 1.7) - Enabled: true -Performance/BigDecimalWithNumericArgument: # (new in 1.7) - Enabled: true -Performance/BlockGivenWithExplicitBlock: # (new in 1.9) - Enabled: true -Performance/CollectionLiteralInLoop: # (new in 1.8) - Enabled: true -Performance/ConstantRegexp: # (new in 1.9) - Enabled: true -Performance/MethodObjectAsBlock: # (new in 1.9) - Enabled: true -Performance/RedundantEqualityComparisonBlock: # (new in 1.10) - Enabled: true -Performance/RedundantSortBlock: # (new in 1.7) - Enabled: true -Performance/RedundantSplitRegexpArgument: # (new in 1.10) - Enabled: true -Performance/RedundantStringChars: # (new in 1.7) - Enabled: true -Performance/ReverseFirst: # (new in 1.7) - Enabled: true -Performance/SortReverse: # (new in 1.7) - Enabled: true -Performance/Squeeze: # (new in 1.7) - Enabled: true -Performance/StringInclude: # (new in 1.7) - Enabled: true -Performance/Sum: # (new in 1.8) - Enabled: true -Rails/ActiveRecordCallbacksOrder: # (new in 2.7) - Enabled: true -Rails/AfterCommitOverride: # (new in 2.8) - Enabled: true -Rails/FindById: # (new in 2.7) - Enabled: true -Rails/Inquiry: # (new in 2.7) - Enabled: true -Rails/MailerName: # (new in 2.7) - Enabled: true -Rails/MatchRoute: # (new in 2.7) - Enabled: true -Rails/NegateInclude: # (new in 2.7) - Enabled: true -Rails/Pluck: # (new in 2.7) - Enabled: true -Rails/PluckInWhere: # (new in 2.7) - Enabled: true -Rails/RenderInline: # (new in 2.7) - Enabled: true -Rails/RenderPlainText: # (new in 2.7) - Enabled: true -Rails/ShortI18n: # (new in 2.7) - Enabled: true -Rails/SquishedSQLHeredocs: # (new in 2.8) - Enabled: true -RSpec/StubbedMock: # (new in 1.44) - Enabled: true -Rails/WhereExists: # (new in 2.7) - Enabled: true -Rails/WhereNot: # (new in 2.8) - Enabled: true + +Style/HashSyntax: + EnforcedShorthandSyntax: consistent diff --git a/.ruby-version b/.ruby-version index 818bd47a..e4604e3a 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.0.6 +3.2.1 diff --git a/.travis.yml b/.travis.yml index 77ac568b..ef7dbccd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,7 +1,7 @@ dist: bionic language: ruby rvm: - — 3.0.6 + — 3.2.1 deploy: edge: true provider: cloudfoundry diff --git a/Gemfile b/Gemfile index f1a22692..6967d097 100644 --- a/Gemfile +++ b/Gemfile @@ -3,7 +3,7 @@ source 'https://rubygems.org' git_source(:github) { |repo| "https://github.com/#{repo}.git" } -ruby '3.0.6' +ruby '3.2.1' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' gem 'rails', '~> 7.0.8' @@ -24,18 +24,18 @@ gem 'aws-sdk-cognitoidentityprovider', '~> 1.81.0' # importing creds gem 'aws-sdk-s3', '~> 1' # Reduces boot times through caching; required in config/boot.rb -gem 'bootsnap', '>= 1.4.2', require: false +gem 'bootsnap', '~> 1.16.0', '>= 1.16.0', require: false # For scheduling tasks -gem 'arask', '1.2.3' +gem 'arask', '~> 1.2.3' # for postgresql gem 'activerecord-postgis-adapter', '~> 8.0.2' gem 'pg', '~> 1.5.3' # remove if not option two taken in project -gem 'jwt' +gem 'jwt', '~> 2.7.1' gem 'rest-client', '~> 2.1' -gem 'rollbar' +gem 'rollbar', '~> 3.4.0' gem 'roo', '~> 2.10.0' # remove if not option two taken in project @@ -43,37 +43,36 @@ gem 'roo', '~> 2.10.0' gem 'canonical-rails', github: 'jumph4x/canonical-rails' # For environment variables -gem 'aws-sdk-ssm' +gem 'aws-sdk-ssm', '~> 1.156.0' # Add rate limiting on the API -gem 'rack-attack' +gem 'rack-attack', '~> 6.6.1' group :development, :test do # Call 'byebug' anywhere in the code to stop execution and get a debugger console - gem 'byebug', platforms: %i[mri mingw x64_mingw] - gem 'dotenv-rails', '>= 2.8.1' - gem 'i18n-tasks', '>= 1.0.12' - gem 'rspec-rails', '>= 6.0.1' - gem 'rubocop', '>= 0.91.1' - gem 'rubocop-performance', '>= 1.8.1' - gem 'rubocop-rails', '>= 2.18.0' - gem 'rubocop-rspec', '>= 1.43.2' # or gem 'rubocop-minitest' - gem 'brakeman' - gem 'pry-rails' + gem 'byebug', '~> 11.1.3', platforms: %i[mri mingw x64_mingw] + gem 'dotenv-rails', '~> 2.8.1', '>= 2.8.1' + gem 'i18n-tasks', '~> 1.0.12', '>= 1.0.12' + gem 'rspec-rails', '~> 6.0.3', '>= 6.0.3' + gem 'rubocop', '~> 1.52.1', '>= 1.52.1' + gem 'rubocop-performance', '~> 1.19.0', '>= 1.19.0' + gem 'rubocop-rails', '~> 2.19.1', '>= 2.19.1' + gem 'rubocop-rspec', '~> 2.22.0', '>= 1.43.2' # or gem 'rubocop-minitest' + gem 'brakeman', '~> 5.4.1' end group :development do # Access an interactive console on exception pages or by calling 'console' anywhere in the code. gem 'listen', '~> 3.8' - gem 'web-console', '>= 4.2.0' + gem 'web-console', '~> 4.2.0', '>= 4.2.0' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring - gem 'spring' + gem 'spring', '~> 4.1.1' gem 'spring-watcher-listen', '~> 2.1.0' end group :test do - gem 'rails-controller-testing', '>= 1.0.5' - gem 'simplecov', '>= 0.16.1', require: false + gem 'rails-controller-testing', '~> 1.0.5', '>= 1.0.5' + gem 'simplecov', '~> 0.22.0', '>= 0.16.1', require: false end # Windows does not include zoneinfo files, so bundle the tzinfo-data gem diff --git a/Gemfile.lock b/Gemfile.lock index 0960d9e9..7e2b7f49 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -118,7 +118,6 @@ GEM brakeman (5.4.1) builder (3.2.4) byebug (11.1.3) - coderay (1.1.3) concurrent-ruby (1.2.2) crass (1.0.6) date (3.3.3) @@ -201,11 +200,6 @@ GEM ast (~> 2.4.1) racc pg (1.5.3) - pry (0.13.1) - coderay (~> 1.1) - method_source (~> 1.0) - pry-rails (0.3.9) - pry (>= 0.10.4) puma (6.3.1) nio4r (~> 2.0) raabro (1.4.0) @@ -369,42 +363,41 @@ PLATFORMS DEPENDENCIES activerecord-postgis-adapter (~> 8.0.2) - arask (= 1.2.3) + arask (~> 1.2.3) aws-sdk-cognitoidentityprovider (~> 1.81.0) aws-sdk-s3 (~> 1) - aws-sdk-ssm - bootsnap (>= 1.4.2) - brakeman - byebug + aws-sdk-ssm (~> 1.156.0) + bootsnap (~> 1.16.0, >= 1.16.0) + brakeman (~> 5.4.1) + byebug (~> 11.1.3) canonical-rails! - dotenv-rails (>= 2.8.1) - i18n-tasks (>= 1.0.12) + dotenv-rails (~> 2.8.1, >= 2.8.1) + i18n-tasks (~> 1.0.12, >= 1.0.12) jbuilder (~> 2.11, >= 2.11.5) - jwt + jwt (~> 2.7.1) listen (~> 3.8) pg (~> 1.5.3) - pry-rails puma (~> 6.3) - rack-attack + rack-attack (~> 6.6.1) rails (~> 7.0.8) - rails-controller-testing (>= 1.0.5) + rails-controller-testing (~> 1.0.5, >= 1.0.5) rest-client (~> 2.1) - rollbar + rollbar (~> 3.4.0) roo (~> 2.10.0) - rspec-rails (>= 6.0.1) - rubocop (>= 0.91.1) - rubocop-performance (>= 1.8.1) - rubocop-rails (>= 2.18.0) - rubocop-rspec (>= 1.43.2) - simplecov (>= 0.16.1) - spring + rspec-rails (~> 6.0.3, >= 6.0.3) + rubocop (~> 1.52.1, >= 1.52.1) + rubocop-performance (~> 1.19.0, >= 1.19.0) + rubocop-rails (~> 2.19.1, >= 2.19.1) + rubocop-rspec (~> 2.22.0, >= 1.43.2) + simplecov (~> 0.22.0, >= 0.16.1) + spring (~> 4.1.1) spring-watcher-listen (~> 2.1.0) sqlite3 (~> 1.6) - web-console (>= 4.2.0) + web-console (~> 4.2.0, >= 4.2.0) webpacker (~> 5.4, >= 5.4.4) RUBY VERSION - ruby 3.0.6p216 + ruby 3.2.1p31 BUNDLED WITH - 2.2.33 + 2.4.6 diff --git a/app/models/organisation.rb b/app/models/organisation.rb index 28495ea6..706cdea1 100644 --- a/app/models/organisation.rb +++ b/app/models/organisation.rb @@ -4,6 +4,6 @@ def self.search_organisations(search) end def self.find_organisation(summary_line) - Organisation.find_by(summary_line: summary_line) + Organisation.find_by(summary_line:) end end diff --git a/app/models/pwned_password.rb b/app/models/pwned_password.rb index ac3274dd..5e060514 100644 --- a/app/models/pwned_password.rb +++ b/app/models/pwned_password.rb @@ -1,5 +1,5 @@ class PwnedPassword < ApplicationRecord def self.password_pwned?(password) - exists?(password: password) + exists?(password:) end end diff --git a/app/services/cognito/base_service.rb b/app/services/cognito/base_service.rb index edc277a4..a9ce4426 100644 --- a/app/services/cognito/base_service.rb +++ b/app/services/cognito/base_service.rb @@ -5,8 +5,8 @@ class BaseService attr_accessor :error # Use Class.call(args) rather than Class.new(args).call - def self.call(*args, &block) - resp = new(*args, &block) + def self.call(*args, &) + resp = new(*args, &) resp.call resp end diff --git a/app/services/pwned_passwords.rb b/app/services/pwned_passwords.rb index e1de4538..b31473f7 100644 --- a/app/services/pwned_passwords.rb +++ b/app/services/pwned_passwords.rb @@ -40,7 +40,7 @@ def self.complete_tasks def self.import_pwned_passwords insert_data = full_password_list .select { |password| password.length >= 10 && TestPassword.new(password).valid? } - .map { |password| { password: password } } + .map { |password| { password: } } ActiveRecord::Base.logger.level = Logger::INFO diff --git a/spec/controllers/api/v1/organisation_controller_spec.rb b/spec/controllers/api/v1/organisation_controller_spec.rb index c40ef98a..6e0fcccd 100644 --- a/spec/controllers/api/v1/organisation_controller_spec.rb +++ b/spec/controllers/api/v1/organisation_controller_spec.rb @@ -4,7 +4,7 @@ describe 'GET search' do let(:result) { response.parsed_body } - before { get :search, params: { search: search } } + before { get :search, params: { search: } } context 'when an active organisation is searched' do let(:search) { 'Active Organisation 200' } diff --git a/spec/controllers/base/passwords_controller_spec.rb b/spec/controllers/base/passwords_controller_spec.rb index 72f2660a..c206b0ec 100644 --- a/spec/controllers/base/passwords_controller_spec.rb +++ b/spec/controllers/base/passwords_controller_spec.rb @@ -15,7 +15,7 @@ # rubocop:disable RSpec/AnyInstance allow_any_instance_of(Cognito::ForgotPassword).to receive(:forgot_password).and_return(true) # rubocop:enable RSpec/AnyInstance - post :create, params: { cognito_forgot_password: { email: email } } + post :create, params: { cognito_forgot_password: { email: } } end context 'when the email is invalid' do diff --git a/spec/models/organisation_spec.rb b/spec/models/organisation_spec.rb index 71110933..64162d68 100644 --- a/spec/models/organisation_spec.rb +++ b/spec/models/organisation_spec.rb @@ -27,7 +27,7 @@ # rubocop:disable RSpec/NestedGroups describe '.summary_line' do - let(:result) { described_class.find_by(organisation_name: organisation_name).summary_line } + let(:result) { described_class.find_by(organisation_name:).summary_line } context 'when the address is present' do context 'when the city is present' do diff --git a/spec/services/cognito/confirm_password_reset_spec.rb b/spec/services/cognito/confirm_password_reset_spec.rb index 8176d704..7cc6cfe4 100644 --- a/spec/services/cognito/confirm_password_reset_spec.rb +++ b/spec/services/cognito/confirm_password_reset_spec.rb @@ -5,10 +5,10 @@ let(:params) do { - email: email, - password: password, - password_confirmation: password_confirmation, - confirmation_code: confirmation_code + email:, + password:, + password_confirmation:, + confirmation_code: } end diff --git a/spec/services/cognito/confirm_sign_up_spec.rb b/spec/services/cognito/confirm_sign_up_spec.rb index 23638db8..27f2cbfd 100644 --- a/spec/services/cognito/confirm_sign_up_spec.rb +++ b/spec/services/cognito/confirm_sign_up_spec.rb @@ -5,8 +5,8 @@ let(:params) do { - email: email, - confirmation_code: confirmation_code + email:, + confirmation_code: } end diff --git a/spec/services/cognito/sign_up_user_spec.rb b/spec/services/cognito/sign_up_user_spec.rb index 4109f118..5b00005e 100644 --- a/spec/services/cognito/sign_up_user_spec.rb +++ b/spec/services/cognito/sign_up_user_spec.rb @@ -4,12 +4,12 @@ let(:sign_up_user) { described_class.new(params) } let(:params) do - { email: email, - password: password, - password_confirmation: password_confirmation, - summary_line: summary_line, - first_name: first_name, - last_name: last_name } + { email:, + password:, + password_confirmation:, + summary_line:, + first_name:, + last_name: } end let(:email) { 'test@test.com' } From d268fc458886272fb5976a56a98fb1564b71fb1a Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Mon, 11 Sep 2023 14:29:13 +0100 Subject: [PATCH 19/42] Add GTM to the CSP to prevent XSS --- app/views/layouts/application.html.erb | 4 +- app/views/layouts/error.html.erb | 4 +- .../shared/google/_tag_manager_head.html.erb | 30 ++++++++------ .../initializers/content_security_policy.rb | 39 ++++++++++--------- 4 files changed, 42 insertions(+), 35 deletions(-) diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index eb1041b2..dda417e8 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -33,9 +33,9 @@ <%= render partial: '/shared/google/tag_manager_body' if PmpIdam.google_tag_manager_tracking_id.present? %> - + <% end -%>
    Skip to main content diff --git a/app/views/layouts/error.html.erb b/app/views/layouts/error.html.erb index 17295365..caf62fc1 100644 --- a/app/views/layouts/error.html.erb +++ b/app/views/layouts/error.html.erb @@ -33,9 +33,9 @@ <%= render partial: '/shared/google/tag_manager_body' if PmpIdam.google_tag_manager_tracking_id.present? %> - + <% end -%>
    Skip to main content diff --git a/app/views/shared/google/_tag_manager_head.html.erb b/app/views/shared/google/_tag_manager_head.html.erb index d54ef0fd..830f069b 100644 --- a/app/views/shared/google/_tag_manager_head.html.erb +++ b/app/views/shared/google/_tag_manager_head.html.erb @@ -1,16 +1,22 @@ <% if PmpIdam.google_tag_manager_tracking_id.present? %> - + <%= javascript_tag nonce: true do -%> + (function(w, d, s, l, i) { + w[l] = w[l] || []; + w[l].push({ + 'gtm.start': new Date().getTime(), + event: 'gtm.js' + }); + var f = d.getElementsByTagName(s)[0], + j = d.createElement(s), + dl = l != 'dataLayer' ? '&l=' + l : ''; + j.async = true; + j.src = + 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; + var n = d.querySelector('[nonce]'); + n && j.setAttribute('nonce', n.nonce || n.getAttribute('nonce')); + f.parentNode.insertBefore(j, f); + })(window, document, 'script', 'dataLayer', '<%= PmpIdam.google_tag_manager_tracking_id %>'); + <% end %> <% end %> diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 54f47cf1..680f641b 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -4,22 +4,23 @@ # See the Securing Rails Applications Guide for more information: # https://guides.rubyonrails.org/security.html#content-security-policy-header -# Rails.application.configure do -# config.content_security_policy do |policy| -# policy.default_src :self, :https -# policy.font_src :self, :https, :data -# policy.img_src :self, :https, :data -# policy.object_src :none -# policy.script_src :self, :https -# policy.style_src :self, :https -# # Specify URI for violation reports -# # policy.report_uri "/csp-violation-report-endpoint" -# end -# -# # Generate session nonces for permitted importmap and inline scripts -# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } -# config.content_security_policy_nonce_directives = %w(script-src) -# -# # Report violations without enforcing the policy. -# # config.content_security_policy_report_only = true -# end +Rails.application.configure do + config.content_security_policy do |policy| + policy.default_src :self, :https + policy.font_src :self, :https, :data + policy.img_src :self, :https, :data, 'https://*.google-analytics.com', 'https://*.googletagmanager.com' + policy.object_src :none + policy.script_src :self, :https, 'https://*.googletagmanager.com' + policy.style_src :self, :https + policy.connect_src :self, :https, 'https://*.google-analytics.com', 'https://*.analytics.google.com', 'https://*.googletagmanager.com' + # Specify URI for violation reports + # policy.report_uri "/csp-violation-report-endpoint" + end + + # Generate session nonces for permitted importmap and inline scripts + config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } + config.content_security_policy_nonce_directives = %w[script-src] + + # Report violations without enforcing the policy. + # config.content_security_policy_report_only = true +end From b690698b1015bf3e8e7a873407751aa2ee9448f4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 17 Sep 2023 03:15:00 +0000 Subject: [PATCH 20/42] build(deps): bump ruby/setup-ruby from 1.152.0 to 1.153.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.152.0 to 1.153.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Commits](https://github.com/ruby/setup-ruby/compare/v1.152.0...v1.153.0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/rubyonrails.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rubyonrails.yml b/.github/workflows/rubyonrails.yml index 0b4b80db..2bb3dc92 100644 --- a/.github/workflows/rubyonrails.yml +++ b/.github/workflows/rubyonrails.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@v4 - name: Install Ruby and gems - uses: ruby/setup-ruby@v1.152.0 + uses: ruby/setup-ruby@v1.153.0 with: bundler-cache: true From 8fde548158d639e461295b3f0bf2ee569205d424 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 17 Sep 2023 03:54:08 +0000 Subject: [PATCH 21/42] build(deps): bump aws-sdk-s3 from 1.120.1 to 1.134.0 Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.120.1 to 1.134.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 7e2b7f49..6b2dc83c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -84,22 +84,22 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.820.0) + aws-partitions (1.824.0) aws-sdk-cognitoidentityprovider (1.81.0) aws-sdk-core (~> 3, >= 3.177.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.181.0) + aws-sdk-core (3.181.1) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.63.0) - aws-sdk-core (~> 3, >= 3.165.0) + aws-sdk-kms (1.71.0) + aws-sdk-core (~> 3, >= 3.177.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.120.1) - aws-sdk-core (~> 3, >= 3.165.0) + aws-sdk-s3 (1.134.0) + aws-sdk-core (~> 3, >= 3.181.0) aws-sdk-kms (~> 1) - aws-sigv4 (~> 1.4) + aws-sigv4 (~> 1.6) aws-sdk-ssm (1.156.0) aws-sdk-core (~> 3, >= 3.177.0) aws-sigv4 (~> 1.1) From 1c5a3d29b7bde618894b07d3bf36368a4d72613e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 17 Sep 2023 03:54:18 +0000 Subject: [PATCH 22/42] build(deps): bump rack-attack from 6.6.1 to 6.7.0 Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.6.1 to 6.7.0. - [Release notes](https://github.com/rack/rack-attack/releases) - [Changelog](https://github.com/rack/rack-attack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack-attack/compare/v6.6.1...v6.7.0) --- updated-dependencies: - dependency-name: rack-attack dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 6967d097..f249b234 100644 --- a/Gemfile +++ b/Gemfile @@ -46,7 +46,7 @@ gem 'canonical-rails', github: 'jumph4x/canonical-rails' gem 'aws-sdk-ssm', '~> 1.156.0' # Add rate limiting on the API -gem 'rack-attack', '~> 6.6.1' +gem 'rack-attack', '~> 6.7.0' group :development, :test do # Call 'byebug' anywhere in the code to stop execution and get a debugger console diff --git a/Gemfile.lock b/Gemfile.lock index 6b2dc83c..1ecd9f75 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -205,8 +205,8 @@ GEM raabro (1.4.0) racc (1.7.1) rack (2.2.8) - rack-attack (6.6.1) - rack (>= 1.0, < 3) + rack-attack (6.7.0) + rack (>= 1.0, < 4) rack-proxy (0.7.6) rack rack-test (2.1.0) @@ -378,7 +378,7 @@ DEPENDENCIES listen (~> 3.8) pg (~> 1.5.3) puma (~> 6.3) - rack-attack (~> 6.6.1) + rack-attack (~> 6.7.0) rails (~> 7.0.8) rails-controller-testing (~> 1.0.5, >= 1.0.5) rest-client (~> 2.1) From 81b86eaa1179b17cb52ebc073cff08c095797cfd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 17 Sep 2023 03:54:29 +0000 Subject: [PATCH 23/42] build(deps-dev): bump brakeman from 5.4.1 to 6.0.1 Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.4.1 to 6.0.1. - [Release notes](https://github.com/presidentbeef/brakeman/releases) - [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md) - [Commits](https://github.com/presidentbeef/brakeman/compare/v5.4.1...v6.0.1) --- updated-dependencies: - dependency-name: brakeman dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index f249b234..1ff1b54b 100644 --- a/Gemfile +++ b/Gemfile @@ -58,7 +58,7 @@ group :development, :test do gem 'rubocop-performance', '~> 1.19.0', '>= 1.19.0' gem 'rubocop-rails', '~> 2.19.1', '>= 2.19.1' gem 'rubocop-rspec', '~> 2.22.0', '>= 1.43.2' # or gem 'rubocop-minitest' - gem 'brakeman', '~> 5.4.1' + gem 'brakeman', '~> 6.0.1' end group :development do diff --git a/Gemfile.lock b/Gemfile.lock index 1ecd9f75..9ad1034f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -115,7 +115,7 @@ GEM bindex (0.8.1) bootsnap (1.16.0) msgpack (~> 1.2) - brakeman (5.4.1) + brakeman (6.0.1) builder (3.2.4) byebug (11.1.3) concurrent-ruby (1.2.2) @@ -368,7 +368,7 @@ DEPENDENCIES aws-sdk-s3 (~> 1) aws-sdk-ssm (~> 1.156.0) bootsnap (~> 1.16.0, >= 1.16.0) - brakeman (~> 5.4.1) + brakeman (~> 6.0.1) byebug (~> 11.1.3) canonical-rails! dotenv-rails (~> 2.8.1, >= 2.8.1) From 65070994d59c91039b8937881a873447e3af7a45 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 17 Sep 2023 03:54:40 +0000 Subject: [PATCH 24/42] build(deps-dev): bump web-console from 4.2.0 to 4.2.1 Bumps [web-console](https://github.com/rails/web-console) from 4.2.0 to 4.2.1. - [Release notes](https://github.com/rails/web-console/releases) - [Changelog](https://github.com/rails/web-console/blob/main/CHANGELOG.markdown) - [Commits](https://github.com/rails/web-console/compare/v4.2.0...v4.2.1) --- updated-dependencies: - dependency-name: web-console dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 1ff1b54b..6b33f82c 100644 --- a/Gemfile +++ b/Gemfile @@ -64,7 +64,7 @@ end group :development do # Access an interactive console on exception pages or by calling 'console' anywhere in the code. gem 'listen', '~> 3.8' - gem 'web-console', '~> 4.2.0', '>= 4.2.0' + gem 'web-console', '~> 4.2.1' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring gem 'spring', '~> 4.1.1' gem 'spring-watcher-listen', '~> 2.1.0' diff --git a/Gemfile.lock b/Gemfile.lock index 9ad1034f..60474d09 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -343,7 +343,7 @@ GEM unf_ext unf_ext (0.0.7.7) unicode-display_width (2.4.2) - web-console (4.2.0) + web-console (4.2.1) actionview (>= 6.0.0) activemodel (>= 6.0.0) bindex (>= 0.4.0) @@ -393,7 +393,7 @@ DEPENDENCIES spring (~> 4.1.1) spring-watcher-listen (~> 2.1.0) sqlite3 (~> 1.6) - web-console (~> 4.2.0, >= 4.2.0) + web-console (~> 4.2.1) webpacker (~> 5.4, >= 5.4.4) RUBY VERSION From ea6d2a53b91a67d712d565d7515ec20018f4f746 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 24 Sep 2023 03:15:50 +0000 Subject: [PATCH 25/42] build(deps-dev): bump rubocop-performance from 1.19.0 to 1.19.1 Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.19.0 to 1.19.1. - [Release notes](https://github.com/rubocop/rubocop-performance/releases) - [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.19.0...v1.19.1) --- updated-dependencies: - dependency-name: rubocop-performance dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 6b33f82c..58c0a8be 100644 --- a/Gemfile +++ b/Gemfile @@ -55,7 +55,7 @@ group :development, :test do gem 'i18n-tasks', '~> 1.0.12', '>= 1.0.12' gem 'rspec-rails', '~> 6.0.3', '>= 6.0.3' gem 'rubocop', '~> 1.52.1', '>= 1.52.1' - gem 'rubocop-performance', '~> 1.19.0', '>= 1.19.0' + gem 'rubocop-performance', '~> 1.19.1' gem 'rubocop-rails', '~> 2.19.1', '>= 2.19.1' gem 'rubocop-rspec', '~> 2.22.0', '>= 1.43.2' # or gem 'rubocop-minitest' gem 'brakeman', '~> 6.0.1' diff --git a/Gemfile.lock b/Gemfile.lock index 60474d09..d41a9806 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -299,7 +299,7 @@ GEM rubocop (~> 1.41) rubocop-factory_bot (2.23.1) rubocop (~> 1.33) - rubocop-performance (1.19.0) + rubocop-performance (1.19.1) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) rubocop-rails (2.19.1) @@ -386,7 +386,7 @@ DEPENDENCIES roo (~> 2.10.0) rspec-rails (~> 6.0.3, >= 6.0.3) rubocop (~> 1.52.1, >= 1.52.1) - rubocop-performance (~> 1.19.0, >= 1.19.0) + rubocop-performance (~> 1.19.1) rubocop-rails (~> 2.19.1, >= 2.19.1) rubocop-rspec (~> 2.22.0, >= 1.43.2) simplecov (~> 0.22.0, >= 0.16.1) From 95a3f96a3fa5237407b402d9030cb77ef2e9d410 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 24 Sep 2023 03:49:19 +0000 Subject: [PATCH 26/42] build(deps): bump ruby/setup-ruby from 1.153.0 to 1.154.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.153.0 to 1.154.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Commits](https://github.com/ruby/setup-ruby/compare/v1.153.0...v1.154.0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/rubyonrails.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rubyonrails.yml b/.github/workflows/rubyonrails.yml index 2bb3dc92..3578b353 100644 --- a/.github/workflows/rubyonrails.yml +++ b/.github/workflows/rubyonrails.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@v4 - name: Install Ruby and gems - uses: ruby/setup-ruby@v1.153.0 + uses: ruby/setup-ruby@v1.154.0 with: bundler-cache: true From 42b28e4a48af24c514e8e70203dfd27eb641ef92 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 26 Sep 2023 09:55:39 +0000 Subject: [PATCH 27/42] build(deps): bump sqlite3 from 1.6.2 to 1.6.6 Bumps [sqlite3](https://github.com/sparklemotion/sqlite3-ruby) from 1.6.2 to 1.6.6. - [Release notes](https://github.com/sparklemotion/sqlite3-ruby/releases) - [Changelog](https://github.com/sparklemotion/sqlite3-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/sqlite3-ruby/compare/v1.6.2...v1.6.6) --- updated-dependencies: - dependency-name: sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index d41a9806..df2ab8c3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -331,7 +331,7 @@ GEM actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - sqlite3 (1.6.2) + sqlite3 (1.6.6) mini_portile2 (~> 2.8.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) From 8a9ca95589678a65d38c239cbb242c8828f9fcdb Mon Sep 17 00:00:00 2001 From: George Schena <40758489+georgeschena@users.noreply.github.com> Date: Wed, 27 Sep 2023 15:18:03 +0100 Subject: [PATCH 28/42] GMBP-113: Add Dockerfile to application ready for AWS migration (#526) * Add Dockerfile to application ready for AWS migration * Compile assets --- Dockerfile | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..660e29db --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +FROM ruby:3.2.1 + +WORKDIR /app + +RUN curl -sL https://deb.nodesource.com/setup_16.x | bash - && \ + apt-get update && \ + apt-get install -y nodejs && \ + npm install -g yarn@1.22.19 + +COPY Gemfile Gemfile.lock ./ + +RUN yarn install --check-files + +RUN gem install bundler && bundle install --jobs 20 --retry 5 + +COPY . . + +RUN rake assets:precompile + +EXPOSE 3000 + +CMD ["rails", "server", "-b", "0.0.0.0"] From ad666deb3903f1a7fc9555a4ca186e992a838a91 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Oct 2023 03:04:52 +0000 Subject: [PATCH 29/42] build(deps): bump aws-sdk-ssm from 1.156.0 to 1.158.0 Bumps [aws-sdk-ssm](https://github.com/aws/aws-sdk-ruby) from 1.156.0 to 1.158.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ssm/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-ssm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Gemfile b/Gemfile index 58c0a8be..d5f5424f 100644 --- a/Gemfile +++ b/Gemfile @@ -43,7 +43,7 @@ gem 'roo', '~> 2.10.0' gem 'canonical-rails', github: 'jumph4x/canonical-rails' # For environment variables -gem 'aws-sdk-ssm', '~> 1.156.0' +gem 'aws-sdk-ssm', '~> 1.158.0' # Add rate limiting on the API gem 'rack-attack', '~> 6.7.0' diff --git a/Gemfile.lock b/Gemfile.lock index df2ab8c3..796dbf79 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -84,11 +84,11 @@ GEM rails (>= 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.824.0) + aws-partitions (1.830.0) aws-sdk-cognitoidentityprovider (1.81.0) aws-sdk-core (~> 3, >= 3.177.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.181.1) + aws-sdk-core (3.184.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) @@ -100,8 +100,8 @@ GEM aws-sdk-core (~> 3, >= 3.181.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.6) - aws-sdk-ssm (1.156.0) - aws-sdk-core (~> 3, >= 3.177.0) + aws-sdk-ssm (1.158.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.6.0) aws-eventstream (~> 1, >= 1.0.2) @@ -366,7 +366,7 @@ DEPENDENCIES arask (~> 1.2.3) aws-sdk-cognitoidentityprovider (~> 1.81.0) aws-sdk-s3 (~> 1) - aws-sdk-ssm (~> 1.156.0) + aws-sdk-ssm (~> 1.158.0) bootsnap (~> 1.16.0, >= 1.16.0) brakeman (~> 6.0.1) byebug (~> 11.1.3) From 0f75298b1e204b418837cfe11e993e636b1f9533 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 08:18:23 +0000 Subject: [PATCH 30/42] build(deps): bump aws-sdk-cognitoidentityprovider from 1.81.0 to 1.82.0 Bumps [aws-sdk-cognitoidentityprovider](https://github.com/aws/aws-sdk-ruby) from 1.81.0 to 1.82.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-cognitoidentityprovider/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-cognitoidentityprovider dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index d5f5424f..ea7b1e48 100644 --- a/Gemfile +++ b/Gemfile @@ -20,7 +20,7 @@ gem 'jbuilder', '~> 2.11', '>= 2.11.5' # Use Active Model has_secure_password # gem 'bcrypt', '~> 3.1.7' # for cognito -gem 'aws-sdk-cognitoidentityprovider', '~> 1.81.0' +gem 'aws-sdk-cognitoidentityprovider', '~> 1.82.0' # importing creds gem 'aws-sdk-s3', '~> 1' # Reduces boot times through caching; required in config/boot.rb diff --git a/Gemfile.lock b/Gemfile.lock index 796dbf79..5df088a0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -85,8 +85,8 @@ GEM ast (2.4.2) aws-eventstream (1.2.0) aws-partitions (1.830.0) - aws-sdk-cognitoidentityprovider (1.81.0) - aws-sdk-core (~> 3, >= 3.177.0) + aws-sdk-cognitoidentityprovider (1.82.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-core (3.184.0) aws-eventstream (~> 1, >= 1.0.2) @@ -364,7 +364,7 @@ PLATFORMS DEPENDENCIES activerecord-postgis-adapter (~> 8.0.2) arask (~> 1.2.3) - aws-sdk-cognitoidentityprovider (~> 1.81.0) + aws-sdk-cognitoidentityprovider (~> 1.82.0) aws-sdk-s3 (~> 1) aws-sdk-ssm (~> 1.158.0) bootsnap (~> 1.16.0, >= 1.16.0) From 4f00e6e50c44c1f580c510839aa45236acd70678 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 10:02:33 +0000 Subject: [PATCH 31/42] build(deps): bump aws-sdk-s3 from 1.134.0 to 1.136.0 Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.134.0 to 1.136.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5df088a0..143d0eea 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -93,10 +93,10 @@ GEM aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.5) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.71.0) - aws-sdk-core (~> 3, >= 3.177.0) + aws-sdk-kms (1.72.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.134.0) + aws-sdk-s3 (1.136.0) aws-sdk-core (~> 3, >= 3.181.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.6) From 816914d99103bcd465ccb8619306b75a97b14b54 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Oct 2023 03:05:39 +0000 Subject: [PATCH 32/42] build(deps-dev): bump rubocop from 1.52.1 to 1.56.4 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.52.1 to 1.56.4. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.52.1...v1.56.4) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 10 +++++++--- app/services/cognito/base_service.rb | 4 ++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/Gemfile b/Gemfile index ea7b1e48..1ea12079 100644 --- a/Gemfile +++ b/Gemfile @@ -54,7 +54,7 @@ group :development, :test do gem 'dotenv-rails', '~> 2.8.1', '>= 2.8.1' gem 'i18n-tasks', '~> 1.0.12', '>= 1.0.12' gem 'rspec-rails', '~> 6.0.3', '>= 6.0.3' - gem 'rubocop', '~> 1.52.1', '>= 1.52.1' + gem 'rubocop', '~> 1.56.4' gem 'rubocop-performance', '~> 1.19.1' gem 'rubocop-rails', '~> 2.19.1', '>= 2.19.1' gem 'rubocop-rspec', '~> 2.22.0', '>= 1.43.2' # or gem 'rubocop-minitest' diff --git a/Gemfile.lock b/Gemfile.lock index 143d0eea..c0da32cf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -105,6 +105,7 @@ GEM aws-sigv4 (~> 1.1) aws-sigv4 (1.6.0) aws-eventstream (~> 1, >= 1.0.2) + base64 (0.1.1) better_html (2.0.1) actionview (>= 6.0) activesupport (>= 6.0) @@ -161,6 +162,7 @@ GEM jmespath (1.6.2) json (2.6.3) jwt (2.7.1) + language_server-protocol (3.17.0.3) listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) @@ -283,14 +285,16 @@ GEM rspec-mocks (~> 3.12) rspec-support (~> 3.12) rspec-support (3.12.1) - rubocop (1.52.1) + rubocop (1.56.4) + base64 (~> 0.1.1) json (~> 2.3) + language_server-protocol (>= 3.17.0) parallel (~> 1.10) parser (>= 3.2.2.3) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.28.0, < 2.0) + rubocop-ast (>= 1.28.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) rubocop-ast (1.29.0) @@ -385,7 +389,7 @@ DEPENDENCIES rollbar (~> 3.4.0) roo (~> 2.10.0) rspec-rails (~> 6.0.3, >= 6.0.3) - rubocop (~> 1.52.1, >= 1.52.1) + rubocop (~> 1.56.4) rubocop-performance (~> 1.19.1) rubocop-rails (~> 2.19.1, >= 2.19.1) rubocop-rspec (~> 2.22.0, >= 1.43.2) diff --git a/app/services/cognito/base_service.rb b/app/services/cognito/base_service.rb index a9ce4426..0c07c3e9 100644 --- a/app/services/cognito/base_service.rb +++ b/app/services/cognito/base_service.rb @@ -5,8 +5,8 @@ class BaseService attr_accessor :error # Use Class.call(args) rather than Class.new(args).call - def self.call(*args, &) - resp = new(*args, &) + def self.call(*, &) + resp = new(*, &) resp.call resp end From 34ae03ca5bf7b1884f26c5729d2cda8cb9279831 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Oct 2023 09:58:27 +0000 Subject: [PATCH 33/42] build(deps): bump puma from 6.3.1 to 6.4.0 Bumps [puma](https://github.com/puma/puma) from 6.3.1 to 6.4.0. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/master/History.md) - [Commits](https://github.com/puma/puma/compare/v6.3.1...v6.4.0) --- updated-dependencies: - dependency-name: puma dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 1ea12079..24c4fd58 100644 --- a/Gemfile +++ b/Gemfile @@ -10,7 +10,7 @@ gem 'rails', '~> 7.0.8' # Use sqlite3 as the database for Active Record gem 'sqlite3', '~> 1.6' # Use Puma as the app server -gem 'puma', '~> 6.3' +gem 'puma', '~> 6.4' # Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker gem 'webpacker', '~> 5.4', '>= 5.4.4' # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks diff --git a/Gemfile.lock b/Gemfile.lock index c0da32cf..a5023fca 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -202,7 +202,7 @@ GEM ast (~> 2.4.1) racc pg (1.5.3) - puma (6.3.1) + puma (6.4.0) nio4r (~> 2.0) raabro (1.4.0) racc (1.7.1) @@ -381,7 +381,7 @@ DEPENDENCIES jwt (~> 2.7.1) listen (~> 3.8) pg (~> 1.5.3) - puma (~> 6.3) + puma (~> 6.4) rack-attack (~> 6.7.0) rails (~> 7.0.8) rails-controller-testing (~> 1.0.5, >= 1.0.5) From cc24ad9577e2f6290b9ee5732ad23f3b8d59f23e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Oct 2023 14:17:15 +0000 Subject: [PATCH 34/42] build(deps): bump pg from 1.5.3 to 1.5.4 Bumps [pg](https://github.com/ged/ruby-pg) from 1.5.3 to 1.5.4. - [Changelog](https://github.com/ged/ruby-pg/blob/master/History.md) - [Commits](https://github.com/ged/ruby-pg/compare/v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: pg dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 24c4fd58..2415f64e 100644 --- a/Gemfile +++ b/Gemfile @@ -31,7 +31,7 @@ gem 'arask', '~> 1.2.3' # for postgresql gem 'activerecord-postgis-adapter', '~> 8.0.2' -gem 'pg', '~> 1.5.3' +gem 'pg', '~> 1.5.4' # remove if not option two taken in project gem 'jwt', '~> 2.7.1' gem 'rest-client', '~> 2.1' diff --git a/Gemfile.lock b/Gemfile.lock index a5023fca..a2a7b735 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -201,7 +201,7 @@ GEM parser (3.2.2.3) ast (~> 2.4.1) racc - pg (1.5.3) + pg (1.5.4) puma (6.4.0) nio4r (~> 2.0) raabro (1.4.0) @@ -380,7 +380,7 @@ DEPENDENCIES jbuilder (~> 2.11, >= 2.11.5) jwt (~> 2.7.1) listen (~> 3.8) - pg (~> 1.5.3) + pg (~> 1.5.4) puma (~> 6.4) rack-attack (~> 6.7.0) rails (~> 7.0.8) From 9aad0f26ad7290f8e3841366d96b3ea78dac3a2a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Oct 2023 03:06:49 +0000 Subject: [PATCH 35/42] build(deps-dev): bump rubocop-rails from 2.19.1 to 2.21.2 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.19.1 to 2.21.2. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.19.1...v2.21.2) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 2415f64e..0aa81e18 100644 --- a/Gemfile +++ b/Gemfile @@ -56,7 +56,7 @@ group :development, :test do gem 'rspec-rails', '~> 6.0.3', '>= 6.0.3' gem 'rubocop', '~> 1.56.4' gem 'rubocop-performance', '~> 1.19.1' - gem 'rubocop-rails', '~> 2.19.1', '>= 2.19.1' + gem 'rubocop-rails', '~> 2.21.2' gem 'rubocop-rspec', '~> 2.22.0', '>= 1.43.2' # or gem 'rubocop-minitest' gem 'brakeman', '~> 6.0.1' end diff --git a/Gemfile.lock b/Gemfile.lock index a2a7b735..a66890d8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -306,7 +306,7 @@ GEM rubocop-performance (1.19.1) rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) - rubocop-rails (2.19.1) + rubocop-rails (2.21.2) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) @@ -391,7 +391,7 @@ DEPENDENCIES rspec-rails (~> 6.0.3, >= 6.0.3) rubocop (~> 1.56.4) rubocop-performance (~> 1.19.1) - rubocop-rails (~> 2.19.1, >= 2.19.1) + rubocop-rails (~> 2.21.2) rubocop-rspec (~> 2.22.0, >= 1.43.2) simplecov (~> 0.22.0, >= 0.16.1) spring (~> 4.1.1) From 7eba9851dda9aa1fafac5f6643c3984e85551c62 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Oct 2023 11:37:02 +0000 Subject: [PATCH 36/42] build(deps-dev): bump rubocop-rails from 2.19.1 to 2.21.2 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.19.1 to 2.21.2. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.19.1...v2.21.2) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index a66890d8..8c2a1de5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -346,7 +346,7 @@ GEM unf (0.1.4) unf_ext unf_ext (0.0.7.7) - unicode-display_width (2.4.2) + unicode-display_width (2.5.0) web-console (4.2.1) actionview (>= 6.0.0) activemodel (>= 6.0.0) From 84098f4fffc76a27b77bb7487b8cfa9ef620733c Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Tue, 3 Oct 2023 15:51:27 +0100 Subject: [PATCH 37/42] Run rubocop --- spec/services/cognito/confirm_password_reset_spec.rb | 2 +- spec/services/cognito/sign_up_user_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/services/cognito/confirm_password_reset_spec.rb b/spec/services/cognito/confirm_password_reset_spec.rb index 7cc6cfe4..30893f19 100644 --- a/spec/services/cognito/confirm_password_reset_spec.rb +++ b/spec/services/cognito/confirm_password_reset_spec.rb @@ -107,7 +107,7 @@ end context 'and it has been pwned' do - let(:password) { PwnedPassword.all.pluck(:password).sample } + let(:password) { PwnedPassword.pluck(:password).sample } it 'is not valid' do expect(confirm_password_reset.valid?).to be false diff --git a/spec/services/cognito/sign_up_user_spec.rb b/spec/services/cognito/sign_up_user_spec.rb index 5b00005e..ad1b22db 100644 --- a/spec/services/cognito/sign_up_user_spec.rb +++ b/spec/services/cognito/sign_up_user_spec.rb @@ -252,7 +252,7 @@ end context 'and it has been pwned' do - let(:password) { PwnedPassword.all.pluck(:password).sample } + let(:password) { PwnedPassword.pluck(:password).sample } it 'is not valid' do expect(sign_up_user.valid?).to be false From 55e54f9170a38e3935d395c7a4d8809f444dcf83 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Wed, 4 Oct 2023 11:36:13 +0100 Subject: [PATCH 38/42] Update the cookie names to match the unified approach. Add the data layer push for the GA consent mode. --- app/controllers/home_controller.rb | 4 +- app/javascript/packs/application.js | 1 + app/javascript/packs/cookie-policy.js | 8 ++-- .../packs/google-analytics-data-layer.js | 38 +++++++++++++++++++ app/views/home/cookie_policy.html.erb | 5 +++ app/views/home/cookie_settings.html.erb | 8 ++-- config/application.rb | 6 +-- .../initializers/content_security_policy.rb | 2 +- config/locales/en.yml | 4 ++ spec/controllers/home_controller_spec.rb | 24 ++++++------ spec/helpers/application_helper_spec.rb | 10 ++--- 11 files changed, 79 insertions(+), 31 deletions(-) create mode 100644 app/javascript/packs/google-analytics-data-layer.js diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb index 7e35f59b..6bdf4831 100644 --- a/app/controllers/home_controller.rb +++ b/app/controllers/home_controller.rb @@ -56,12 +56,12 @@ def delete_unwanted_cookie(cookie_prefixes) COOKIE_UPDATE_OPTIONS = [ { param_name: :ga_cookie_usage, - cookie_name: 'google_analytics_enabled', + cookie_name: 'usage', cookie_prefixes: %w[_ga _gi] }, { param_name: :glassbox_cookie_usage, - cookie_name: 'glassbox_enabled', + cookie_name: 'glassbox', cookie_prefixes: %w[_cls] } ].freeze diff --git a/app/javascript/packs/application.js b/app/javascript/packs/application.js index e7eb77ac..106518e9 100644 --- a/app/javascript/packs/application.js +++ b/app/javascript/packs/application.js @@ -10,6 +10,7 @@ require("packs/cp-sign-in") require('packs/autocomplete') require('packs/error-links') require('packs/cookie-policy') +require('packs/google-analytics-data-layer') // Uncomment to copy all static images under ../images to the output folder and reference // them with the image_pack_tag helper in views (e.g <%= image_pack_tag 'rails.png' %>) diff --git a/app/javascript/packs/cookie-policy.js b/app/javascript/packs/cookie-policy.js index 702743c3..8a636ac0 100644 --- a/app/javascript/packs/cookie-policy.js +++ b/app/javascript/packs/cookie-policy.js @@ -2,24 +2,24 @@ import Cookies from "js-cookie"; const cookieUpdateOptions = [ { - cookieName: 'google_analytics_enabled', + cookieName: 'usage', cookiePrefixes: ['_ga', '_gi'], }, { - cookieName: 'glassbox_enabled', + cookieName: 'glassbox', cookiePrefixes: ['_cls'], }, ]; const getCookiePreferences = () => { - const defaultCookieSettings = '{"google_analytics_enabled":true,"glassbox_enabled":false}'; + const defaultCookieSettings = '{"usage":true,"glassbox":false}'; return JSON.parse(Cookies.get('crown_marketplace_cookie_options_v1') || defaultCookieSettings); }; const removeUnwantedCookies = () => { const cookieList = Object.keys(Cookies.get()); - const cookiesToRemove = ['pmp_cookie_settings_viewed', 'pmp_google_analytics_enabled']; + const cookiesToRemove = ['pmp_cookie_settings_viewed', 'pmp_google_analytics_enabled', 'pmp_cookie_options_v1']; const cookiePreferences = getCookiePreferences(); const cookiePrefixes = []; diff --git a/app/javascript/packs/google-analytics-data-layer.js b/app/javascript/packs/google-analytics-data-layer.js new file mode 100644 index 00000000..fc4c5ea9 --- /dev/null +++ b/app/javascript/packs/google-analytics-data-layer.js @@ -0,0 +1,38 @@ +import Cookies from 'js-cookie' + +const grantType = { + granted: 'granted', + notGranted: 'not granted' +} + +const getCookiePreferences = () => Cookies.get('cookie_preferences') ?? '{}' + +const getCookiePreferencesSaved = () => Cookies.get('cookie_preferences_saved') ?? '{}' + +const setCookiePreferencesSaved = (cookiePreferences) => { + Cookies.set('cookie_preferences_saved', JSON.stringify(cookiePreferences), { expires: 365 }) +} + +const getGrantedText = (state) => state ? grantType.granted : grantType.notGranted + +const updateDataLayer = (cookiePreferences) => { + window.dataLayer.push({ + event: 'gtm_consent_update', + usage_consent: getGrantedText(cookiePreferences.usage), + glassbox_consent: getGrantedText(cookiePreferences.glassbox), + marketing_consent: grantType.notGranted + }) + + setCookiePreferencesSaved(cookiePreferences) +} + +$(() => { + if (window.dataLayer) { + const cookiePreferences = getCookiePreferences() + const cookiePreferencesSaved = getCookiePreferencesSaved() + + if (cookiePreferences !== cookiePreferencesSaved) { + updateDataLayer(JSON.parse(cookiePreferences)) + } + } +}) diff --git a/app/views/home/cookie_policy.html.erb b/app/views/home/cookie_policy.html.erb index b8a2daae..3179ba58 100644 --- a/app/views/home/cookie_policy.html.erb +++ b/app/views/home/cookie_policy.html.erb @@ -115,6 +115,11 @@ <%= t(".cookie_banner_cookies.row_1.purpose") %> <%= t(".cookie_banner_cookies.row_1.expires") %> + + <%= t(".cookie_banner_cookies.row_2.name") %> + <%= t(".cookie_banner_cookies.row_2.purpose") %> + <%= t(".cookie_banner_cookies.row_2.expires") %> +
    diff --git a/app/views/home/cookie_settings.html.erb b/app/views/home/cookie_settings.html.erb index 8eb3e17f..bb59929e 100644 --- a/app/views/home/cookie_settings.html.erb +++ b/app/views/home/cookie_settings.html.erb @@ -63,11 +63,11 @@
    - <%= radio_button_tag :ga_cookie_usage, true, cookie_preferences_settings['google_analytics_enabled'], class: 'govuk-radios__input' %> + <%= radio_button_tag :ga_cookie_usage, true, cookie_preferences_settings['usage'], class: 'govuk-radios__input' %> <%= label_tag :ga_cookie_usage, t('.use_cookies.ga'), for: :ga_cookie_usage_true, class: 'govuk-label govuk-radios__label' %>
    - <%= radio_button_tag :ga_cookie_usage, false, !cookie_preferences_settings['google_analytics_enabled'], class: 'govuk-radios__input' %> + <%= radio_button_tag :ga_cookie_usage, false, !cookie_preferences_settings['usage'], class: 'govuk-radios__input' %> <%= label_tag :ga_cookie_usage, t('.dont_use_cookies.ga'), for: :ga_cookie_usage_false, class: 'govuk-label govuk-radios__label' %>
    @@ -86,11 +86,11 @@
    - <%= radio_button_tag :glassbox_cookie_usage, true, cookie_preferences_settings['glassbox_enabled'], class: 'govuk-radios__input' %> + <%= radio_button_tag :glassbox_cookie_usage, true, cookie_preferences_settings['glassbox'], class: 'govuk-radios__input' %> <%= label_tag :glassbox_cookie_usage, t('.use_cookies.glassbox'), for: :glassbox_cookie_usage_true, class: 'govuk-label govuk-radios__label' %>
    - <%= radio_button_tag :glassbox_cookie_usage, false, !cookie_preferences_settings['glassbox_enabled'], class: 'govuk-radios__input' %> + <%= radio_button_tag :glassbox_cookie_usage, false, !cookie_preferences_settings['glassbox'], class: 'govuk-radios__input' %> <%= label_tag :glassbox_cookie_usage, t('.dont_use_cookies.glassbox'), for: :glassbox_cookie_usage_false, class: 'govuk-label govuk-radios__label' %>
    diff --git a/config/application.rb b/config/application.rb index 15590671..187df819 100644 --- a/config/application.rb +++ b/config/application.rb @@ -64,14 +64,14 @@ def self.google_tag_manager_tracking_id end def self.cookie_settings_name - :pmp_cookie_options_v1 + :cookie_preferences end def self.default_cookie_options { settings_viewed: false, - google_analytics_enabled: false, - glassbox_enabled: false + usage: false, + glassbox: false }.stringify_keys end end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 680f641b..74627b1f 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -11,7 +11,7 @@ policy.img_src :self, :https, :data, 'https://*.google-analytics.com', 'https://*.googletagmanager.com' policy.object_src :none policy.script_src :self, :https, 'https://*.googletagmanager.com' - policy.style_src :self, :https + policy.style_src :self, "'unsafe-inline'", :https policy.connect_src :self, :https, 'https://*.google-analytics.com', 'https://*.analytics.google.com', 'https://*.googletagmanager.com' # Specify URI for violation reports # policy.report_uri "/csp-violation-report-endpoint" diff --git a/config/locales/en.yml b/config/locales/en.yml index 8904db61..4afd91a0 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -278,6 +278,10 @@ en: row_1: expires: 1 year purpose: Saves your cookie consent preferences + row_2: + expires: 1 year + name: cookie_preferences_saved + purpose: Allows us to check when your cookie settings have changed cookies_banner: Cookies banner ga_cookies: row_1: diff --git a/spec/controllers/home_controller_spec.rb b/spec/controllers/home_controller_spec.rb index fdebcff2..5c1184f9 100644 --- a/spec/controllers/home_controller_spec.rb +++ b/spec/controllers/home_controller_spec.rb @@ -40,11 +40,11 @@ let(:update_params) { { ga_cookie_usage: 'true', glassbox_cookie_usage: 'false' } } it 'updates the cookie preferences' do - expect(JSON.parse(response.cookies['pmp_cookie_options_v1'])).to eq( + expect(JSON.parse(response.cookies['cookie_preferences'])).to eq( { 'settings_viewed' => true, - 'google_analytics_enabled' => true, - 'glassbox_enabled' => false + 'usage' => true, + 'glassbox' => false } ) end @@ -76,11 +76,11 @@ let(:update_params) { { ga_cookie_usage: 'false', glassbox_cookie_usage: 'true' } } it 'updates the cookie preferences' do - expect(JSON.parse(response.cookies['pmp_cookie_options_v1'])).to eq( + expect(JSON.parse(response.cookies['cookie_preferences'])).to eq( { 'settings_viewed' => true, - 'google_analytics_enabled' => false, - 'glassbox_enabled' => true + 'usage' => false, + 'glassbox' => true } ) end @@ -112,11 +112,11 @@ let(:update_params) { { ga_cookie_usage: 'true', glassbox_cookie_usage: 'true' } } it 'updates the cookie preferences' do - expect(JSON.parse(response.cookies['pmp_cookie_options_v1'])).to eq( + expect(JSON.parse(response.cookies['cookie_preferences'])).to eq( { 'settings_viewed' => true, - 'google_analytics_enabled' => true, - 'glassbox_enabled' => true + 'usage' => true, + 'glassbox' => true } ) end @@ -140,11 +140,11 @@ let(:update_params) { { ga_cookie_usage: 'false', glassbox_cookie_usage: 'false' } } it 'updates the cookie preferences' do - expect(JSON.parse(response.cookies['pmp_cookie_options_v1'])).to eq( + expect(JSON.parse(response.cookies['cookie_preferences'])).to eq( { 'settings_viewed' => true, - 'google_analytics_enabled' => false, - 'glassbox_enabled' => false + 'usage' => false, + 'glassbox' => false } ) end diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb index 23ef4c52..87a3c5c8 100644 --- a/spec/helpers/application_helper_spec.rb +++ b/spec/helpers/application_helper_spec.rb @@ -80,8 +80,8 @@ let(:default_cookie_settings) do { 'settings_viewed' => false, - 'google_analytics_enabled' => false, - 'glassbox_enabled' => false + 'usage' => false, + 'glassbox' => false } end @@ -92,14 +92,14 @@ end context 'when the cookie has been set' do - before { helper.request.cookies['pmp_cookie_options_v1'] = cookie_settings } + before { helper.request.cookies['cookie_preferences'] = cookie_settings } context 'and it is a hash' do let(:expected_cookie_settings) do { 'settings_viewed' => true, - 'google_analytics_enabled' => true, - 'glassbox_enabled' => false + 'usage' => true, + 'glassbox' => false } end let(:cookie_settings) { expected_cookie_settings.to_json } From a509b6fa310f459eba260da52bad73d836650728 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Oct 2023 10:24:12 +0000 Subject: [PATCH 39/42] build(deps-dev): bump rubocop-rspec from 2.22.0 to 2.24.1 Dependabot couldn't find the original pull request head commit, 9a7d526846243955db4c1ba5d9b637b0dbaed454. --- Gemfile | 2 +- Gemfile.lock | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Gemfile b/Gemfile index 0aa81e18..b1847a63 100644 --- a/Gemfile +++ b/Gemfile @@ -57,7 +57,7 @@ group :development, :test do gem 'rubocop', '~> 1.56.4' gem 'rubocop-performance', '~> 1.19.1' gem 'rubocop-rails', '~> 2.21.2' - gem 'rubocop-rspec', '~> 2.22.0', '>= 1.43.2' # or gem 'rubocop-minitest' + gem 'rubocop-rspec', '~> 2.24.1' # or gem 'rubocop-minitest' gem 'brakeman', '~> 6.0.1' end diff --git a/Gemfile.lock b/Gemfile.lock index 8c2a1de5..81cb01a9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -198,7 +198,7 @@ GEM mini_portile2 (~> 2.8.2) racc (~> 1.4) parallel (1.23.0) - parser (3.2.2.3) + parser (3.2.2.4) ast (~> 2.4.1) racc pg (1.5.4) @@ -299,9 +299,9 @@ GEM unicode-display_width (>= 2.4.0, < 3.0) rubocop-ast (1.29.0) parser (>= 3.2.1.0) - rubocop-capybara (2.18.0) + rubocop-capybara (2.19.0) rubocop (~> 1.41) - rubocop-factory_bot (2.23.1) + rubocop-factory_bot (2.24.0) rubocop (~> 1.33) rubocop-performance (1.19.1) rubocop (>= 1.7.0, < 2.0) @@ -310,7 +310,7 @@ GEM activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-rspec (2.22.0) + rubocop-rspec (2.24.1) rubocop (~> 1.33) rubocop-capybara (~> 2.17) rubocop-factory_bot (~> 2.22) @@ -392,7 +392,7 @@ DEPENDENCIES rubocop (~> 1.56.4) rubocop-performance (~> 1.19.1) rubocop-rails (~> 2.21.2) - rubocop-rspec (~> 2.22.0, >= 1.43.2) + rubocop-rspec (~> 2.24.1) simplecov (~> 0.22.0, >= 0.16.1) spring (~> 4.1.1) spring-watcher-listen (~> 2.1.0) From aa21a4017456502a9e127f9beb4cdb2329920faf Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Wed, 4 Oct 2023 11:59:14 +0100 Subject: [PATCH 40/42] Run fixes for rubocop --- spec/services/cognito/confirm_password_reset_spec.rb | 3 +-- spec/services/cognito/create_user_from_cognito_spec.rb | 6 ++---- spec/services/cognito/sign_in_user_spec.rb | 3 +-- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/spec/services/cognito/confirm_password_reset_spec.rb b/spec/services/cognito/confirm_password_reset_spec.rb index 30893f19..8a4a30c3 100644 --- a/spec/services/cognito/confirm_password_reset_spec.rb +++ b/spec/services/cognito/confirm_password_reset_spec.rb @@ -198,8 +198,7 @@ allow(Aws::CognitoIdentityProvider::Client).to receive(:new).with(region: 'supersecretregion').and_return(client) allow(client).to receive(:admin_get_user).and_return(cognito_user) allow(cognito_user).to receive(:user_attributes).and_return([attribute_type]) - allow(attribute_type).to receive(:name).and_return('sub') - allow(attribute_type).to receive(:value).and_return('my-cognito-id') + allow(attribute_type).to receive_messages(name: 'sub', value: 'my-cognito-id') allow(client).to receive(:admin_list_groups_for_user) end diff --git a/spec/services/cognito/create_user_from_cognito_spec.rb b/spec/services/cognito/create_user_from_cognito_spec.rb index 9ffeb34c..614131f5 100644 --- a/spec/services/cognito/create_user_from_cognito_spec.rb +++ b/spec/services/cognito/create_user_from_cognito_spec.rb @@ -47,8 +47,7 @@ before do allow(client).to receive(:admin_get_user).and_return(cognito_user) allow(cognito_user).to receive(:user_attributes).and_return([attribute_type]) - allow(attribute_type).to receive(:name).and_return('sub') - allow(attribute_type).to receive(:value).and_return('my-cognito-id') + allow(attribute_type).to receive_messages(name: 'sub', value: 'my-cognito-id') allow(client).to receive(:admin_list_groups_for_user) create_user_from_cognito.call end @@ -94,8 +93,7 @@ before do create_user_from_cognito.instance_variable_set(:@cognito_user, cognito_user) - allow(attribute_type).to receive(:name).and_return('sub') - allow(attribute_type).to receive(:value).and_return('my-cognito-id') + allow(attribute_type).to receive_messages(name: 'sub', value: 'my-cognito-id') end context 'when the user has been found' do diff --git a/spec/services/cognito/sign_in_user_spec.rb b/spec/services/cognito/sign_in_user_spec.rb index b43e5764..cf42a0a1 100644 --- a/spec/services/cognito/sign_in_user_spec.rb +++ b/spec/services/cognito/sign_in_user_spec.rb @@ -114,8 +114,7 @@ let(:explicit_auth_flows) { ['USER_PASSWORD_AUTH'] } before do - allow(user_pool_client).to receive(:client_id).and_return('supersecretkey2') - allow(user_pool_client).to receive(:client_secret).and_return('supersecretkey1') + allow(user_pool_client).to receive_messages(client_id: 'supersecretkey2', client_secret: 'supersecretkey1') allow(client).to receive(:initiate_auth).and_return(auth_response) sign_in_user.call end From 3c213aa6a685b135fd7a389fc5da98a53c77ee2c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Oct 2023 03:05:57 +0000 Subject: [PATCH 41/42] build(deps): bump activerecord-postgis-adapter from 8.0.2 to 8.0.3 Bumps [activerecord-postgis-adapter](https://github.com/rgeo/activerecord-postgis-adapter) from 8.0.2 to 8.0.3. - [Changelog](https://github.com/rgeo/activerecord-postgis-adapter/blob/master/History.md) - [Commits](https://github.com/rgeo/activerecord-postgis-adapter/compare/v8.0.2...v8.0.3) --- updated-dependencies: - dependency-name: activerecord-postgis-adapter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index b1847a63..a4af27f3 100644 --- a/Gemfile +++ b/Gemfile @@ -30,7 +30,7 @@ gem 'bootsnap', '~> 1.16.0', '>= 1.16.0', require: false gem 'arask', '~> 1.2.3' # for postgresql -gem 'activerecord-postgis-adapter', '~> 8.0.2' +gem 'activerecord-postgis-adapter', '~> 8.0.3' gem 'pg', '~> 1.5.4' # remove if not option two taken in project gem 'jwt', '~> 2.7.1' diff --git a/Gemfile.lock b/Gemfile.lock index 81cb01a9..b83d7902 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -64,7 +64,7 @@ GEM activerecord (7.0.8) activemodel (= 7.0.8) activesupport (= 7.0.8) - activerecord-postgis-adapter (8.0.2) + activerecord-postgis-adapter (8.0.3) activerecord (~> 7.0.0) rgeo-activerecord (~> 7.0.0) activestorage (7.0.8) @@ -366,7 +366,7 @@ PLATFORMS ruby DEPENDENCIES - activerecord-postgis-adapter (~> 8.0.2) + activerecord-postgis-adapter (~> 8.0.3) arask (~> 1.2.3) aws-sdk-cognitoidentityprovider (~> 1.82.0) aws-sdk-s3 (~> 1) From 450aae5b4b7dc1c0bb8b1aa422e23a4f15346c76 Mon Sep 17 00:00:00 2001 From: tim-s-ccs Date: Thu, 12 Oct 2023 16:32:40 +0100 Subject: [PATCH 42/42] When redirecting to PMP, allow_other_host --- app/controllers/base/sessions_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/base/sessions_controller.rb b/app/controllers/base/sessions_controller.rb index b646058c..bcd7927b 100644 --- a/app/controllers/base/sessions_controller.rb +++ b/app/controllers/base/sessions_controller.rb @@ -20,7 +20,7 @@ def create cookies.permanent[:remember_token] = code Rails.logger.info 'SIGN IN ATTEMPT SUCCESSFUL' - redirect_to("#{params[:redirect_uri]}?code=#{code}&state=#{params[:state]}") + redirect_to("#{params[:redirect_uri]}?code=#{code}&state=#{params[:state]}", allow_other_host: true) end else result_unsuccessful_path