diff --git a/.github/actions/linter_ruby.yml b/.github/actions/linter_ruby.yml deleted file mode 100644 index e54a283..0000000 --- a/.github/actions/linter_ruby.yml +++ /dev/null @@ -1,26 +0,0 @@ -on: - workflow_call: - secrets: - token: - required: true - -jobs: - rubocop: - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Set up Ruby versions - uses: ruby/setup-ruby@v1 - with: - bundler-cache: false - - - name: Install Rubocop - run: | - gem install rubocop-rails-omakase -N - gem install rubocop-rspec -N - - - name: Run Rubocop - run: rubocop --lint diff --git a/.github/actions/sast_ruby.yml b/.github/actions/sast_ruby.yml deleted file mode 100644 index c7bb9db..0000000 --- a/.github/actions/sast_ruby.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: SAST - -on: - workflow_call: - secrets: - token: - required: true - -permissions: - contents: read - -jobs: - brakeman: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Ruby - uses: ruby/setup-ruby@v1 - with: - bundler-cache: false - - - name: Install Brakeman - run: gem install brakeman -N - - - name: Run brakeman - run: brakeman --force - - bearer: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v4 - - - name: Set up Ruby versions - uses: ruby/setup-ruby@v1 - - - name: Bearer - uses: bearer/bearer-action@v2 diff --git a/.github/workflows/linter_ruby.yml b/.github/workflows/linter_ruby.yml index 1ac6c97..a79502e 100644 --- a/.github/workflows/linter_ruby.yml +++ b/.github/workflows/linter_ruby.yml @@ -1,16 +1,54 @@ -name: Lint and SAST - on: pull_request: workflow_dispatch: jobs: - lint: - uses: ./.github/actions/linter_ruby.yml - secrets: - token: ${{ secrets.GITHUB_TOKEN }} - - sast: - uses: ./.github/actions/sast_ruby.yml - secrets: - token: ${{ secrets.GITHUB_TOKEN }} + rubocop: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Ruby versions + uses: ruby/setup-ruby@v1 + with: + bundler-cache: false + + - name: Install Rubocop + run: | + gem install rubocop-rails-omakase -N + gem install rubocop-rspec -N + + - name: Run Rubocop + run: rubocop --lint + + brakeman: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: false + + - name: Install Brakeman + run: gem install brakeman -N + + - name: Run brakeman + run: brakeman --force + + bearer: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Set up Ruby versions + uses: ruby/setup-ruby@v1 + + - name: Bearer + uses: bearer/bearer-action@v2 diff --git a/.ruby-version b/.ruby-version index ff365e0..5f6fc5e 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.1.3 +3.3.10 diff --git a/Gemfile b/Gemfile index 7bcbf18..08baa3f 100644 --- a/Gemfile +++ b/Gemfile @@ -1,8 +1,8 @@ source 'https://rubygems.org' -ruby '3.1.3' +ruby '3.3.10' -gem 'rails', '~> 7.2.0' +gem 'rails', '~> 8.0.0' gem 'amqp' gem 'erubis' @@ -12,14 +12,14 @@ gem 'listen' gem 'net-smtp' gem 'psych', '< 4' -gem 'webrick', '~> 1.7' +gem 'webrick' gem 'hashie' gem 'pg' -gem 'nokogiri', '~> 1.18.4' -gem 'rack', '~> 2.2.13' +gem 'nokogiri' +gem 'rack' group :test do gem 'byebug' diff --git a/Gemfile.lock b/Gemfile.lock index c2ad681..67f3b1d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,68 +1,65 @@ GEM remote: https://rubygems.org/ specs: - actioncable (7.2.3) - actionpack (= 7.2.3) - activesupport (= 7.2.3) + actioncable (8.0.4) + actionpack (= 8.0.4) + activesupport (= 8.0.4) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.2.3) - actionpack (= 7.2.3) - activejob (= 7.2.3) - activerecord (= 7.2.3) - activestorage (= 7.2.3) - activesupport (= 7.2.3) + actionmailbox (8.0.4) + actionpack (= 8.0.4) + activejob (= 8.0.4) + activerecord (= 8.0.4) + activestorage (= 8.0.4) + activesupport (= 8.0.4) mail (>= 2.8.0) - actionmailer (7.2.3) - actionpack (= 7.2.3) - actionview (= 7.2.3) - activejob (= 7.2.3) - activesupport (= 7.2.3) + actionmailer (8.0.4) + actionpack (= 8.0.4) + actionview (= 8.0.4) + activejob (= 8.0.4) + activesupport (= 8.0.4) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.2.3) - actionview (= 7.2.3) - activesupport (= 7.2.3) - cgi + actionpack (8.0.4) + actionview (= 8.0.4) + activesupport (= 8.0.4) nokogiri (>= 1.8.5) - racc - rack (>= 2.2.4, < 3.3) + rack (>= 2.2.4) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) useragent (~> 0.16) - actiontext (7.2.3) - actionpack (= 7.2.3) - activerecord (= 7.2.3) - activestorage (= 7.2.3) - activesupport (= 7.2.3) + actiontext (8.0.4) + actionpack (= 8.0.4) + activerecord (= 8.0.4) + activestorage (= 8.0.4) + activesupport (= 8.0.4) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.2.3) - activesupport (= 7.2.3) + actionview (8.0.4) + activesupport (= 8.0.4) builder (~> 3.1) - cgi erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activejob (7.2.3) - activesupport (= 7.2.3) + activejob (8.0.4) + activesupport (= 8.0.4) globalid (>= 0.3.6) - activemodel (7.2.3) - activesupport (= 7.2.3) - activerecord (7.2.3) - activemodel (= 7.2.3) - activesupport (= 7.2.3) + activemodel (8.0.4) + activesupport (= 8.0.4) + activerecord (8.0.4) + activemodel (= 8.0.4) + activesupport (= 8.0.4) timeout (>= 0.4.0) - activestorage (7.2.3) - actionpack (= 7.2.3) - activejob (= 7.2.3) - activerecord (= 7.2.3) - activesupport (= 7.2.3) + activestorage (8.0.4) + actionpack (= 8.0.4) + activejob (= 8.0.4) + activerecord (= 8.0.4) + activesupport (= 8.0.4) marcel (~> 1.0) - activesupport (7.2.3) + activesupport (8.0.4) base64 benchmark (>= 0.3) bigdecimal @@ -74,18 +71,22 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) - amq-protocol (2.3.4) + uri (>= 0.13.1) + addressable (2.8.9) + public_suffix (>= 2.0.2, < 8.0) + amq-protocol (2.5.1) amqp (1.8.0) amq-protocol (>= 2.2.0) eventmachine + ast (2.4.3) base64 (0.3.0) benchmark (0.5.0) - bigdecimal (3.3.1) + bigdecimal (4.0.1) builder (3.3.0) - byebug (12.0.0) - cgi (0.5.0) - concurrent-ruby (1.3.5) - connection_pool (2.5.5) + byebug (13.0.0) + reline (>= 0.6.0) + concurrent-ruby (1.3.6) + connection_pool (3.0.2) crass (1.0.6) database_cleaner (2.1.0) database_cleaner-active_record (>= 2, < 3) @@ -93,7 +94,7 @@ GEM activerecord (>= 5.a) database_cleaner-core (~> 2.0) database_cleaner-core (2.0.1) - date (3.5.0) + date (3.5.1) diff-lcs (1.6.2) drb (2.2.3) erubi (1.13.1) @@ -104,26 +105,35 @@ GEM factory_bot_rails (4.11.1) factory_bot (~> 4.11.1) railties (>= 3.0.0) - ffi (1.17.2-arm64-darwin) - ffi (1.17.2-x86_64-darwin) + ffi (1.17.3-arm64-darwin) + ffi (1.17.3-x86_64-darwin) globalid (1.3.0) activesupport (>= 6.1) - hashie (5.0.0) - honeybadger (6.1.3) + hashie (5.1.0) + logger + honeybadger (6.5.2) logger ostruct - i18n (1.14.7) + i18n (1.14.8) concurrent-ruby (~> 1.0) - io-console (0.8.1) - irb (1.15.3) + io-console (0.8.2) + irb (1.17.0) pp (>= 0.6.0) + prism (>= 1.3.0) rdoc (>= 4.0.0) reline (>= 0.4.2) - listen (3.9.0) + json (2.18.1) + json-schema (6.1.0) + addressable (~> 2.8) + bigdecimal (>= 3.1, < 5) + language_server-protocol (3.17.0.5) + lint_roller (1.1.0) + listen (3.10.0) + logger rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) logger (1.7.0) - loofah (2.24.1) + loofah (2.25.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) mail (2.9.0) @@ -133,11 +143,15 @@ GEM net-pop net-smtp marcel (1.1.0) + mcp (0.8.0) + json-schema (>= 4.1) mini_mime (1.1.5) - minitest (5.26.2) - mocha (2.8.2) + minitest (6.0.2) + drb (~> 2.0) + prism (~> 1.5) + mocha (3.0.2) ruby2_keywords (>= 0.0.5) - net-imap (0.5.12) + net-imap (0.6.3) date net-protocol net-pop (0.1.2) @@ -147,62 +161,69 @@ GEM net-smtp (0.5.1) net-protocol nio4r (2.7.5) - nokogiri (1.18.10-arm64-darwin) + nokogiri (1.19.1-arm64-darwin) racc (~> 1.4) - nokogiri (1.18.10-x86_64-darwin) + nokogiri (1.19.1-x86_64-darwin) racc (~> 1.4) ostruct (0.6.3) - pg (1.6.2-arm64-darwin) - pg (1.6.2-x86_64-darwin) + parallel (1.27.0) + parser (3.3.10.2) + ast (~> 2.4.1) + racc + pg (1.6.3-arm64-darwin) + pg (1.6.3-x86_64-darwin) pp (0.6.3) prettyprint prettyprint (0.2.0) + prism (1.9.0) psych (3.3.4) + public_suffix (7.0.5) racc (1.8.1) - rack (2.2.21) - rack-session (1.0.2) - rack (< 3) + rack (3.2.5) + rack-session (2.1.1) + base64 (>= 0.1.0) + rack (>= 3.0.0) rack-test (2.2.0) rack (>= 1.3) - rackup (1.0.1) - rack (< 3) - webrick - rails (7.2.3) - actioncable (= 7.2.3) - actionmailbox (= 7.2.3) - actionmailer (= 7.2.3) - actionpack (= 7.2.3) - actiontext (= 7.2.3) - actionview (= 7.2.3) - activejob (= 7.2.3) - activemodel (= 7.2.3) - activerecord (= 7.2.3) - activestorage (= 7.2.3) - activesupport (= 7.2.3) + rackup (2.3.1) + rack (>= 3) + rails (8.0.4) + actioncable (= 8.0.4) + actionmailbox (= 8.0.4) + actionmailer (= 8.0.4) + actionpack (= 8.0.4) + actiontext (= 8.0.4) + actionview (= 8.0.4) + activejob (= 8.0.4) + activemodel (= 8.0.4) + activerecord (= 8.0.4) + activestorage (= 8.0.4) + activesupport (= 8.0.4) bundler (>= 1.15.0) - railties (= 7.2.3) + railties (= 8.0.4) rails-dom-testing (2.3.0) activesupport (>= 5.0.0) minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.6.2) - loofah (~> 2.21) + rails-html-sanitizer (1.7.0) + loofah (~> 2.25) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - railties (7.2.3) - actionpack (= 7.2.3) - activesupport (= 7.2.3) - cgi + railties (8.0.4) + actionpack (= 8.0.4) + activesupport (= 8.0.4) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) thor (~> 1.0, >= 1.2.2) tsort (>= 0.2) zeitwerk (~> 2.6) + rainbow (3.1.1) rake (13.3.1) rb-fsevent (0.11.2) rb-inotify (0.11.1) ffi (~> 1.0) rdoc (6.3.4.1) + regexp_parser (2.11.3) reline (0.6.3) io-console (~> 0.5) rspec-core (3.13.6) @@ -210,10 +231,10 @@ GEM rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.7) + rspec-mocks (3.13.8) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-rails (8.0.2) + rspec-rails (8.0.3) actionpack (>= 7.2) activesupport (>= 7.2) railties (>= 7.2) @@ -221,25 +242,63 @@ GEM rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) - rspec-support (3.13.6) + rspec-support (3.13.7) + rubocop (1.85.0) + json (~> 2.3) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) + mcp (~> 0.6) + parallel (~> 1.10) + parser (>= 3.3.0.2) + rainbow (>= 2.2.2, < 4.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.49.0, < 2.0) + ruby-progressbar (~> 1.7) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.49.0) + parser (>= 3.3.7.2) + prism (~> 1.7) + rubocop-performance (1.26.1) + lint_roller (~> 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.47.1, < 2.0) + rubocop-rails (2.34.3) + activesupport (>= 4.2.0) + lint_roller (~> 1.1) + rack (>= 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) + rubocop-rails-omakase (1.1.0) + rubocop (>= 1.72) + rubocop-performance (>= 1.24) + rubocop-rails (>= 2.30) + rubocop-rspec (3.9.0) + lint_roller (~> 1.1) + rubocop (~> 1.81) + ruby-progressbar (1.13.0) ruby2_keywords (0.0.5) securerandom (0.4.1) - thor (1.4.0) - timeout (0.5.0) + thor (1.5.0) + timeout (0.6.0) tsort (0.2.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) + unicode-display_width (3.2.0) + unicode-emoji (~> 4.1) + unicode-emoji (4.2.0) + uri (1.1.1) useragent (0.16.11) webrick (1.9.2) websocket-driver (0.8.0) base64 websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.18) + zeitwerk (2.7.5) PLATFORMS arm64-darwin-23 arm64-darwin-24 + arm64-darwin-25 x86_64-darwin-21 DEPENDENCIES @@ -254,18 +313,18 @@ DEPENDENCIES listen mocha net-smtp - nokogiri (~> 1.18.4) + nokogiri pg psych (< 4) - rack (~> 2.2.13) - rails (~> 7.2.0) + rack + rails (~> 8.0.0) rspec-rails rubocop-rails-omakase rubocop-rspec - webrick (~> 1.7) + webrick RUBY VERSION - ruby 3.1.3p185 + ruby 3.3.10p183 BUNDLED WITH - 2.3.25 + 2.5.22 diff --git a/config/amqp.yml.example b/config/amqp.yml.example index 00158fa..55b8792 100644 --- a/config/amqp.yml.example +++ b/config/amqp.yml.example @@ -13,8 +13,8 @@ # * timeout - Timeout defaults: &defaults - user: <%= JSON.parse( ENV['VCAP_SERVICES'] )['a9hcp-rabbitmq'].first['credentials']['username'] rescue '' %> - pass: <%= JSON.parse( ENV['VCAP_SERVICES'] )['a9hcp-rabbitmq'].first['credentials']['password'] rescue '' %> + user: <%= JSON.parse( ENV['VCAP_SERVICES'] )['a9hcp-rabbitmq'].first['credentials']['username'] rescue 'guest' %> + pass: <%= JSON.parse( ENV['VCAP_SERVICES'] )['a9hcp-rabbitmq'].first['credentials']['password'] rescue 'guest' %> host: <%= JSON.parse( ENV['VCAP_SERVICES'] )['a9hcp-rabbitmq'].first['credentials']['host'] rescue 'localhost' %> vhost: /