alchemy_cms 6.0.12 → 6.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of alchemy_cms might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.github/workflows/brakeman-analysis.yml +26 -26
- data/CHANGELOG.md +7 -0
- data/alchemy_cms.gemspec +0 -1
- data/app/models/alchemy/picture_thumb/create.rb +15 -3
- data/lib/alchemy/install/tasks.rb +7 -1
- data/lib/alchemy/version.rb +1 -1
- data/lib/alchemy_cms.rb +1 -1
- data/lib/non_stupid_digest_assets.rb +55 -0
- data/package.json +1 -1
- metadata +4 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d401fd3a44495f1a096fc4115eec8d32be8862305cc95c35715548147ec7688a
|
|
4
|
+
data.tar.gz: 8f9a98f79c64acafaad1eaef6358a1ca468ed00cb18e5dff15627f47db028bde
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7982344f2c8376017f665f70985da9f1263551a9424481646081a7cfa65a6cd65f7e87ee615cbd64ace815b9e6f4450c45625fea87330db7690233cb2b042d63
|
|
7
|
+
data.tar.gz: 4b148956360c26b3acb5495a341de5a14f809272fb709c856ff878882367af59b7b7a1133731c02e68fad2cf5404e00e5db8730b1b1b91d6a7a2e8511b5872b0
|
|
@@ -5,42 +5,42 @@ name: Brakeman Scan
|
|
|
5
5
|
|
|
6
6
|
on:
|
|
7
7
|
push:
|
|
8
|
-
branches: [
|
|
8
|
+
branches: [main]
|
|
9
9
|
pull_request:
|
|
10
10
|
# The branches below must be a subset of the branches above
|
|
11
|
-
branches: [
|
|
11
|
+
branches: [main]
|
|
12
12
|
schedule:
|
|
13
|
-
- cron:
|
|
13
|
+
- cron: "40 4 * * 2"
|
|
14
14
|
|
|
15
15
|
jobs:
|
|
16
16
|
brakeman-scan:
|
|
17
17
|
name: Brakeman Scan
|
|
18
18
|
runs-on: ubuntu-latest
|
|
19
19
|
steps:
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
20
|
+
# Checkout the repository to the GitHub Actions runner
|
|
21
|
+
- name: Checkout
|
|
22
|
+
uses: actions/checkout@v2
|
|
23
23
|
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
24
|
+
# Customize the ruby version depending on your needs
|
|
25
|
+
- name: Set up Ruby
|
|
26
|
+
uses: ruby/setup-ruby@v1
|
|
27
|
+
with:
|
|
28
|
+
ruby-version: "3.0"
|
|
29
29
|
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
30
|
+
- name: Setup Brakeman
|
|
31
|
+
env:
|
|
32
|
+
BRAKEMAN_VERSION: "5.4" # SARIF support is provided in Brakeman version 4.10+
|
|
33
|
+
run: |
|
|
34
|
+
gem install brakeman --version $BRAKEMAN_VERSION
|
|
35
35
|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
36
|
+
# Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
|
|
37
|
+
- name: Scan
|
|
38
|
+
continue-on-error: true
|
|
39
|
+
run: |
|
|
40
|
+
brakeman -f sarif -o output.sarif.json .
|
|
41
41
|
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
42
|
+
# Upload the SARIF file generated in the previous step
|
|
43
|
+
- name: Upload SARIF
|
|
44
|
+
uses: github/codeql-action/upload-sarif@v1
|
|
45
|
+
with:
|
|
46
|
+
sarif_file: output.sarif.json
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
## 6.0.13 (2023-03-29)
|
|
4
|
+
|
|
5
|
+
- Fix installer: Add seeds file if not exists [#2446](https://github.com/AlchemyCMS/alchemy_cms/pull/2446) ([tvdeyen](https://github.com/tvdeyen))
|
|
6
|
+
- Integrate non_stupid_digest_assets gem [#2430](https://github.com/AlchemyCMS/alchemy_cms/pull/2430) ([afdev82](https://github.com/afdev82))
|
|
7
|
+
|
|
1
8
|
## 6.0.12 (2022-11-19)
|
|
2
9
|
|
|
3
10
|
- More installer options [#2385](https://github.com/AlchemyCMS/alchemy_cms/pull/2385) ([tvdeyen](https://github.com/tvdeyen))
|
data/alchemy_cms.gemspec
CHANGED
|
@@ -45,7 +45,6 @@ Gem::Specification.new do |gem|
|
|
|
45
45
|
gem.add_runtime_dependency "jquery-ui-rails", ["~> 6.0"]
|
|
46
46
|
gem.add_runtime_dependency "kaminari", ["~> 1.1"]
|
|
47
47
|
gem.add_runtime_dependency "originator", ["~> 3.1"]
|
|
48
|
-
gem.add_runtime_dependency "non-stupid-digest-assets", ["~> 1.0.8"]
|
|
49
48
|
gem.add_runtime_dependency "ransack", [">= 1.8", "< 4.0"]
|
|
50
49
|
gem.add_runtime_dependency "request_store", ["~> 1.2"]
|
|
51
50
|
gem.add_runtime_dependency "responders", [">= 2.0", "< 4.0"]
|
|
@@ -15,13 +15,25 @@ module Alchemy
|
|
|
15
15
|
# @return [Alchemy::PictureThumb] The persisted thumbnail record
|
|
16
16
|
#
|
|
17
17
|
def call(variant, signature, uid)
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
18
|
+
return if !variant.picture.valid?
|
|
19
|
+
|
|
20
|
+
# create the thumb before storing
|
|
21
|
+
# to prevent db race conditions
|
|
22
|
+
thumb = Alchemy::PictureThumb.create!(
|
|
21
23
|
picture: variant.picture,
|
|
22
24
|
signature: signature,
|
|
23
25
|
uid: uid,
|
|
24
26
|
)
|
|
27
|
+
begin
|
|
28
|
+
# process the image
|
|
29
|
+
image = variant.image
|
|
30
|
+
# store the processed image
|
|
31
|
+
image.to_file(server_path(uid)).close
|
|
32
|
+
rescue RuntimeError => e
|
|
33
|
+
Rails.logger.warn(e)
|
|
34
|
+
# destroy the thumb if processing or storing fails
|
|
35
|
+
thumb&.destroy
|
|
36
|
+
end
|
|
25
37
|
end
|
|
26
38
|
|
|
27
39
|
private
|
|
@@ -31,7 +31,13 @@ module Alchemy
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def inject_seeder
|
|
34
|
-
|
|
34
|
+
seed_file = Rails.root.join("db", "seeds.rb")
|
|
35
|
+
args = [seed_file, "Alchemy::Seeder.seed!\n"]
|
|
36
|
+
if File.exist?(seed_file)
|
|
37
|
+
append_file(*args)
|
|
38
|
+
else
|
|
39
|
+
add_file(*args)
|
|
40
|
+
end
|
|
35
41
|
end
|
|
36
42
|
end
|
|
37
43
|
end
|
data/lib/alchemy/version.rb
CHANGED
data/lib/alchemy_cms.rb
CHANGED
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "sprockets/manifest"
|
|
4
|
+
require "active_support/core_ext/module/attribute_accessors"
|
|
5
|
+
|
|
6
|
+
module NonStupidDigestAssets
|
|
7
|
+
mattr_accessor :whitelist
|
|
8
|
+
@@whitelist = []
|
|
9
|
+
|
|
10
|
+
class << self
|
|
11
|
+
def assets(assets)
|
|
12
|
+
return assets if whitelist.empty?
|
|
13
|
+
|
|
14
|
+
whitelisted_assets(assets)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
private
|
|
18
|
+
|
|
19
|
+
def whitelisted_assets(assets)
|
|
20
|
+
assets.select do |logical_path, _digest_path|
|
|
21
|
+
whitelist.any? do |item|
|
|
22
|
+
item =~ logical_path
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
module CompileWithNonDigest
|
|
29
|
+
def compile(*args)
|
|
30
|
+
paths = super
|
|
31
|
+
NonStupidDigestAssets.assets(assets).each do |(logical_path, digest_path)|
|
|
32
|
+
full_digest_path = File.join dir, digest_path
|
|
33
|
+
full_digest_gz_path = "#{full_digest_path}.gz"
|
|
34
|
+
full_non_digest_path = File.join dir, logical_path
|
|
35
|
+
full_non_digest_gz_path = "#{full_non_digest_path}.gz"
|
|
36
|
+
|
|
37
|
+
if File.exist? full_digest_path
|
|
38
|
+
logger.debug "Writing #{full_non_digest_path}"
|
|
39
|
+
FileUtils.copy_file full_digest_path, full_non_digest_path, :preserve_attributes
|
|
40
|
+
else
|
|
41
|
+
logger.debug "Could not find: #{full_digest_path}"
|
|
42
|
+
end
|
|
43
|
+
if File.exist? full_digest_gz_path
|
|
44
|
+
logger.debug "Writing #{full_non_digest_gz_path}"
|
|
45
|
+
FileUtils.copy_file full_digest_gz_path, full_non_digest_gz_path, :preserve_attributes
|
|
46
|
+
else
|
|
47
|
+
logger.debug "Could not find: #{full_digest_gz_path}"
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
paths
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
Sprockets::Manifest.prepend NonStupidDigestAssets::CompileWithNonDigest
|
data/package.json
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: alchemy_cms
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.0.
|
|
4
|
+
version: 6.0.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thomas von Deyen
|
|
@@ -13,7 +13,7 @@ authors:
|
|
|
13
13
|
autorequire:
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
|
-
date:
|
|
16
|
+
date: 2023-03-29 00:00:00.000000000 Z
|
|
17
17
|
dependencies:
|
|
18
18
|
- !ruby/object:Gem::Dependency
|
|
19
19
|
name: actionmailer
|
|
@@ -387,20 +387,6 @@ dependencies:
|
|
|
387
387
|
- - "~>"
|
|
388
388
|
- !ruby/object:Gem::Version
|
|
389
389
|
version: '3.1'
|
|
390
|
-
- !ruby/object:Gem::Dependency
|
|
391
|
-
name: non-stupid-digest-assets
|
|
392
|
-
requirement: !ruby/object:Gem::Requirement
|
|
393
|
-
requirements:
|
|
394
|
-
- - "~>"
|
|
395
|
-
- !ruby/object:Gem::Version
|
|
396
|
-
version: 1.0.8
|
|
397
|
-
type: :runtime
|
|
398
|
-
prerelease: false
|
|
399
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
400
|
-
requirements:
|
|
401
|
-
- - "~>"
|
|
402
|
-
- !ruby/object:Gem::Version
|
|
403
|
-
version: 1.0.8
|
|
404
390
|
- !ruby/object:Gem::Dependency
|
|
405
391
|
name: ransack
|
|
406
392
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -1419,6 +1405,7 @@ files:
|
|
|
1419
1405
|
- lib/generators/alchemy/site_layouts/templates/layout.html.haml
|
|
1420
1406
|
- lib/generators/alchemy/site_layouts/templates/layout.html.slim
|
|
1421
1407
|
- lib/generators/alchemy/views/views_generator.rb
|
|
1408
|
+
- lib/non_stupid_digest_assets.rb
|
|
1422
1409
|
- lib/tasks/alchemy/db.rake
|
|
1423
1410
|
- lib/tasks/alchemy/install.rake
|
|
1424
1411
|
- lib/tasks/alchemy/thumbnails.rake
|
|
@@ -1524,7 +1511,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
1524
1511
|
version: '0'
|
|
1525
1512
|
requirements:
|
|
1526
1513
|
- ImageMagick (libmagick), v6.6 or greater.
|
|
1527
|
-
rubygems_version: 3.
|
|
1514
|
+
rubygems_version: 3.4.6
|
|
1528
1515
|
signing_key:
|
|
1529
1516
|
specification_version: 4
|
|
1530
1517
|
summary: A powerful, userfriendly and flexible CMS for Rails
|