alchemy_cms 6.0.12 → 6.0.13

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 706ea8d8bb121be924f467a6d367104dae78cf131a1a86bca33c08c75f377239
-  data.tar.gz: 8e8d3603be2b6b507c39a010b6231b2b3b753babb6556453741258699635a400
+  metadata.gz: d401fd3a44495f1a096fc4115eec8d32be8862305cc95c35715548147ec7688a
+  data.tar.gz: 8f9a98f79c64acafaad1eaef6358a1ca468ed00cb18e5dff15627f47db028bde
 SHA512:
-  metadata.gz: 00b2766205aba938284f4fef79e6d7e00c1271c243ab4b50faa63dff68e11cb47c2029bc4afd20f57c917966429083328a0ab9a3629ab9ede810793b60aa036a
-  data.tar.gz: ecfbc1794df353099fd1ec2454275c55d09c9521cb85591258f67707ed2cf6dc72f287ca99135373783710def1df11a3302066f51935772bcf84c56d94a8ba98
+  metadata.gz: 7982344f2c8376017f665f70985da9f1263551a9424481646081a7cfa65a6cd65f7e87ee615cbd64ace815b9e6f4450c45625fea87330db7690233cb2b042d63
+  data.tar.gz: 4b148956360c26b3acb5495a341de5a14f809272fb709c856ff878882367af59b7b7a1133731c02e68fad2cf5404e00e5db8730b1b1b91d6a7a2e8511b5872b0

data/.github/workflows/brakeman-analysis.yml

@@ -5,42 +5,42 @@ name: Brakeman Scan
 
 on:
   push:
-    branches: [ main ]
+    branches: [main]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ main ]
+    branches: [main]
   schedule:
-    - cron: '40 4 * * 2'
+    - cron: "40 4 * * 2"
 
 jobs:
   brakeman-scan:
     name: Brakeman Scan
     runs-on: ubuntu-latest
     steps:
-    # Checkout the repository to the GitHub Actions runner
-    - name: Checkout
-      uses: actions/checkout@v2
+      # Checkout the repository to the GitHub Actions runner
+      - name: Checkout
+        uses: actions/checkout@v2
 
-    # Customize the ruby version depending on your needs
-    - name: Setup Ruby
-      uses: actions/setup-ruby@v1
-      with:
-        ruby-version: '2.7'
+      # Customize the ruby version depending on your needs
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: "3.0"
 
-    - name: Setup Brakeman
-      env:
-        BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
-      run: |
-        gem install brakeman --version $BRAKEMAN_VERSION
+      - name: Setup Brakeman
+        env:
+          BRAKEMAN_VERSION: "5.4" # SARIF support is provided in Brakeman version 4.10+
+        run: |
+          gem install brakeman --version $BRAKEMAN_VERSION
 
-    # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
-    - name: Scan
-      continue-on-error: true
-      run: |
-        brakeman -f sarif -o output.sarif.json .
+      # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
+      - name: Scan
+        continue-on-error: true
+        run: |
+          brakeman -f sarif -o output.sarif.json .
 
-    # Upload the SARIF file generated in the previous step
-    - name: Upload SARIF
-      uses: github/codeql-action/upload-sarif@v1
-      with:
-        sarif_file: output.sarif.json
+      # Upload the SARIF file generated in the previous step
+      - name: Upload SARIF
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: output.sarif.json

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+# Changelog
+
+## 6.0.13 (2023-03-29)
+
+- Fix installer: Add seeds file if not exists [#2446](https://github.com/AlchemyCMS/alchemy_cms/pull/2446) ([tvdeyen](https://github.com/tvdeyen))
+- Integrate non_stupid_digest_assets gem [#2430](https://github.com/AlchemyCMS/alchemy_cms/pull/2430) ([afdev82](https://github.com/afdev82))
+
 ## 6.0.12 (2022-11-19)
 
 - More installer options [#2385](https://github.com/AlchemyCMS/alchemy_cms/pull/2385) ([tvdeyen](https://github.com/tvdeyen))

data/alchemy_cms.gemspec

@@ -45,7 +45,6 @@ Gem::Specification.new do |gem|
   gem.add_runtime_dependency "jquery-ui-rails", ["~> 6.0"]
   gem.add_runtime_dependency "kaminari", ["~> 1.1"]
   gem.add_runtime_dependency "originator", ["~> 3.1"]
-  gem.add_runtime_dependency "non-stupid-digest-assets", ["~> 1.0.8"]
   gem.add_runtime_dependency "ransack", [">= 1.8", "< 4.0"]
   gem.add_runtime_dependency "request_store", ["~> 1.2"]
   gem.add_runtime_dependency "responders", [">= 2.0", "< 4.0"]

data/app/models/alchemy/picture_thumb/create.rb

@@ -15,13 +15,25 @@ module Alchemy
         # @return [Alchemy::PictureThumb] The persisted thumbnail record
         #
         def call(variant, signature, uid)
-          image = variant.image
-          image.to_file(server_path(uid)).close
-          variant.picture.thumbs.create!(
+          return if !variant.picture.valid?
+
+          # create the thumb before storing
+          # to prevent db race conditions
+          thumb = Alchemy::PictureThumb.create!(
             picture: variant.picture,
             signature: signature,
             uid: uid,
           )
+          begin
+            # process the image
+            image = variant.image
+            # store the processed image
+            image.to_file(server_path(uid)).close
+          rescue RuntimeError => e
+            Rails.logger.warn(e)
+            # destroy the thumb if processing or storing fails
+            thumb&.destroy
+          end
         end
 
         private

data/lib/alchemy/install/tasks.rb

@@ -31,7 +31,13 @@ module Alchemy
         end
 
         def inject_seeder
-          append_file "./db/seeds.rb", "Alchemy::Seeder.seed!\n"
+          seed_file = Rails.root.join("db", "seeds.rb")
+          args = [seed_file, "Alchemy::Seeder.seed!\n"]
+          if File.exist?(seed_file)
+            append_file(*args)
+          else
+            add_file(*args)
+          end
         end
       end
     end

data/lib/alchemy/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module Alchemy
-  VERSION = "6.0.12"
+  VERSION = "6.0.13"
 
   def self.version
     VERSION

data/lib/alchemy_cms.rb

@@ -15,7 +15,7 @@ require "handlebars_assets"
 require "jquery-rails"
 require "jquery-ui-rails"
 require "kaminari"
-require "non-stupid-digest-assets"
+require "non_stupid_digest_assets"
 require "ransack"
 require "request_store"
 require "responders"

data/lib/non_stupid_digest_assets.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require "sprockets/manifest"
+require "active_support/core_ext/module/attribute_accessors"
+
+module NonStupidDigestAssets
+  mattr_accessor :whitelist
+  @@whitelist = []
+
+  class << self
+    def assets(assets)
+      return assets if whitelist.empty?
+
+      whitelisted_assets(assets)
+    end
+
+    private
+
+    def whitelisted_assets(assets)
+      assets.select do |logical_path, _digest_path|
+        whitelist.any? do |item|
+          item =~ logical_path
+        end
+      end
+    end
+  end
+
+  module CompileWithNonDigest
+    def compile(*args)
+      paths = super
+      NonStupidDigestAssets.assets(assets).each do |(logical_path, digest_path)|
+        full_digest_path = File.join dir, digest_path
+        full_digest_gz_path = "#{full_digest_path}.gz"
+        full_non_digest_path = File.join dir, logical_path
+        full_non_digest_gz_path = "#{full_non_digest_path}.gz"
+
+        if File.exist? full_digest_path
+          logger.debug "Writing #{full_non_digest_path}"
+          FileUtils.copy_file full_digest_path, full_non_digest_path, :preserve_attributes
+        else
+          logger.debug "Could not find: #{full_digest_path}"
+        end
+        if File.exist? full_digest_gz_path
+          logger.debug "Writing #{full_non_digest_gz_path}"
+          FileUtils.copy_file full_digest_gz_path, full_non_digest_gz_path, :preserve_attributes
+        else
+          logger.debug "Could not find: #{full_digest_gz_path}"
+        end
+      end
+      paths
+    end
+  end
+end
+
+Sprockets::Manifest.prepend NonStupidDigestAssets::CompileWithNonDigest

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@alchemy_cms/admin",
-  "version": "6.0.12",
+  "version": "6.0.13",
   "description": "AlchemyCMS",
   "browser": "package/admin.js",
   "files": [

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: alchemy_cms
 version: !ruby/object:Gem::Version
-  version: 6.0.12
+  version: 6.0.13
 platform: ruby
 authors:
 - Thomas von Deyen
@@ -13,7 +13,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-19 00:00:00.000000000 Z
+date: 2023-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionmailer
@@ -387,20 +387,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.1'
-- !ruby/object:Gem::Dependency
-  name: non-stupid-digest-assets
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.0.8
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.0.8
 - !ruby/object:Gem::Dependency
   name: ransack
   requirement: !ruby/object:Gem::Requirement
@@ -1419,6 +1405,7 @@ files:
 - lib/generators/alchemy/site_layouts/templates/layout.html.haml
 - lib/generators/alchemy/site_layouts/templates/layout.html.slim
 - lib/generators/alchemy/views/views_generator.rb
+- lib/non_stupid_digest_assets.rb
 - lib/tasks/alchemy/db.rake
 - lib/tasks/alchemy/install.rake
 - lib/tasks/alchemy/thumbnails.rake
@@ -1524,7 +1511,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements:
 - ImageMagick (libmagick), v6.6 or greater.
-rubygems_version: 3.3.7
+rubygems_version: 3.4.6
 signing_key:
 specification_version: 4
 summary: A powerful, userfriendly and flexible CMS for Rails