auth0 5.14.1 → 5.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d567ac230e46cdb2b8ca43e044179b36d1f6980b0d605f762183e29e4d4f25be
-  data.tar.gz: 87377f3ac5970fcad124b9e0a5923a7e6c753793f0a109efd53e37c9eab43d1e
+  metadata.gz: ceba936338486855137ba5c59358f8656aaba565e624865a6d0b5e4092e937e7
+  data.tar.gz: 5d2521a3c29afe50813d3b53b7f56d260f075c88116bcb04f14f8b93e0eeaebe
 SHA512:
-  metadata.gz: 0bc4c08b46bb4e1d92ad32f4531b97f965bc9b1417458b24dba6ff77c05c9f7b409df62599b1068b5e527df92bb173ca359b7e122a071c6a24a5a1f8427a8943
-  data.tar.gz: a331080bb7f29d8657544da567bb1f414c0688855d6dbf0f8adeead56d7db5c0b977be2b0232346de9540e67b5b6272cd7a165ac3a3211fc80b53514dd39248f
+  metadata.gz: b14982084c5e6a3439a5261b4b2afa8712e0bba674ce0cc8c48f408fef5a16320de484f550b80102fb4f2bb21e6af751214e5682489ea2eeb1b9bc77ebfd0bf9
+  data.tar.gz: 2702811340ebdd8748449bcec4f01e2366b02bd2f00aec66168a9f088af8755259a11f76268a22e7cfbb347ca5c02ebd4d6eb251070ee42fe19545dd6b73bc89

data/.bundle/config

@@ -1,5 +1,4 @@
 ---
 BUNDLE_JOBS: "3"
 BUNDLE_BIN: "bin"
-BUNDLE_RETRY: "3"
-BUNDLE_PATH: "vendor/bundle"
+BUNDLE_RETRY: "3"

data/.circleci/config.yml

@@ -31,7 +31,6 @@ jobs:
     steps:
       - checkout
       - run: gem install bundler:2.3.22
-      - run: rm Gemfile.lock
       - restore_cache:
           key: gems-v2-{{ checksum "Gemfile.lock" }}
       - run: bundle check --path=vendor/bundle || bundle install --path=vendor/bundle

data/.github/actions/setup/action.yml

@@ -0,0 +1,32 @@
+name: Build package
+description: Build the SDK package
+
+inputs:
+  ruby:
+    description: The Ruby version to use
+    required: false
+    default: 3.2
+  bundle-path:
+    description: The path to the bundle cache
+    required: false
+    default: vendor/bundle
+  bundler-cache:
+    description: Whether to use the bundler cache
+    required: false
+    default: true
+
+runs:
+  using: composite
+
+  steps:
+    - name: Configure Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ inputs.ruby }}
+        bundler-cache: ${{ inputs.bundle-cache }}
+
+    - name: Install dependencies
+      run: bundle check || bundle install
+      shell: bash
+      env:
+        BUNDLE_PATH: ${{ inputs.bundle-path }}

data/.github/dependabot.yml

@@ -1,10 +1,13 @@
 version: 2
 updates:
-
-  - package-ecosystem: "bundler" 
-    directory: "/" 
+  - package-ecosystem: "bundler"
+    directory: "/"
     schedule:
       interval: "daily"
     ignore:
       - dependency-name: "*"
         update-types: ["version-update:semver-major"]
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'daily'

data/.github/workflows/codeql.yml

@@ -0,0 +1,53 @@
+name: CodeQL
+
+on:
+  merge_group:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+  push:
+    branches:
+      - master
+  schedule:
+    - cron: "37 10 * * 2"
+
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
+
+jobs:
+  analyze:
+    name: Check for Vulnerabilities
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ruby]
+
+    steps:
+      - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
+        run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          queries: +security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{ matrix.language }}"

data/.github/workflows/matrix.json

@@ -0,0 +1,7 @@
+{
+  "include": [
+    { "ruby": "3.0" },
+    { "ruby": "3.1" },
+    { "ruby": "3.2" }
+  ]
+}

data/.github/workflows/publish.yml

@@ -0,0 +1,37 @@
+name: Publish Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      branch:
+        description: The branch to release from.
+        required: true
+        default: master
+
+permissions:
+  contents: read
+
+jobs:
+  publish:
+    name: Publish to RubyGems
+    runs-on: ubuntu-latest
+    environment: release
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{ github.event.inputs.branch }}
+
+      - name: Configure Ruby
+        uses: ./.github/actions/setup
+        with:
+          ruby: 3.2
+
+      - name: Publish to RubyGems
+        run: |
+          gem build *.gemspec
+          gem push *.gem
+        env:
+          GEM_HOST_API_KEY: ${{secrets.RUBYGEMS_AUTH_TOKEN}}

data/.github/workflows/semgrep.yml

@@ -1,28 +1,49 @@
 name: Semgrep
 
 on:
-  pull_request: {}
-
+  merge_group:
+  pull_request_target:
+    types:
+      - opened
+      - synchronize
   push:
     branches:
       - master
-      - main
-
   schedule:
-    - cron: '0 * * * *'
+    - cron: '30 0 1,15 * *'
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
 
 jobs:
-  semgrep:
-    name: Scan
+  authorize:
+    name: Authorize
+    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
     runs-on: ubuntu-latest
+    steps:
+      - run: true
+
+  run:
+    needs: authorize # Require approval before running on forked pull requests
+
+    name: Check for Vulnerabilities
+    runs-on: ubuntu-latest
+
     container:
       image: returntocorp/semgrep
-    if: (github.repository_owner == 'auth0')
-    
+
     steps:
-      - uses: actions/checkout@v3
+      - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
+        run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha || github.ref }}
 
-      - if: github.event.pull_request.draft == false && github.actor != 'dependabot[bot]'
-        run: semgrep ci
+      - run: semgrep ci
         env:
           SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}

data/.github/workflows/snyk.yml

@@ -0,0 +1,47 @@
+name: Snyk
+
+on:
+  merge_group:
+  workflow_dispatch:
+  pull_request_target:
+    types:
+      - opened
+      - synchronize
+  push:
+    branches:
+      - master
+  schedule:
+    - cron: '30 0 1,15 * *'
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
+
+jobs:
+  authorize:
+    name: Authorize
+    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
+    runs-on: ubuntu-latest
+    steps:
+      - run: true
+
+  check:
+    needs: authorize
+
+    name: Check for Vulnerabilities
+    runs-on: ubuntu-latest
+
+    steps:
+      - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
+        run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha || github.ref }}
+
+      - uses: snyk/actions/php@b98d498629f1c368650224d6d212bf7dfa89e4bf # pin@0.4.0
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

data/.github/workflows/test.yml

@@ -0,0 +1,69 @@
+name: Build and Test
+
+on:
+  merge_group:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - master
+  push:
+    branches:
+      - master
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
+
+env:
+  CACHE_KEY: "${{ github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}"
+
+jobs:
+  configure:
+    name: Configure Build Matrix
+    runs-on: ubuntu-latest
+
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha || github.ref }}
+
+      - id: set-matrix
+        run: echo "matrix=$(jq -c . < ./.github/workflows/matrix.json)" >> $GITHUB_OUTPUT
+
+  unit:
+    needs: configure
+
+    name: Run Unit Tests
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix: ${{ fromJson(needs.configure.outputs.matrix) }}
+
+    env:
+      DOMAIN: example.auth0.dev
+      CLIENT_ID: example-client
+      CLIENT_SECRET: example-secret
+      MASTER_JWT: example-jwt
+      BUNDLE_PATH: vendor/bundle
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Configure Ruby
+        uses: ./.github/actions/setup
+        with:
+          ruby: ${{ matrix.ruby }}
+
+      - name: Run tests
+        run: bundle exec rake test
+
+      - name: Upload coverage
+        if: matrix.ruby == '3.2'
+        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4

data/.snyk

@@ -0,0 +1,11 @@
+ignore:
+  SNYK-RUBY-RACK-1061917:
+    - rubocop-rails > rack:
+      reason: No direct upgrade available
+      expires: "2023-11-02T12:00:00.000Z"
+    - dotenv-rails > railties > actionpack > rack:
+        reason: No direct upgrade available
+        expires: "2023-11-02T12:00:00.000Z"
+    - dotenv-rails > railties > actionpack > rack-test:
+        reason: No direct upgrade available
+        expires: "2023-11-02T12:00:00.000Z"

data/CHANGELOG.md

@@ -1,67 +1,101 @@
 # Change Log
 
+## [v5.15.0](https://github.com/auth0/ruby-auth0/tree/v5.15.0) (2023-10-30)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.14.2...v5.15.0)
+
+**Added**
+- [SDK-4659] Add fields to get_organizations_members [\#532](https://github.com/auth0/ruby-auth0/pull/532) ([adamjmcgrath](https://github.com/adamjmcgrath))
+
+## [v5.14.2](https://github.com/auth0/ruby-auth0/tree/v5.14.2) (2023-10-03)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.14.1...v5.14.2)
+
+**Fixed**
+
+- [API] `trigger_id` and `action_name` parameters for `create_action` endpoint are now optional [\#478](https://github.com/auth0/ruby-auth0/pull/478) [rapito](https://github.com/rapito)
+
 ## [v5.14.1](https://github.com/auth0/ruby-auth0/tree/v5.14.1) (2023-07-19)
+
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.14.0...v5.14.1)
 
 **Fixed**
+
 - chore: should not lowercase org_name claim [\#499](https://github.com/auth0/ruby-auth0/pull/499) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 ## [v5.14.0](https://github.com/auth0/ruby-auth0/tree/v5.14.0) (2023-07-13)
+
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.13.0...v5.14.0)
 
 **Added**
+
 - [SDK-4386] Support Organization Name in Authorize [\#495](https://github.com/auth0/ruby-auth0/pull/495) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 ## [v5.13.0](https://github.com/auth0/ruby-auth0/tree/v5.13.0) (2023-04-24)
+
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.12.0...v5.13.0)
 
 **Added**
+
 - [SDK-4142] Add support for /oauth/par [\#470](https://github.com/auth0/ruby-auth0/pull/470) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 **Deprecated**
+
 - Drop support for 2.7 in CI build [\#467](https://github.com/auth0/ruby-auth0/pull/467) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 ## [v5.12.0](https://github.com/auth0/ruby-auth0/tree/v5.12.0) (2023-03-13)
+
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.11.0...v5.12.0)
 
 **Added**
+
 - [SDK-4014] User Authentication Method management API support [\#450](https://github.com/auth0/ruby-auth0/pull/450) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 **Fixed**
+
 - Remove broken FAQ link from README [\#441](https://github.com/auth0/ruby-auth0/pull/441) ([joxxoxo](https://github.com/joxxoxo))
 
 ## [v5.11.0](https://github.com/auth0/ruby-auth0/tree/v5.11.0) (2023-01-27)
+
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.10.0...v5.11.0)
 
 **Added**
+
 - feat: support exchanging OTP codes for tokens [\#438](https://github.com/auth0/ruby-auth0/pull/438) ([stevehobbsdev](https://github.com/stevehobbsdev))
 - [SDK-3869] Support client credentials in management client [\#437](https://github.com/auth0/ruby-auth0/pull/437) ([stevehobbsdev](https://github.com/stevehobbsdev))
 - [SDK-3863] Add support for Client Assertion in authentication endpoints [\#434](https://github.com/auth0/ruby-auth0/pull/434) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 **Changed**
+
 - ci: include Ruby 3.2 in test matrix [\#436](https://github.com/auth0/ruby-auth0/pull/436) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 ## [v5.10.0](https://github.com/auth0/ruby-auth0/tree/v5.10.0) (2022-10-10)
+
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.9.0...v5.10.0)
 
 **Changed**
+
 - Update jwt ~2.5 [\#384](https://github.com/auth0/ruby-auth0/pull/384) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 **Fixed**
+
 - Stop :get, :delete parameters from bleeding into subsequent requests [\#388](https://github.com/auth0/ruby-auth0/pull/388) ([stevehobbsdev](https://github.com/stevehobbsdev))
 - Support complex field names in export_users [\#387](https://github.com/auth0/ruby-auth0/pull/387) ([stevehobbsdev](https://github.com/stevehobbsdev))
 - Reconfigure rate limiting exponential backoff [\#386](https://github.com/auth0/ruby-auth0/pull/386) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 ## [v5.9.0](https://github.com/auth0/ruby-auth0/tree/v5.9.0) (2022-08-24)
+
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.8.1...v5.9.0)
 
 **Added**
+
 - Add Delete All Authenticators API for Users [\#375](https://github.com/auth0/ruby-auth0/pull/375) ([phongnh](https://github.com/phongnh))
 
 **Changed**
+
 - Add include_totals to get connections options [\#357](https://github.com/auth0/ruby-auth0/pull/357) ([stevehobbsdev](https://github.com/stevehobbsdev))
 
 **Fixed**
+
 - Fix typo and remove param that is not used [\#365](https://github.com/auth0/ruby-auth0/pull/365) ([MatthewRDodds](https://github.com/MatthewRDodds))
 - correct remove_user_roles doc: roles param is ids, not names [\#359](https://github.com/auth0/ruby-auth0/pull/359) ([gbirchmeier](https://github.com/gbirchmeier))
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    auth0 (5.14.1)
+    auth0 (5.15.0)
       addressable (~> 2.8)
       jwt (~> 2.7)
       rest-client (~> 2.1)
@@ -11,29 +11,40 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (7.0.6)
-      actionview (= 7.0.6)
-      activesupport (= 7.0.6)
-      rack (~> 2.0, >= 2.2.4)
+    actionpack (7.1.1)
+      actionview (= 7.1.1)
+      activesupport (= 7.1.1)
+      nokogiri (>= 1.8.5)
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (7.0.6)
-      activesupport (= 7.0.6)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    actionview (7.1.1)
+      activesupport (= 7.1.1)
       builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activesupport (7.0.6)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activesupport (7.1.1)
+      base64
+      bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
+      mutex_m
       tzinfo (~> 2.0)
-    addressable (2.8.4)
+    addressable (2.8.5)
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
+    base64 (0.1.1)
+    bigdecimal (3.1.4)
     builder (3.2.4)
+    coderay (1.1.3)
     concurrent-ruby (1.2.2)
+    connection_pool (2.4.1)
     coveralls (0.7.1)
       multi_json (~> 1.3)
       rest-client
@@ -51,13 +62,30 @@ GEM
     dotenv-rails (2.8.1)
       dotenv (= 2.8.1)
       railties (>= 3.2)
+    drb (2.1.1)
+      ruby2_keywords
     erubi (1.12.0)
     faker (2.23.0)
       i18n (>= 1.8.11, < 2)
+    ffi (1.16.3)
+    formatador (1.1.0)
     fuubar (2.5.1)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
-    gem-release (0.7.4)
+    guard (2.18.1)
+      formatador (>= 0.2.4)
+      listen (>= 2.7, < 4.0)
+      lumberjack (>= 1.0.12, < 2.0)
+      nenv (~> 0.1)
+      notiffany (~> 0.0)
+      pry (>= 0.13.0)
+      shellany (~> 0.0)
+      thor (>= 0.18.1)
+    guard-compat (1.2.1)
+    guard-rspec (4.7.3)
+      guard (~> 2.1)
+      guard-compat (~> 1.1)
+      rspec (>= 2.99.0, < 4.0)
     hashdiff (1.0.1)
     http-accept (1.7.0)
     http-cookie (1.0.5)
@@ -65,53 +93,85 @@ GEM
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
     io-console (0.6.0)
-    irb (1.7.4)
-      reline (>= 0.3.6)
+    irb (1.8.3)
+      rdoc
+      reline (>= 0.3.8)
     json (2.6.3)
     jwt (2.7.1)
     language_server-protocol (3.17.0.3)
-    loofah (2.21.3)
+    listen (3.8.0)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
+    loofah (2.21.4)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
+    lumberjack (1.2.9)
     method_source (1.0.0)
-    mime-types (3.4.1)
+    mime-types (3.5.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2023.0218.1)
-    minitest (5.18.1)
+    mime-types-data (3.2023.1003)
+    minitest (5.20.0)
     multi_json (1.15.0)
+    mutex_m (0.1.2)
+    nenv (0.3.0)
     netrc (0.11.0)
-    nokogiri (1.15.3-x86_64-linux)
+    nokogiri (1.15.4-aarch64-linux)
       racc (~> 1.4)
+    nokogiri (1.15.4-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.15.4-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.15.4-x86_64-linux)
+      racc (~> 1.4)
+    notiffany (0.1.3)
+      nenv (~> 0.1)
+      shellany (~> 0.0)
     parallel (1.23.0)
-    parser (3.2.2.3)
+    parser (3.2.2.4)
       ast (~> 2.4.1)
       racc
     pp (0.4.0)
       prettyprint
     prettyprint (0.1.1)
+    pry (0.14.2)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    psych (5.1.1.1)
+      stringio
     public_suffix (5.0.3)
     racc (1.7.1)
-    rack (2.2.7)
-    rack-test (0.8.3)
-      rack (>= 1.0, < 3)
-    rails-dom-testing (2.1.1)
+    rack (3.0.8)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
+    rack-test (2.1.0)
+      rack (>= 1.3)
+    rackup (2.1.0)
+      rack (>= 3)
+      webrick (~> 1.8)
+    rails-dom-testing (2.2.0)
       activesupport (>= 5.0.0)
       minitest
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
-    railties (7.0.6)
-      actionpack (= 7.0.6)
-      activesupport (= 7.0.6)
-      method_source
+    railties (7.1.1)
+      actionpack (= 7.1.1)
+      activesupport (= 7.1.1)
+      irb
+      rackup (>= 1.0.0)
       rake (>= 12.2)
-      thor (~> 1.0)
-      zeitwerk (~> 2.5)
+      thor (~> 1.0, >= 1.2.2)
+      zeitwerk (~> 2.6)
     rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.8.1)
-    reline (0.3.6)
+    rake (13.1.0)
+    rb-fsevent (0.11.2)
+    rb-inotify (0.10.1)
+      ffi (~> 1.0)
+    rdoc (6.5.0)
+      psych (>= 4.0.0)
+    regexp_parser (2.8.2)
+    reline (0.3.9)
       io-console (~> 0.5)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
@@ -119,7 +179,7 @@ GEM
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
     retryable (3.0.5)
-    rexml (3.2.5)
+    rexml (3.2.6)
     rspec (3.12.0)
       rspec-core (~> 3.12.0)
       rspec-expectations (~> 3.12.0)
@@ -133,24 +193,26 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
     rspec-support (3.12.1)
-    rubocop (1.54.2)
+    rubocop (1.57.2)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.2.3)
+      parser (>= 3.2.2.4)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      rubocop-ast (>= 1.28.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.29.0)
+    rubocop-ast (1.30.0)
       parser (>= 3.2.1.0)
-    rubocop-rails (2.20.2)
+    rubocop-rails (2.22.1)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 1.33.0, < 2.0)
     ruby-progressbar (1.13.0)
+    ruby2_keywords (0.0.5)
+    shellany (0.0.1)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
@@ -160,11 +222,13 @@ GEM
       simplecov (~> 0.19)
     simplecov-html (0.12.3)
     simplecov_json_formatter (0.1.4)
+    stringio (3.0.8)
     sync (0.5.0)
     term-ansicolor (1.7.1)
       tins (~> 1.0)
-    thor (1.2.2)
-    timecop (0.9.6)
+    terminal-notifier-guard (1.7.0)
+    thor (1.3.0)
+    timecop (0.9.8)
     tins (1.32.1)
       sync
     tzinfo (2.0.6)
@@ -172,16 +236,21 @@ GEM
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.8.2)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.5.0)
     vcr (6.2.0)
-    webmock (3.18.1)
+    webmock (3.19.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    zache (0.13.0)
-    zeitwerk (2.6.8)
+    webrick (1.8.1)
+    zache (0.13.1)
+    zeitwerk (2.6.12)
 
 PLATFORMS
+  aarch64-linux
+  arm64-darwin-21
+  arm64-darwin-22
+  x86_64-darwin-21
   x86_64-linux
 
 DEPENDENCIES
@@ -191,20 +260,19 @@ DEPENDENCIES
   dotenv-rails (~> 2.0)
   faker (~> 2.0)
   fuubar (~> 2.0)
-  gem-release (~> 0.7)
+  guard-rspec (~> 4.5)
   irb
   pp
-  rack (~> 2.1)
-  rack-test (~> 0.6)
   rake (~> 13.0)
   rspec (~> 3.11)
   rubocop
   rubocop-rails
   simplecov (~> 0.9)
   simplecov-cobertura
+  terminal-notifier-guard
   timecop
   vcr
   webmock
 
 BUNDLED WITH
-   2.4.10
+   2.3.7

data/auth0.gemspec

@@ -28,10 +28,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'guard-rspec', '~> 4.5' unless ENV['CIRCLECI']
   s.add_development_dependency 'dotenv-rails', '~> 2.0'
   s.add_development_dependency 'rspec', '~> 3.11'
-  s.add_development_dependency 'rack-test', '~> 0.6'
-  s.add_development_dependency 'rack', '~> 2.1'
   s.add_development_dependency 'simplecov', '~> 0.9'
   s.add_development_dependency 'faker', '~> 2.0'
-  s.add_development_dependency 'gem-release', '~> 0.7'
   s.license = 'MIT'
 end

data/examples/ruby-api/Gemfile.lock

@@ -5,8 +5,8 @@ GEM
     jwt (2.5.0)
     mustermann (2.0.2)
       ruby2_keywords (~> 0.0.1)
-    nio4r (2.5.8)
-    puma (5.6.5)
+    nio4r (2.5.9)
+    puma (5.6.7)
       nio4r (~> 2.0)
     rack (2.2.6.4)
     rack-protection (2.2.3)

data/lib/auth0/api/v2/actions.rb

@@ -16,18 +16,16 @@ module Auth0
         # @param page [integer] The page number. Zero based.
         # @param installed [boolean] When true, return only installed actions. When false, return only custom actions. Returns all actions by default.
         # @return [json] Actions and pagination info
-        def actions(trigger_id, action_name, deployed: nil, per_page: nil, page: nil, installed: nil)
-          raise Auth0::MissingTriggerId, 'Must supply a valid trigger_id' if trigger_id.to_s.empty?
-          raise Auth0::MissingActionName, 'Must supply a valid action_name' if action_name.to_s.empty?
-
+        def actions(trigger_id = nil, action_name = nil, deployed: nil, per_page: nil, page: nil, installed: nil)
           request_params = {
-            trigger_id: trigger_id,
-            action_name: action_name,
+            triggerId: trigger_id,
+            actionName: action_name,
             deployed: deployed,
             per_page: per_page,
             page: page,
             installed: installed
           }
+          
           path = "#{actions_path}/actions"
           get(path, request_params)
         end
@@ -38,7 +36,8 @@ module Auth0
         # @param body [hash] See https://auth0.com/docs/api/management/v2/#!/actions/post_action for available options
         # @return [json] Returns the created action.
         def create_action(body = {})
-          post(actions_path, body)
+          path = "#{actions_path}/actions"
+          post(path, body)
         end
 
         # Retrieve the set of triggers currently available within actions. A trigger is an extensibility point to which actions can be bound.

data/lib/auth0/api/v2/organizations.rb

@@ -214,6 +214,8 @@ module Auth0
         ### Organization Member
 
         # Get Members in a Organization
+        # Member roles are not sent by default. Use `fields=roles` to retrieve the roles assigned to each listed member.
+        # To use this parameter, you must include the `read:organization_member_roles scope` in the token.
         # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_members
         # @param organization_id [string] The Organization ID
         # @param options [hash] The Hash options used to define the paging of rersults
@@ -222,6 +224,8 @@ module Auth0
         #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
         #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
         #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
+        #   * :fields [string] A comma separated list of fields to include or exclude from the result. If fields is left blank, all fields (except roles) are returned.
+        #   * :include_fields [boolean] True if the fields specified are to be included in the result, false otherwise.
         #
         # @return [json] Returns the members for the given organization
         def get_organizations_members(organization_id, options = {})
@@ -231,7 +235,9 @@ module Auth0
             page:           options.fetch(:page, nil),
             from:           options.fetch(:from, nil),
             take:           options.fetch(:take, nil),
-            include_totals: options.fetch(:include_totals, nil)
+            include_totals: options.fetch(:include_totals, nil),
+            fields: options.fetch(:fields, nil),
+            include_fields: options.fetch(:include_fields, nil)
           }
           path = "#{organizations_members_path(organization_id)}"
           get(path, request_params)

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '5.14.1'.freeze
+  VERSION = '5.15.0'.freeze
 end

data/spec/lib/auth0/api/v2/actions_spec.rb

@@ -15,11 +15,28 @@ describe Auth0::Api::V2::Actions do
       expect(@instance).to respond_to(:get_actions)
     end
 
+    it 'is expected to support all optional arguments' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/actions/actions', {
+          triggerId: nil,
+          actionName: nil,
+          deployed: nil,
+          per_page: nil,
+          page: nil,
+          installed: nil
+        }
+      )
+
+      expect do
+        @instance.actions()
+      end.not_to raise_error
+    end
+
     it 'is expected to get /api/v2/actions with custom parameters' do
       expect(@instance).to receive(:get).with(
         '/api/v2/actions/actions', {
-        trigger_id: 'post-login',
-        action_name: 'loginHandler',
+        triggerId: 'post-login',
+        actionName: 'loginHandler',
         deployed: true,
         per_page: 10,
         page: 1,
@@ -37,13 +54,6 @@ describe Auth0::Api::V2::Actions do
       end.not_to raise_error
     end
 
-    it 'is expected to raise an exception when the trigger id is empty' do
-      expect { @instance.actions(nil, nil) }.to raise_exception(Auth0::MissingTriggerId)
-    end
-
-    it 'is expected to raise an exception when the action name is empty' do
-      expect { @instance.actions(1, nil) }.to raise_exception(Auth0::MissingActionName)
-    end
   end
 
   context '.action' do
@@ -71,7 +81,7 @@ describe Auth0::Api::V2::Actions do
 
     it 'is expected to post to /api/v2/actions' do
       expect(@instance).to receive(:post).with(
-        '/api/v2/actions', {
+        '/api/v2/actions/actions', {
           name: 'test_org'
         })
       expect do

data/spec/lib/auth0/api/v2/organizations_spec.rb

@@ -451,7 +451,9 @@ describe Auth0::Api::V2::Organizations do
         page: nil,
         from: nil,
         take: nil,
-        include_totals: nil
+        include_totals: nil,
+        fields: nil,
+        include_fields: nil
       })
       expect do
         @instance.get_organizations_members('org_id')
@@ -465,7 +467,9 @@ describe Auth0::Api::V2::Organizations do
         page: 1,
         from: 'org_id',
         take: 50,
-        include_totals: true
+        include_totals: true,
+        fields: nil,
+        include_fields: nil
       })
       expect do
         @instance.get_organizations_members(
@@ -478,6 +482,26 @@ describe Auth0::Api::V2::Organizations do
         )
       end.not_to raise_error
     end
+
+    it 'is expected to get /api/v2/organizations with custom fields' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/organizations/org_id/members', {
+        per_page: nil,
+        page: nil,
+        from: nil,
+        take: nil,
+        include_totals: nil,
+        fields: 'foo,bar',
+        include_fields: false
+      })
+      expect do
+        @instance.get_organizations_members(
+          'org_id',
+          fields: 'foo,bar',
+          include_fields: false
+        )
+      end.not_to raise_error
+    end
   end
 
   context '.create_organizations_members' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auth0
 version: !ruby/object:Gem::Version
-  version: 5.14.1
+  version: 5.15.0
 platform: ruby
 authors:
 - Auth0
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-07-19 00:00:00.000000000 Z
+date: 2023-10-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -126,61 +126,47 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: dotenv-rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-- !ruby/object:Gem::Dependency
-  name: rspec
+  name: guard-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.11'
+        version: '4.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.11'
+        version: '4.5'
 - !ruby/object:Gem::Dependency
-  name: rack-test
+  name: dotenv-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: rack
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '3.11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '3.11'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -209,20 +195,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
-- !ruby/object:Gem::Dependency
-  name: gem-release
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.7'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.7'
 description: Ruby toolkit for Auth0 API https://auth0.com.
 email:
 - support@auth0.com
@@ -235,21 +207,27 @@ files:
 - ".devcontainer/Dockerfile"
 - ".devcontainer/devcontainer.json"
 - ".env.example"
-- ".gemrelease"
 - ".github/CODEOWNERS"
 - ".github/ISSUE_TEMPLATE/Bug Report.yml"
 - ".github/ISSUE_TEMPLATE/Feature Request.yml"
 - ".github/ISSUE_TEMPLATE/config.yml"
 - ".github/PULL_REQUEST_TEMPLATE.md"
+- ".github/actions/setup/action.yml"
 - ".github/dependabot.yml"
 - ".github/stale.yml"
+- ".github/workflows/codeql.yml"
+- ".github/workflows/matrix.json"
+- ".github/workflows/publish.yml"
 - ".github/workflows/semgrep.yml"
+- ".github/workflows/snyk.yml"
+- ".github/workflows/test.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
 - ".rubocop_todo.yml"
 - ".semgrepignore"
 - ".shiprc"
+- ".snyk"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - DEPLOYMENT.md

data/.gemrelease

@@ -1,2 +0,0 @@
-bump:
-  tag: true