RubyGems - auth0 - Versions diffs - 5.18.1 → 5.20.0 - Mend

auth0 5.18.1 → 5.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (343) hide show

data/.github/workflows/rl-scanner.yml DELETED Viewed

@@ -1,65 +0,0 @@
-name: RL-Secure Workflow
-on:
-  workflow_call:
-    inputs:
-      ruby-version:
-        required: true
-        type: string
-    secrets:
-      RLSECURE_LICENSE:
-        required: true
-      RLSECURE_SITE_KEY:
-        required: true
-      SIGNAL_HANDLER_TOKEN:
-        required: true
-      PRODSEC_TOOLS_USER:
-        required: true
-      PRODSEC_TOOLS_TOKEN:
-        required: true
-      PRODSEC_TOOLS_ARN:
-        required: true
-jobs:
-  rl-scanner:
-    if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
-    runs-on: ubuntu-latest
-    outputs:
-      scan-status: ${{ steps.rl-scan-conclusion.outcome }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v6
-      - name: Configure Ruby
-        uses: ./.github/actions/setup
-        with:
-          ruby-version: ${{ inputs.ruby-version }}
-      - name: Build RubyGems
-        shell: bash
-        run: |
-          gem build *.gemspec
-          export GEM_FILE=$(ls *.gem)
-          echo "gem_file=$GEM_FILE" >> $GITHUB_ENV
-      - name: Get Artifact Version
-        id: get_version
-        uses: ./.github/actions/get-version
-      - name: Run RL Scanner
-        id: rl-scan-conclusion
-        uses: ./.github/actions/rl-scanner
-        with:
-          artifact-path: "$(pwd)/${{ env.gem_file }}"
-          version: "${{ steps.get_version.outputs.version }}"
-        env:
-          RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
-          RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
-          SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
-          PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
-          PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
-          PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
-      - name: Output scan result
-        run: echo "scan-status=${{ steps.rl-scan-conclusion.outcome }}" >> $GITHUB_ENV

data/.github/workflows/ruby-release.yml DELETED Viewed

@@ -1,72 +0,0 @@
-name: Create Release
-on:
-  workflow_call:
-    inputs:
-      ruby-version:
-        required: true
-        type: string
-    secrets:
-      github-token:
-        required: true
-      rubygems-token:
-        required: true
-jobs:
-  release:
-    if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
-    runs-on: ubuntu-latest
-    environment: release
-    steps:
-      # Checkout the code
-      - uses: actions/checkout@v6
-        with:
-          fetch-depth: 0
-      # Get the version from the branch name
-      - id: get_version
-        uses: ./.github/actions/get-version
-      # Get the prerelease flag from the branch name
-      - id: get_prerelease
-        uses: ./.github/actions/get-prerelease
-        with:
-          version: ${{ steps.get_version.outputs.version }}
-      # Get the release notes
-      # This will expose the release notes as env.RELEASE_NOTES
-      - id: get_release_notes
-        uses: ./.github/actions/get-release-notes
-        with:
-          token: ${{ secrets.github-token }}
-          version: ${{ steps.get_version.outputs.version }}
-          repo_owner: ${{ github.repository_owner }}
-          repo_name: ${{ github.event.repository.name }}
-      # Check if the tag already exists
-      - id: tag_exists
-        uses: ./.github/actions/tag-exists
-        with:
-          tag: ${{ steps.get_version.outputs.version }}
-          token: ${{ secrets.github-token }}
-      # If the tag already exists, exit with an error
-      - if: steps.tag_exists.outputs.exists == 'true'
-        run: exit 1
-      # Publish the release to our package manager
-      - uses: ./.github/actions/rubygems-publish
-        with:
-          ruby-version: ${{ inputs.ruby-version }}
-          rubygems-token: ${{ secrets.rubygems-token }}
-      # Create a release for the tag
-      - uses: ./.github/actions/release-create
-        with:
-          token: ${{ secrets.github-token }}
-          name: ${{ steps.get_version.outputs.version }}
-          body: ${{ steps.get_release_notes.outputs.release-notes }}
-          tag: ${{ steps.get_version.outputs.version }}
-          commit: ${{ github.sha }}
-          prerelease: ${{ steps.get_prerelease.outputs.prerelease }}

data/.github/workflows/semgrep.yml DELETED Viewed

@@ -1,40 +0,0 @@
-name: Semgrep
-on:
-  merge_group:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-  push:
-    branches:
-      - master
-  schedule:
-    - cron: '30 0 1,15 * *'
-permissions:
-  contents: read
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
-jobs:
-  run:
-    name: Check for Vulnerabilities
-    runs-on: ubuntu-latest
-    container:
-      image: returntocorp/semgrep
-    steps:
-      - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
-        run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
-      - uses: actions/checkout@v6
-        with:
-          ref: ${{ github.event.pull_request.head.sha || github.ref }}
-      - run: semgrep ci
-        env:
-          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}

data/.github/workflows/snyk.yml DELETED Viewed

@@ -1,40 +0,0 @@
-name: Snyk
-on:
-  merge_group:
-  workflow_dispatch:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-  push:
-    branches:
-      - master
-  schedule:
-    - cron: "30 0 1,15 * *"
-permissions:
-  contents: read
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
-jobs:
-  check:
-    name: Check for Vulnerabilities
-    runs-on: ubuntu-latest
-    steps:
-      - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
-        run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
-      - uses: actions/checkout@v6
-        with:
-          ref: ${{ github.event.pull_request.head.sha || github.ref }}
-      - run: npm install -g snyk
-      - run: snyk test
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

data/.github/workflows/test.yml DELETED Viewed

@@ -1,69 +0,0 @@
-name: Build and Test
-on:
-  merge_group:
-  workflow_dispatch:
-  pull_request:
-    branches:
-      - master
-  push:
-    branches:
-      - master
-permissions:
-  contents: read
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
-env:
-  CACHE_KEY: "${{ github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}"
-jobs:
-  configure:
-    name: Configure Build Matrix
-    runs-on: ubuntu-latest
-    outputs:
-      matrix: ${{ steps.set-matrix.outputs.matrix }}
-    steps:
-      - uses: actions/checkout@v6
-        with:
-          ref: ${{ github.event.pull_request.head.sha || github.ref }}
-      - id: set-matrix
-        run: echo "matrix=$(jq -c . < ./.github/workflows/matrix.json)" >> $GITHUB_OUTPUT
-  unit:
-    needs: configure
-    name: Run Unit Tests
-    runs-on: ubuntu-latest
-    strategy:
-      matrix: ${{ fromJson(needs.configure.outputs.matrix) }}
-    env:
-      DOMAIN: example.auth0.dev
-      CLIENT_ID: example-client
-      CLIENT_SECRET: example-secret
-      MASTER_JWT: example-jwt
-      BUNDLE_PATH: vendor/bundle
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v6
-      - name: Configure Ruby
-        uses: ./.github/actions/setup
-        with:
-          ruby: ${{ matrix.ruby }}
-      - name: Run tests
-        run: bundle exec rake test
-      - name: Upload coverage
-        if: matrix.ruby == '3.2' || matrix.ruby == '3.3'
-        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # pin@5.5.2

data/.gitignore DELETED Viewed

@@ -1,18 +0,0 @@
-bin/
-!examples/ruby-on-rails-api/bin/
-vendor/
-doc/
-.DS_Store
-.ruby-version
-coverage
-*.gem
-.ruby-gemset
-*.swp
-*.swo
-spec/auth0.yml
-.env
-/.yardoc/checksums
-/.yardoc/complete
-/.yardoc/object_types
-/.yardoc/objects/root.dat
-/.yardoc/proxy_types

data/.rspec DELETED Viewed

@@ -1,3 +0,0 @@
---color
---format Fuubar
---color

data/.rubocop.yml DELETED Viewed

@@ -1,10 +0,0 @@
-inherit_from: .rubocop_todo.yml
-require:
-  - rubocop-rails
-Rails:
-  Enabled: true
-AllCops:
- Exclude:
-   - bin/**/*
-   - vendor/**/*
-   - auth0.gemspec

data/.rubocop_todo.yml DELETED Viewed

@@ -1,5 +0,0 @@
-Metrics/MethodLength:
-  Max: 15
-Metrics/LineLength:
-  Max: 121

data/.semgrepignore DELETED Viewed

@@ -1,6 +0,0 @@
-.bundle/
-.circleci/
-.devcontainer/
-.github/
-examples/
-spec/

data/.shiprc DELETED Viewed

@@ -1,8 +0,0 @@
-{
-  "files": {
-    "lib/auth0/version.rb": [],
-    ".version": []
-  },
-  "prebump": "bundle install && bundle exec rake test",
-  "postbump": "bundle update"
-}

data/.snyk DELETED Viewed

@@ -1,17 +0,0 @@
-ignore:
-  SNYK-RUBY-RACK-1061917:
-    - rubocop-rails > rack:
-      reason: No direct upgrade available
-      expires: "2023-11-02T12:00:00.000Z"
-    - dotenv-rails > railties > actionpack > rack:
-        reason: No direct upgrade available
-        expires: "2023-11-02T12:00:00.000Z"
-    - dotenv-rails > railties > actionpack > rack-test:
-        reason: No direct upgrade available
-        expires: "2023-11-02T12:00:00.000Z"
-  snyk:lic:rubygems:json:Ruby:
-    - '*':
-        reason: Ruby standard library gem, Ruby license is acceptable
-  snyk:lic:rubygems:reline:Ruby:
-    - '*':
-        reason: Ruby standard library gem, Ruby license is acceptable

data/CODE_OF_CONDUCT.md DELETED Viewed

@@ -1,3 +0,0 @@
-# Code of Conduct
-Please see [Auth0's code of conduct guidelines](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md) for information on contributing to this repo.

data/DEPLOYMENT.md DELETED Viewed

@@ -1,61 +0,0 @@
-# Releasing the gem
-## Credentials set up
-Make sure you have access in https://rubygems.org/gems/auth0/ and that your Ruby Gems tokens are set in `~/.gem/credentials`.
-In order to generate the required changelog entry, define an environment variable `GITHUB_READ_TOKEN` with a Github API token that has READ access to `repo:public_repo`. You can generate a Github API Token [here](https://github.com/settings/tokens/new?description=GitHub%20Changelog%20Generator%20token).
-Create a new Github Milestone with the version name prefixed with `v`. i.e. `v4.10.2`. Assign every Issue and Pull Request to be included on this release to that Milestone, and tag them with the `CH:xxxxxx` labels, depending on the type of change fixed or introduced there.
-Finally, follow the next steps:
-```bash
-# Install gems for exec commands
-bundle install
-# Run all tests
-bundle exec rake test
-# Create a release branch
-git checkout master
-git pull
-git checkout -b release-X.X.X
-git push --set-upstream origin release-X.X.X
-# Update the version number
-# This will create a commit with the new version
-bundle exec gem bump --version X.X.X
-# Make sure the Gemfile.lock is up-to-date
-bundle update
-git commit -am "Update gems"
-# Generate the changelog
-github_changelog_generator -t $GITHUB_READ_TOKEN
-# ... or similar.
-# Review the changelog
-# Remove "unreleased" section
-# Make sure the tags are ordered
-# Commit, push, and create a PR for this release
-git commit -am "Update CHANGELOG.md"
-git push
-# Add related milestone
-# Create PR on GitHub and assign for review
-# Merge/rebase and delete branch once approved
-# Create and add a tag
-git checkout master
-git pull
-bundle exec gem tag
-git push origin vX.X.X
-# Create a new release from this tag on GitHub using markdown from the changelog
-# Make sure you are an author for this gem here https://rubygems.org/gems/auth0/
-# Rubygems token can be updated in ~/.gem/credentials
-bundle exec gem release
-```
-The steps above were tested with Ruby `v2.5.7`.

data/DEVELOPMENT.md DELETED Viewed

@@ -1,35 +0,0 @@
-# Development
-In order to set up the local environment you'd have to have Ruby installed and a few global gems used to run and record the unit tests. A working Ruby version can be taken from the [CI script](/.circleci/config.yml). At the moment of this writting we're using Ruby `2.5.7`.
-> It is expected that every Pull Request introducing a fix, change or feature contains enough test coverage to assert the new behavior.
-## Running the tests
-Install the gems required for this project.
-```bash
-bundle install
-```
-Finally, run the tests.
-```bash
-bundle exec rake test
-```
-### Running only unit tests
-You can run only the unit tests and ignore the integration tests by running the following:
-```bash
-bundle exec rake spec
-```
-### Running only integration tests
-You can run only the unit tests and ignore the integration tests by running the following:
-```bash
-bundle exec rake integration
-```

data/Dockerfile DELETED Viewed

@@ -1,5 +0,0 @@
-FROM ruby:2.5
-WORKDIR /home/app
-COPY . /home/app