contentstack 0.8.0 → 0.8.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 79cfe8aeaad0941d21a637ef8f87713cbaaf4a51376bb1969b45c59565536302
-  data.tar.gz: bd4f522c7f22bafd7d0fa4b3aedd831545cf45be8d5ba66c13a02bd7e336cfb4
+  metadata.gz: 9e8661a014dc2bdfc647108d4f28b52735e7a4676b8ace13459ab2d0e7a86763
+  data.tar.gz: dc461c0e7ee499b02adc8aeb2b6af12681e18b1702b8eaeb5d8bab971dd63a3d
 SHA512:
-  metadata.gz: bf719d78118b2c1d1ebf10e1cc7ae47bf9b548f158b4d4399e0f1d4813fd39636eb7f0c92e1614a102ce880ce901dd09939bcbd31dd22617b4c78501a8d0d9ab
-  data.tar.gz: 67262e37224ce8a9d0249b497a09caeefea1ed99a3ea5bcd63833fa78551774c824946f18a6b7a56916ba328db914dc7bbb4f7f05772ce2c2da7090a264b9947
+  metadata.gz: 98e41cf1ecd666cb12fed8890283bba0e267e2261162284e3b0bcd2693d0d66ec7e37a908fd9351479ae9ac90d65b0bf1d87fd29cc96a43db977cb594071cc5f
+  data.tar.gz: 426549e776c6308ab1cb1e79ee9a8e7eed0e23b2fee88f30c5efca95332038f4f033d5590e529a6990a75ea371b521691af5e00b188718a674dd6f282db183f5

data/.github/workflows/check-branch.yml

@@ -8,13 +8,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Comment PR
-        if: github.base_ref == 'master' && github.head_ref != 'next'
+        if: github.base_ref == 'master' && github.head_ref != 'staging'
         uses: thollander/actions-comment-pull-request@v2
         with:
           message: |
             We regret to inform you that you are currently not able to merge your changes into the master branch due to restrictions applied by our SRE team. To proceed with merging your changes, we kindly request that you create a pull request from the next branch. Our team will then review the changes and work with you to ensure a successful merge into the master branch.
       - name: Check branch
-        if: github.base_ref == 'master' && github.head_ref != 'next'
+        if: github.base_ref == 'master' && github.head_ref != 'staging'
         run: |
           echo "ERROR: We regret to inform you that you are currently not able to merge your changes into the master branch due to restrictions applied by our SRE team. To proceed with merging your changes, we kindly request that you create a pull request from the next branch. Our team will then review the changes and work with you to ensure a successful merge into the master branch."
           exit 1

data/.github/workflows/issues-jira.yml

@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+            
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"

data/.github/workflows/policy-scan.yml

@@ -0,0 +1,46 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi

data/.github/workflows/sca-scan.yml

@@ -3,7 +3,7 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 jobs:
-  security:
+  security-sca:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@master

data/CHANGELOG.md

@@ -1,5 +1,12 @@
 ## CHANGELOG
 
+## Version 0.8.0
+### Date: 05th-January-2026
+ ### Security Bug
+ - Fixed snyk security issues and updated license year
+
+------------------------------------------------
+
 ## Version 0.8.0
 ### Date: 14th-May-2024
  ### Enhancement

data/CODEOWNERS

@@ -1 +1,11 @@
-* @contentstack/security-admin
+* @contentstack/devex-pr-reviewers
+
+.github/workflows/sca-scan.yml @contentstack/security-admin
+
+.github/workflows/codeql-anaylsis.yml @contentstack/security-admin
+
+**/.snyk @contentstack/security-admin
+
+.github/workflows/policy-scan.yml @contentstack/security-admin
+
+.github/workflows/issues-jira.yml @contentstack/security-admin

data/Gemfile.lock

@@ -1,48 +1,51 @@
 PATH
   remote: .
   specs:
-    contentstack (0.8.0)
+    contentstack (0.8.1)
       activesupport (>= 3.2)
       contentstack_utils (~> 1.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (7.1.3.2)
+    activesupport (7.2.3)
       base64
+      benchmark (>= 0.3)
       bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+      concurrent-ruby (~> 1.0, >= 1.3.1)
       connection_pool (>= 2.2.5)
       drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
-    addressable (2.8.6)
-      public_suffix (>= 2.0.2, < 6.0)
-    base64 (0.2.0)
-    bigdecimal (3.1.8)
-    concurrent-ruby (1.2.3)
-    connection_pool (2.4.1)
-    contentstack_utils (1.2.0)
-      activesupport (>= 3.2)
-      nokogiri (~> 1.11)
-    crack (1.0.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+    addressable (2.8.8)
+      public_suffix (>= 2.0.2, < 8.0)
+    base64 (0.3.0)
+    benchmark (0.5.0)
+    bigdecimal (4.0.1)
+    concurrent-ruby (1.3.6)
+    connection_pool (2.5.5)
+    contentstack_utils (1.2.1)
+      activesupport (>= 7.0)
+      nokogiri (>= 1.11)
+    crack (1.0.1)
       bigdecimal
       rexml
-    diff-lcs (1.5.1)
-    docile (1.4.0)
-    drb (2.2.1)
-    hashdiff (1.1.0)
-    i18n (1.14.5)
+    diff-lcs (1.6.2)
+    docile (1.4.1)
+    drb (2.2.3)
+    hashdiff (1.2.1)
+    i18n (1.14.8)
       concurrent-ruby (~> 1.0)
-    minitest (5.22.3)
-    mutex_m (0.2.0)
-    nokogiri (1.15.6-arm64-darwin)
+    logger (1.7.0)
+    minitest (5.27.0)
+    nokogiri (1.18.10-arm64-darwin)
       racc (~> 1.4)
-    public_suffix (5.0.5)
-    racc (1.7.3)
-    rexml (3.2.6)
+    public_suffix (6.0.2)
+    racc (1.8.1)
+    rexml (3.4.4)
     rspec (3.10.0)
       rspec-core (~> 3.10.0)
       rspec-expectations (~> 3.10.0)
@@ -56,11 +59,12 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-support (3.10.3)
+    securerandom (0.4.1)
     simplecov (0.21.2)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.12.3)
+    simplecov-html (0.13.2)
     simplecov_json_formatter (0.1.4)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
@@ -68,7 +72,7 @@ GEM
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    yard (0.9.36)
+    yard (0.9.38)
 
 PLATFORMS
   arm64-darwin-22

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2012-2024 Contentstack. All Rights Reserved
+Copyright (c) 2012-2026 Contentstack. All Rights Reserved
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -187,7 +187,7 @@ You can use advanced sync queries to fetch custom results while performing initi
 
 ## **The MIT License (MIT)**
 
-Copyright © 2012-2021 [Contentstack](https://www.contentstack.com). All Rights Reserved
+Copyright © 2012-2026 [Contentstack](https://www.contentstack.com). All Rights Reserved
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 

data/lib/contentstack/version.rb

@@ -1,3 +1,3 @@
 module Contentstack
-  VERSION = "0.8.0"
+  VERSION = "0.8.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: contentstack
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.8.1
 platform: ruby
 authors:
 - Contentstack
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-13 00:00:00.000000000 Z
+date: 2026-01-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -103,7 +103,8 @@ extra_rdoc_files: []
 files:
 - ".github/workflows/check-branch.yml"
 - ".github/workflows/codeql-analysis.yml"
-- ".github/workflows/jira.yml"
+- ".github/workflows/issues-jira.yml"
+- ".github/workflows/policy-scan.yml"
 - ".github/workflows/release-gem.yml"
 - ".github/workflows/sca-scan.yml"
 - ".gitignore"
@@ -156,7 +157,7 @@ homepage: https://github.com/contentstack/contentstack-ruby
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -172,7 +173,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.6
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Contentstack Ruby client for the Content Delivery API
 test_files: []

data/.github/workflows/jira.yml

@@ -1,28 +0,0 @@
-name: Create JIRA ISSUE
-on:
-  pull_request:
-    types: [opened]
-jobs:
-  security:
-    if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Login into JIRA
-        uses: atlassian/gajira-login@master
-        env:
-          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
-          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
-          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
-      - name: Create a JIRA Issue
-        id: create
-        uses: atlassian/gajira-create@master
-        with:
-          project: ${{ secrets.JIRA_PROJECT }}
-          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
-          summary: |
-            ${{ github.event.pull_request.title }}
-          description: |
-            PR: ${{ github.event.pull_request.html_url }}
-
-          fields: "${{ secrets.JIRA_FIELDS }}"