contentstack_utils 1.2.1 → 1.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 057734a6dc4a0d4c83fd080fa38d3b48c3a3f6238450d08c36195426a6621fdc
-  data.tar.gz: a42094278201b9d4c330a3632c5ca7eb3326d8a81053afeae2bd1a9310484fd2
+  metadata.gz: 26efd48cc6402749d20a2d68650a14fdb9ebaec45805af1eab883f6147276806
+  data.tar.gz: 69a031322142a21ff93243451ca14ae9474f79d7c8c354a9704d86f0370f2da7
 SHA512:
-  metadata.gz: 9ade378488cd299eb26c7aa800b77a3effc1a44b9ff46ffa1f677437d28a618e4db81bee3219125c8504f421b7bacafd2496b51637c542d33a38fd74b2e68c35
-  data.tar.gz: afaa54c6991caf5e8bbd84ac00b94494229fcc7317cf00be8feac538a4b1775b6be56e7008c17b89067e641448d3724f6cee3de0f236022336c4e062356fd650
+  metadata.gz: ef64aeb62b58e4ae6aef98c0a1448ca4e98196cb6fb0cf634416ebbf84969f8b86735dc4bf552ad660d69fcabd5de15f1ae34bbc7d6ff7245ab647ebfac74413
+  data.tar.gz: ca0c3505a7ee5949375df10e1912418270668728fabdb81df02ef8248e70488ddde0633be46734b99d4902260ca13aade805ad2c7fa0b9952e58cf7917455782

data/.github/workflows/check-branch.yml

@@ -8,13 +8,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Comment PR
-        if: github.base_ref == 'master' && github.head_ref != 'next'
+        if: github.base_ref == 'master' && github.head_ref != 'staging'
         uses: thollander/actions-comment-pull-request@v2
         with:
           message: |
             We regret to inform you that you are currently not able to merge your changes into the master branch due to restrictions applied by our SRE team. To proceed with merging your changes, we kindly request that you create a pull request from the next branch. Our team will then review the changes and work with you to ensure a successful merge into the master branch.
       - name: Check branch
-        if: github.base_ref == 'master' && github.head_ref != 'next'
+        if: github.base_ref == 'master' && github.head_ref != 'staging'
         run: |
           echo "ERROR: We regret to inform you that you are currently not able to merge your changes into the master branch due to restrictions applied by our SRE team. To proceed with merging your changes, we kindly request that you create a pull request from the next branch. Our team will then review the changes and work with you to ensure a successful merge into the master branch."
           exit 1

data/.github/workflows/issues-jira.yml

@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+            
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"

data/.github/workflows/policy-scan.yml

@@ -0,0 +1,46 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi

data/.github/workflows/sca-scan.yml

@@ -3,7 +3,7 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 jobs:
-  security:
+  security-sca:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@master

data/.talismanrc

@@ -0,0 +1,5 @@
+fileignoreconfig:
+- filename: .github/workflows/secrets-scan.yml
+  ignore_detectors:
+    - filecontent
+version: "1.0"

data/CHANGELOG.md

@@ -1,4 +1,7 @@
 # Changelog
+
+## [1.2.2](https://github.com/contentstack/contentstack-utils-ruby/tree/v1.2.2) (2026-01-05)
+  - Fixed snyk security issues
 ## [1.2.1](https://github.com/contentstack/contentstack-utils-ruby/tree/v1.2.1) (2024-02-27)
   - Support for JSON RTE with fragment in nested list
 ## [1.2.0](https://github.com/contentstack/contentstack-utils-ruby/tree/v1.2.0) (2023-06-20)

data/CODEOWNERS

@@ -1 +1,11 @@
-* @contentstack/security-admin
+* @contentstack/devex-pr-reviewers
+
+.github/workflows/sca-scan.yml @contentstack/security-admin
+
+.github/workflows/codeql-anaylsis.yml @contentstack/security-admin
+
+**/.snyk @contentstack/security-admin
+
+.github/workflows/policy-scan.yml @contentstack/security-admin
+
+.github/workflows/issues-jira.yml @contentstack/security-admin

data/Gemfile.lock

@@ -1,72 +1,76 @@
 PATH
   remote: .
   specs:
-    contentstack_utils (1.2.1)
+    contentstack_utils (1.2.2)
       activesupport (>= 7.0)
       nokogiri (>= 1.11)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (7.1.3.2)
+    activesupport (7.2.3)
       base64
+      benchmark (>= 0.3)
       bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+      concurrent-ruby (~> 1.0, >= 1.3.1)
       connection_pool (>= 2.2.5)
       drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
-    addressable (2.8.6)
-      public_suffix (>= 2.0.2, < 6.0)
-    base64 (0.2.0)
-    bigdecimal (3.1.6)
-    concurrent-ruby (1.2.3)
-    connection_pool (2.4.1)
-    crack (1.0.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+    addressable (2.8.8)
+      public_suffix (>= 2.0.2, < 8.0)
+    base64 (0.3.0)
+    benchmark (0.5.0)
+    bigdecimal (4.0.1)
+    concurrent-ruby (1.3.6)
+    connection_pool (2.5.5)
+    crack (1.0.1)
       bigdecimal
       rexml
-    diff-lcs (1.5.1)
-    docile (1.4.0)
-    drb (2.2.1)
-    hashdiff (1.1.0)
-    i18n (1.14.1)
+    diff-lcs (1.6.2)
+    docile (1.4.1)
+    drb (2.2.3)
+    hashdiff (1.2.1)
+    i18n (1.14.8)
       concurrent-ruby (~> 1.0)
-    minitest (5.22.2)
-    mutex_m (0.2.0)
-    nokogiri (1.16.2-arm64-darwin)
+    logger (1.7.0)
+    minitest (5.27.0)
+    nokogiri (1.18.10-arm64-darwin)
       racc (~> 1.4)
-    public_suffix (5.0.4)
-    racc (1.7.3)
-    rake (13.1.0)
-    rexml (3.2.6)
-    rspec (3.13.0)
+    public_suffix (6.0.2)
+    racc (1.8.1)
+    rake (13.3.1)
+    rexml (3.4.4)
+    rspec (3.13.2)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
       rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.0)
+    rspec-core (3.13.6)
       rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.0)
+    rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.0)
+    rspec-mocks (3.13.7)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-support (3.13.1)
+    rspec-support (3.13.6)
+    securerandom (0.4.1)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.12.3)
+    simplecov-html (0.13.2)
     simplecov_json_formatter (0.1.4)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    webmock (3.23.0)
+    webmock (3.26.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    yard (0.9.36)
+    yard (0.9.38)
 
 PLATFORMS
   arm64-darwin-22

data/LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2012-2024 Contentstack. All Rights Reserved
+Copyright (c) 2012-2026 Contentstack. All Rights Reserved
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/lib/contentstack_utils/version.rb

@@ -1,3 +1,3 @@
 module ContentstackUtils
-    VERSION = "1.2.1"
-end
+    VERSION = "1.2.2"
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: contentstack_utils
 version: !ruby/object:Gem::Version
-  version: 1.2.1
+  version: 1.2.2
 platform: ruby
 authors:
 - Contentstack
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-08 00:00:00.000000000 Z
+date: 2026-01-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -117,11 +117,13 @@ extra_rdoc_files: []
 files:
 - ".github/workflows/check-branch.yml"
 - ".github/workflows/codeql-analysis.yml"
-- ".github/workflows/jira.yml"
+- ".github/workflows/issues-jira.yml"
+- ".github/workflows/policy-scan.yml"
 - ".github/workflows/release-gem.yml"
 - ".github/workflows/sca-scan.yml"
 - ".gitignore"
 - ".ruby-version"
+- ".talismanrc"
 - ".yardopts"
 - CHANGELOG.md
 - CODEOWNERS
@@ -152,7 +154,7 @@ homepage: https://github.com/contentstack/contentstack-utils-ruby
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -168,7 +170,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.6
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Contentstack Ruby Utils for
 test_files:

data/.github/workflows/jira.yml

@@ -1,28 +0,0 @@
-name: Create JIRA ISSUE
-on:
-  pull_request:
-    types: [opened]
-jobs:
-  security:
-    if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Login into JIRA
-        uses: atlassian/gajira-login@master
-        env:
-          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
-          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
-          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
-      - name: Create a JIRA Issue
-        id: create
-        uses: atlassian/gajira-create@master
-        with:
-          project: ${{ secrets.JIRA_PROJECT }}
-          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
-          summary: |
-            ${{ github.event.pull_request.title }}
-          description: |
-            PR: ${{ github.event.pull_request.html_url }}
-
-          fields: "${{ secrets.JIRA_FIELDS }}"