devise-secure_password 1.0.5 → 2.0.0

data/README.md

@@ -9,7 +9,7 @@ as well.
 
 ## Build Status
 
-| Service    | rails 5.1.4 |
+| Service    | rails 6.1 |
 |:-----------|:-----------:|
 | Circle CI  | [![Circle CI](https://circleci.com/gh/ValiMail/devise-secure_password/tree/master.svg?style=shield&circle-token=cd173d5f9d2944a9b14737c2d4339b20b08565cf)]() |
 
@@ -32,16 +32,16 @@ The goal of this project is to provide compatibility for officially supported st
 and [Ruby on Rails](http://guides.rubyonrails.org/maintenance_policy.html). More specifically, the following releases
 are currently supported by the __Devise Secure Password Extension__:
 
-- Ruby on Rails: __5.1.Z__, __5.0.Z__ (current and previous stable release)
-- Ruby: __2.5.0__, __2.4.3__ (current and previous stable release)
+- Ruby on Rails: __6.1.x__, __6.0.x__ (current and previous stable release)
+- Ruby: __3.0.x__, __2.7.x__ (current and previous stable release)
 
 ## Installation
 
 Add this line to your application's Gemfile:
 
 ```ruby
-gem 'devise',                 '~> 4.2'
-gem 'devise-secure_password', '~> 1.0.5'
+gem 'devise',                 '~> 4.7'
+gem 'devise-secure_password', '~> 2.0'
 ```
 
 And then execute:
@@ -228,14 +228,14 @@ To determine the Ruby on Rails versions supported by this release, run the follo
 prompt> gem install flay ruby2ruby rubocop rspec
 prompt> rake test:spec:targets
 
-Available Rails targets: 5.0.6, 5.1.4
+Available Rails targets: 5.1, 5.2
 ```
 
 Reconfigure the project by specifying the correct Gemfile when running bundler, followed by running tests:
 
 ```bash
-prompt> BUNDLE_GEMFILE=gemfiles/rails-5_0_6.gemfile bundle
-prompt> BUNDLE_GEMFILE=gemfiles/rails-5_0_6.gemfile bundle exec rake
+prompt> BUNDLE_GEMFILE=gemfiles/rails_5_2.gemfile bundle
+prompt> BUNDLE_GEMFILE=gemfiles/rails_5_2.gemfile bundle exec rake
 ```
 
 The only time you need to define the `BUNDLE_GEMFILE` environment variable is when testing a non-default target.
@@ -260,11 +260,23 @@ for testing.
 prompt> brew install chromedriver
 ```
 
->NOTE: __ChromeDriver__ < 2.33 has a bug for testing clickable targets; therefore, install >= 2.3.4.
-
 You can always install [ChromeDriver](https://sites.google.com/a/chromium.org/chromedriver/) by downloading and then
 unpacking into the `/usr/local/bin` directory.
 
+#### Automated screenshots on failure
+
+The [capybara-screenshot gem](https://github.com/mattheworiordan/capybara-screenshot) supports automated screenshot
+captures on failing tests but this will only take place for tests that have JavaScript enabled. You can temporarily
+modify an example by setting `js: true` as in the following example:
+
+```ruby
+context 'when minimum age enforcement is enabled', js: true do
+...
+end
+```
+
+Do not submit pull requests with this setting enabled where it wasn't enabled previously.
+
 ### Testing inside the spec/rails-app-X_y_z
 
 To debug from inside of the dummy rails-app you will need to first install the rails bin stubs and then perform a db
@@ -325,6 +337,17 @@ initiating any development work including tests.
 prompt> gem update bundler
 ```
 
+#### Updating test.sqlite3.db
+
+To update or generate a `db/test/sqlite3.db` database file:
+
+```bash
+prompt> cd spec/rails-app-X_y_z
+prompt> bundle install
+prompt> rake app:update:bin
+prompt> RAILS_ENV=test bundle exec rake db:migrate
+```
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/valimail/devise-secure_password. This project

data/app/controllers/devise/passwords_with_policy_controller.rb

@@ -1,26 +1,31 @@
 module Devise
-  class PasswordsWithPolicyController < DeviseController
-    before_action :authenticate_scope!
+  class PasswordsWithPolicyController < Devise::RegistrationsController
+    before_action :configure_permitted_parameters
 
     def edit
       self.resource = resource_class.new
-      if warden.session(scope_name)['secure_password_expired']
-        resource.errors.add(:base, "#{error_string_for_password_expired}.")
-      end
+      resource.errors.add(:base, "#{error_string_for_password_expired}.")
       render :edit
     end
 
     def update
-      if resource.update_with_password(password_params)
+      if update_resource(resource, account_update_params)
         prepare_for_redirect
         redirect_to stored_location_for(scope_name) || :root
       else
-        clean_up_passwords(resource)
         render :edit
       end
     end
 
-    private
+    def devise_parameter_sanitizer
+      @devise_parameter_sanitizer ||= Devise::ParameterSanitizer.new(resource_class, resource_name, params)
+    end
+
+    protected
+
+    def account_update_params
+      devise_parameter_sanitizer.sanitize(:account_update)
+    end
 
     def authenticate_scope!
       send(:"authenticate_#{scope_name}!")
@@ -31,22 +36,58 @@ module Devise
       I18n.t('secure_password.password_requires_regular_updates.alerts.messages.password_updated')
     end
 
+    def configure_permitted_parameters
+      devise_parameter_sanitizer.permit(:account_update, keys: [:update_action])
+    end
+
     def error_string_for_password_expired
       return 'password expired' unless warden.user.class.respond_to?(:password_maximum_age)
+
       I18n.t(
         'secure_password.password_requires_regular_updates.errors.messages.password_expired',
-        timeframe: distance_of_time_in_words(warden.user.class.password_maximum_age)
+        timeframe: precise_distance_of_time_in_words(warden.user.class.password_maximum_age)
       )
     end
 
-    def password_params
-      params.require(scope_name).permit(:current_password, :password, :password_confirmation)
-    end
-
     def prepare_for_redirect
-      warden.session(scope_name)[:secure_password_expired] = false
+      unset_devise_secure_password_expired!
       flash[:notice] = alert_string_for_password_updated
       bypass_sign_in resource, scope: scope_name
     end
+
+    def update_resource(resource, params)
+      update_action = (params[:update_action] ? params.delete(:update_action) : nil)
+      return false unless update_action == 'change_password'
+
+      update_password(resource, params)
+
+      # do what devise would do under normal circumstances but also be aware of
+      # secure_password or other validators that would be ignored by devise.
+      result = if resource.errors.count.zero?
+                 resource.update(params)
+               else
+                 false
+               end
+
+      resource.clean_up_passwords
+      result
+    end
+
+    def update_password(resource, params)
+      #
+      # order of operations that follow is absolutely critical
+      #
+      current_password = params.delete(:current_password)
+      current_password_valid = resource.valid_password?(current_password)
+
+      # let our installed validator chain handle the validation work
+      resource.assign_attributes(params)
+      resource.valid?
+      unless current_password_valid
+        resource.errors.add(:current_password, current_password.blank? ? :blank : :invalid)
+      end
+
+      resource
+    end
   end
 end

data/app/views/devise/passwords_with_policy/edit.html.erb

@@ -1,7 +1,11 @@
 <h2><%= t('.titles.section_title') %></h2>
 
 <%= form_for(resource, as: resource_name, url: [resource_name, :password_with_policy], html: { method: :put }) do |f| %>
-  <%= devise_error_messages! %>
+  <% if resource.errors.full_messages.count.positive? %>
+    <%= render 'devise/shared/error_messages', resource: resource %>
+  <% end %>
+
+  <%= f.hidden_field :update_action, value: :change_password %>
 
   <p><%= f.label :current_password, t('.labels.current_password') %><br />
   <%= f.password_field :current_password %></p>

data/config/locales/en.yml

@@ -1,11 +1,23 @@
 en:
   secure_password:
+    character:
+      one: "character"
+      other: "characters"
+
+    types:
+      uppercase: "uppercase"
+      downcase: "downcase"
+      number: "number"
+      special: "special"
+
     password_has_required_content:
       errors:
         messages:
           unknown_characters: "contains %{count} invalid %{subject}"
           minimum_characters: "must contain at least %{count} %{type} %{subject}"
           maximum_characters: "must contain less than %{count} %{type} %{subject}"
+          minimum_length: "must contain at least %{count} %{subject}"
+          maximum_length: "must contain less than %{count} %{subject}"
     password_disallows_frequent_reuse:
       errors:
         messages:
@@ -21,6 +33,44 @@ en:
       errors:
         messages:
           password_expired: "Your password has expired. Passwords must be changed every %{timeframe}"
+    datetime:
+      # update distance_in_words translations to remove the determiner words:
+      #   about, almost, over, less than, etc.
+      precise_distance_in_words:
+        half_a_minute: "half a minute"
+        less_than_x_seconds:
+          one:   "1 second" # default was: "less than 1 second"
+          other: "%{count} seconds" # default was: "less than %{count} seconds"
+        x_seconds:
+          one:   "1 second"
+          other: "%{count} seconds"
+        less_than_x_minutes:
+          one:   "a minute" # default was: "less than a minute"
+          other: "%{count} minutes" # default was: "less than %{count} minutes"
+        x_minutes:
+          one:   "1 minute"
+          other: "%{count} minutes"
+        about_x_hours:
+          one:   "1 hour" # default was: "about 1 hour"
+          other: "%{count} hours" # default was: "about %{count} hours"
+        x_days:
+          one:   "1 day"
+          other: "%{count} days"
+        about_x_months:
+          one:   "1 month" # default was: "about 1 month"
+          other: "%{count} months" # default was: "about %{count} months"
+        x_months:
+          one:   "1 month"
+          other: "%{count} months"
+        about_x_years:
+          one:   "1 year" # default was: "about 1 year"
+          other: "%{count} years" # default was: "about %{count} years"
+        over_x_years:
+          one:   "1 year" # default was: "over 1 year"
+          other: "%{count} years" # default was: "over %{count} years"
+        almost_x_years:
+          one:   "1 year" # default was: "almost 1 year"
+          other: "%{count} years" # default was: "almost %{count} years"
   devise:
     passwords_with_policy:
       edit:

data/devise-secure_password.gemspec

@@ -29,29 +29,28 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_runtime_dependency 'devise', '>= 4.0.0', '< 5.0.0'
-  spec.add_runtime_dependency 'railties', '>= 5.0.0', '< 6.0.0'
+  spec.add_runtime_dependency 'railties', '>= 5.0.0', '< 7.0.0'
 
-  spec.add_development_dependency 'bundler',                 '~> 1.16', '>= 1.16.1'
-  spec.add_development_dependency 'capybara',                '~> 2.16', '>= 2.16.1'
-  spec.add_development_dependency 'capybara-screenshot',     '~> 1.0',  '>= 1.0.18'
-  spec.add_development_dependency 'coffee-rails',            '~> 4.2'
-  spec.add_development_dependency 'database_cleaner',        '~> 1.6',  '>= 1.6.2'
+  spec.add_development_dependency 'bundler',                 '>= 2.2.14'
+  spec.add_development_dependency 'capybara',                '>= 3.35.3'
+  spec.add_development_dependency 'capybara-screenshot',     '>= 1.0.18'
+  spec.add_development_dependency 'database_cleaner',        '>= 2.0.1'
   spec.add_development_dependency 'devise',                  '~> 4.0'
-  spec.add_development_dependency 'flay',                    '~> 2.10', '>= 2.10.0'
-  spec.add_development_dependency 'launchy',                 '~> 2.4',  '>= 2.4.3'
-  spec.add_development_dependency 'rails',                   '~> 5.1',  '>= 5.1.4'
-  spec.add_development_dependency 'rake',                    '~> 12.3'
-  spec.add_development_dependency 'rspec',                   '~> 3.7'
-  spec.add_development_dependency 'rspec-rails',             '~> 3.7'
-  spec.add_development_dependency 'rspec_junit_formatter',   '~> 0.3'
-  spec.add_development_dependency 'rubocop',                 '>= 0.49.0'
-  spec.add_development_dependency 'ruby2ruby',               '~> 2.4',  '>= 2.4.0'
-  spec.add_development_dependency 'sass-rails',              '~> 5.0'
-  spec.add_development_dependency 'selenium-webdriver',      '~> 3.7',  '>= 3.7.0'
-  spec.add_development_dependency 'simplecov',               '~> 0.15.1'
-  spec.add_development_dependency 'simplecov-console',       '~> 0.4.2'
-  spec.add_development_dependency 'sqlite3',                 '~> 1.3',  '>= 1.3.13'
-  spec.add_development_dependency 'therubyracer',            '~> 0.12.3'
-
-  spec.required_ruby_version = '>= 2.4'
+  spec.add_development_dependency 'flay',                    '>= 2.10.0'
+  spec.add_development_dependency 'launchy',                 '>= 2.4.3'
+  spec.add_development_dependency 'rails',                   '>= 5.2.0'
+  spec.add_development_dependency 'rake',                    '>= 12.3'
+  spec.add_development_dependency 'rspec',                   '>= 3.7'
+  spec.add_development_dependency 'rspec_junit_formatter',   '>= 0.3'
+  spec.add_development_dependency 'rspec-rails',             '>= 3.7'
+  spec.add_development_dependency 'rubocop',                 '>= 1.0.0'
+  spec.add_development_dependency 'rubocop-rails',           '>= 2.3.2'
+  spec.add_development_dependency 'rubocop-rspec',           '>= 1.35.0'
+  spec.add_development_dependency 'ruby2ruby',               '>= 2.4.0'
+  spec.add_development_dependency 'selenium-webdriver',      '>= 3.7.0'
+  spec.add_development_dependency 'simplecov',               '>= 0.18.2'
+  spec.add_development_dependency 'simplecov-console',       '>= 0.4.2'
+  spec.add_development_dependency 'sqlite3',                 '>= 1.3.13'
+
+  spec.required_ruby_version = '>= 2.7'
 end

data/gemfiles/rails_6_0.gemfile

@@ -0,0 +1,57 @@
+source 'https://rubygems.org'
+git_source(:github) { |repo| "https://github.com/#{repo}.git" }
+
+ENV['RAILS_TARGET'] ||= '6.0'
+
+gemspec path: '../'
+
+# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
+gem 'rails', '~> 6.0.3', '>= 6.0.3.6'
+# Use sqlite3 as the database for Active Record
+gem 'sqlite3', '~> 1.4'
+# Use Puma as the app server
+gem 'puma', '~> 4.1'
+# Use SCSS for stylesheets
+gem 'sass-rails', '>= 6'
+# Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker
+gem 'webpacker', '~> 4.0'
+# Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
+gem 'turbolinks', '~> 5'
+# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
+gem 'jbuilder', '~> 2.7'
+# Use Redis adapter to run Action Cable in production
+# gem 'redis', '~> 4.0'
+# Use Active Model has_secure_password
+# gem 'bcrypt', '~> 3.1.7'
+
+# Use Active Storage variant
+# gem 'image_processing', '~> 1.2'
+
+# Reduces boot times through caching; required in config/boot.rb
+gem 'bootsnap', '>= 1.4.2', require: false
+
+group :development, :test do
+  # Call 'byebug' anywhere in the code to stop execution and get a debugger console
+  gem 'byebug', platforms: %i(mri mingw x64_mingw)
+end
+
+group :development do
+  # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
+  gem 'listen', '~> 3.2'
+  gem 'web-console', '>= 3.3.0'
+end
+
+group :test do
+  # Adds support for Capybara system testing and selenium driver
+  gem 'capybara', '>= 2.15'
+  gem 'codecov', require: false
+  gem 'selenium-webdriver'
+  gem 'shoulda-matchers'
+  # Easy installation and use of web drivers to run system tests with browsers
+  gem 'webdrivers'
+end
+
+# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
+gem 'tzinfo-data', platforms: %i(mingw mswin x64_mingw jruby)
+
+gem 'webrick', '~> 1.7'

data/gemfiles/rails_6_0.gemfile.lock

@@ -0,0 +1,347 @@
+PATH
+  remote: ..
+  specs:
+    devise-secure_password (1.1.0)
+      devise (>= 4.0.0, < 5.0.0)
+      railties (>= 5.0.0, < 7.0.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (6.0.3.6)
+      actionpack (= 6.0.3.6)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailbox (6.0.3.6)
+      actionpack (= 6.0.3.6)
+      activejob (= 6.0.3.6)
+      activerecord (= 6.0.3.6)
+      activestorage (= 6.0.3.6)
+      activesupport (= 6.0.3.6)
+      mail (>= 2.7.1)
+    actionmailer (6.0.3.6)
+      actionpack (= 6.0.3.6)
+      actionview (= 6.0.3.6)
+      activejob (= 6.0.3.6)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (6.0.3.6)
+      actionview (= 6.0.3.6)
+      activesupport (= 6.0.3.6)
+      rack (~> 2.0, >= 2.0.8)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actiontext (6.0.3.6)
+      actionpack (= 6.0.3.6)
+      activerecord (= 6.0.3.6)
+      activestorage (= 6.0.3.6)
+      activesupport (= 6.0.3.6)
+      nokogiri (>= 1.8.5)
+    actionview (6.0.3.6)
+      activesupport (= 6.0.3.6)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activejob (6.0.3.6)
+      activesupport (= 6.0.3.6)
+      globalid (>= 0.3.6)
+    activemodel (6.0.3.6)
+      activesupport (= 6.0.3.6)
+    activerecord (6.0.3.6)
+      activemodel (= 6.0.3.6)
+      activesupport (= 6.0.3.6)
+    activestorage (6.0.3.6)
+      actionpack (= 6.0.3.6)
+      activejob (= 6.0.3.6)
+      activerecord (= 6.0.3.6)
+      marcel (~> 1.0.0)
+    activesupport (6.0.3.6)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+      zeitwerk (~> 2.2, >= 2.2.2)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    ansi (1.5.0)
+    ast (2.4.2)
+    bcrypt (3.1.16)
+    bindex (0.8.1)
+    bootsnap (1.7.4)
+      msgpack (~> 1.0)
+    builder (3.2.4)
+    byebug (11.1.3)
+    capybara (3.35.3)
+      addressable
+      mini_mime (>= 0.1.3)
+      nokogiri (~> 1.8)
+      rack (>= 1.6.0)
+      rack-test (>= 0.6.3)
+      regexp_parser (>= 1.5, < 3.0)
+      xpath (~> 3.2)
+    capybara-screenshot (1.0.25)
+      capybara (>= 1.0, < 4)
+      launchy
+    childprocess (3.0.0)
+    codecov (0.5.2)
+      simplecov (>= 0.15, < 0.22)
+    concurrent-ruby (1.1.8)
+    crass (1.0.6)
+    database_cleaner (2.0.1)
+      database_cleaner-active_record (~> 2.0.0)
+    database_cleaner-active_record (2.0.0)
+      activerecord (>= 5.a)
+      database_cleaner-core (~> 2.0.0)
+    database_cleaner-core (2.0.1)
+    devise (4.8.0)
+      bcrypt (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 4.1.0)
+      responders
+      warden (~> 1.2.3)
+    diff-lcs (1.4.4)
+    docile (1.3.5)
+    erubi (1.10.0)
+    erubis (2.7.0)
+    ffi (1.15.0)
+    flay (2.12.1)
+      erubis (~> 2.7.0)
+      path_expander (~> 1.0)
+      ruby_parser (~> 3.0)
+      sexp_processor (~> 4.0)
+    globalid (0.4.2)
+      activesupport (>= 4.2.0)
+    i18n (1.8.10)
+      concurrent-ruby (~> 1.0)
+    jbuilder (2.11.2)
+      activesupport (>= 5.0.0)
+    launchy (2.5.0)
+      addressable (~> 2.7)
+    listen (3.5.1)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
+    loofah (2.9.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.7.1)
+      mini_mime (>= 0.1.1)
+    marcel (1.0.1)
+    method_source (1.0.0)
+    mini_mime (1.1.0)
+    mini_portile2 (2.5.1)
+    minitest (5.14.4)
+    msgpack (1.4.2)
+    nio4r (2.5.7)
+    nokogiri (1.11.3)
+      mini_portile2 (~> 2.5.0)
+      racc (~> 1.4)
+    orm_adapter (0.5.0)
+    parallel (1.20.1)
+    parser (3.0.1.1)
+      ast (~> 2.4.1)
+    path_expander (1.1.0)
+    public_suffix (4.0.6)
+    puma (4.3.7)
+      nio4r (~> 2.0)
+    racc (1.5.2)
+    rack (2.2.3)
+    rack-proxy (0.6.5)
+      rack
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails (6.0.3.6)
+      actioncable (= 6.0.3.6)
+      actionmailbox (= 6.0.3.6)
+      actionmailer (= 6.0.3.6)
+      actionpack (= 6.0.3.6)
+      actiontext (= 6.0.3.6)
+      actionview (= 6.0.3.6)
+      activejob (= 6.0.3.6)
+      activemodel (= 6.0.3.6)
+      activerecord (= 6.0.3.6)
+      activestorage (= 6.0.3.6)
+      activesupport (= 6.0.3.6)
+      bundler (>= 1.3.0)
+      railties (= 6.0.3.6)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    railties (6.0.3.6)
+      actionpack (= 6.0.3.6)
+      activesupport (= 6.0.3.6)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.20.3, < 2.0)
+    rainbow (3.0.0)
+    rake (13.0.3)
+    rb-fsevent (0.10.4)
+    rb-inotify (0.10.1)
+      ffi (~> 1.0)
+    regexp_parser (2.1.1)
+    responders (3.0.1)
+      actionpack (>= 5.0)
+      railties (>= 5.0)
+    rexml (3.2.5)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-rails (5.0.1)
+      actionpack (>= 5.2)
+      activesupport (>= 5.2)
+      railties (>= 5.2)
+      rspec-core (~> 3.10)
+      rspec-expectations (~> 3.10)
+      rspec-mocks (~> 3.10)
+      rspec-support (~> 3.10)
+    rspec-support (3.10.2)
+    rspec_junit_formatter (0.4.1)
+      rspec-core (>= 2, < 4, != 2.12.0)
+    rubocop (1.13.0)
+      parallel (~> 1.10)
+      parser (>= 3.0.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.2.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.5.0)
+      parser (>= 3.0.1.1)
+    rubocop-rails (2.9.1)
+      activesupport (>= 4.2.0)
+      rack (>= 1.1)
+      rubocop (>= 0.90.0, < 2.0)
+    rubocop-rspec (2.3.0)
+      rubocop (~> 1.0)
+      rubocop-ast (>= 1.1.0)
+    ruby-progressbar (1.11.0)
+    ruby2ruby (2.4.4)
+      ruby_parser (~> 3.1)
+      sexp_processor (~> 4.6)
+    ruby_parser (3.15.1)
+      sexp_processor (~> 4.9)
+    rubyzip (2.3.0)
+    sass-rails (6.0.0)
+      sassc-rails (~> 2.1, >= 2.1.1)
+    sassc (2.4.0)
+      ffi (~> 1.9)
+    sassc-rails (2.1.2)
+      railties (>= 4.0.0)
+      sassc (>= 2.0)
+      sprockets (> 3.0)
+      sprockets-rails
+      tilt
+    selenium-webdriver (3.142.7)
+      childprocess (>= 0.5, < 4.0)
+      rubyzip (>= 1.2.2)
+    sexp_processor (4.15.2)
+    shoulda-matchers (4.5.1)
+      activesupport (>= 4.2.0)
+    simplecov (0.21.2)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-console (0.9.1)
+      ansi
+      simplecov
+      terminal-table
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.3)
+    sprockets (4.0.2)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.2)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.4.2)
+    terminal-table (3.0.0)
+      unicode-display_width (~> 1.1, >= 1.1.1)
+    thor (1.1.0)
+    thread_safe (0.3.6)
+    tilt (2.0.10)
+    turbolinks (5.2.1)
+      turbolinks-source (~> 5.2)
+    turbolinks-source (5.2.0)
+    tzinfo (1.2.9)
+      thread_safe (~> 0.1)
+    unicode-display_width (1.7.0)
+    warden (1.2.9)
+      rack (>= 2.0.9)
+    web-console (4.1.0)
+      actionview (>= 6.0.0)
+      activemodel (>= 6.0.0)
+      bindex (>= 0.4.0)
+      railties (>= 6.0.0)
+    webdrivers (4.6.0)
+      nokogiri (~> 1.6)
+      rubyzip (>= 1.3.0)
+      selenium-webdriver (>= 3.0, < 4.0)
+    webpacker (4.3.0)
+      activesupport (>= 4.2)
+      rack-proxy (>= 0.6.1)
+      railties (>= 4.2)
+    webrick (1.7.0)
+    websocket-driver (0.7.3)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.5)
+    xpath (3.2.0)
+      nokogiri (~> 1.8)
+    zeitwerk (2.4.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bootsnap (>= 1.4.2)
+  bundler (>= 2.2.16)
+  byebug
+  capybara (>= 2.15)
+  capybara-screenshot (>= 1.0.18)
+  codecov
+  database_cleaner (>= 2.0.1)
+  devise (~> 4.0)
+  devise-secure_password!
+  flay (>= 2.10.0)
+  jbuilder (~> 2.7)
+  launchy (>= 2.4.3)
+  listen (~> 3.2)
+  puma (~> 4.1)
+  rails (~> 6.0.3, >= 6.0.3.6)
+  rake (>= 12.3)
+  rspec (>= 3.7)
+  rspec-rails (>= 3.7)
+  rspec_junit_formatter (>= 0.3)
+  rubocop (>= 1.0.0)
+  rubocop-rails (>= 2.3.2)
+  rubocop-rspec (>= 1.35.0)
+  ruby2ruby (>= 2.4.0)
+  sass-rails (>= 6)
+  selenium-webdriver
+  shoulda-matchers
+  simplecov (>= 0.18.2)
+  simplecov-console (>= 0.4.2)
+  sqlite3 (~> 1.4)
+  turbolinks (~> 5)
+  tzinfo-data
+  web-console (>= 3.3.0)
+  webdrivers
+  webpacker (~> 4.0)
+  webrick (~> 1.7)
+
+BUNDLED WITH
+   2.2.16