govuk_app_config 9.5.0 → 9.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/govuk_app_config.gemspec +1 -1
- data/lib/govuk_app_config/govuk_content_security_policy.rb +2 -1
- data/lib/govuk_app_config/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c15ac7d4a7297bc830a60b2877bc36d0e1b046fe2a498a0006b29b58ce9a0fec
|
4
|
+
data.tar.gz: 323f249a17a7806f176e88d060e7c99ac0eb54f0244815534056e2820e70f9e0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8d514827abb88965374c9213b700ba05f9fdb3f65098f403d4e583581da768ebb6aa512b8b38adeae4818e839186443a011dfc3dd9ee7e1fc101363cd2721f3d
|
7
|
+
data.tar.gz: 319470197ea8a8ead9e29ba6e01b347215c62d472be68d94eaf58223a0e4b350a1046cee03c2aafef5d8e3828a34e802400eb60ea2322c93e6c5da277230d856
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,7 @@
|
|
1
|
+
# 9.6.0
|
2
|
+
|
3
|
+
* Allow YouTube thumbnails from https://i.ytimg.com in the global Content Security Policy ([#328](https://github.com/alphagov/govuk_app_config/pull/328))
|
4
|
+
|
1
5
|
# 9.5.0
|
2
6
|
|
3
7
|
* Allow gov.uk domains to embed pages in the global Content Security Policy ([#325](https://github.com/alphagov/govuk_app_config/pull/325))
|
data/govuk_app_config.gemspec
CHANGED
@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
|
|
22
22
|
|
23
23
|
spec.add_dependency "logstasher", "~> 2.1"
|
24
24
|
spec.add_dependency "opentelemetry-exporter-otlp", ">= 0.25", "< 0.27"
|
25
|
-
spec.add_dependency "opentelemetry-instrumentation-all", ">= 0.39.1", "< 0.
|
25
|
+
spec.add_dependency "opentelemetry-instrumentation-all", ">= 0.39.1", "< 0.52.0"
|
26
26
|
spec.add_dependency "opentelemetry-sdk", "~> 1.2"
|
27
27
|
spec.add_dependency "plek", ">= 4", "< 6"
|
28
28
|
spec.add_dependency "prometheus_exporter", "~> 2.0"
|
@@ -41,7 +41,8 @@ module GovukContentSecurityPolicy
|
|
41
41
|
# Some content still links to an old domain we used to use
|
42
42
|
"assets.digital.cabinet-office.gov.uk",
|
43
43
|
# Allow YouTube thumbnails
|
44
|
-
"https://img.youtube.com"
|
44
|
+
"https://img.youtube.com",
|
45
|
+
"https://i.ytimg.com"
|
45
46
|
|
46
47
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
|
47
48
|
# Note: we purposely don't include `data:`, `unsafe-inline` or `unsafe-eval` because
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: govuk_app_config
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 9.
|
4
|
+
version: 9.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GOV.UK Dev
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-11-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: logstasher
|
@@ -53,7 +53,7 @@ dependencies:
|
|
53
53
|
version: 0.39.1
|
54
54
|
- - "<"
|
55
55
|
- !ruby/object:Gem::Version
|
56
|
-
version: 0.
|
56
|
+
version: 0.52.0
|
57
57
|
type: :runtime
|
58
58
|
prerelease: false
|
59
59
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -63,7 +63,7 @@ dependencies:
|
|
63
63
|
version: 0.39.1
|
64
64
|
- - "<"
|
65
65
|
- !ruby/object:Gem::Version
|
66
|
-
version: 0.
|
66
|
+
version: 0.52.0
|
67
67
|
- !ruby/object:Gem::Dependency
|
68
68
|
name: opentelemetry-sdk
|
69
69
|
requirement: !ruby/object:Gem::Requirement
|
@@ -375,7 +375,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
375
375
|
- !ruby/object:Gem::Version
|
376
376
|
version: '0'
|
377
377
|
requirements: []
|
378
|
-
rubygems_version: 3.4.
|
378
|
+
rubygems_version: 3.4.22
|
379
379
|
signing_key:
|
380
380
|
specification_version: 4
|
381
381
|
summary: Base configuration for GOV.UK applications
|