handcuffs 1.4.1 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cf13d6b34f1b709c00645a72e1d3b0d4bb6274720f695c7ec8da88131ea7d2c0
-  data.tar.gz: e76e271559405079c933406cc5cf4b28f285938eeeffc71db926f69cb52da32a
+  metadata.gz: a6151bce2a0641c7d959760ed968af5ca1a6dde4961a3ac7d68182e57239ec86
+  data.tar.gz: ab80386265b6c8081bb00d1c7840860463098c0651d9022b6d129e175b489c28
 SHA512:
-  metadata.gz: 775dad57c6e2b8fe5f8e16c8d468abc584e8acfacb5a7f5718f7b8e9275fcca12ac5776d45be12a76be239d5183a8df949ef52062a8d12b7a27df7c8a02be027
-  data.tar.gz: 29c06a3115a90f854b3b386d52094caed07de76b9dc9aa9b78654709168ea00514bebedf603f03cb5d4c0ba6980bf8e7468170a1b067851dc7588bee84107c05
+  metadata.gz: 77c5b7f5cfcb95ca3136bccd62606beb0f215046900c0d1bc70568186c693eed2d7133d622d89b73bc7e8c3ba1ac417fd18e107bb263127d02891f9483cf9c2c
+  data.tar.gz: 04567d40823a197a7cc428d0146903e1254fd7c408b20a155e8c8243efa82e698cc61f9fd802a53027315c78d916636527d1a8ba14d8a776120d0aee4f3869d7

data/.github/CODEOWNERS

@@ -0,0 +1 @@
+* @procore-oss/procore-ospo @procore-oss/procore-handcuffs

data/.github/ISSUE_TEMPLATE/bug.yml

@@ -0,0 +1,66 @@
+name: 🐞 Bug
+description: File a bug/issue
+title: "[bug] <title>"
+labels: [bug, needs-triage]
+body:
+- type: checkboxes
+  attributes:
+    label: Is there an existing issue for this?
+    description: Please search to see if an issue already exists for the bug you encountered.
+    options:
+    - label: I have searched the existing issues
+      required: true
+- type: checkboxes
+  attributes:
+    label: Is this a regression?
+    description: Did this behavior work before?
+    options:
+    - label: Yes, this used to work before
+      required: false
+- type: textarea
+  attributes:
+    label: Current Behavior
+    description: A concise description of what you're experiencing.
+  validations:
+    required: false
+- type: textarea
+  attributes:
+    label: Expected Behavior
+    description: A concise description of what you expected to happen.
+  validations:
+    required: false
+- type: textarea
+  attributes:
+    label: Steps To Reproduce
+    description: Steps to reproduce the behavior.
+    placeholder: |
+      1.
+      2.
+      3.
+      4.
+  validations:
+    required: true
+- type: textarea
+  attributes:
+    label: Environment
+    description: |
+      examples:
+        - **OS**: OSX 13.3.1
+        - **Browser Name and Version**: Chrome Version 112.0.5615.49 (Official Build) (arm64)
+        - **Ruby Version**: 3.0.0
+    value: |
+        - OS:
+        - Browser Name and version:
+        - Ruby Version:
+    render: markdown
+  validations:
+    required: true
+- type: textarea
+  attributes:
+    label: Anything else?
+    description: |
+      Links? References? Anything that will give us more context about the issue you are encountering!
+
+      Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in.
+  validations:
+    required: false

data/.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

data/.github/ISSUE_TEMPLATE/docs.yml

@@ -0,0 +1,18 @@
+name: 📚 Documentation or README.md issue report
+description: File a bug/issue for docs or README.md
+title: "[bug] <title>"
+labels: [docs, needs-triage]
+body:
+- type: checkboxes
+  attributes:
+    label: Is there an existing issue for this?
+    description: Please search to see if an issue already exists for the bug you encountered.
+    options:
+    - label: I have searched the existing issues
+      required: true
+- type: textarea
+  attributes:
+    label: Docs/README.md Part to update
+    description: A concise description of what you thing should be updated
+  validations:
+    required: true

data/.github/ISSUE_TEMPLATE/feature-request.yml

@@ -0,0 +1,36 @@
+name: 🚀🆕 Feature Request
+description: Suggest an idea or possible new feature for this project
+title: "[Feature Request] <title>"
+labels: [feature, needs-triage]
+body:
+- type: checkboxes
+  attributes:
+    label: Is there an existing issue for this?
+    description: Please search to see if an issue already exists for the bug you encountered.
+    options:
+    - label: I have searched the existing issues
+      required: true
+- type: textarea
+  attributes:
+    label: Is your feature request related to a problem? Please describe
+    description: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+  validations:
+    required: true
+- type: textarea
+  attributes:
+    label: Describe the solution you'd lik
+    description: A clear and concise description of what you want to happen
+  validations:
+    required: true
+- type: textarea
+  attributes:
+    label: Describe alternatives you've considered
+    description: A clear and concise description of any alternative solutions or features you've considered
+  validations:
+    required: false
+- type: textarea
+  attributes:
+    label: Additional context
+    description: Add any other context or additional information about the problem here
+  validations:
+    required: false

data/.github/ISSUE_TEMPLATE/question-support.yml

@@ -0,0 +1,18 @@
+name: ❓ Question or Support Request
+description: Questions and requests for support
+title: "[Question/Support] <title>"
+labels: [question, support, needs-triage]
+body:
+- type: checkboxes
+  attributes:
+    label: Is there an existing issue for this?
+    description: Please search to see if an issue already exists for the bug you encountered.
+    options:
+    - label: I have searched the existing issues
+      required: true
+- type: textarea
+  attributes:
+    label: Describe your question or ask for support
+    description: A concise description of what you would like support with
+  validations:
+    required: true

data/.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,15 @@
+Checklist:
+
+* [ ] I have updated the necessary documentation
+* [ ] I have signed off all my commits as required by [DCO](https://github.com/procore-oss/handcuffs/blob/main/CONTRIBUTING.md)
+* [ ] My build is green
+
+<!--
+Note on DCO:
+
+If the DCO check fails, one or more of your commits are not signed off. Please click on the *Details* link next to the DCO action for instructions on how to resolve this.
+
+Note on Versioning:
+
+Maintainers will bump the version and do a release when they are ready to release (possibly multiple merged PRs). Please do not bump the version in your PRs.
+-->

data/.github/dependabot.yaml

@@ -0,0 +1,36 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: /
+    schedule:
+      interval: "weekly"
+      timezone: "America/Los_Angeles"
+    labels:
+      - "dependabot"
+      - "dependencies"
+      - "github-actions"
+    commit-message:
+      prefix: "chore(deps)"
+    groups:
+      dependencies:
+        applies-to: version-updates
+        update-types:
+          - "minor"
+          - "patch"
+  - package-ecosystem: "bundler"
+    directory: /
+    schedule:
+      interval: "weekly"
+      timezone: "America/Los_Angeles"
+    labels:
+      - "dependabot"
+      - "dependencies"
+      - "bundler"
+    commit-message:
+      prefix: "chore(deps)"
+    groups:
+      dependencies:
+        applies-to: version-updates
+        update-types:
+          - "minor"
+          - "patch"

data/.github/workflows/auto-assign-author.yaml

@@ -0,0 +1,15 @@
+name: 'Auto Author Assign'
+on:
+  pull_request_target:
+    types: [opened, reopened]
+permissions:
+  contents: read
+jobs:
+  assign-author:
+    permissions:
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: toshimaru/auto-author-assign@ebd30f10fb56e46eb0759a14951f36991426fed0 # v2.1.0
+        with:
+          repo-token: "${{ secrets.GITHUB_TOKEN }}"

data/.github/workflows/codeql.yaml

@@ -0,0 +1,35 @@
+name: "Custom CodeQL"
+on:
+  workflow_dispatch:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+permissions:
+  contents: read
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: Ubuntu-latest
+    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['ruby']
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3
+        with:
+          languages: ${{ matrix.language }}
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3
+        with:
+          category: "/language:${{matrix.language}}"

data/.github/workflows/release.yaml

@@ -0,0 +1,43 @@
+name: Release
+on:
+  workflow_run:
+    workflows: [Test]
+    types: [completed]
+    branches: [main]
+  workflow_dispatch: # allow manual deployment through GitHub Action UI
+jobs:
+  version-check:
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }}
+    outputs:
+      changed: ${{ steps.check.outputs.any_changed }}
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+      - name: Check if version has been updated
+        id: check
+        uses: tj-actions/changed-files@d6babd6899969df1a11d14c368283ea4436bca78 # v44
+        with:
+          files: lib/handcuffs/version.rb
+  release:
+    runs-on: ubuntu-latest
+    needs: version-check
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.version-check.outputs.changed == 'true' }}
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@3783f195e29b74ae398d7caca108814bbafde90e # v1
+        with:
+          ruby-version: 3.2
+          bundler-cache: true
+      - name: Installing dependencies
+        run: bundle check --path=vendor/bundle || bundle install --path=vendor/bundle
+      - name: Build gem file
+        run: bundle exec rake build
+      - uses: fac/ruby-gem-setup-credentials-action@5f62d5f2f56a11c7422a92f81fbb29af01e1c00f # v2
+        with:
+          user: ""
+          key: rubygems
+          token: ${{secrets.RUBY_GEMS_API_KEY}}
+      - uses: fac/ruby-gem-push-action@81d77bf568ff6659d7fae0f0c5a036bb0aeacb1a # v2
+        with:
+          key: rubygems

data/.github/workflows/stale.yaml

@@ -0,0 +1,34 @@
+## Reference: https://github.com/actions/stale
+name: Mark stale issues and pull requests
+on:
+  schedule:
+    - cron: "30 1 * * *"
+permissions:
+  contents: read
+jobs:
+  stale:
+    permissions:
+      issues: write # for actions/stale to close stale issues
+      pull-requests: write # for actions/stale to close stale PRs
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          # Number of days of inactivity before an issue becomes stale
+          days-before-stale: 60
+          # Number of days of inactivity before a stale issue is closed
+          days-before-close: 7
+          # Issues with these labels will never be considered stale
+          exempt-issue-labels: "on-hold,pinned,security"
+          exempt-pr-labels: "on-hold,pinned,security"
+          # Comment to post when marking an issue as stale.
+          stale-issue-message: >
+            This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
+
+          stale-pr-message: >
+            This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
+
+          # Label to use when marking an issue as stale
+          stale-issue-label: 'no-issue-activity'
+          stale-pr-label: 'no-pr-activity'

data/.github/workflows/test.yaml

@@ -0,0 +1,52 @@
+name: Test
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+permissions:
+  contents: read
+jobs:
+  test:
+    strategy:
+      matrix:
+        os: ['ubuntu-latest']
+        ruby: ['3.0', '3.1', '3.2', '3.3']
+        postgres: ['16-bullseye', '15-bullseye', '14-bullseye', '13-bullseye', '12-bullseye']
+    name: Ruby ${{ matrix.ruby }} - PostgreSQL ${{ matrix.postgres }}
+    # https://docs.github.com/en/actions/learn-github-actions/expressions#example
+    runs-on: ${{ matrix.os }}
+    services:
+      postgres:
+        image: postgres:${{ matrix.postgres }}
+        env:
+          POSTGRES_USER: ubuntu
+          POSTGRES_DB: handcuffs_test
+          POSTGRES_HOST_AUTH_METHOD: trust
+        options: >-
+          --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
+        ports:
+          - 5432:5432
+    env:
+      PGHOST: localhost
+      PGUSER: ubuntu
+      RAILS_ENV: test
+      BUNDLER_VERSION: 2.4.22
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+      - name: Set up Ruby ${{ matrix.ruby }}
+        uses: ruby/setup-ruby@3783f195e29b74ae398d7caca108814bbafde90e # v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler: ${{ env.BUNDLER_VERSION }}
+          bundler-cache: true
+      - name: Installing dependencies
+        run: bundle install && cd spec/dummy && bundle install
+      - name: Install Apprasals Dependencies
+        run: bundle exec appraisal install && cd spec/dummy && bundle exec appraisal install
+      - name: Setup Database
+        run: cd spec/dummy && bundle exec rake db:create db:migrate --trace
+      - name: Run Appraisals Tests
+        run: bundle exec appraisal rspec
+      - name: Run Dummy App Tests
+        run: cd spec/dummy && bundle exec appraisal bin/rspec

data/.gitignore

@@ -1,6 +1,7 @@
 /.bundle/
 /.yardoc
 /Gemfile.lock
+/gemfiles/*.gemfile.lock
 /_yardoc/
 /coverage/
 /doc/
@@ -8,5 +9,5 @@
 /spec/reports/
 /tmp/
 handcuffs-*.gem
-/gemfiles/*.gemfile.lock
 .ruby-version
+.DS_Store

data/Appraisals

@@ -1,32 +1,11 @@
-# Ruby 2.7 doesn't support BigDecimal.new, which Rails 4 uses
-if RUBY_VERSION < "2.7"
-  appraise "rails-4" do
-    gem "rails", "~> 4.2.8"
-    gem 'pg', '~> 0.15'
-  end
+appraise "rails-6.1" do
+  gem "rails", "~> 6.1.0"
 end
 
-appraise "rails-5" do
-  gem "rails", "~> 5.0.0.1"
-  gem 'pg', '~> 0.18'
+appraise "rails-7.0" do
+  gem "rails", "~> 7.0.0"
 end
 
-appraise "rails-5.1" do
-  gem "rails", "~> 5.1.7"
-  gem 'pg', '~> 0.18'
-end
-
-appraise "rails-5.2" do
-  gem "rails", "~> 5.2.3"
-end
-
-# Rails >= 6 requires Ruby >= 2.5
-if RUBY_VERSION >= "2.5"
-  appraise "rails-6" do
-    gem "rails", "~> 6.0.1"
-  end
-
-  appraise "rails-6.1" do
-    gem "rails", "~> 6.1"
-  end
+appraise "rails-7.1" do
+  gem "rails", "~> 7.1.0"
 end

data/CHANGELOG.md

@@ -0,0 +1,43 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased] [diff](https://github.com/procore-oss/handcuffs/compare/v2.1.0..main)
+
+## 2.1.0 : 2025-01-24 [diff](https://github.com/procore-oss/handcuffs/compare/v2.0.0..v2.1.0)
+
+### Added
+
+- Ability to specify prerequisite phases in a non-linear order
+
+### Changed
+
+- (internal) bumped rspec-rails gem version in development dependencies
+- (internal) bumped minimum gem versions in test Rails app
+- (internal) update github workflow
+
+
+## 2.0.0 : 2024-02-20 [diff](https://github.com/procore-oss/handcuffs/compare/v1.4.1..v2.0.0)
+
+### Removed
+
+- **BREAKING CHANGE**: Removed support for Ruby < 2.7, Rails < 6.1, PostgreSQL < 12.
+
+### Added
+
+- CHANGELOG.md
+- Code coverage for specs
+
+### Changed
+
+- Switched to new `cimg` docker imaged for CircleCI testing.
+- Switched to matrix testing for
+  - PostgreSQL 12, 13, 14, 15, 16;
+  - Ruby 2.7, 3.0, 3.1, 3.2, 3.3;
+  - Rails 6.1, 7.0, 7.1 (via Appraisal).
+- Updated Bundler to 2.4.22.
+- Added Appraisal for dummy app testing.
+- Moved repo to procore-oss

data/CODE_OF_CONDUCT.md

@@ -1,49 +1,130 @@
-# Contributor Code of Conduct
+# Code of Conduct
 
-As contributors and maintainers of this project, and in the interest of
-fostering an open and welcoming community, we pledge to respect all people who
-contribute through reporting issues, posting feature requests, updating
-documentation, submitting pull requests or patches, and other activities.
+## Our Pledge
 
-We are committed to making participation in this project a harassment-free
-experience for everyone, regardless of level of experience, gender, gender
-identity and expression, sexual orientation, disability, personal appearance,
-body size, race, ethnicity, age, religion, or nationality.
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
 
-Examples of unacceptable behavior by participants include:
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
 
-* The use of sexualized language or imagery
-* Personal attacks
-* Trolling or insulting/derogatory comments
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
 * Public or private harassment
-* Publishing other's private information, such as physical or electronic
-  addresses, without explicit permission
-* Other unethical or unprofessional conduct
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Spam or other deceptive practices that take advantage of the community
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
 
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
+## Scope
 
-By adopting this Code of Conduct, project maintainers commit themselves to
-fairly and consistently applying these principles to every aspect of managing
-this project. Project maintainers who do not follow or enforce the Code of
-Conduct may be permanently removed from the project team.
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
 
-This code of conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community.
+## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting a project maintainer at opensource@procore.com All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. Maintainers are
-obligated to maintain confidentiality with regard to the reporter of an
-incident.
+reported to the community leaders responsible for enforcement at
+<opensource@procore.com>.
+All complaints will be reviewed and investigated promptly and fairly by
+the Procore Open Source Program Office (OSPO)
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 1.3.0, available at
-[http://contributor-covenant.org/version/1/3/0/][version]
+version 2.0, available at
+<https://www.contributor-covenant.org/version/2/0/code_of_conduct.html>.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
 
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/3/0/
+For answers to common questions about this code of conduct, see the FAQ at
+<https://www.contributor-covenant.org/faq>. Translations are available at
+<https://www.contributor-covenant.org/translations>.