jefferies_tube 1.6.6 → 1.6.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.ruby-version +1 -1
  3. data/CHANGELOG.md +6 -0
  4. data/README.md +6 -3
  5. data/default.yml +5 -2
  6. data/lib/jefferies_tube/capistrano/deploy.rb +3 -3
  7. data/lib/jefferies_tube/version.rb +1 -1
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: caff068fa6bfbefa05d86cd266529396142b804e6e10af91562b84cc821911ed
4
- data.tar.gz: 8c4942d1eb54e987e969029e1e3cb2d2094064ebae79fc2ff728c854fdc2ea20
3
+ metadata.gz: 7b9466c608ebb3036068f91caaacc927e157b03e45dfa83b201f2822683d7d60
4
+ data.tar.gz: cfef6348b6e2e237312dc8cc3328750832dd57f0cd640dbdb8863ef58a70da32
5
5
  SHA512:
6
- metadata.gz: '080248b9cbaa14f04ca9443db64a48ac06c244f47106d3c93b04fa445c6ab13d6a5003f47c0a276c7f8c0234b5850229d79556f770cf3efcf8a9ae711a89e996'
7
- data.tar.gz: 431e102ca417962014e94022b83e4bcbd94da098b100e44264ca8c2b52065d91774a0590938c191d3440a36cafb88ce86fe1c278f59343aa4a69febf28e84c4b
6
+ metadata.gz: 4cbe0c0a98edf3a57ddd60e74425415fad6f1d59e5cbead19fc5306f5bbb7668bd40cc47f9099a499b3ea28fe1a2eba5172a8acb335ba518621ac051f0e17702
7
+ data.tar.gz: 6bea0c1b6494d95568c9188dfc00cabd40afc4b2e2d876df545240333c825d55b0ea75a1c6a299ba67be97abffcaf521ebdc01c55e755a43c01c4d1a8d5d46c1
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- 3.2
1
+ 3.2.2
data/CHANGELOG.md CHANGED
@@ -6,6 +6,12 @@ This project attempts to follow [semantic versioning](https://semver.org/)
6
6
 
7
7
  ## Unreleased
8
8
 
9
+ ## 1.6.8
10
+ * Add support for ignoring CVEs in .bundler-audit.yml, remove support for setting ignored CVEs in deploy.rb via `:bundler_audit_ignore`
11
+
12
+ ## 1.6.7
13
+ * Add Lint/Syntax to rubocop rules
14
+
9
15
  ## 1.6.6
10
16
  * Fix to paths for remote cap tasks that caused execjs to fail in some circumstances
11
17
 
data/README.md CHANGED
@@ -111,9 +111,12 @@ before 'deploy', 'deploy:create_tag'
111
111
 
112
112
  By default jefferies_tube will raise an error and stop if it detects any vulnerabilities is your installed gems. If you need to deploy anyway even with vulnerabilities you can do `I_KNOW_GEMS_ARE_INSECURE=true cap <environment> deploy`.
113
113
 
114
- To ignore specific CVE's when running bundler-audit, inside `config/deploy.rb`:
115
- ```ruby
116
- set :bundler_audit_ignore, ["CVE-1234-5678"]
114
+ To ignore specific CVE's when running bundler-audit, add a .bundler-audit.yml file to your projets root directory, and ignore vulnerabilities like so:
115
+
116
+ ```yml
117
+ ---
118
+ ignore:
119
+ - CVE-2024-6484
117
120
  ```
118
121
 
119
122
  ### Enable/Disable Maintence Mode
data/default.yml CHANGED
@@ -3,9 +3,12 @@ require: rubocop-rails
3
3
  AllCops:
4
4
  DisabledByDefault: true
5
5
  SuggestExtensions: false
6
- Style/IndentationConsistency:
7
- Enabled: true
6
+ Exclude:
7
+ - "vendor/**/*"
8
+ - 'tmp/**/*'
8
9
 
10
+ Lint/Syntax:
11
+ Enabled: true
9
12
  Layout/LineLength:
10
13
  Max: 200
11
14
  Layout/EmptyLines:
data/lib/jefferies_tube/capistrano/deploy.rb CHANGED
@@ -30,8 +30,8 @@ namespace :deploy do
30
30
  Bundler::Audit::Database.update!
31
31
  scanner = Bundler::Audit::Scanner.new
32
32
  vulnerable = false
33
- ignore = fetch(:bundler_audit_ignore, [])
34
- scanner.scan(ignore: ignore) do |result|
33
+
34
+ scanner.scan do |result|
35
35
  vulnerable = true
36
36
  case result
37
37
  when Bundler::Audit::Results::InsecureSource
@@ -51,4 +51,4 @@ namespace :deploy do
51
51
  end
52
52
 
53
53
  before 'deploy:migrate', 'deploy:backup_database'
54
- before 'deploy', 'deploy:scan_gems'
54
+ before 'deploy', 'deploy:scan_gems'
data/lib/jefferies_tube/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  require 'open-uri'
2
2
 
3
3
  module JefferiesTube
4
- VERSION = "1.6.6"
4
+ VERSION = "1.6.8"
5
5
 
6
6
  def self.latest_rubygems_version
7
7
  JSON.parse(URI.parse("https://rubygems.org/api/v1/versions/jefferies_tube/latest.json").read)["version"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jefferies_tube
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.6
4
+ version: 1.6.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brian Samson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-12-13 00:00:00.000000000 Z
11
+ date: 2024-09-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: awesome_print
@@ -225,7 +225,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
225
225
  - !ruby/object:Gem::Version
226
226
  version: '0'
227
227
  requirements: []
228
- rubygems_version: 3.4.0.dev
228
+ rubygems_version: 3.5.18
229
229
  signing_key:
230
230
  specification_version: 4
231
231
  summary: Ten Forward Consulting useful tools.