jefferies_tube 1.6.7 → 1.6.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/README.md +6 -3
  4. data/lib/jefferies_tube/capistrano/deploy.rb +3 -3
  5. data/lib/jefferies_tube/railtie.rb +13 -2
  6. data/lib/jefferies_tube/version.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a9e80582fe28bd3365637fbe6a724aea315c7179ee53dafe949b885a45d96844
4
- data.tar.gz: 28d47c45e7f3f7c14b8fba4d6e4b0060055fee85629f698b2244983f4523d784
3
+ metadata.gz: d43758c5c5aa990e21debc8c4338ae40016c7885c5a42e236d6c8e12d9d650c8
4
+ data.tar.gz: 5199e634f68f80e71a3ae5975138bc499a66be8f63e636728085f9581fa37817
5
5
  SHA512:
6
- metadata.gz: c9c137056b8440aad2e4740e4fc3ecac821a108b35592ee540d2460e4ee6e30a995be707e15debf640146c647b1032a369ad3682158a6908c2002cae433ab81e
7
- data.tar.gz: b1a468401e87daed3bbc92a7b5facf88da4c1095462376286552309d09e2d5741b59858f4124e1a90e120b60173b02ea54e27f6856c9311cd4fa44240f20e83e
6
+ metadata.gz: 2b06ed2aec54ec7db1271aa1532aef953372f87affade53a375621aa3a35bc5aa0b680e16e9009c23a5d2edfb0beb41a66a0bef5577398cd4c054b76a0f9071c
7
+ data.tar.gz: 1580240cb171dbc75ce91e8b978ac6673249d8bcc31f045dd98258a66244f4b78f21a0e5d15f0e3a581102c407d1e488f8b217ab8f9426652759319ed2b9881e
data/CHANGELOG.md CHANGED
@@ -6,6 +6,13 @@ This project attempts to follow [semantic versioning](https://semver.org/)
6
6
 
7
7
  ## Unreleased
8
8
 
9
+ ## 1.6.9
10
+ * Refactor checking for JT_RSPEC environment variable when starting simplecov; prepends env var to rails application's spec_helper if
11
+ that line does not already exist.
12
+
13
+ ## 1.6.8
14
+ * Add support for ignoring CVEs in .bundler-audit.yml, remove support for setting ignored CVEs in deploy.rb via `:bundler_audit_ignore`
15
+
9
16
  ## 1.6.7
10
17
  * Add Lint/Syntax to rubocop rules
11
18
 
data/README.md CHANGED
@@ -111,9 +111,12 @@ before 'deploy', 'deploy:create_tag'
111
111
 
112
112
  By default jefferies_tube will raise an error and stop if it detects any vulnerabilities is your installed gems. If you need to deploy anyway even with vulnerabilities you can do `I_KNOW_GEMS_ARE_INSECURE=true cap <environment> deploy`.
113
113
 
114
- To ignore specific CVE's when running bundler-audit, inside `config/deploy.rb`:
115
- ```ruby
116
- set :bundler_audit_ignore, ["CVE-1234-5678"]
114
+ To ignore specific CVE's when running bundler-audit, add a .bundler-audit.yml file to your projets root directory, and ignore vulnerabilities like so:
115
+
116
+ ```yml
117
+ ---
118
+ ignore:
119
+ - CVE-2024-6484
117
120
  ```
118
121
 
119
122
  ### Enable/Disable Maintence Mode
data/lib/jefferies_tube/capistrano/deploy.rb CHANGED
@@ -30,8 +30,8 @@ namespace :deploy do
30
30
  Bundler::Audit::Database.update!
31
31
  scanner = Bundler::Audit::Scanner.new
32
32
  vulnerable = false
33
- ignore = fetch(:bundler_audit_ignore, [])
34
- scanner.scan(ignore: ignore) do |result|
33
+
34
+ scanner.scan do |result|
35
35
  vulnerable = true
36
36
  case result
37
37
  when Bundler::Audit::Results::InsecureSource
@@ -51,4 +51,4 @@ namespace :deploy do
51
51
  end
52
52
 
53
53
  before 'deploy:migrate', 'deploy:backup_database'
54
- before 'deploy', 'deploy:scan_gems'
54
+ before 'deploy', 'deploy:scan_gems'
data/lib/jefferies_tube/railtie.rb CHANGED
@@ -77,7 +77,19 @@ module JefferiesTube
77
77
  end
78
78
 
79
79
  initializer 'load simplecov for tests' do |config|
80
- if ::Rails.env.test? && ENV['JT_RAKE']
80
+ existing_spec_helper = File.join(::Rails.root.join "spec", "spec_helper.rb" )
81
+ if !(File.open(existing_spec_helper, &:readline) == "ENV['JT_RSPEC'] = 'true'\n")
82
+ content = File.read(existing_spec_helper)
83
+ File.open(existing_spec_helper, "w") do |line|
84
+ line.puts "ENV['JT_RSPEC'] = 'true'"
85
+ line.puts "# ENV['JT_RSPEC'] = 'true' is required for correctly running SimpleCov via the jefferies_tube default rake task"
86
+ line.puts "\n"
87
+ line.puts content
88
+ end
89
+ end
90
+
91
+ if ::Rails.env.test? && ENV['JT_RSPEC'] == 'true'
92
+ ENV['JT_RSPEC'] = nil
81
93
  simplecov_config = 'config/simplecov.rb'
82
94
  require_relative simplecov_config
83
95
  end
@@ -88,7 +100,6 @@ module JefferiesTube
88
100
  if defined?(RSpec)
89
101
  require 'rspec/core/rake_task'
90
102
  task :jtspec do
91
- ENV['JT_RAKE'] = "true"
92
103
  Rake::Task["spec"].invoke
93
104
  end
94
105
  task default: :jtspec
data/lib/jefferies_tube/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  require 'open-uri'
2
2
 
3
3
  module JefferiesTube
4
- VERSION = "1.6.7"
4
+ VERSION = "1.6.9"
5
5
 
6
6
  def self.latest_rubygems_version
7
7
  JSON.parse(URI.parse("https://rubygems.org/api/v1/versions/jefferies_tube/latest.json").read)["version"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jefferies_tube
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.7
4
+ version: 1.6.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brian Samson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-10-24 00:00:00.000000000 Z
11
+ date: 2024-10-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: awesome_print
@@ -225,7 +225,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
225
225
  - !ruby/object:Gem::Version
226
226
  version: '0'
227
227
  requirements: []
228
- rubygems_version: 3.4.10
228
+ rubygems_version: 3.5.22
229
229
  signing_key:
230
230
  specification_version: 4
231
231
  summary: Ten Forward Consulting useful tools.