jefferies_tube 1.6.7 → 1.6.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/README.md +6 -3
  4. data/lib/jefferies_tube/capistrano/deploy.rb +3 -3
  5. data/lib/jefferies_tube/railtie.rb +13 -2
  6. data/lib/jefferies_tube/version.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a9e80582fe28bd3365637fbe6a724aea315c7179ee53dafe949b885a45d96844
4
- data.tar.gz: 28d47c45e7f3f7c14b8fba4d6e4b0060055fee85629f698b2244983f4523d784
3
+ metadata.gz: d43758c5c5aa990e21debc8c4338ae40016c7885c5a42e236d6c8e12d9d650c8
4
+ data.tar.gz: 5199e634f68f80e71a3ae5975138bc499a66be8f63e636728085f9581fa37817
5
5
  SHA512:
6
- metadata.gz: c9c137056b8440aad2e4740e4fc3ecac821a108b35592ee540d2460e4ee6e30a995be707e15debf640146c647b1032a369ad3682158a6908c2002cae433ab81e
7
- data.tar.gz: b1a468401e87daed3bbc92a7b5facf88da4c1095462376286552309d09e2d5741b59858f4124e1a90e120b60173b02ea54e27f6856c9311cd4fa44240f20e83e
6
+ metadata.gz: 2b06ed2aec54ec7db1271aa1532aef953372f87affade53a375621aa3a35bc5aa0b680e16e9009c23a5d2edfb0beb41a66a0bef5577398cd4c054b76a0f9071c
7
+ data.tar.gz: 1580240cb171dbc75ce91e8b978ac6673249d8bcc31f045dd98258a66244f4b78f21a0e5d15f0e3a581102c407d1e488f8b217ab8f9426652759319ed2b9881e
data/CHANGELOG.md CHANGED
@@ -6,6 +6,13 @@ This project attempts to follow [semantic versioning](https://semver.org/)
6
6
 
7
7
  ## Unreleased
8
8
 
9
+ ## 1.6.9
10
+ * Refactor checking for JT_RSPEC environment variable when starting simplecov; prepends env var to rails application's spec_helper if
11
+ that line does not already exist.
12
+
13
+ ## 1.6.8
14
+ * Add support for ignoring CVEs in .bundler-audit.yml, remove support for setting ignored CVEs in deploy.rb via `:bundler_audit_ignore`
15
+
9
16
  ## 1.6.7
10
17
  * Add Lint/Syntax to rubocop rules
11
18
 
data/README.md CHANGED
@@ -111,9 +111,12 @@ before 'deploy', 'deploy:create_tag'
111
111
 
112
112
  By default jefferies_tube will raise an error and stop if it detects any vulnerabilities is your installed gems. If you need to deploy anyway even with vulnerabilities you can do `I_KNOW_GEMS_ARE_INSECURE=true cap <environment> deploy`.
113
113
 
114
- To ignore specific CVE's when running bundler-audit, inside `config/deploy.rb`:
115
- ```ruby
116
- set :bundler_audit_ignore, ["CVE-1234-5678"]
114
+ To ignore specific CVE's when running bundler-audit, add a .bundler-audit.yml file to your projets root directory, and ignore vulnerabilities like so:
115
+
116
+ ```yml
117
+ ---
118
+ ignore:
119
+ - CVE-2024-6484
117
120
  ```
118
121
 
119
122
  ### Enable/Disable Maintence Mode
data/lib/jefferies_tube/capistrano/deploy.rb CHANGED
@@ -30,8 +30,8 @@ namespace :deploy do
30
30
  Bundler::Audit::Database.update!
31
31
  scanner = Bundler::Audit::Scanner.new
32
32
  vulnerable = false
33
- ignore = fetch(:bundler_audit_ignore, [])
34
- scanner.scan(ignore: ignore) do |result|
33
+
34
+ scanner.scan do |result|
35
35
  vulnerable = true
36
36
  case result
37
37
  when Bundler::Audit::Results::InsecureSource
@@ -51,4 +51,4 @@ namespace :deploy do
51
51
  end
52
52
 
53
53
  before 'deploy:migrate', 'deploy:backup_database'
54
- before 'deploy', 'deploy:scan_gems'
54
+ before 'deploy', 'deploy:scan_gems'
data/lib/jefferies_tube/railtie.rb CHANGED
@@ -77,7 +77,19 @@ module JefferiesTube
77
77
  end
78
78
 
79
79
  initializer 'load simplecov for tests' do |config|
80
- if ::Rails.env.test? && ENV['JT_RAKE']
80
+ existing_spec_helper = File.join(::Rails.root.join "spec", "spec_helper.rb" )
81
+ if !(File.open(existing_spec_helper, &:readline) == "ENV['JT_RSPEC'] = 'true'\n")
82
+ content = File.read(existing_spec_helper)
83
+ File.open(existing_spec_helper, "w") do |line|
84
+ line.puts "ENV['JT_RSPEC'] = 'true'"
85
+ line.puts "# ENV['JT_RSPEC'] = 'true' is required for correctly running SimpleCov via the jefferies_tube default rake task"
86
+ line.puts "\n"
87
+ line.puts content
88
+ end
89
+ end
90
+
91
+ if ::Rails.env.test? && ENV['JT_RSPEC'] == 'true'
92
+ ENV['JT_RSPEC'] = nil
81
93
  simplecov_config = 'config/simplecov.rb'
82
94
  require_relative simplecov_config
83
95
  end
@@ -88,7 +100,6 @@ module JefferiesTube
88
100
  if defined?(RSpec)
89
101
  require 'rspec/core/rake_task'
90
102
  task :jtspec do
91
- ENV['JT_RAKE'] = "true"
92
103
  Rake::Task["spec"].invoke
93
104
  end
94
105
  task default: :jtspec
data/lib/jefferies_tube/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  require 'open-uri'
2
2
 
3
3
  module JefferiesTube
4
- VERSION = "1.6.7"
4
+ VERSION = "1.6.9"
5
5
 
6
6
  def self.latest_rubygems_version
7
7
  JSON.parse(URI.parse("https://rubygems.org/api/v1/versions/jefferies_tube/latest.json").read)["version"]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jefferies_tube
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.7
4
+ version: 1.6.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brian Samson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-10-24 00:00:00.000000000 Z
11
+ date: 2024-10-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: awesome_print
@@ -225,7 +225,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
225
225
  - !ruby/object:Gem::Version
226
226
  version: '0'
227
227
  requirements: []
228
- rubygems_version: 3.4.10
228
+ rubygems_version: 3.5.22
229
229
  signing_key:
230
230
  specification_version: 4
231
231
  summary: Ten Forward Consulting useful tools.