keycloak-api-rails 0.11.1 → 0.11.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 90c326858b9b9eb917fb48a1de41b8bb04bda9ee9c335c9d54cc32a2cf1e6cf1
-  data.tar.gz: 0f2e7ffb1ff96cf183db47552561d7bde77c98178f2568874ef1ddfe55c09a9f
+  metadata.gz: ff480abdc3a9317e66060416095339c0612ff902fec1200bf1178c7445bfad39
+  data.tar.gz: 29d7cb681cb2b05d801ceac2634b6773278516413112500968cdfe5fe7cae76e
 SHA512:
-  metadata.gz: c9bf1dd58e9da0fbc485c12cf9dc73ccb31d88bef5158107a8d141542380a818d89fc90810cdfb3a867048d854ed616d0b640d8edb17d9d48999cc2ec8469b77
-  data.tar.gz: 39e57c6bacf0c31bb94bfdd53e454745bb3c100e831b804e840183b80b6472338731b01a5fcb70c9b46029c01e118670a3f4e503bf6003bbb449c60915a4c0f1
+  metadata.gz: 3bd3bac623390a4efe1cf24a80106c820e2b66c186350ddab00140ccab44f1a919117afb28a2bdcf02651cc1b780d0e9cfc4e75256d6083339e140bdd44669f6
+  data.tar.gz: fdbc7a9b37f8d5efdf5c11ee9ca01075ccfe9bbfaf7d5babfda1653eef9557a275c34487569d4589c2f5902c8ff13a7877f5e6d55133b0e4a7b9b4bd4fb00a58

data/CHANGELOG.md

@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.11.2] - 2022-03-30
+
+* Update `Gemfile.lock` to avoid wrong CVE detections. The version of Rails should always be specified by the parent project. This change has no functional impact.
+* Update `json-jwt` to `>=1.13.0`
+
 ## [0.11.1] - 2019-11-27
 
 * When a token validation error occurs, do not log it as a `warn` (but as an `info` instead)

data/Dockerfile

@@ -1,11 +1,14 @@
-FROM ruby:2.5.0
-RUN mkdir -p /usr/src/app/lib/keycloak-api-rails
+FROM ruby:2.7.5-slim-bullseye
+
+RUN apt-get update -qq && apt-get install -y build-essential git ruby-dev && apt-get clean && \
+  mkdir -p /usr/src/app/lib/keycloak-api-rails
+
 WORKDIR /usr/src/app
 
 COPY Gemfile /usr/src/app/
 COPY Gemfile.lock /usr/src/app/
 COPY keycloak-api-rails.gemspec /usr/src/app/
 COPY lib/keycloak-api-rails/version.rb /usr/src/app/lib/keycloak-api-rails/
-RUN bundle install
+# RUN bundle install
 COPY . /usr/src/app
-RUN bundle install
+# RUN bundle install

data/Gemfile.lock

@@ -1,129 +1,156 @@
 PATH
   remote: .
   specs:
-    keycloak-api-rails (0.11.1)
+    keycloak-api-rails (0.11.2)
       json-jwt (>= 1.11.0)
       rails (>= 4.2)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.0.1)
-      actionpack (= 6.0.1)
+    actioncable (7.0.2.3)
+      actionpack (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.0.1)
-      actionpack (= 6.0.1)
-      activejob (= 6.0.1)
-      activerecord (= 6.0.1)
-      activestorage (= 6.0.1)
-      activesupport (= 6.0.1)
+    actionmailbox (7.0.2.3)
+      actionpack (= 7.0.2.3)
+      activejob (= 7.0.2.3)
+      activerecord (= 7.0.2.3)
+      activestorage (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
       mail (>= 2.7.1)
-    actionmailer (6.0.1)
-      actionpack (= 6.0.1)
-      actionview (= 6.0.1)
-      activejob (= 6.0.1)
+      net-imap
+      net-pop
+      net-smtp
+    actionmailer (7.0.2.3)
+      actionpack (= 7.0.2.3)
+      actionview (= 7.0.2.3)
+      activejob (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
       mail (~> 2.5, >= 2.5.4)
+      net-imap
+      net-pop
+      net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (6.0.1)
-      actionview (= 6.0.1)
-      activesupport (= 6.0.1)
-      rack (~> 2.0)
+    actionpack (7.0.2.3)
+      actionview (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
+      rack (~> 2.0, >= 2.2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.0.1)
-      actionpack (= 6.0.1)
-      activerecord (= 6.0.1)
-      activestorage (= 6.0.1)
-      activesupport (= 6.0.1)
+    actiontext (7.0.2.3)
+      actionpack (= 7.0.2.3)
+      activerecord (= 7.0.2.3)
+      activestorage (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
+      globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (6.0.1)
-      activesupport (= 6.0.1)
+    actionview (7.0.2.3)
+      activesupport (= 7.0.2.3)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.0.1)
-      activesupport (= 6.0.1)
+    activejob (7.0.2.3)
+      activesupport (= 7.0.2.3)
       globalid (>= 0.3.6)
-    activemodel (6.0.1)
-      activesupport (= 6.0.1)
-    activerecord (6.0.1)
-      activemodel (= 6.0.1)
-      activesupport (= 6.0.1)
-    activestorage (6.0.1)
-      actionpack (= 6.0.1)
-      activejob (= 6.0.1)
-      activerecord (= 6.0.1)
-      marcel (~> 0.3.1)
-    activesupport (6.0.1)
+    activemodel (7.0.2.3)
+      activesupport (= 7.0.2.3)
+    activerecord (7.0.2.3)
+      activemodel (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
+    activestorage (7.0.2.3)
+      actionpack (= 7.0.2.3)
+      activejob (= 7.0.2.3)
+      activerecord (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
+      marcel (~> 1.0)
+      mini_mime (>= 1.1.0)
+    activesupport (7.0.2.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-      zeitwerk (~> 2.2)
-    aes_key_wrap (1.0.1)
-    bindata (2.4.4)
-    builder (3.2.3)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+    aes_key_wrap (1.1.0)
+    bindata (2.4.10)
+    builder (3.2.4)
     byebug (9.1.0)
-    concurrent-ruby (1.1.5)
-    crass (1.0.5)
-    diff-lcs (1.3)
-    erubi (1.9.0)
-    globalid (0.4.2)
-      activesupport (>= 4.2.0)
-    i18n (1.7.0)
+    concurrent-ruby (1.1.10)
+    crass (1.0.6)
+    diff-lcs (1.5.0)
+    digest (3.1.0)
+    erubi (1.10.0)
+    globalid (1.0.0)
+      activesupport (>= 5.0)
+    i18n (1.10.0)
       concurrent-ruby (~> 1.0)
-    json-jwt (1.11.0)
+    io-wait (0.2.1)
+    json-jwt (1.13.0)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
-    loofah (2.4.0)
+    loofah (2.15.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
       mini_mime (>= 0.1.1)
-    marcel (0.3.3)
-      mimemagic (~> 0.3.2)
-    method_source (0.9.2)
-    mimemagic (0.3.3)
-    mini_mime (1.0.2)
-    mini_portile2 (2.4.0)
-    minitest (5.13.0)
-    nio4r (2.5.2)
-    nokogiri (1.10.5)
-      mini_portile2 (~> 2.4.0)
-    rack (2.0.7)
+    marcel (1.0.2)
+    method_source (1.0.0)
+    mini_mime (1.1.2)
+    mini_portile2 (2.8.0)
+    minitest (5.15.0)
+    net-imap (0.2.3)
+      digest
+      net-protocol
+      strscan
+    net-pop (0.1.1)
+      digest
+      net-protocol
+      timeout
+    net-protocol (0.1.2)
+      io-wait
+      timeout
+    net-smtp (0.3.1)
+      digest
+      net-protocol
+      timeout
+    nio4r (2.5.8)
+    nokogiri (1.13.3)
+      mini_portile2 (~> 2.8.0)
+      racc (~> 1.4)
+    racc (1.6.0)
+    rack (2.2.3)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (6.0.1)
-      actioncable (= 6.0.1)
-      actionmailbox (= 6.0.1)
-      actionmailer (= 6.0.1)
-      actionpack (= 6.0.1)
-      actiontext (= 6.0.1)
-      actionview (= 6.0.1)
-      activejob (= 6.0.1)
-      activemodel (= 6.0.1)
-      activerecord (= 6.0.1)
-      activestorage (= 6.0.1)
-      activesupport (= 6.0.1)
-      bundler (>= 1.3.0)
-      railties (= 6.0.1)
-      sprockets-rails (>= 2.0.0)
+    rails (7.0.2.3)
+      actioncable (= 7.0.2.3)
+      actionmailbox (= 7.0.2.3)
+      actionmailer (= 7.0.2.3)
+      actionpack (= 7.0.2.3)
+      actiontext (= 7.0.2.3)
+      actionview (= 7.0.2.3)
+      activejob (= 7.0.2.3)
+      activemodel (= 7.0.2.3)
+      activerecord (= 7.0.2.3)
+      activestorage (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
+      bundler (>= 1.15.0)
+      railties (= 7.0.2.3)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.3.0)
+    rails-html-sanitizer (1.4.2)
       loofah (~> 2.3)
-    railties (6.0.1)
-      actionpack (= 6.0.1)
-      activesupport (= 6.0.1)
+    railties (7.0.2.3)
+      actionpack (= 7.0.2.3)
+      activesupport (= 7.0.2.3)
       method_source
-      rake (>= 0.8.7)
-      thor (>= 0.20.3, < 2.0)
-    rake (13.0.1)
+      rake (>= 12.2)
+      thor (~> 1.0)
+      zeitwerk (~> 2.5)
+    rake (13.0.6)
     rspec (3.7.0)
       rspec-core (~> 3.7.0)
       rspec-expectations (~> 3.7.0)
@@ -136,23 +163,17 @@ GEM
     rspec-mocks (3.7.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.7.0)
-    rspec-support (3.7.0)
-    sprockets (4.0.0)
-      concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.2.1)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    thor (0.20.3)
-    thread_safe (0.3.6)
+    rspec-support (3.7.1)
+    strscan (3.0.1)
+    thor (1.2.1)
     timecop (0.9.1)
-    tzinfo (1.2.5)
-      thread_safe (~> 0.1)
-    websocket-driver (0.7.1)
+    timeout (0.2.0)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
+    websocket-driver (0.7.5)
       websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.4)
-    zeitwerk (2.2.1)
+    websocket-extensions (0.1.5)
+    zeitwerk (2.5.4)
 
 PLATFORMS
   ruby
@@ -164,4 +185,4 @@ DEPENDENCIES
   timecop (= 0.9.1)
 
 BUNDLED WITH
-   1.17.3
+   2.1.4

data/README.md

@@ -5,7 +5,7 @@ This gem aims at validates Keycloak JWT token in Ruby On Rails APIs.
 ## Install
 
 ```ruby
-gem "keycloak-api-rails", "0.11.1"
+gem "keycloak-api-rails", "0.11.2"
 ```
 
 ## Token validation

data/lib/keycloak-api-rails/version.rb

@@ -1,3 +1,3 @@
 module Keycloak
-  VERSION = "0.11.1"
+  VERSION = "0.11.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keycloak-api-rails
 version: !ruby/object:Gem::Version
-  version: 0.11.1
+  version: 0.11.2
 platform: ruby
 authors:
 - Lorent Lempereur
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-11-27 00:00:00.000000000 Z
+date: 2022-03-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -118,7 +118,7 @@ homepage: https://github.com/looorent/keycloak-api-rails
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -133,8 +133,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.2.3
+signing_key:
 specification_version: 4
 summary: Rails middleware that validates Authorization token emitted by Keycloak
 test_files: []