macmillan-utils 1.0.42 → 1.0.43

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 47a645523245155b095b0354763345b184ddbe1f
-  data.tar.gz: b8412d1213a8b819c0f6f1fcc8f4fa389c111756
+  metadata.gz: 3fe9b990a00a9e419dc06a35dc5ab6a4f5a82cc5
+  data.tar.gz: f1315b6e760d45bb4203b103a68d2efee6aa0af1
 SHA512:
-  metadata.gz: f7da8c342a2c11ed45adc7fd872083d84e11ac345bc5df7b30ca687c1a9220575ce53c163db00b5f8c7b5110aab866d1a2e3d5d54b222f791ff3b6015859b378
-  data.tar.gz: 62f4c9aa96fd7347c48ee79e6363b816d3e29efee993d2960155a7ceb0be501e52e0885af5d64cf587ea288f0f823e665e0b32d25316b13137b770f491482356
+  metadata.gz: e7868d4031c99050605469da7728bb3417338080be5e55126c577f6ba4249be951337d19ec92b69c6d12f06e5d170ef48c783ff6445e26ad6034345b7c42a143
+  data.tar.gz: 0693ecddea825200da01a11dbd65123ea84e68eeebe32a3b5f43e7064555c6450d9bda2974b0814eb1424ff501d739bf3a627355a6224b76ef42743a6c93e020

data/.rubocop.yml

@@ -64,6 +64,7 @@ Style/CollectionMethods:
     inject: 'reduce'
     detect: 'find'
     find_all: 'select'
+  Enabled: true
 
 Layout/DotPosition:
   EnforcedStyle: leading
@@ -72,9 +73,32 @@ Layout/DotPosition:
 Style/DoubleNegation:
   Enabled: false
 
+Style/Alias:
+  # I like alias_method with symbol parameters
+  Enabled: false
+
 Layout/SpaceAroundOperators:
   # When true, allows most uses of extra spacing if the intent is to align
   # with an operator on the previous or next line, not counting empty lines
   # or comment lines.
   AllowForAlignment: true
   Enabled: true
+
+Style/SymbolArray:
+  # Turned off because the associated auto-correct makes a real mess
+  Enabled: false
+
+Style/FrozenStringLiteralComment:
+  # An 'every file in the repo' recommendation.
+  Enabled: false
+  Severity: warning
+
+Layout/EmptyLineAfterMagicComment:
+  # Nooo not another 'every file in the repo' recommendation.
+  Enabled: false
+  Severity: warning
+
+Style/GlobalVars:
+  # Doesn't justify a critical
+  Enabled: true
+  Severity: warning

data/Guardfile

@@ -0,0 +1,34 @@
+group :all_plugins, halt_on_fail: true do
+
+  # Note: The cmd option is now required due to the increasing number of ways
+  #       rspec may be run, below are examples of the most common uses.
+  #  * bundler: 'bundle exec rspec'
+  #  * bundler binstubs: 'bin/rspec'
+  #  * spring: 'bin/rspec' (This will use spring if running and you have
+  #                          installed the spring binstubs per the docs)
+  #  * zeus: 'zeus rspec' (requires the server to be started separately)
+  #  * 'just' rspec: 'rspec'
+
+  guard :rspec, cmd: 'bundle exec rspec --no-profile', all_after_pass: true, all_on_start: true do
+    require "guard/rspec/dsl"
+    dsl = Guard::RSpec::Dsl.new(self)
+
+    # Feel free to open issues for suggestions and improvements
+
+    # RSpec files
+    rspec = dsl.rspec
+    watch(rspec.spec_helper) { rspec.spec_dir }
+    watch(rspec.spec_support) { rspec.spec_dir }
+    watch(rspec.spec_files)
+
+    # Ruby files
+    ruby = dsl.ruby
+    dsl.watch_spec_files_for(ruby.lib_files)
+  end
+
+  guard :rubocop, cli: ['--only-guide-cops'] do
+    watch(%r{.+\.rb$})
+    watch(%r{(?:.+/)?\.rubocop\.yml$}) { |m| File.dirname(m[0]) }
+  end
+
+end

data/lib/macmillan/utils/middleware/cookie_message.rb

@@ -93,10 +93,11 @@ module Macmillan
 
         def cookie_options(request)
           {
-            value:   'accepted',
-            domain:  request.host_with_port,
-            path:    '/',
-            expires: Time.now.getutc + YEAR
+            value:    'accepted',
+            domain:   request.host_with_port,
+            path:     '/',
+            httponly: true,
+            expires:  Time.now.getutc + YEAR
           }
         end
 

data/lib/macmillan/utils/middleware/uuid.rb

@@ -76,7 +76,10 @@ module Macmillan
           alias_method :uuid_is_new?, :store_cookie?
 
           def save_cookie
-            cookie_value = { value: final_user_uuid, path: '/', expires: DateTime.now.next_year.to_time }
+            cookie_value = { value: final_user_uuid,
+                             path: '/',
+                             httponly: true,
+                             expires: DateTime.now.next_year.to_time }
             response.set_cookie(cookie_key, cookie_value)
           end
 

data/macmillan-utils.gemspec

@@ -21,6 +21,10 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rack-test'
   spec.add_development_dependency 'rack', '< 2.0.0'
+  spec.add_development_dependency 'guard'
+  spec.add_development_dependency 'guard-rspec'
+  spec.add_development_dependency 'guard-rubocop'
+  spec.add_development_dependency 'terminal-notifier-guard'
 
   spec.add_dependency 'rspec'
   spec.add_dependency 'simplecov'

data/spec/lib/macmillan/utils/middleware/cookie_message_spec.rb

@@ -46,6 +46,7 @@ RSpec.describe Macmillan::Utils::Middleware::CookieMessage do
           expect(cookie).to match(/domain=www\.nature\.com:80;/)
           expect(cookie).to match(%r{path=/;})
           expect(cookie).to match(/expires=Wed, 31 Jan 2018 00:00:00 -0000/)
+          expect(cookie).to match(/httponly/i)
         end
 
         it 'redirects back to the original url' do

data/spec/lib/macmillan/utils/middleware/uuid_spec.rb

@@ -41,6 +41,11 @@ RSpec.describe Macmillan::Utils::Middleware::Uuid do
         expect(headers['Set-Cookie']).to include("user.uuid=#{user_uuid}")
       end
 
+      it 'uses httponly cookie' do
+        _status, headers, _body = subject.call(request.env)
+        expect(headers['Set-Cookie']).to match(/httponly/i)
+      end
+
       it 'tells following rack app the user_uuid is new' do
         expect(app).to receive(:call).with(hash_including('user.uuid_is_new' => true)).and_return(app_return)
         _status, _headers, _body = subject.call(request.env)
@@ -65,6 +70,11 @@ RSpec.describe Macmillan::Utils::Middleware::Uuid do
         expect(headers['Set-Cookie']).to include('user.uuid=wibble')
       end
 
+      it 'uses httponly cookie' do
+        _status, headers, _body = subject.call(request.env)
+        expect(headers['Set-Cookie']).to match(/httponly/i)
+      end
+
       it 'tells following rack app the user_uuid is new' do
         expect(app).to receive(:call).with(hash_including('user.uuid_is_new' => true)).and_return(app_return)
         _status, _headers, _body = subject.call(request.env)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: macmillan-utils
 version: !ruby/object:Gem::Version
-  version: 1.0.42
+  version: 1.0.43
 platform: ruby
 authors:
 - Springer Nature
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-30 00:00:00.000000000 Z
+date: 2017-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -94,6 +94,62 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: terminal-notifier-guard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -247,6 +303,7 @@ files:
 - ".rubocop.yml"
 - ".travis.yml"
 - Gemfile
+- Guardfile
 - LICENSE
 - README.rdoc
 - Rakefile
@@ -315,7 +372,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.7
+rubygems_version: 2.6.11
 signing_key: 
 specification_version: 4
 summary: A collection of useful patterns we (Springer Nature) use in our Ruby applications.