omniauth-eve_online-sso 0.6.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c6c7b6a016b1271879ff1cf577448b6b9cfb7002eeeb17d08d448415f0de6584
-  data.tar.gz: 28c5877b96329936fe62fbd4c9fe91afe9fb3e18c719ad872d77190f34496287
+  metadata.gz: cfc7fe3317c3e3f29bcdf05baf8c0cb7ca6eb7309affed0725417d92ccdf7da3
+  data.tar.gz: f689f807f58441eba134400983410420a962b76facd7d9e3d82c218f7ea77c1e
 SHA512:
-  metadata.gz: 9b65efe196382906b911446d59b5380a9b5054a15f8bc6570876d7990446664ca9171402816403c370e23ac3d4e2070ca0c8326dec748990b1a667a0cce2285c
-  data.tar.gz: 7cc92be704dd9d462ee03d73e550d64a6bcb64beb0eb86a44a70c6b685131f671dfdccf956601105285b26ecd12a2afed94c7b7889ae672dbeb7a237338370f7
+  metadata.gz: 3e8125d1511dfa2b4219e87969847836cdf7d66db78850cf801a85b9e7a20a71dcf39bf2858d88eff5f29ee08b45fc53d59ba14f47b6d5bd6341c35d0f2d85e7
+  data.tar.gz: 183eae11c49d1e7fd68d7a40b0b0da6c1ecd4e2cd3377c078d7b332f6ec817c46eebd45522eb53cb7f434bfbda24fbdc126e1b50fc37b38a3a7c2736270e1fd6

data/.github/workflows/codeql-analysis.yml

@@ -10,6 +10,9 @@ on:
   schedule:
     - cron: "0 21 * * 6"
 
+permissions:
+  contents: read
+
 jobs:
   analyze:
     name: Analyze
@@ -29,16 +32,16 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
         with:
           languages: ${{ matrix.language }}
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13

data/.github/workflows/dependency-review.yml

@@ -0,0 +1,22 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request,
+# surfacing known-vulnerable versions of the packages declared or updated in the PR.
+# Once installed, if the workflow run is marked as required,
+# PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4

data/.github/workflows/mdl.yml

@@ -15,5 +15,5 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
-      - uses: bewuethr/mdl-action@v1.1.2
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - uses: bewuethr/mdl-action@0d8e72b8dc605e02a94a4f00f93f13f26cf0e265 # v1.1.2

data/.github/workflows/rspec.yml

@@ -0,0 +1,39 @@
+name: RSpec
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  schedule:
+    - cron: "0 21 * * 6"
+
+permissions:
+  contents: read
+
+jobs:
+  rspec:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby: ["3.2", "3.3", "head"]
+
+    name: Ruby ${{ matrix.ruby }}
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - run: rm Gemfile.lock
+      - run: rm .ruby-version
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@7bae1d00b5db9166f4f0fc47985a3a5702cb58f0 # v1.197.0
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - run: bundle exec rspec

data/.github/workflows/scorecards.yml

@@ -0,0 +1,71 @@
+# This workflow uses actions that are not certified by GitHub. They are provided
+# by a third-party and are governed by separate terms of service, privacy
+# policy, and support documentation.
+
+name: Scorecard supply-chain security
+on:
+  # For Branch-Protection check. Only the default branch is supported. See
+  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
+  branch_protection_rule:
+  # To guarantee Maintained check is occasionally updated. See
+  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
+  schedule:
+    - cron: '20 7 * * 2'
+  push:
+    branches: ["main"]
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  analysis:
+    name: Scorecard analysis
+    runs-on: ubuntu-latest
+    permissions:
+      # Needed to upload the results to code-scanning dashboard.
+      security-events: write
+      # Needed to publish results and get a badge (see publish_results below).
+      id-token: write
+      contents: read
+      actions: read
+
+    steps:
+      - name: "Checkout code"
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+        with:
+          persist-credentials: false
+
+      - name: "Run analysis"
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          # (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
+          # - you want to enable the Branch-Protection check on a *public* repository, or
+          # - you are installing Scorecards on a *private* repository
+          # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
+          # repo_token: ${{ secrets.SCORECARD_TOKEN }}
+
+          # Public repositories:
+          #   - Publish results to OpenSSF REST API for easy access by consumers
+          #   - Allows the repository to include the Scorecard badge.
+          #   - See https://github.com/ossf/scorecard-action#publishing-results.
+          # For private repositories:
+          #   - `publish_results` will always be set to `false`, regardless
+          #     of the value entered here.
+          publish_results: true
+
+      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
+      # format to the repository Actions tab.
+      - name: "Upload artifact"
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      # Upload the results to GitHub's code scanning dashboard.
+      - name: "Upload to code-scanning"
+        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+        with:
+          sarif_file: results.sarif

data/.rubocop.yml

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.7
+  TargetRubyVersion: 3.1
   DisplayStyleGuide: true
   NewCops: enable
 

data/.ruby-version

@@ -1 +1 @@
-3.2.2
+3.3.5

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## v0.7.0
+
+* Required ruby version >= 3.2
+
 ## v0.6.0
 
 * Required ruby version >= 2.7

data/Gemfile

@@ -8,3 +8,4 @@ gemspec
 gem "awesome_print", require: "ap"
 gem "pry"
 gem "standard"
+gem "bigdecimal"

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    omniauth-eve_online-sso (0.6.0)
+    omniauth-eve_online-sso (0.7.0)
       jwt
       omniauth-oauth2
 
@@ -10,20 +10,29 @@ GEM
   specs:
     ast (2.4.2)
     awesome_print (1.9.2)
+    base64 (0.2.0)
+    bigdecimal (3.1.8)
     coderay (1.1.3)
-    diff-lcs (1.5.0)
-    docile (1.4.0)
-    faraday (2.7.6)
-      faraday-net_http (>= 2.0, < 3.1)
-      ruby2_keywords (>= 0.0.4)
-    faraday-net_http (3.0.2)
+    diff-lcs (1.5.1)
+    docile (1.4.1)
+    faraday (2.12.0)
+      faraday-net_http (>= 2.0, < 3.4)
+      json
+      logger
+    faraday-net_http (3.3.0)
+      net-http
     hashie (5.0.0)
-    json (2.6.3)
-    jwt (2.7.1)
+    json (2.7.2)
+    jwt (2.9.3)
+      base64
     language_server-protocol (3.17.0.3)
-    lint_roller (1.0.0)
-    method_source (1.0.0)
-    multi_xml (0.6.0)
+    lint_roller (1.1.0)
+    logger (1.6.1)
+    method_source (1.1.0)
+    multi_xml (0.7.1)
+      bigdecimal (~> 3.1)
+    net-http (0.4.1)
+      uri
     oauth2 (2.0.9)
       faraday (>= 0.17.3, < 3.0)
       jwt (>= 1.0, < 3.0)
@@ -31,86 +40,92 @@ GEM
       rack (>= 1.2, < 4)
       snaky_hash (~> 2.0)
       version_gem (~> 1.1)
-    omniauth (2.1.1)
+    omniauth (2.1.2)
       hashie (>= 3.4.6)
       rack (>= 2.2.3)
       rack-protection
     omniauth-oauth2 (1.8.0)
       oauth2 (>= 1.4, < 3)
       omniauth (~> 2.0)
-    parallel (1.23.0)
-    parser (3.2.2.3)
+    parallel (1.26.3)
+    parser (3.3.5.0)
       ast (~> 2.4.1)
       racc
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    racc (1.7.1)
-    rack (3.0.8)
-    rack-protection (3.0.6)
-      rack
+    racc (1.8.1)
+    rack (3.1.8)
+    rack-protection (4.0.0)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0, < 4)
     rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.8.1)
-    rexml (3.2.5)
-    rspec (3.12.0)
-      rspec-core (~> 3.12.0)
-      rspec-expectations (~> 3.12.0)
-      rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.2)
-      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.3)
+    rake (13.2.1)
+    regexp_parser (2.9.2)
+    rspec (3.13.0)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.2)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.3)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-support (3.12.0)
-    rubocop (1.52.1)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.1)
+    rubocop (1.66.1)
       json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.2.3)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      regexp_parser (>= 2.4, < 3.0)
+      rubocop-ast (>= 1.32.2, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.29.0)
-      parser (>= 3.2.1.0)
-    rubocop-performance (1.18.0)
-      rubocop (>= 1.7.0, < 2.0)
-      rubocop-ast (>= 0.4.0)
+    rubocop-ast (1.32.3)
+      parser (>= 3.3.1.0)
+    rubocop-performance (1.22.1)
+      rubocop (>= 1.48.1, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
     ruby-progressbar (1.13.0)
-    ruby2_keywords (0.0.5)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.12.3)
+    simplecov-html (0.13.1)
     simplecov_json_formatter (0.1.4)
     snaky_hash (2.0.1)
       hashie
       version_gem (~> 1.1, >= 1.1.1)
-    standard (1.29.0)
+    standard (1.41.1)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.0)
-      rubocop (~> 1.52.0)
+      rubocop (~> 1.66.0)
       standard-custom (~> 1.0.0)
-      standard-performance (~> 1.1.0)
-    standard-custom (1.0.1)
+      standard-performance (~> 1.5)
+    standard-custom (1.0.2)
       lint_roller (~> 1.0)
-    standard-performance (1.1.0)
-      lint_roller (~> 1.0)
-      rubocop-performance (~> 1.18.0)
-    unicode-display_width (2.4.2)
-    version_gem (1.1.3)
+      rubocop (~> 1.50)
+    standard-performance (1.5.0)
+      lint_roller (~> 1.1)
+      rubocop-performance (~> 1.22.0)
+    unicode-display_width (2.6.0)
+    uri (0.13.1)
+    version_gem (1.1.4)
 
 PLATFORMS
+  aarch64-linux
+  arm64-darwin
   ruby
+  x86_64-darwin
+  x86_64-linux
 
 DEPENDENCIES
   awesome_print
+  bigdecimal
   bundler
   omniauth-eve_online-sso!
   pry
@@ -120,4 +135,4 @@ DEPENDENCIES
   standard
 
 BUNDLED WITH
-   2.4.14
+   2.5.22

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2016-2022 Igor Zubkov
+Copyright (c) 2016-2024 Ihor Zubkov
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/lib/omniauth/eve_online/sso/version.rb

@@ -3,7 +3,7 @@
 module Omniauth
   module EveOnline
     module SSO
-      VERSION = "0.6.0"
+      VERSION = "0.7.0"
     end
   end
 end

data/omniauth-eve_online-sso.gemspec

@@ -7,7 +7,7 @@ require "omniauth/eve_online/sso/version"
 Gem::Specification.new do |spec|
   spec.name = "omniauth-eve_online-sso"
   spec.version = Omniauth::EveOnline::SSO::VERSION
-  spec.authors = ["Igor Zubkov"]
+  spec.authors = ["Ihor Zubkov"]
   spec.email = ["igor.zubkov@gmail.com"]
 
   spec.summary = "OmniAuth strategy for EveOnline SSO"
@@ -27,7 +27,7 @@ Gem::Specification.new do |spec|
   spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   spec.require_paths = ["lib"]
 
-  spec.required_ruby_version = ">= 2.7"
+  spec.required_ruby_version = ">= 3.2"
 
   spec.add_dependency "omniauth-oauth2"
   spec.add_dependency "jwt"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-eve_online-sso
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
-- Igor Zubkov
+- Ihor Zubkov
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-06-18 00:00:00.000000000 Z
+date: 2024-10-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
@@ -104,13 +104,15 @@ files:
 - ".github/CODEOWNERS"
 - ".github/dependabot.yml"
 - ".github/workflows/codeql-analysis.yml"
+- ".github/workflows/dependency-review.yml"
 - ".github/workflows/mdl.yml"
+- ".github/workflows/rspec.yml"
+- ".github/workflows/scorecards.yml"
 - ".gitignore"
 - ".mdlrc"
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
-- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
@@ -141,14 +143,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.14
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: OmniAuth strategy for EveOnline SSO

data/.travis.yml

@@ -1,16 +0,0 @@
-sudo: false
-language: ruby
-cache: bundler
-rvm:
-  - 2.3.7
-  - 2.4.4
-  - 2.5.1
-  - ruby-head
-
-before_install: gem install bundler
-
-script:
-  - bundle exec rake
-  - bundle exec codeclimate-test-reporter
-  - bundle exec rubocop
-  - bundle exec mdl README.md