pah 0.0.27 → 0.0.28

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 659c9f22b6f4b8e92d9988fb1df713091bc102c9
-  data.tar.gz: 02a2221bbd469e0a6923df1d2fdd5790d899851a
+  metadata.gz: 2f5098132b991c99ba4c30d4d2afcfa21fd29f75
+  data.tar.gz: da9923c7d366d1f1307fc2aa05287dcdf55d3de5
 SHA512:
-  metadata.gz: d1d92f7aec6e28f74b23728df0a0a302547adf22d9e3f4903a9fa625950e93e0897d9e4a763c040fbf4fe815b8d2b56991f621c62ef8f192904ce85c4c0a9eeb
-  data.tar.gz: 26b53eed36f28b3c0fdfc9b1ccd0ff83ca7a7eb319f9cccb7c30935652d44721042b1c3283cae81f9f59009a374daf114075e635eaa6c15d82254c17df73a544
+  metadata.gz: deedba7b7dbce1188969af218a44ec07ea700e15f2500f6b5edb2abce35ce24e4b358116a8ea51d5d0966365688841d08d5155c246a8c18e189622acb0598439
+  data.tar.gz: 556085f2299ff8eb85c7ec2c498cd1d2e7be8bca19f6fca580278317897f7cc1433d224c0853817015a52497d05f7786e531d12fcebd854400ca4d2fee91c698

data/.ruby-version

@@ -1 +1 @@
-2.3.1
+2.4.2

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 # Changelog
 
+## 0.0.28 (September, 20, 2017)
+- Updated ruby version to 2.4.2
+- Updated Rails version to 5.1.2
+- Updated some gems
+- Removed gems `pry-rails` and `byebug` and added gem `pry-byebug`
+- Added sublime text files to .gitignore
+- Updated the secure_headers initializer
+- Created default pattern for database configuration
+
 ## 0.0.27 (July 18, 2016)
 - Updated ruby version to 2.3.1
 - Updated Rails version to 5.0.0

data/README.md

@@ -37,7 +37,7 @@ Run:
 $ pah projectname
 ```
 
-This will create a Rails 5.0.0 app with Ruby 2.3.1. This script creates a new git repository in the folder `projectname`.
+This will create a Rails 5.1.2 app with Ruby 2.4.2. This script creates a new git repository in the folder `projectname`.
 
 :warning: PAH is not meant to be used against an existing repo.
 

data/features/commands.feature

@@ -4,17 +4,17 @@ Feature: Commands
     When I run `pah --version`
     Then the output should contain:
       """
-      Pah version: 0.0.27
-      Rails version: 5.0.0
-      Ruby version: 2.3.1
+      Pah version: 0.0.28
+      Rails version: 5.1.2
+      Ruby version: 2.4.2
       """
   Scenario: -v prompts the versions
     When I run `pah -v`
     Then the output should contain:
       """
-      Pah version: 0.0.27
-      Rails version: 5.0.0
-      Ruby version: 2.3.1
+      Pah version: 0.0.28
+      Rails version: 5.1.2
+      Ruby version: 2.4.2
       """
   Scenario: without args prompt help
     When I run `pah`

data/features/env.feature

@@ -6,7 +6,7 @@ Feature: Env files
   Scenario: Create env files
     Then I have the file .ruby-version and contents of this file should be:
       """
-      2.3.1
+      2.4.2
 
       """
     Then I have the file .ruby-gemset and contents of this file should be:

data/features/gemfile.feature

@@ -6,6 +6,6 @@ Feature: Gemfile
   Scenario: Correct gems on gemfile
     Then I have the file Gemfile and contents of this file should include:
       """
-      gem 'rails',                  '5.0.0'
+      gem 'rails',                  '5.1.2'
       """
 

data/features/readme.feature

@@ -11,5 +11,5 @@ Feature: README
       """
     Then I have the file README.md and contents of this file should include:
       """
-      Ruby 2.3.1
+      Ruby 2.4.2
       """

data/features/secret_token.feature

@@ -11,25 +11,35 @@ Feature: Secret Token
     Then I have the file config/secrets.yml and contents of this file should include:
       """
       # Be sure to restart your server when you modify this file.
-
+      
       # Your secret key is used for verifying the integrity of signed cookies.
       # If you change this key, all old signed cookies will become invalid!
-
+      
       # Make sure the secret is at least 30 characters and all random,
       # no regular words or you'll be exposed to dictionary attacks.
       # You can use `rails secret` to generate a secure secret key.
-
+      
       # Make sure the secrets in this file are kept private
       # if you're sharing your code publicly.
-
+      
+      # Shared secrets are available across all environments.
+      
+      # shared:
+      #   api_key: a1B2c3D4e5F6
+      
+      # Environmental secrets are only available for that specific environment.
+      
       development:
         secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
-
+      
       test:
         secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
-
-      # Do not keep production secrets in the repository,
-      # instead read values from the environment.
+      
+      # Do not keep production secrets in the unencrypted secrets file.
+      # Instead, either read values from the environment.
+      # Or, use `bin/rails secrets:setup` to configure encrypted secrets
+      # and move the `production:` environment over there.
+      
       production:
         secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
-      """
+      """

data/features/secure_headers.feature

@@ -4,10 +4,6 @@ Feature: Secure Headers
     Given I have created the app "myapp" with pah
 
   Scenario: Have correct files
-    Then I have the file app/controllers/application_controller.rb and contents of this file should include:
-      """
-      ensure_security_headers
-      """
     Then I have a config/initializers/secure_headers.rb
     Then I have the file config/initializers/secure_headers.rb and contents of this file should include:
       """

data/features/sendgrid.feature

@@ -1,5 +1,5 @@
 @no-clobber
-Feature: Mandrill
+Feature: Sendgrid
   Background:
     Given I have created the app "myapp" with pah
 

data/lib/pah/files/.gitignore

@@ -14,4 +14,5 @@ capybara-*.html
 /spec/tmp/*
 **.orig
 rerun.txt
-pickle-email-*.html
+pickle-email-*.html
+*.sublime-*

data/lib/pah/files/Gemfile

@@ -2,61 +2,60 @@ source 'https://rubygems.org'
 ruby 'RUBY_VERSION'
 
 gem 'rails',                  'RAILS_VERSION'
-gem 'puma',                   '2.15.3'
-gem 'secure_headers',         '2.4.4'
-gem 'jquery-rails',           '4.1.1'
-gem 'turbolinks',             '2.5.3'
-gem 'jbuilder',               '2.5.0'
-gem 'slim-rails',             '3.1.0'
-gem 'pg',                     '0.18.4'
-gem 'sass-rails',             '5.0.5'
-gem 'coffee-rails',           '4.2.1'
-gem 'uglifier',               '2.7.2'
-gem 'simple_form',            '3.2.1'
+gem 'puma',                   '3.10.0'
+gem 'secure_headers',         '3.7.1'
+gem 'jquery-rails',           '4.3.1'
+gem 'turbolinks',             '5.0.1'
+gem 'jbuilder',               '2.7.0'
+gem 'slim-rails',             '3.1.2'
+gem 'pg',                     '0.21.0'
+gem 'sass-rails',             '5.0.6'
+gem 'coffee-rails',           '4.2.2'
+gem 'uglifier',               '3.2.0'
+gem 'simple_form',            '3.5.0'
 gem 'flutie',                 '2.0.0'
 gem 'bourbon',                '4.2.6'
 gem 'neat',                   '1.7.2'
 gem 'bitters',                '1.1.0'
 gem 'refills',                '0.1.0'
 gem 'normalize-rails',        '3.0.3'
-gem 'rollbar',                '2.11.3'
+gem 'rollbar',                '2.15.2'
 
 group :production, :staging do
   gem 'rails_12factor',       '0.0.3'
-  gem 'rack-canonical-host',  '0.2.2'
-  gem 'newrelic_rpm',         '~> 3.12'
-  gem 'librato-rails',        '1.0.0'
+  gem 'rack-canonical-host',  '0.2.3'
+  gem 'newrelic_rpm',         '4.4.0.336'
+  gem 'librato-rails',        '2.1.0'
 end
 
 group :development do
-  gem 'foreman',              '0.78.0'
+  gem 'foreman',              '0.84.0'
   gem 'jumpup',               '0.0.8'
   gem 'jumpup-heroku',        '0.0.6'
   gem 'better_errors',        '2.1.1'
   gem 'binding_of_caller',    '0.7.2'
   gem 'letter_opener',        '1.4.1'
-  gem 'bullet',               '5.1.1'
+  gem 'bullet',               '5.5.1'
   gem 'listen',               '3.1.5'
 end
 
 group :test do
-  gem 'shoulda-matchers',     '3.0.1', require: false
-  gem 'simplecov',            '0.11.1', require: false
-  gem 'email_spec',           '1.6.0'
+  gem 'shoulda-matchers',     '3.1.2', require: false
+  gem 'simplecov',            '0.14.1', require: false
+  gem 'email_spec',           '2.1.0'
   gem 'capybara',             '2.5.0'
   gem 'poltergeist',          '1.8.0'
   gem 'vcr',                  '3.0.0'
   gem 'webmock',              '1.22.3'
-  gem 'database_cleaner',     '1.5.1'
+  gem 'database_cleaner',     '1.6.1'
 end
 
 group :development, :test do
-  gem 'rspec-rails',           '3.5.1'
-  gem 'factory_girl_rails',    '4.5.0'
-  gem 'pry-rails',             '0.3.4'
-  gem 'dotenv-rails',          '2.1.1'
-  gem 'awesome_print',         '1.6.1'
+  gem 'rspec-rails',           '3.6.1'
+  gem 'factory_girl_rails',    '4.8.0'
+  gem 'pry-byebug',            '3.4.2'
+  gem 'dotenv-rails',          '2.2.1'
+  gem 'awesome_print',         '1.7.0'
   gem 'spring-commands-rspec', '1.0.4'
-  gem 'byebug',                '8.2.1'
-  gem 'spring',                '1.5.0'
+  gem 'spring',                '2.0.2'
 end

data/lib/pah/files/config/database.yml

@@ -1,18 +1,16 @@
-development:
+default: &default
   adapter: postgresql
   encoding: utf8
-  database: PROJECT_development
   pool: 5
   username: postgres
   host: localhost
   template: template0
 
-test:
-  adapter: postgresql
-  encoding: utf8
+development:
+  <<: *default
+  database: PROJECT_development
+
+test: &test
+  <<: *default
   database: PROJECT_test
-  pool: 5
-  username: postgres
   min_messages: WARNING
-  host: localhost
-  template: template0

data/lib/pah/templates/secure_headers.rb

@@ -2,25 +2,26 @@ module Pah
   module Templates
     class SecureHeader < Pah::Template
       def call
-        content = <<EOF
-
-  ensure_security_headers # See more: https://github.com/twitter/secureheaders
-EOF
-
-        inject_into_file 'app/controllers/application_controller.rb', content, after: 'with: :exception', verbose: false
-
         create_file 'config/initializers/secure_headers.rb' do
           <<-EOF
 ::SecureHeaders::Configuration.configure do |config|
-  config.hsts = {:max_age => 20.years.to_i, :include_subdomains => true}
+  config.hsts = "max-age=#{20.years.to_i}; includeSubdomains; preload"
   config.x_frame_options = 'DENY'
   config.x_content_type_options = "nosniff"
-  config.x_xss_protection = {:value => 1, :mode => 'block'}
-  config.csp = false
+  config.x_xss_protection = "1; mode=block"
+  config.csp = {
+    report_only: Rails.env.production?, # for the Content-Security-Policy-Report-Only header
+    preserve_schemes: false, # default: false.
+
+    default_src: %w(*), # all allowed in the beginning
+    script_src: %w('self' 'unsafe-inline'), # scripts only allowed in external files from the same origin
+    connect_src: %w('self'), # Ajax may connect only to the same origin
+    style_src: %w('self' 'unsafe-inline'), # styles only allowed in external files from the same origin and in style attributes (for now)
+    # report_uri: ["/csp_report?report_only=#{Rails.env.production?}"] # violation reports will be sent here
+  }
 end
 EOF
         end
-        git add: 'app/controllers/application_controller.rb'
         git add: 'config/initializers/secure_headers.rb'
         git_commit 'Add secure headers.'
       end

data/lib/pah/version.rb

@@ -1,5 +1,5 @@
 module Pah
-  VERSION = '0.0.27'.freeze
-  RUBY_VERSION = '2.3.1'.freeze
-  RAILS_VERSION = '5.0.0'.freeze
+  VERSION = '0.0.28'.freeze
+  RUBY_VERSION = '2.4.2'.freeze
+  RAILS_VERSION = '5.1.2'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pah
 version: !ruby/object:Gem::Version
-  version: 0.0.27
+  version: 0.0.28
 platform: ruby
 authors:
 - HE:labs
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-07-18 00:00:00.000000000 Z
+date: 2017-09-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0
+        version: 5.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.0.0
+        version: 5.1.2
 - !ruby/object:Gem::Dependency
   name: colored
   requirement: !ruby/object:Gem::Requirement
@@ -252,7 +252,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.1
+      version: 2.4.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -260,7 +260,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
 summary: A rails application template which born from Startup DEV and now is used