publify_core 9.2.9 → 9.2.10

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 72e8560336bbbbfd2c517840b744e34509782d0f4d6db7cde5ee607230770b65
4
- data.tar.gz: 886335b6900c26cfc579bf4197304b0e30cb8eedbe4c362a5394d153cb746487
3
+ metadata.gz: 5527fac8b20913bab53dd2561d1733883484d9b2334da9acfb46265468caa501
4
+ data.tar.gz: 683bd0f0cdc369a1da0b6c6fa86c11be5aa51b657336ae6e96dbd6dc9f386193
5
5
  SHA512:
6
- metadata.gz: 695ae9d70e7cb24e7b10b4c2efaaff9d13e32bdcde17e5fcc4be6aab288f5d8d1a0b74465b54f79dd28cf1fbc55a3c7f0e80d02074e8706e863bbba15ddd0368
7
- data.tar.gz: 3044549f33cfe4db50562be0d0441e3fc952b433181eefc861768cbeb3072b11be25780c40b2977572ce69d38df945af520c09343d294920eccdf17198b9d143
6
+ metadata.gz: f494f56b72b267db6ed6d6962014290ddd1a0d888c83c9ec101a7c41572a27234e663c64ba021190252a04cb19e38eb1a109c2ccf4e41a0c1006b04b92bebcf7
7
+ data.tar.gz: 6b2e942362cefab924e25bb069d8a7a26e55605cb83b343f1934a62e9e6cf149cd2ee30b8d7dcbc3db181d14f59cddcd2c8de2c86b9e6b9822583d0861f07ccb
data/CHANGELOG.md CHANGED
@@ -1,5 +1,14 @@
1
1
  # Changelog
2
2
 
3
+ ## 9.2.10 / 2023-01-08
4
+
5
+ * Bump Rails version to 5.2.8.1 [#1070](https://github.com/publify/publify/pull/1070)
6
+ * Limit length of settings values [#1072](https://github.com/publify/publify/pull/1072)
7
+ * Require login to stay unique when updating a User [#1073](https://github.com/publify/publify/pull/1073)
8
+ * Validate lengths of string attributes [#1077](https://github.com/publify/publify/pull/1077)
9
+ * Strip EXIF data from resource uploads [#1078](https://github.com/publify/publify/pull/1078)
10
+ * Require user passwords to be strong [#1086](https://github.com/publify/publify/pull/1086)
11
+
3
12
  ## 9.2.9 / 2022-05-22
4
13
 
5
14
  * Fix admin article access control [#1065](https://github.com/publify/publify/pull/1065)
data/app/models/blog.rb CHANGED
@@ -9,6 +9,8 @@
9
9
  #
10
10
  class Blog < ApplicationRecord
11
11
  include ConfigManager
12
+ include StringLengthLimit
13
+
12
14
  include Rails.application.routes.url_helpers
13
15
 
14
16
  has_many :contents
@@ -71,11 +73,11 @@ class Blog < ApplicationRecord
71
73
  setting :image_medium_size, :integer, 600
72
74
 
73
75
  # SEO
74
- setting :meta_description, :string, ""
76
+ setting :meta_description, :text, ""
75
77
  setting :meta_keywords, :string, ""
76
78
  setting :google_analytics, :string, ""
77
79
  setting :rss_description, :boolean, false
78
- setting :rss_description_text, :string, <<-HTML.strip_heredoc
80
+ setting :rss_description_text, :text, <<-HTML.strip_heredoc
79
81
  <hr />
80
82
  <p><small>Original article written by %author% and published on <a href='%blog_url%'>%blog_name%</a>
81
83
  | <a href='%permalink_url%'>direct link to this article</a>
@@ -83,8 +85,8 @@ class Blog < ApplicationRecord
83
85
  it has been illegally reproduced and without proper authorization.</small></p>
84
86
  HTML
85
87
  setting :permalink_format, :string, "/%year%/%month%/%day%/%title%"
86
- setting :robots, :string, 'User-agent: *\nAllow: /\nDisallow: /admin\n'
87
- setting :humans, :string, <<-TEXT.strip_heredoc
88
+ setting :robots, :text, 'User-agent: *\nAllow: /\nDisallow: /admin\n'
89
+ setting :humans, :text, <<-TEXT.strip_heredoc
88
90
  /* TEAM */
89
91
  Your title: Your name.
90
92
  Site: email, link to a contact form, etc.
@@ -139,6 +141,7 @@ class Blog < ApplicationRecord
139
141
 
140
142
  validate :permalink_has_identifier
141
143
  # validates :base_url, presence: true
144
+ validates_default_string_length :base_url
142
145
 
143
146
  # Find the Blog that matches a specific base URL. If no Blog object is found
144
147
  # that matches, then grab the first blog. If *that* fails, then create a new
@@ -41,18 +41,15 @@ class Comment < Feedback
41
41
  private
42
42
 
43
43
  def article_allows_feedback?
44
- return true if article.allow_comments?
45
-
46
- errors.add(:article, "Article is not open to comments")
47
- false
44
+ article.allow_comments?
48
45
  end
49
46
 
50
47
  def blog_allows_feedback?
51
48
  true
52
49
  end
53
50
 
54
- def check_article_closed_for_feedback
55
- errors.add(:article, "Comment are closed") if article.comments_closed?
51
+ def article_closed_for_feedback?
52
+ article.comments_closed?
56
53
  end
57
54
 
58
55
  def originator
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ module StringLengthLimit
4
+ # Default string length limit for model attributes. When running on MySQL,
5
+ # this is equal to the default string length in the database as set by Rails.
6
+ STRING_LIMIT = 255
7
+
8
+ extend ActiveSupport::Concern
9
+
10
+ class_methods do
11
+ def validates_default_string_length(*names)
12
+ names.each do |name|
13
+ validates name, length: { maximum: STRING_LIMIT }
14
+ end
15
+ end
16
+ end
17
+ end
@@ -1,8 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module ConfigManager
4
- def self.append_features(base)
5
- super
4
+ def self.included(base)
6
5
  base.extend(ClassMethods)
7
6
  end
8
7
 
@@ -12,12 +11,17 @@ module ConfigManager
12
11
  end
13
12
 
14
13
  def setting(name, type = :object, default = nil)
14
+ raise "Invalid type: #{type}" unless Item::VALID_TYPES.include? type
15
+
15
16
  item = Item.new
16
17
  item.name = name.to_s
17
18
  item.ruby_type = type
18
19
  item.default = default
19
20
  fields[name.to_s] = item
20
- add_setting_accessor(item)
21
+
22
+ add_setting_reader(item)
23
+ add_setting_writer(item)
24
+ add_setting_validation(item)
21
25
  end
22
26
 
23
27
  def default_for(key)
@@ -26,11 +30,6 @@ module ConfigManager
26
30
 
27
31
  private
28
32
 
29
- def add_setting_accessor(item)
30
- add_setting_reader(item)
31
- add_setting_writer(item)
32
- end
33
-
34
33
  def add_setting_reader(item)
35
34
  send(:define_method, item.name) do
36
35
  raw_value = settings[item.name]
@@ -51,6 +50,15 @@ module ConfigManager
51
50
  retval
52
51
  end
53
52
  end
53
+
54
+ def add_setting_validation(item)
55
+ case item.ruby_type
56
+ when :string
57
+ validates item.name, length: { maximum: 256 }
58
+ when :text
59
+ validates item.name, length: { maximum: 2048 }
60
+ end
61
+ end
54
62
  end
55
63
 
56
64
  def canonicalize(key, value)
@@ -58,6 +66,8 @@ module ConfigManager
58
66
  end
59
67
 
60
68
  class Item
69
+ VALID_TYPES = [:boolean, :integer, :string, :text].freeze
70
+
61
71
  attr_accessor :name, :ruby_type, :default
62
72
 
63
73
  def canonicalize(value)
@@ -71,12 +81,8 @@ module ConfigManager
71
81
  end
72
82
  when :integer
73
83
  value.to_i
74
- when :string
84
+ when :string, :text
75
85
  value.to_s
76
- when :yaml
77
- value.to_yaml
78
- else
79
- value
80
86
  end
81
87
  end
82
88
  end
@@ -5,6 +5,7 @@ require "uri"
5
5
 
6
6
  class Content < ApplicationRecord
7
7
  include ContentBase
8
+ include StringLengthLimit
8
9
 
9
10
  belongs_to :user, optional: true, touch: true
10
11
  belongs_to :blog
@@ -38,6 +39,9 @@ class Content < ApplicationRecord
38
39
 
39
40
  serialize :whiteboard
40
41
 
42
+ validates_default_string_length :title, :author, :permalink, :name,
43
+ :post_type, :text_filter_name
44
+
41
45
  def author=(user)
42
46
  if user.respond_to?(:login)
43
47
  self[:author] = user.login
@@ -10,11 +10,16 @@ class Feedback < ApplicationRecord
10
10
 
11
11
  include PublifyGuid
12
12
  include ContentBase
13
+ include StringLengthLimit
13
14
 
14
- validate :article_allows_this_feedback, on: :create
15
- validate :feedback_not_closed, on: :create
15
+ validate :feedback_allowed, on: :create
16
16
  validates :article, presence: true
17
17
 
18
+ validates_default_string_length :title, :author, :email, :url, :blog_name,
19
+ :user_agent, :text_filter_name
20
+
21
+ validates :ip, length: { maximum: 40 }
22
+
18
23
  before_save :correct_url, :classify_content
19
24
  before_create :create_guid
20
25
 
@@ -99,8 +104,20 @@ class Feedback < ApplicationRecord
99
104
  self.url = "http://#{url}" unless %r{^https?://}.match?(url)
100
105
  end
101
106
 
102
- def article_allows_this_feedback
103
- article && blog_allows_feedback? && article_allows_feedback?
107
+ def feedback_allowed
108
+ return unless article
109
+
110
+ unless blog_allows_feedback?
111
+ errors.add(:base, "#{plural_model_name} are disabled")
112
+ return
113
+ end
114
+
115
+ unless article_allows_feedback?
116
+ errors.add(:article, "Article is not open for #{plural_model_name.downcase}")
117
+ return
118
+ end
119
+
120
+ errors.add(:article, "#{plural_model_name} are closed") if article_closed_for_feedback?
104
121
  end
105
122
 
106
123
  def akismet_options
@@ -200,10 +217,6 @@ class Feedback < ApplicationRecord
200
217
  end
201
218
  end
202
219
 
203
- def feedback_not_closed
204
- check_article_closed_for_feedback
205
- end
206
-
207
220
  def send_notifications
208
221
  nil
209
222
  end
@@ -242,4 +255,8 @@ class Feedback < ApplicationRecord
242
255
  def blog_id
243
256
  article.blog_id if article.present?
244
257
  end
258
+
259
+ def plural_model_name
260
+ self.class.model_name.human.pluralize
261
+ end
245
262
  end
data/app/models/ping.rb CHANGED
@@ -1,5 +1,8 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  class Ping < ApplicationRecord
4
+ include StringLengthLimit
5
+
4
6
  belongs_to :article
7
+ validates_default_string_length :url
5
8
  end
@@ -1,9 +1,13 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  class PostType < ApplicationRecord
4
+ include StringLengthLimit
5
+
4
6
  validates :name, uniqueness: true
5
7
  validates :name, presence: true
6
8
  validate :name_is_not_read
9
+ validates_default_string_length :name, :permalink, :description
10
+
7
11
  before_save :sanitize_title
8
12
 
9
13
  def name_is_not_read
@@ -1,6 +1,8 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  class Redirect < ApplicationRecord
4
+ include StringLengthLimit
5
+
4
6
  belongs_to :content, optional: true, touch: true
5
7
  belongs_to :blog
6
8
 
@@ -8,6 +10,8 @@ class Redirect < ApplicationRecord
8
10
  validates :to_path, presence: true
9
11
  validates :blog, presence: true
10
12
 
13
+ validates_default_string_length :from_path, :to_path
14
+
11
15
  def full_to_path
12
16
  path = to_path
13
17
  # FIXME: Unify HTTP URI matchers
@@ -4,9 +4,12 @@ require "carrierwave"
4
4
  require "carrierwave/orm/activerecord"
5
5
 
6
6
  class Resource < ApplicationRecord
7
+ include StringLengthLimit
7
8
  belongs_to :blog
8
9
  belongs_to :content, optional: true
9
10
 
10
11
  mount_uploader :upload, ResourceUploader
11
12
  validates :upload, presence: true
13
+
14
+ validates_default_string_length :mime
12
15
  end
data/app/models/tag.rb CHANGED
@@ -1,12 +1,15 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  class Tag < ApplicationRecord
4
+ include StringLengthLimit
5
+
4
6
  belongs_to :blog
5
7
  has_and_belongs_to_many :contents, order: "created_at DESC"
6
8
 
7
9
  validates :name, uniqueness: { scope: :blog_id }
8
10
  validates :blog, presence: true
9
11
  validates :name, presence: true
12
+ validates_default_string_length :display_name
10
13
 
11
14
  before_validation :ensure_naming_conventions
12
15
 
@@ -14,24 +14,6 @@ class Trackback < Feedback
14
14
  end
15
15
  end
16
16
 
17
- def article_allows_feedback?
18
- return true if article.allow_pings?
19
-
20
- errors.add(:article, "Article is not pingable")
21
- false
22
- end
23
-
24
- def blog_allows_feedback?
25
- return true unless blog.global_pings_disable
26
-
27
- errors.add(:base, "Pings are disabled")
28
- false
29
- end
30
-
31
- def check_article_closed_for_feedback
32
- errors.add(:article, "Pings are closed") if article.pings_closed?
33
- end
34
-
35
17
  def originator
36
18
  blog_name
37
19
  end
@@ -47,4 +29,18 @@ class Trackback < Feedback
47
29
  def feed_title
48
30
  "Trackback from #{blog_name}: #{title} on #{article.title}"
49
31
  end
32
+
33
+ private
34
+
35
+ def article_allows_feedback?
36
+ article.allow_pings?
37
+ end
38
+
39
+ def blog_allows_feedback?
40
+ !blog.global_pings_disable
41
+ end
42
+
43
+ def article_closed_for_feedback?
44
+ article.pings_closed?
45
+ end
50
46
  end
data/app/models/user.rb CHANGED
@@ -12,15 +12,17 @@ class User < ApplicationRecord
12
12
  # Include default devise modules. Others available are:
13
13
  # :confirmable, :lockable, :timeoutable and :omniauthable
14
14
  devise :database_authenticatable, :registerable,
15
- :recoverable, :rememberable, :trackable, :validatable
15
+ :recoverable, :rememberable, :trackable, :validatable, :zxcvbnable
16
16
  include ConfigManager
17
+ include StringLengthLimit
17
18
 
18
19
  before_validation :set_default_profile
19
20
 
20
- validates :login, uniqueness: true, on: :create
21
- validates :email, uniqueness: true, on: :create
21
+ validates :login, uniqueness: true
22
22
  validates :email, :login, presence: true
23
23
  validates :login, length: { in: 3..40 }
24
+ validates_default_string_length :email, :text_filter_name
25
+ validates :name, length: { maximum: 2048 }
24
26
 
25
27
  belongs_to :resource, optional: true
26
28
  has_many :notifications, foreign_key: "notify_user_id"
@@ -4,7 +4,10 @@ require "marcel"
4
4
 
5
5
  class ResourceUploader < CarrierWave::Uploader::Base
6
6
  include CarrierWave::MiniMagick
7
- before :cache, :check_content_type!
7
+ before :process, :check_content_type!
8
+
9
+ process :fix_exif_rotation, if: :image?
10
+ process :strip, if: :image?
8
11
 
9
12
  def content_type_allowlist
10
13
  [%r{image/}, %r{audio/}, %r{video/}, "text/plain"]
@@ -32,6 +35,22 @@ class ResourceUploader < CarrierWave::Uploader::Base
32
35
  resize_to_fit(resize_setting, resize_setting)
33
36
  end
34
37
 
38
+ def strip
39
+ manipulate! do |img|
40
+ img.strip
41
+ img = yield(img) if block_given?
42
+ img
43
+ end
44
+ end
45
+
46
+ def fix_exif_rotation
47
+ manipulate! do |img|
48
+ img.auto_orient
49
+ img = yield(img) if block_given?
50
+ img
51
+ end
52
+ end
53
+
35
54
  def image?(new_file)
36
55
  content_type = new_file.content_type
37
56
  content_type&.include?("image")
@@ -736,7 +736,7 @@ da:
736
736
  godkender den.
737
737
  date:
738
738
  abbr_month_names:
739
- -
739
+ -
740
740
  - Jan
741
741
  - Feb
742
742
  - Mar
@@ -750,7 +750,7 @@ da:
750
750
  - Nov
751
751
  - Dec
752
752
  month_names:
753
- -
753
+ -
754
754
  - January
755
755
  - February
756
756
  - March
@@ -740,7 +740,7 @@ de:
740
740
  in diesem Blog erscheinen
741
741
  date:
742
742
  abbr_month_names:
743
- -
743
+ -
744
744
  - Jan
745
745
  - Feb
746
746
  - Mar
@@ -754,7 +754,7 @@ de:
754
754
  - Nov
755
755
  - Dec
756
756
  month_names:
757
- -
757
+ -
758
758
  - January
759
759
  - February
760
760
  - March
@@ -735,7 +735,7 @@ en:
735
735
  approves it
736
736
  date:
737
737
  abbr_month_names:
738
- -
738
+ -
739
739
  - Jan
740
740
  - Feb
741
741
  - Mar
@@ -749,7 +749,7 @@ en:
749
749
  - Nov
750
750
  - Dec
751
751
  month_names:
752
- -
752
+ -
753
753
  - January
754
754
  - February
755
755
  - March
@@ -738,7 +738,7 @@ es-MX:
738
738
  este blog hasta qye el autor lo apruebe
739
739
  date:
740
740
  abbr_month_names:
741
- -
741
+ -
742
742
  - Jan
743
743
  - Feb
744
744
  - Mar
@@ -752,7 +752,7 @@ es-MX:
752
752
  - Nov
753
753
  - Dec
754
754
  month_names:
755
- -
755
+ -
756
756
  - January
757
757
  - February
758
758
  - March
@@ -752,7 +752,7 @@ fr:
752
752
  pour modération. Il ne sera affiché qu'une fois approuvé par un modérateur
753
753
  date:
754
754
  abbr_month_names:
755
- -
755
+ -
756
756
  - jan
757
757
  - fév
758
758
  - mars
@@ -766,7 +766,7 @@ fr:
766
766
  - nov
767
767
  - déc
768
768
  month_names:
769
- -
769
+ -
770
770
  - Janvier
771
771
  - Février
772
772
  - Mars
@@ -731,7 +731,7 @@ he:
731
731
  היא לא תופיע בבלוג עד אשר הכותב יאשר אותה
732
732
  date:
733
733
  abbr_month_names:
734
- -
734
+ -
735
735
  - Jan
736
736
  - Feb
737
737
  - Mar
@@ -745,7 +745,7 @@ he:
745
745
  - Nov
746
746
  - Dec
747
747
  month_names:
748
- -
748
+ -
749
749
  - January
750
750
  - February
751
751
  - March
@@ -737,7 +737,7 @@ it:
737
737
  approves it
738
738
  date:
739
739
  abbr_month_names:
740
- -
740
+ -
741
741
  - Jan
742
742
  - Feb
743
743
  - Mar
@@ -751,7 +751,7 @@ it:
751
751
  - Nov
752
752
  - Dec
753
753
  month_names:
754
- -
754
+ -
755
755
  - January
756
756
  - February
757
757
  - March
@@ -719,7 +719,7 @@ ja:
719
719
  this_comment_has_been_flagged_for_moderator_approval: このコメントはモデレーターの確認が必要です。モデレーターが確認後にコメントが表示されます。
720
720
  date:
721
721
  abbr_month_names:
722
- -
722
+ -
723
723
  - 1月
724
724
  - 2月
725
725
  - 3月
@@ -733,7 +733,7 @@ ja:
733
733
  - 11月
734
734
  - 12月
735
735
  month_names:
736
- -
736
+ -
737
737
  - 1月
738
738
  - 2月
739
739
  - 3月
@@ -752,7 +752,7 @@ lt:
752
752
  patvirtinimo
753
753
  date:
754
754
  abbr_month_names:
755
- -
755
+ -
756
756
  - Jan
757
757
  - Feb
758
758
  - Mar
@@ -766,7 +766,7 @@ lt:
766
766
  - Nov
767
767
  - Dec
768
768
  month_names:
769
- -
769
+ -
770
770
  - January
771
771
  - February
772
772
  - March
@@ -732,7 +732,7 @@ nb-NO:
732
732
  før moderatoren godkjenner den.
733
733
  date:
734
734
  abbr_month_names:
735
- -
735
+ -
736
736
  - Jan
737
737
  - Feb
738
738
  - Mar
@@ -746,7 +746,7 @@ nb-NO:
746
746
  - Nov
747
747
  - Des
748
748
  month_names:
749
- -
749
+ -
750
750
  - Januar
751
751
  - Februar
752
752
  - Mars
@@ -739,7 +739,7 @@ nl:
739
739
  voor goedkeuring. Het zal niet getoond worden totdat de auteur het goedkeurt.
740
740
  date:
741
741
  abbr_month_names:
742
- -
742
+ -
743
743
  - Jan
744
744
  - Feb
745
745
  - Mrt
@@ -753,7 +753,7 @@ nl:
753
753
  - Nov
754
754
  - Dec
755
755
  month_names:
756
- -
756
+ -
757
757
  - Januari
758
758
  - Februari
759
759
  - Maart
@@ -764,7 +764,7 @@ pl:
764
764
  na akceptację. Nie ukaże się do czasu zaakceptowania przez autora.
765
765
  date:
766
766
  abbr_month_names:
767
- -
767
+ -
768
768
  - Jan
769
769
  - Feb
770
770
  - Mar
@@ -778,7 +778,7 @@ pl:
778
778
  - Nov
779
779
  - Dec
780
780
  month_names:
781
- -
781
+ -
782
782
  - January
783
783
  - February
784
784
  - March
@@ -738,7 +738,7 @@ pt-BR:
738
738
  para aprovação do moderador. Não será exibido até o autor aprovar.
739
739
  date:
740
740
  abbr_month_names:
741
- -
741
+ -
742
742
  - Jan
743
743
  - Fev
744
744
  - Mar
@@ -752,7 +752,7 @@ pt-BR:
752
752
  - Nov
753
753
  - Dez
754
754
  month_names:
755
- -
755
+ -
756
756
  - Janeiro
757
757
  - Fevereiro
758
758
  - Março
@@ -751,7 +751,7 @@ ro:
751
751
  marcat pentru moderare. El nu va apărea în blog înainte de a fi aprobat.
752
752
  date:
753
753
  abbr_month_names:
754
- -
754
+ -
755
755
  - Jan
756
756
  - Feb
757
757
  - Mar
@@ -765,7 +765,7 @@ ro:
765
765
  - Nov
766
766
  - Dec
767
767
  month_names:
768
- -
768
+ -
769
769
  - January
770
770
  - February
771
771
  - March
@@ -765,7 +765,7 @@ ru:
765
765
  approves it
766
766
  date:
767
767
  abbr_month_names:
768
- -
768
+ -
769
769
  - Jan
770
770
  - Feb
771
771
  - Mar
@@ -779,7 +779,7 @@ ru:
779
779
  - Nov
780
780
  - Dec
781
781
  month_names:
782
- -
782
+ -
783
783
  - January
784
784
  - February
785
785
  - March
@@ -720,7 +720,7 @@ zh-CN:
720
720
  this_comment_has_been_flagged_for_moderator_approval: 這篇评论被標示為版主所允許的。他不會在博客顯示直到版主承認他。
721
721
  date:
722
722
  abbr_month_names:
723
- -
723
+ -
724
724
  - Jan
725
725
  - Feb
726
726
  - Mar
@@ -734,7 +734,7 @@ zh-CN:
734
734
  - Nov
735
735
  - Dec
736
736
  month_names:
737
- -
737
+ -
738
738
  - January
739
739
  - February
740
740
  - March
@@ -721,7 +721,7 @@ zh-TW:
721
721
  this_comment_has_been_flagged_for_moderator_approval: 這篇評論被標示為版主所允許的。他不會在部落格顯示直到版主承認他。
722
722
  date:
723
723
  abbr_month_names:
724
- -
724
+ -
725
725
  - Jan
726
726
  - Feb
727
727
  - Mar
@@ -735,7 +735,7 @@ zh-TW:
735
735
  - Nov
736
736
  - Dec
737
737
  month_names:
738
- -
738
+ -
739
739
  - January
740
740
  - February
741
741
  - March
@@ -21,7 +21,7 @@ FactoryBot.define do
21
21
  notify_via_email { false }
22
22
  notify_on_new_articles { false }
23
23
  notify_on_comments { false }
24
- password { "top-secret" }
24
+ password { "top-Secret12!$#" }
25
25
  state { "active" }
26
26
  profile { User::CONTRIBUTOR }
27
27
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PublifyCore
4
- VERSION = "9.2.9"
4
+ VERSION = "9.2.10"
5
5
  end
data/lib/publify_core.rb CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "devise"
4
4
  require "devise-i18n"
5
+ require "devise_zxcvbn"
5
6
 
6
7
  require "publify_core/version"
7
8
  require "publify_core/engine"
metadata CHANGED
@@ -1,17 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: publify_core
3
3
  version: !ruby/object:Gem::Version
4
- version: 9.2.9
4
+ version: 9.2.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matijs van Zuijlen
8
8
  - Yannick François
9
9
  - Thomas Lecavellier
10
10
  - Frédéric de Villamil
11
- autorequire:
11
+ autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2022-05-22 00:00:00.000000000 Z
14
+ date: 2023-01-14 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: aasm
@@ -111,6 +111,20 @@ dependencies:
111
111
  - - "~>"
112
112
  - !ruby/object:Gem::Version
113
113
  version: '1.2'
114
+ - !ruby/object:Gem::Dependency
115
+ name: devise_zxcvbn
116
+ requirement: !ruby/object:Gem::Requirement
117
+ requirements:
118
+ - - "~>"
119
+ - !ruby/object:Gem::Version
120
+ version: '6.0'
121
+ type: :runtime
122
+ prerelease: false
123
+ version_requirements: !ruby/object:Gem::Requirement
124
+ requirements:
125
+ - - "~>"
126
+ - !ruby/object:Gem::Version
127
+ version: '6.0'
114
128
  - !ruby/object:Gem::Dependency
115
129
  name: dynamic_form
116
130
  requirement: !ruby/object:Gem::Requirement
@@ -235,6 +249,20 @@ dependencies:
235
249
  - - ">="
236
250
  - !ruby/object:Gem::Version
237
251
  version: 1.12.5
252
+ - !ruby/object:Gem::Dependency
253
+ name: psych
254
+ requirement: !ruby/object:Gem::Requirement
255
+ requirements:
256
+ - - "~>"
257
+ - !ruby/object:Gem::Version
258
+ version: 3.2.0
259
+ type: :runtime
260
+ prerelease: false
261
+ version_requirements: !ruby/object:Gem::Requirement
262
+ requirements:
263
+ - - "~>"
264
+ - !ruby/object:Gem::Version
265
+ version: 3.2.0
238
266
  - !ruby/object:Gem::Dependency
239
267
  name: rack
240
268
  requirement: !ruby/object:Gem::Requirement
@@ -409,28 +437,28 @@ dependencies:
409
437
  requirements:
410
438
  - - "~>"
411
439
  - !ruby/object:Gem::Version
412
- version: '5.1'
440
+ version: '6.2'
413
441
  type: :development
414
442
  prerelease: false
415
443
  version_requirements: !ruby/object:Gem::Requirement
416
444
  requirements:
417
445
  - - "~>"
418
446
  - !ruby/object:Gem::Version
419
- version: '5.1'
447
+ version: '6.2'
420
448
  - !ruby/object:Gem::Dependency
421
449
  name: feedjira
422
450
  requirement: !ruby/object:Gem::Requirement
423
451
  requirements:
424
452
  - - "~>"
425
453
  - !ruby/object:Gem::Version
426
- version: '3.1'
454
+ version: '3.2'
427
455
  type: :development
428
456
  prerelease: false
429
457
  version_requirements: !ruby/object:Gem::Requirement
430
458
  requirements:
431
459
  - - "~>"
432
460
  - !ruby/object:Gem::Version
433
- version: '3.1'
461
+ version: '3.2'
434
462
  - !ruby/object:Gem::Dependency
435
463
  name: i18n-tasks
436
464
  requirement: !ruby/object:Gem::Requirement
@@ -487,20 +515,34 @@ dependencies:
487
515
  - - "~>"
488
516
  - !ruby/object:Gem::Version
489
517
  version: '4.0'
518
+ - !ruby/object:Gem::Dependency
519
+ name: shoulda-matchers
520
+ requirement: !ruby/object:Gem::Requirement
521
+ requirements:
522
+ - - "~>"
523
+ - !ruby/object:Gem::Version
524
+ version: '4.5'
525
+ type: :development
526
+ prerelease: false
527
+ version_requirements: !ruby/object:Gem::Requirement
528
+ requirements:
529
+ - - "~>"
530
+ - !ruby/object:Gem::Version
531
+ version: '4.5'
490
532
  - !ruby/object:Gem::Dependency
491
533
  name: simplecov
492
534
  requirement: !ruby/object:Gem::Requirement
493
535
  requirements:
494
536
  - - "~>"
495
537
  - !ruby/object:Gem::Version
496
- version: 0.18.5
538
+ version: 0.19.0
497
539
  type: :development
498
540
  prerelease: false
499
541
  version_requirements: !ruby/object:Gem::Requirement
500
542
  requirements:
501
543
  - - "~>"
502
544
  - !ruby/object:Gem::Version
503
- version: 0.18.5
545
+ version: 0.19.0
504
546
  - !ruby/object:Gem::Dependency
505
547
  name: sqlite3
506
548
  requirement: !ruby/object:Gem::Requirement
@@ -712,6 +754,7 @@ files:
712
754
  - app/models/article/factory.rb
713
755
  - app/models/blog.rb
714
756
  - app/models/comment.rb
757
+ - app/models/concerns/string_length_limit.rb
715
758
  - app/models/config_manager.rb
716
759
  - app/models/content.rb
717
760
  - app/models/content_base.rb
@@ -972,6 +1015,7 @@ files:
972
1015
  - lib/publify_core/testing_support/fixtures/fakepng.png
973
1016
  - lib/publify_core/testing_support/fixtures/just_some.html
974
1017
  - lib/publify_core/testing_support/fixtures/otherfile.txt
1018
+ - lib/publify_core/testing_support/fixtures/testfile.jpg
975
1019
  - lib/publify_core/testing_support/fixtures/testfile.png
976
1020
  - lib/publify_core/testing_support/fixtures/testfile.txt
977
1021
  - lib/publify_core/testing_support/upload_fixtures.rb
@@ -1001,7 +1045,7 @@ homepage: https://publify.github.io/
1001
1045
  licenses:
1002
1046
  - MIT
1003
1047
  metadata: {}
1004
- post_install_message:
1048
+ post_install_message:
1005
1049
  rdoc_options: []
1006
1050
  require_paths:
1007
1051
  - lib
@@ -1017,7 +1061,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
1017
1061
  version: '0'
1018
1062
  requirements: []
1019
1063
  rubygems_version: 3.1.6
1020
- signing_key:
1064
+ signing_key:
1021
1065
  specification_version: 4
1022
1066
  summary: Core engine for the Publify blogging system.
1023
1067
  test_files: []