rails_map 1.1.0 → 1.2.0

data/RUBYGEMS_IMPROVEMENTS.md

@@ -0,0 +1,297 @@
+# RubyGems Page Improvements
+
+This document outlines all the improvements made to enhance the RailsMap gem's presence on RubyGems.org and GitHub.
+
+## ✅ Completed Improvements
+
+### 1. Enhanced Gemspec Metadata
+
+**File**: `rails_map.gemspec`
+
+#### Added:
+
+- **Detailed description** with feature list and benefits
+- **Post-install message** with quick start instructions and ASCII art
+- **Additional metadata URIs**:
+  - `wiki_uri` - Link to GitHub wiki
+  - `funding_uri` - GitHub sponsors link
+  - `github_repo` - SSH GitHub repository URL
+  - `allowed_push_host` - Restricts gem pushing to RubyGems.org only
+
+#### Benefits:
+
+- Better first impression on RubyGems.org
+- Clear feature list visible on gem page
+- Helpful post-install message guides new users
+- More discoverable through additional links
+
+### 2. README Badges
+
+**File**: `README.md`
+
+#### Added Badges:
+
+1. **Gem Version** - Shows current version
+2. **Downloads** - Total download count
+3. **License** - MIT License badge
+4. **Ruby Version** - Minimum Ruby requirement
+5. **Rails Version** - Minimum Rails requirement
+
+#### Benefits:
+
+- Quick visual status indicators
+- Shows gem popularity and compatibility
+- Professional appearance
+- Auto-updating information
+
+### 3. Community Health Files
+
+#### CODE_OF_CONDUCT.md
+
+- Contributor Covenant v2.0
+- Clear community standards
+- Enforcement guidelines
+- Contact information
+
+#### CONTRIBUTING.md
+
+- Comprehensive contribution guide
+- Development setup instructions
+- Pull request process
+- Style guidelines
+- Areas for contribution
+- Project structure overview
+
+#### SECURITY.md
+
+- Security policy and supported versions
+- Vulnerability reporting process
+- Security best practices
+- Known security considerations
+- Disclosure policy
+
+#### Benefits:
+
+- Encourages community contributions
+- Sets clear expectations
+- Shows project maturity
+- Improves trust and credibility
+
+### 4. GitHub Templates
+
+#### Issue Templates
+
+- **Bug Report** (`.github/ISSUE_TEMPLATE/bug_report.md`)
+  - Structured bug reporting
+  - Environment details
+  - Reproduction steps
+- **Feature Request** (`.github/ISSUE_TEMPLATE/feature_request.md`)
+  - Problem statement
+  - Proposed solution
+  - Use cases
+
+#### Pull Request Template
+
+- **PR Template** (`.github/PULL_REQUEST_TEMPLATE.md`)
+  - Change description
+  - Type of change checklist
+  - Testing requirements
+  - Documentation updates
+
+#### Benefits:
+
+- Consistent issue and PR format
+- Easier to triage and respond
+- Better quality contributions
+- Saves maintainer time
+
+### 5. CI/CD Workflow
+
+**File**: `.github/workflows/ci.yml`
+
+#### Features:
+
+- Tests across multiple Ruby versions (2.7 - 3.3)
+- Tests across multiple Rails versions (6.0 - 7.1)
+- Matrix testing with exclusions
+- RuboCop linting
+- Gem building verification
+- Artifact upload
+
+#### Benefits:
+
+- Automated testing
+- Ensures compatibility
+- Catches issues early
+- Shows build status badge (can be added)
+
+## 📊 Impact on RubyGems Page
+
+### What Users Will See:
+
+1. **Gem Page Header**
+   - Clear, detailed description
+   - Feature bullet points
+   - Professional presentation
+
+2. **Links Section**
+   - Homepage (rails-map.netlify.app)
+   - Source Code (GitHub)
+   - Documentation (GitHub README)
+   - Changelog (GitHub)
+   - Bug Tracker (GitHub Issues)
+   - Wiki (GitHub Wiki)
+   - Funding (GitHub Sponsors)
+
+3. **Post-Install Message**
+   - Welcoming message with ASCII art
+   - Quick start command
+   - Documentation links
+   - Version highlights
+
+4. **Metadata**
+   - Ruby version requirement
+   - Rails dependency
+   - License information
+   - MFA requirement badge
+
+## 🎯 Additional Recommendations
+
+### For RubyGems.org:
+
+1. **Add Keywords** (if supported in future)
+   - rails, documentation, api, routes, models, controllers
+
+2. **Maintain Changelog**
+   - Keep CHANGELOG.md updated
+   - Follow Keep a Changelog format
+   - Link from RubyGems page
+
+3. **Regular Updates**
+   - Publish security patches promptly
+   - Announce new features
+   - Maintain backward compatibility
+
+### For GitHub:
+
+1. **Add More Badges to README**
+
+   ```markdown
+   [![CI Status](https://github.com/ArshdeepGrover/rails-map/workflows/CI/badge.svg)](https://github.com/ArshdeepGrover/rails-map/actions)
+   [![Code Climate](https://codeclimate.com/github/ArshdeepGrover/rails-map/badges/gpa.svg)](https://codeclimate.com/github/ArshdeepGrover/rails-map)
+   [![Test Coverage](https://codeclimate.com/github/ArshdeepGrover/rails-map/badges/coverage.svg)](https://codeclimate.com/github/ArshdeepGrover/rails-map/coverage)
+   ```
+
+2. **Create GitHub Wiki**
+   - Installation guides
+   - Configuration examples
+   - Troubleshooting
+   - FAQ
+   - Advanced usage
+
+3. **Add GitHub Topics**
+   - rails
+   - documentation
+   - api-documentation
+   - ruby-gem
+   - rails-engine
+   - developer-tools
+
+4. **Create Releases**
+   - Use GitHub Releases for each version
+   - Include changelog in release notes
+   - Attach gem file to releases
+
+5. **Add Screenshots**
+   - Add to README
+   - Show in GitHub releases
+   - Include in documentation
+
+### For Community Engagement:
+
+1. **Social Media**
+   - Announce releases on Twitter/X
+   - Share on Reddit (r/rails, r/ruby)
+   - Post on Dev.to
+   - Share on Ruby Weekly
+
+2. **Documentation**
+   - Create video tutorials
+   - Write blog posts
+   - Add to awesome-rails lists
+   - Submit to Ruby Toolbox
+
+3. **Integrations**
+   - Add to Code Climate
+   - Set up Dependabot
+   - Configure CodeCov
+   - Add to Snyk
+
+## 📈 Metrics to Track
+
+1. **RubyGems.org**
+   - Total downloads
+   - Daily downloads
+   - Version adoption rate
+
+2. **GitHub**
+   - Stars
+   - Forks
+   - Issues opened/closed
+   - Pull requests
+   - Contributors
+
+3. **Community**
+   - Issue response time
+   - PR merge time
+   - Active contributors
+   - Community discussions
+
+## 🚀 Next Steps
+
+1. **Immediate**
+   - [x] Update gemspec with enhanced metadata
+   - [x] Add badges to README
+   - [x] Create community health files
+   - [x] Add GitHub templates
+   - [x] Set up CI workflow
+
+2. **Short Term**
+   - [ ] Create GitHub Wiki
+   - [ ] Add more screenshots
+   - [ ] Set up Code Climate
+   - [ ] Configure Dependabot
+   - [ ] Create first GitHub Release
+
+3. **Long Term**
+   - [ ] Reach 1000 downloads
+   - [ ] Get 100 GitHub stars
+   - [ ] Build active community
+   - [ ] Create video tutorials
+   - [ ] Write comprehensive guides
+
+## 📝 Maintenance Checklist
+
+- [ ] Update CHANGELOG.md for each release
+- [ ] Test across supported Ruby/Rails versions
+- [ ] Respond to issues within 48 hours
+- [ ] Review PRs within 1 week
+- [ ] Release security patches promptly
+- [ ] Keep dependencies updated
+- [ ] Monitor gem downloads and usage
+- [ ] Engage with community feedback
+
+---
+
+## Summary
+
+These improvements significantly enhance the RailsMap gem's professional appearance, discoverability, and community engagement potential. The gem now has:
+
+✅ Professional RubyGems page with detailed information
+✅ Clear community guidelines and contribution process
+✅ Automated testing and quality checks
+✅ Structured issue and PR templates
+✅ Security policy and best practices
+✅ Comprehensive documentation
+
+This positions RailsMap as a mature, well-maintained, and community-friendly project that developers can trust and contribute to.

data/SECURITY.md

@@ -0,0 +1,162 @@
+# Security Policy
+
+## Supported Versions
+
+We release patches for security vulnerabilities. Which versions are eligible for receiving such patches depends on the CVSS v3.0 Rating:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.2.x   | :white_check_mark: |
+| 1.1.x   | :white_check_mark: |
+| 1.0.x   | :x:                |
+| < 1.0   | :x:                |
+
+## Reporting a Vulnerability
+
+We take the security of RailsMap seriously. If you believe you have found a security vulnerability, please report it to us as described below.
+
+### Please do NOT:
+
+- Open a public GitHub issue
+- Discuss the vulnerability in public forums, social media, or mailing lists
+
+### Please DO:
+
+**Report security vulnerabilities via email to: arsh199820@gmail.com**
+
+Please include the following information:
+
+1. **Type of vulnerability** (e.g., authentication bypass, SQL injection, XSS, etc.)
+2. **Full paths of source file(s)** related to the vulnerability
+3. **Location of the affected source code** (tag/branch/commit or direct URL)
+4. **Step-by-step instructions to reproduce** the issue
+5. **Proof-of-concept or exploit code** (if possible)
+6. **Impact of the vulnerability** and how an attacker might exploit it
+
+### What to expect:
+
+- **Acknowledgment**: We will acknowledge receipt of your vulnerability report within 48 hours
+- **Communication**: We will keep you informed about the progress of fixing the vulnerability
+- **Timeline**: We aim to release a fix within 30 days for critical vulnerabilities
+- **Credit**: We will credit you in the security advisory (unless you prefer to remain anonymous)
+
+## Security Best Practices
+
+When using RailsMap in production:
+
+### 1. Enable Authentication
+
+Always enable authentication for production environments:
+
+```ruby
+# config/initializers/rails_map.rb
+RailsMap.configure do |config|
+  config.authenticate_with = proc {
+    authenticate_user! # or your authentication method
+  }
+end
+```
+
+### 2. Restrict Access
+
+Limit access to authorized users only:
+
+```ruby
+config.authenticate_with = proc {
+  redirect_to root_path unless current_user&.admin?
+}
+```
+
+### 3. Use Environment Variables
+
+Store credentials in environment variables, not in code:
+
+```ruby
+# .env
+RAILS_MAP_USERNAME=admin
+RAILS_MAP_PASSWORD=secure_password_here
+```
+
+### 4. Disable in Production (Optional)
+
+If you don't need live documentation in production, disable the engine:
+
+```ruby
+# config/routes.rb
+unless Rails.env.production?
+  mount RailsMap::Engine, at: '/rails-map'
+end
+```
+
+### 5. Use Static HTML Generation
+
+For production, consider using static HTML generation instead of live documentation:
+
+```bash
+rails doc:generate
+# Deploy the doc/api folder to a secure location
+```
+
+### 6. Keep Updated
+
+Always use the latest version of RailsMap to ensure you have the latest security patches:
+
+```bash
+bundle update rails_map
+```
+
+## Known Security Considerations
+
+### Information Disclosure
+
+RailsMap displays information about your application's structure:
+
+- Route paths and HTTP methods
+- Controller names and actions
+- Model attributes and associations
+- Parameter names and types
+
+**Mitigation**: Always protect the documentation with authentication in production environments.
+
+### Authentication Bypass
+
+If authentication is not properly configured, unauthorized users may access your API documentation.
+
+**Mitigation**: Follow the authentication setup guide and test your configuration.
+
+### Cross-Site Scripting (XSS)
+
+While we sanitize output, custom configurations might introduce XSS vulnerabilities.
+
+**Mitigation**:
+
+- Don't disable built-in sanitization
+- Be careful with custom HTML in configuration
+- Keep RailsMap updated
+
+## Security Updates
+
+Security updates will be released as patch versions (e.g., 1.2.1) and announced via:
+
+- GitHub Security Advisories
+- RubyGems security notifications
+- CHANGELOG.md with [SECURITY] tag
+- Email to reporters
+
+## Disclosure Policy
+
+When we receive a security bug report, we will:
+
+1. Confirm the problem and determine affected versions
+2. Audit code to find similar problems
+3. Prepare fixes for all supported versions
+4. Release new versions as soon as possible
+5. Publish a security advisory
+
+## Comments on this Policy
+
+If you have suggestions on how this process could be improved, please submit a pull request or open an issue.
+
+---
+
+Thank you for helping keep RailsMap and its users safe! 🔒

data/URL_CHANGE_SUMMARY.md

@@ -0,0 +1,150 @@
+# URL Change Summary: /api-doc → /rails-map
+
+## Overview
+
+All references to `/api-doc` have been changed to `/rails-map` throughout the project for better branding and clarity.
+
+## Files Updated
+
+### Core Files
+
+1. ✅ `lib/generators/rails_map/install_generator.rb` - Generator now mounts at `/rails-map`
+2. ✅ `lib/generators/rails_map/templates/README` - Installation instructions updated
+
+### Documentation Files
+
+3. ✅ `README.md` - All examples and instructions updated
+4. ✅ `CHANGELOG.md` - Both v1.2.0 and v1.1.0 entries updated
+5. ✅ `QUICKSTART.md` - Quick start guide updated
+6. ✅ `AUTHENTICATION.md` - Authentication examples updated
+7. ✅ `SECURITY.md` - Security examples updated
+
+### Gem Files
+
+8. ✅ `rails_map.gemspec` - Description and post-install message updated
+
+### Website
+
+9. ✅ `docs/index.html` - Homepage demo URL updated
+
+## What Changed
+
+### Before
+
+```ruby
+mount RailsMap::Engine, at: '/api-doc'
+```
+
+Visit: `http://localhost:3000/api-doc`
+
+### After
+
+```ruby
+mount RailsMap::Engine, at: '/rails-map'
+```
+
+Visit: `http://localhost:3000/rails-map`
+
+## Impact
+
+### For New Users
+
+- Generator automatically mounts at `/rails-map`
+- All documentation shows the new URL
+- Post-install message shows correct URL
+
+### For Existing Users
+
+When upgrading to v1.2.0, users will need to update their routes:
+
+```ruby
+# config/routes.rb
+
+# Old (still works but deprecated)
+mount RailsMap::Engine, at: '/api-doc'
+
+# New (recommended)
+mount RailsMap::Engine, at: '/rails-map'
+```
+
+## Migration Guide for Existing Users
+
+If you're upgrading from a previous version:
+
+1. **Update your routes file:**
+
+   ```ruby
+   # config/routes.rb
+   mount RailsMap::Engine, at: '/rails-map'  # Changed from '/api-doc'
+   ```
+
+2. **Update any bookmarks or documentation:**
+   - Old: `http://localhost:3000/api-doc`
+   - New: `http://localhost:3000/rails-map`
+
+3. **Update any scripts or automation:**
+   - Search for `/api-doc` in your codebase
+   - Replace with `/rails-map`
+
+4. **Restart your Rails server:**
+
+   ```bash
+   rails server
+   ```
+
+5. **Visit the new URL:**
+   ```
+   http://localhost:3000/rails-map
+   ```
+
+## Why This Change?
+
+1. **Better Branding** - `/rails-map` clearly identifies the gem
+2. **Consistency** - Matches the gem name `rails_map`
+3. **Clarity** - More descriptive than generic `/api-doc`
+4. **Uniqueness** - Less likely to conflict with other documentation tools
+
+## Backward Compatibility
+
+The change is **not backward compatible** by default. Users must update their routes file.
+
+However, if you want to support both URLs temporarily:
+
+```ruby
+# config/routes.rb
+mount RailsMap::Engine, at: '/rails-map'
+
+# Optional: Support old URL temporarily
+mount RailsMap::Engine, at: '/api-doc'  # Deprecated, remove in future
+```
+
+## Testing
+
+After making the change, verify:
+
+1. ✅ Generator creates correct route
+2. ✅ Documentation loads at new URL
+3. ✅ All internal links work
+4. ✅ Authentication works (if enabled)
+5. ✅ Static HTML generation works
+
+## Rollback
+
+If you need to use the old URL:
+
+```ruby
+# config/routes.rb
+mount RailsMap::Engine, at: '/api-doc'
+```
+
+The engine will work at any path you specify.
+
+## Future Considerations
+
+- Consider adding a deprecation warning for `/api-doc` in future versions
+- Could add automatic redirect from old URL to new URL
+- Update any external documentation or blog posts
+
+---
+
+**Note:** This change was made in version 1.2.0 and affects all new installations. Existing installations need manual update.