RubyGems - rails_pulse - Versions diffs - 0.2.3 → 0.2.4 - Mend

rails_pulse 0.2.3 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: rails_pulse
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.2.4
 platform: ruby
 authors:
 - Rails Pulse
 bindir: bin
 cert_chain: []
-date: 2025-10-31 00:00:00.000000000 Z
+date: 2025-11-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -49,26 +49,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.1.4
-- !ruby/object:Gem::Dependency
-  name: rails_charts
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.0'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.0.6
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.0'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.0.6
 - !ruby/object:Gem::Dependency
   name: turbo-rails
   requirement: !ruby/object:Gem::Requirement
@@ -120,7 +100,7 @@ dependencies:
         version: '8'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '10'
+        version: '44'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -130,7 +110,7 @@ dependencies:
         version: '8'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '10'
+        version: '44'
 - !ruby/object:Gem::Dependency
   name: groupdate
   requirement: !ruby/object:Gem::Requirement
@@ -225,6 +205,7 @@ files:
 - app/helpers/rails_pulse/table_helper.rb
 - app/helpers/rails_pulse/tags_helper.rb
 - app/javascript/rails_pulse/application.js
+- app/javascript/rails_pulse/controllers/chart_controller.js
 - app/javascript/rails_pulse/controllers/collapsible_controller.js
 - app/javascript/rails_pulse/controllers/color_scheme_controller.js
 - app/javascript/rails_pulse/controllers/context_menu_controller.js
@@ -332,7 +313,6 @@ files:
 - app/views/rails_pulse/skeletons/_table.html.erb
 - app/views/rails_pulse/tags/_tag_manager.html.erb
 - config/importmap.rb
-- config/initializers/rails_charts_csp_patch.rb
 - config/initializers/rails_pulse.rb
 - config/routes.rb
 - db/migrate/20250930105043_install_rails_pulse_tables.rb

data/config/initializers/rails_charts_csp_patch.rb DELETED Viewed

@@ -1,75 +0,0 @@
-# CSP patch for RailsCharts gem
-# Adds nonce attributes to script tags generated by RailsCharts for CSP compliance
-if defined?(RailsCharts)
-  module RailsCharts
-    module CspPatch
-      def line_chart(data_source, options = {})
-        chart_html = super(data_source, options)
-        add_csp_nonce_to_chart(chart_html)
-      end
-      def bar_chart(data_source, options = {})
-        chart_html = super(data_source, options)
-        add_csp_nonce_to_chart(chart_html)
-      end
-      private
-      def add_csp_nonce_to_chart(chart_html)
-        return chart_html unless chart_html.present?
-        nonce = get_csp_nonce
-        return chart_html unless nonce.present?
-        # Add nonce to script tags and mark as safe
-        modified_html = add_nonce_to_scripts(chart_html.to_s, nonce)
-        modified_html.html_safe if modified_html.respond_to?(:html_safe)
-      end
-      def get_csp_nonce
-        # Try common CSP nonce sources in order of preference
-        if respond_to?(:content_security_policy_nonce)
-          content_security_policy_nonce
-        elsif respond_to?(:csp_nonce)
-          csp_nonce
-        elsif defined?(request) && request
-          request.env["action_dispatch.content_security_policy_nonce"] ||
-          request.env["secure_headers.content_security_policy_nonce"] ||
-          request.env["csp_nonce"]
-        elsif respond_to?(:controller) && controller.respond_to?(:content_security_policy_nonce)
-          controller.content_security_policy_nonce
-        elsif defined?(@view_context) && @view_context.respond_to?(:content_security_policy_nonce)
-          @view_context.content_security_policy_nonce
-        else
-          Thread.current[:rails_pulse_csp_nonce] ||
-          (defined?(RequestStore) && RequestStore.store[:rails_pulse_csp_nonce])
-        end
-      end
-      def add_nonce_to_scripts(html, nonce)
-        html.gsub(/<script(?![^>]*\snonce=)([^>]*)>/i) do |match|
-          attributes = $1
-          if attributes.strip.empty?
-            "<script nonce=\"#{nonce}\">"
-          else
-            "<script#{attributes} nonce=\"#{nonce}\">"
-          end
-        end
-      end
-    end
-  end
-end
-# Apply the CSP patch only to Rails Pulse helpers, not the entire application
-# By prepending to ChartHelper instead of ApplicationHelper, we scope the patch to RailsPulse
-# namespace only, avoiding conflicts with any chart libraries in the host application
-# (Chartkick, Highcharts, Google Charts, ApexCharts, custom helpers, etc.)
-Rails.application.config.to_prepare do
-  if defined?(RailsCharts) && defined?(RailsPulse::ChartHelper)
-    # Prepend CSP patch to RailsPulse::ChartHelper
-    # This wraps only the rails_charts methods, ensuring clean CSP nonce injection
-    # without affecting the host application's chart helpers
-    RailsPulse::ChartHelper.prepend(RailsCharts::CspPatch)
-  end
-end