RubyGems - solidus_core - Versions diffs - 3.1.1 → 3.1.5 - Mend

solidus_core 3.1.1 → 3.1.5

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 84e6a49d44adf0951d9e774b0e212f39841ca0183827e5ec902d5dfb13f27cf2
-  data.tar.gz: 1d7e7b23b450a781782ac2259ccd50aa54b455c7b07e90070a2c39ff3320b640
+  metadata.gz: 924090a77efc768ede5475d819872ed30b02cb7990e87d3fdd5877b58b8e7fac
+  data.tar.gz: 1eeee8182a6f5ade835a347711a9c74b3b29e201bfe93c7fef7c710e6b62b6a1
 SHA512:
-  metadata.gz: f5caeff8f63a04cc9df497e06e3f782a0f6ff994464b98e5d9f1db58e3cf1149b1a02cf2dd707c4bb5291aad76ff91682df6797fcb56fd87522cda874bbcd0a2
-  data.tar.gz: 6150acbad591a8bc78d2283dd253deb1c5f47470194117a016d72e32cf633a5e9e56dbf7343d87fd0ffdef8cef4f7ea588ef45481acb918010fe4c2e647bee96
+  metadata.gz: 8b6f4995130898a6874b22b97d390b89fa51be305b0d2fcd223c2ee8db2263a30ff599e5109e6eb2e58da33ef2c9014a7f8c980764914d30325997bddc36759d
+  data.tar.gz: eaba68996368d1569f7e76c348c2126eeedc0fb29cf0378056d6f9e340e0937004661f7a0994284db40e38e5234174d34552700b2a57806fd713fc436dae1938

data/lib/spree/core/engine.rb CHANGED Viewed

@@ -67,6 +67,14 @@ module Spree
       config.after_initialize do
         Spree::Config.check_load_defaults_called('Spree::Config')
       end
+      config.after_initialize do
+        if defined?(Spree::Auth::Engine) &&
+            Gem::Version.new(Spree::Auth::VERSION) < Gem::Version.new('2.5.4') &&
+            defined?(Spree::UsersController)
+          Spree::UsersController.protect_from_forgery with: :exception
+        end
+      end
     end
   end
 end

data/lib/spree/core/validators/email.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module Spree
   #     end
   #
   class EmailValidator < ActiveModel::EachValidator
-    EMAIL_REGEXP = /\A([^@\.]|[^@\.]([^@\s]*)[^@\.])@([^@\s]+\.)+[^@\s]+\z/
+    EMAIL_REGEXP = URI::MailTo::EMAIL_REGEXP
     def validate_each(record, attribute, value)
       unless EMAIL_REGEXP.match? value

data/lib/spree/core/version.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 module Spree
-  VERSION = "3.1.1"
+  VERSION = "3.1.5"
   def self.solidus_version
     VERSION

data/lib/spree/core.rb CHANGED Viewed

@@ -62,13 +62,24 @@ module Spree
   end
   module Core
-    def self.has_install_generator_been_run?
-      (Rails.env.test? && Rails.application.class.name == 'DummyApp::Application') ||
-        Rails.application.paths['config/initializers'].paths.any? do |path|
-          File.exist?(path.join('spree.rb'))
-        end
+    # @api private
+    def self.has_install_generator_been_run?(rails_paths: Rails.application.paths, initializer_name: 'spree.rb', dummy_app_name: 'DummyApp::Application')
+      does_spree_initializer_exist?(rails_paths, initializer_name) ||
+        running_solidus_test_suite_with_dummy_app?(dummy_app_name)
     end
+    def self.running_solidus_test_suite_with_dummy_app?(dummy_app_name)
+      Rails.env.test? && Rails.application.class.name == dummy_app_name
+    end
+    private_class_method :running_solidus_test_suite_with_dummy_app?
+    def self.does_spree_initializer_exist?(rails_paths, initializer_name)
+      rails_paths['config/initializers'].any? do |path|
+        File.exist?(Pathname.new(path).join(initializer_name))
+      end
+    end
+    private_class_method :does_spree_initializer_exist?
     class GatewayError < RuntimeError; end
   end
 end

data/lib/spree/testing_support/blacklist_urls.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Spree
     module BlacklistUrls
       def setup_url_blacklist(browser)
         if browser.respond_to?(:url_blacklist)
-          browser.url_blacklist = ['http://fonts.googleapis.com']
+          browser.url_blacklist = ['https://fonts.googleapis.com']
         end
       end
     end

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+namespace :solidus do
+  desc 'Prints orders with invalid email (after fix for GHSA-qxmr-qxh6-2cc9)'
+  task check_orders_with_invalid_email: :environment do
+    matches = Spree::Order.find_each.reduce([]) do |matches, order|
+      order.email.nil? || Spree::EmailValidator::EMAIL_REGEXP.match?(order.email) ? matches : matches + [order]
+    end
+    if matches.any?
+      puts 'Email / ID / Number'
+      puts(matches.map do |order|
+        "#{order.email} / #{order.id} / #{order.number}"
+      end.join("\n"))
+    else
+      puts 'NO MATCHES'
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: solidus_core
 version: !ruby/object:Gem::Version
-  version: 3.1.1
+  version: 3.1.5
 platform: ruby
 authors:
 - Solidus Team
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-20 00:00:00.000000000 Z
+date: 2021-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionmailer
@@ -907,6 +907,7 @@ files:
 - lib/spree/testing_support/url_helpers.rb
 - lib/spree/user_class_handle.rb
 - lib/spree_core.rb
+- lib/tasks/solidus/check_orders_with_invalid_email.rake
 - lib/tasks/solidus/delete_prices_with_nil_amount.rake
 - solidus_core.gemspec
 - vendor/assets/javascripts/jquery.payment.js
@@ -953,8 +954,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.8.23
 requirements: []
-rubygems_version: 3.2.20
-signing_key:
+rubygems_version: 3.1.2
+signing_key:
 specification_version: 4
 summary: Essential models, mailers, and classes for the Solidus e-commerce project.
 test_files: []