veracode_api_signing 0.1.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 81116e99b04c7860e24ea32f2f2aaee4d8c84f8b45d094acfbeb89b668198a06
-  data.tar.gz: 85540edb0fe3b0e723bc2260f70bc980e135845a2fe8d561c8677926b0b92f62
+  metadata.gz: 13a986a50be97c21566c41085d86c0920bffebc39faa7685a7e50e871cb3cabb
+  data.tar.gz: 24dce5b41889e7b585829f9aa6a2e9f37b5de239abed959e75941d927dc789c7
 SHA512:
-  metadata.gz: e101221d2ef7f19af442c2a7e2c47e4fae6af13d40b8ada771b08554db6cf4d6ccbd9efe550ac1adbdf7ee796408c0bd90ccedeed77bd324437e46ffc63e026f
-  data.tar.gz: ee9f009356caa2b78ed466cefedccc50974ee70ed4f0de0f5a7e69255e670b2c121648a1ae879183a1a496fba4eb9b867739adef215e8f83030ef1af537b37a2
+  metadata.gz: 6864bd4066392cc9a56463bd112a64e8e235aefb94b997912d81dc0a6b68fb85e4d97e11da7a444b45fe28606152c8b05c871d0f40a80c7f4802525c13c52dd6
+  data.tar.gz: 930ead08ed900ad38ee9c4980018e2baebb112c6d955a4e13d550f9842ed1cbf65d5f6589588a3bcbbd54799390482bd7a19202a7a5ad540ba34df276840fb02

data/.brakeman.ignore

@@ -0,0 +1,22 @@
+{
+  "ignored_warnings": [
+    {
+      "warning_type": "Authentication",
+      "warning_code": 101,
+      "fingerprint": "ed197e75289bf8a8e2150b832564f162bd93b971008455079f89032792a0e0f1",
+      "check_name": "Secrets",
+      "message": "Hardcoded value for `ENV_API_SECRET_KEY_NAME` in source code",
+      "file": "lib/veracode_api_signing/credentials.rb",
+      "line": 10,
+      "link": "https://brakemanscanner.org/docs/warning_types/authentication/",
+      "code": null,
+      "render_path": null,
+      "location": null,
+      "user_input": null,
+      "confidence": "Medium",
+      "note": "Not actually a hardcoded secret, this value represents the name of the environment variable used when looking for credentials."
+    }
+  ],
+  "updated": "2021-12-24 09:06:49 -0700",
+  "brakeman_version": "5.2.0"
+}

data/.github/dependabot.yml

@@ -0,0 +1,14 @@
+---
+version: 2
+updates:
+  - package-ecosystem: "bundler"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "dependencies"
+    open-pull-requests-limit: 5
+    # This option will also apply to security patches
+    # lockfile-only respects the version constraints specified in the Gemfile.
+    # Otherwise both the Gemfile and Gemfile.lock would be updated to use the latest version
+    versioning-strategy: lockfile-only

data/.github/workflows/tests.yml

@@ -13,7 +13,7 @@ jobs:
       matrix:
         os: [ubuntu-latest, macos-latest]
         # Due to https://github.com/actions/runner/issues/849, we have to use quotes for '3.0'
-        ruby: [2.7, '3.0', truffleruby, truffleruby-head]
+        ruby: [2.7, '3.0', '3.1', truffleruby, truffleruby-head]
     runs-on: ${{ matrix.os }}
     steps:
     - uses: actions/checkout@v2
@@ -34,7 +34,7 @@ jobs:
 
       - uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '3.0'
+          ruby-version: '3.1'
           bundler-cache: true # runs 'bundle install' and caches installed gems automatically
 
       - name: Yard documents
@@ -43,11 +43,9 @@ jobs:
 
       - name: Deploy pages
         if: github.event_name == 'push'
-        uses: JamesIves/github-pages-deploy-action@4.1.5
+        uses: JamesIves/github-pages-deploy-action@v4.2.5
         with:
-          SSH: false
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          BRANCH: gh-pages
-          FOLDER: doc
-          CLEAN: true
-          CLEAN_EXCLUDE: '[".gitattributes", ".gitignore", "CNAME", "LICENSE"]'
+          branch: gh-pages
+          folder: doc
+          clean: true
+          clean-exclude: '[".gitattributes", ".gitignore", "CNAME", "LICENSE"]'

data/.rubocop.yml

@@ -7,7 +7,8 @@ require:
 
 AllCops:
   NewCops: enable
-  TargetRubyVersion: 2.7
+  CacheRootDirectory: tmp/
+  TargetRubyVersion: 3.1
 
 Style/StringLiterals:
   Enabled: true
@@ -17,6 +18,10 @@ Style/StringLiteralsInInterpolation:
   Enabled: true
   EnforcedStyle: double_quotes
 
+Style/HashSyntax:
+  Enabled: true
+  EnforcedShorthandSyntax: either
+
 RSpec/ExampleLength:
   Max: 50
 

data/Gemfile.lock

@@ -1,52 +1,52 @@
 PATH
   remote: .
   specs:
-    veracode_api_signing (0.1.0)
+    veracode_api_signing (1.1.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
     ast (2.4.2)
-    brakeman (5.1.2)
-    diff-lcs (1.4.4)
+    brakeman (5.2.3)
+    diff-lcs (1.5.0)
     docile (1.4.0)
-    parallel (1.21.0)
-    parser (3.0.2.0)
+    parallel (1.22.1)
+    parser (3.1.2.0)
       ast (~> 2.4.1)
-    rainbow (3.0.0)
+    rainbow (3.1.1)
     rake (13.0.6)
-    regexp_parser (2.1.1)
+    regexp_parser (2.4.0)
     rexml (3.2.5)
-    rspec (3.10.0)
-      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.10.0)
-    rspec-core (3.10.1)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.1)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.2)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-support (3.10.2)
-    rubocop (1.22.3)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
+    rubocop (1.29.1)
       parallel (~> 1.10)
-      parser (>= 3.0.0.0)
+      parser (>= 3.1.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.12.0, < 2.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.17.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.12.0)
-      parser (>= 3.0.1.1)
-    rubocop-performance (1.11.5)
+    rubocop-ast (1.18.0)
+      parser (>= 3.1.1.0)
+    rubocop-performance (1.13.3)
       rubocop (>= 1.7.0, < 2.0)
       rubocop-ast (>= 0.4.0)
     rubocop-rake (0.6.0)
       rubocop (~> 1.0)
-    rubocop-rspec (2.5.0)
+    rubocop-rspec (2.10.0)
       rubocop (~> 1.19)
     ruby-progressbar (1.11.0)
     simplecov (0.21.2)
@@ -54,16 +54,17 @@ GEM
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.12.3)
-    simplecov_json_formatter (0.1.3)
+    simplecov_json_formatter (0.1.4)
     unicode-display_width (2.1.0)
-    yard (0.9.26)
+    webrick (1.7.0)
+    yard (0.9.27)
+      webrick (~> 1.7.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   brakeman (~> 5.1)
-  bundler (~> 2.0)
   rake (~> 13.0)
   rspec (~> 3.0)
   rubocop (~> 1.2)
@@ -75,4 +76,4 @@ DEPENDENCIES
   yard (~> 0.9.26)
 
 BUNDLED WITH
-   2.2.30
+   2.3.9

data/Rakefile

@@ -19,7 +19,7 @@ namespace :brakeman do
     require "brakeman"
 
     files = args[:output_files].split if args[:output_files]
-    Brakeman.run app_path: ".", output_files: files, print_report: true, run_all_checks: true, force_scan: true
+    Brakeman.run app_path: ".", output_files: files, print_report: true, run_all_checks: true, force_scan: true, ignore_file: ".brakeman.ignore"
   end
 end
 

data/lib/veracode_api_signing/credentials.rb

@@ -29,7 +29,7 @@ module VeracodeApiSigning
     private
 
     def get_credentials_from_environment_variables
-      [ENV[ENV_API_KEY_NAME], ENV[ENV_API_SECRET_KEY_NAME]]
+      [ENV.fetch(ENV_API_KEY_NAME, nil), ENV.fetch(ENV_API_SECRET_KEY_NAME, nil)]
     end
 
     def get_credentials_from_filesystem(auth_file)

data/lib/veracode_api_signing/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module VeracodeApiSigning
-  VERSION = "0.1.0"
+  VERSION = "1.1.0"
 end

data/shell.nix

@@ -8,7 +8,7 @@ let
     ApplicationServices
     Security
   ]);
-  ruby = ruby_3_0;
+  ruby = ruby_3_1;
 
   # Issue with using gemspec files
   #
@@ -52,7 +52,7 @@ in mkShell rec {
     postgresql
     postgresql_13
     readline
-    ruby
+    (lowPrio ruby)
     shared-mime-info # Required for the mime gem
     sqlcipher
     sqlite

data/veracode_api_signing.gemspec

@@ -31,7 +31,6 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_development_dependency "brakeman", "~> 5.1"
-  spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "rubocop", "~> 1.2"
@@ -40,4 +39,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rubocop-rspec", "~> 2.5"
   spec.add_development_dependency "simplecov", "~> 0.21.2"
   spec.add_development_dependency "yard", "~> 0.9.26"
+  spec.metadata = {
+    "rubygems_mfa_required" => "true"
+  }
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: veracode_api_signing
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Corban Raun
@@ -24,20 +24,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.1'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -157,6 +143,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".brakeman.ignore"
+- ".github/dependabot.yml"
 - ".github/workflows/codeql-analysis.yml"
 - ".github/workflows/tests.yml"
 - ".gitignore"
@@ -187,11 +175,7 @@ homepage: https://CorbanR.github.io/veracode_api_signing
 licenses:
 - MIT
 metadata:
-  allowed_push_host: https://rubygems.org/
-  homepage_uri: https://CorbanR.github.io/veracode_api_signing
-  documentation_uri: https://www.raunco.co/veracode_api_signing/
-  source_code_uri: https://github.com/CorbanR/veracode_api_signing
-  changelog_uri: https://github.com/CorbanR/veracode_api_signing/blob/main/CHANGELOG.md
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths: