veracode_api_signing 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.brakeman.ignore +22 -0
  3. data/Gemfile.lock +1 -1
  4. data/Rakefile +1 -1
  5. data/lib/veracode_api_signing/version.rb +1 -1
  6. data/veracode_api_signing.gemspec +3 -0
  7. metadata +3 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b54457a3688bd05cddfa987d2108bafee7117a99c6c714b55449be557453f641
4
- data.tar.gz: 8b3c9a68b6a9b84eb37d6d0316dbc8896816a024d080c267dbabf32048d005f0
3
+ metadata.gz: fa139e4b995055cb38e595a143f8c517876f08ba5aeed47396aea6a66beeac2c
4
+ data.tar.gz: 2da1eecb8daffa37c29ac45056fa6fe2a3b56d1aa98dd5421b58d7e8c2717628
5
5
  SHA512:
6
- metadata.gz: 74048c1b89767bebf23d97fdf008242b2e9426f010cc37895f542eac45d1bca4cdc6dae27786074ce28694ca4b3343812046fde991bbf2f60f0b7ba9b40f4ba2
7
- data.tar.gz: acafff7e48b693de9a927a4a1dbc20b5562b9a02a19e2bff31ca2ec35ea1770c19f8d82b89a90cb3b9032cd5be2cc83f119ee4a764cbf99f3ba7584b299531fb
6
+ metadata.gz: 349a94f1a7e8c6f050f3396044ddb98e2bb55254025c802d36e71ffd639c3c7f6e044736f0da1b1e5773485024beb9f9a752a5491408847fe4626c0f0dfa66f4
7
+ data.tar.gz: 0eae70878568fb4a963cbdc7296adca269115213e6ea9fb5a1add586bbd34372b55a162b5fbd8765cb241794f067e3adb56710805dca50f99e25869b9775db1f
data/.brakeman.ignore ADDED
@@ -0,0 +1,22 @@
1
+ {
2
+ "ignored_warnings": [
3
+ {
4
+ "warning_type": "Authentication",
5
+ "warning_code": 101,
6
+ "fingerprint": "ed197e75289bf8a8e2150b832564f162bd93b971008455079f89032792a0e0f1",
7
+ "check_name": "Secrets",
8
+ "message": "Hardcoded value for `ENV_API_SECRET_KEY_NAME` in source code",
9
+ "file": "lib/veracode_api_signing/credentials.rb",
10
+ "line": 10,
11
+ "link": "https://brakemanscanner.org/docs/warning_types/authentication/",
12
+ "code": null,
13
+ "render_path": null,
14
+ "location": null,
15
+ "user_input": null,
16
+ "confidence": "Medium",
17
+ "note": "Not actually a hardcoded secret, this value represents the name of the environment variable used when looking for credentials."
18
+ }
19
+ ],
20
+ "updated": "2021-12-24 09:06:49 -0700",
21
+ "brakeman_version": "5.2.0"
22
+ }
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- veracode_api_signing (1.0.0)
4
+ veracode_api_signing (1.0.1)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/Rakefile CHANGED
@@ -19,7 +19,7 @@ namespace :brakeman do
19
19
  require "brakeman"
20
20
 
21
21
  files = args[:output_files].split if args[:output_files]
22
- Brakeman.run app_path: ".", output_files: files, print_report: true, run_all_checks: true, force_scan: true
22
+ Brakeman.run app_path: ".", output_files: files, print_report: true, run_all_checks: true, force_scan: true, ignore_file: ".brakeman.ignore"
23
23
  end
24
24
  end
25
25
 
data/lib/veracode_api_signing/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module VeracodeApiSigning
4
- VERSION = "1.0.0"
4
+ VERSION = "1.0.1"
5
5
  end
data/veracode_api_signing.gemspec CHANGED
@@ -40,4 +40,7 @@ Gem::Specification.new do |spec|
40
40
  spec.add_development_dependency "rubocop-rspec", "~> 2.5"
41
41
  spec.add_development_dependency "simplecov", "~> 0.21.2"
42
42
  spec.add_development_dependency "yard", "~> 0.9.26"
43
+ spec.metadata = {
44
+ "rubygems_mfa_required" => "true"
45
+ }
43
46
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: veracode_api_signing
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Corban Raun
@@ -157,6 +157,7 @@ executables: []
157
157
  extensions: []
158
158
  extra_rdoc_files: []
159
159
  files:
160
+ - ".brakeman.ignore"
160
161
  - ".github/workflows/codeql-analysis.yml"
161
162
  - ".github/workflows/tests.yml"
162
163
  - ".gitignore"
@@ -187,11 +188,7 @@ homepage: https://CorbanR.github.io/veracode_api_signing
187
188
  licenses:
188
189
  - MIT
189
190
  metadata:
190
- allowed_push_host: https://rubygems.org/
191
- homepage_uri: https://CorbanR.github.io/veracode_api_signing
192
- documentation_uri: https://www.raunco.co/veracode_api_signing/
193
- source_code_uri: https://github.com/CorbanR/veracode_api_signing
194
- changelog_uri: https://github.com/CorbanR/veracode_api_signing/blob/main/CHANGELOG.md
191
+ rubygems_mfa_required: 'true'
195
192
  post_install_message:
196
193
  rdoc_options: []
197
194
  require_paths: