zantetsuken 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f5397228c0d640dee4b610227035a22677d2172b3fd0ab1b01396c980ccd4712
+  data.tar.gz: beff85239f89101a48db8b4cdd683932660205ba0412b0aa59554e28a0dfd964
+SHA512:
+  metadata.gz: '08fe73bfdf6b09dad2a371ea32939b679162fa05b3a000c6dabe98b93487a5002fb234d2cceab7147eb255578f35d389ea8f9b387bce3f495155adabbde5c12b'
+  data.tar.gz: 02f0cbd7849794c2d29b5cba9a6b073a0fb90cdaaa7e2095bcc3dd9c58e06dec630a6b3fcef63725486058b8331a23d2dc5d03451f7ad91035b18d86ae2e32ad

data/.github/workflows/gem-push.yml

@@ -0,0 +1,42 @@
+name: Ruby Gem
+
+on:
+  push:
+    branches: [ main ]
+    paths:
+      - 'lib/zantetsuken/version.rb'
+
+jobs:
+  build:
+    name: Build + Publish
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 2.7
+      uses: actions/setup-ruby@v1
+      with:
+        ruby-version: 2.7.x
+
+    - name: Publish to GPR
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:github: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push --KEY github --host https://rubygems.pkg.github.com/${OWNER} *.gem
+      env:
+        GEM_HOST_API_KEY: "Bearer ${{secrets.GITHUB_TOKEN}}"
+        OWNER: ${{ github.repository_owner }}
+
+    - name: Publish to RubyGems
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push *.gem
+      env:
+        GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"

data/.github/workflows/main.yml

@@ -0,0 +1,23 @@
+name: CSP Builder
+on: push
+
+jobs:
+  verify:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - name: Set up Ruby
+        uses: actions/setup-ruby@v1
+        with:
+          ruby-version: 2.7.x
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get -yqq install libpq-dev build-essential libcurl4-openssl-dev
+          gem install bundler
+          bundle install --jobs 4 --retry 3
+      - name: Lint
+        run: rubocop
+      - name: Run tests
+        run: rspec

data/.gitignore

@@ -0,0 +1,13 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status
+
+.byebug_history

data/.rubocop.yml

@@ -0,0 +1,5 @@
+inherit_from: .rubocop_todo.yml
+
+Metrics/BlockLength:
+  Exclude:
+    - 'spec/**/*'

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at si@mon.fish. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [https://contributor-covenant.org/version/1/4][version]
+
+[homepage]: https://contributor-covenant.org
+[version]: https://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in csp-builder.gemspec
+gemspec
+
+gem 'rake', '~> 12.0'
+gem 'rspec', '~> 3.0'

data/Gemfile.lock

@@ -0,0 +1,109 @@
+PATH
+  remote: .
+  specs:
+    zantetsuken (0.1.0)
+      actionpack (~> 6.1.4, >= 6.0.0)
+      activemodel (~> 6.1.4, >= 6.0.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionpack (6.1.4)
+      actionview (= 6.1.4)
+      activesupport (= 6.1.4)
+      rack (~> 2.0, >= 2.0.9)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actionview (6.1.4)
+      activesupport (= 6.1.4)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activemodel (6.1.4)
+      activesupport (= 6.1.4)
+    activesupport (6.1.4)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    ast (2.4.2)
+    builder (3.2.4)
+    byebug (11.1.3)
+    concurrent-ruby (1.1.9)
+    crass (1.0.6)
+    diff-lcs (1.4.4)
+    erubi (1.10.0)
+    faker (2.18.0)
+      i18n (>= 1.6, < 2)
+    i18n (1.8.10)
+      concurrent-ruby (~> 1.0)
+    loofah (2.10.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mini_portile2 (2.5.3)
+    minitest (5.14.4)
+    nokogiri (1.11.7)
+      mini_portile2 (~> 2.5.0)
+      racc (~> 1.4)
+    parallel (1.20.1)
+    parser (3.0.2.0)
+      ast (~> 2.4.1)
+    racc (1.5.2)
+    rack (2.2.3)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    rainbow (3.0.0)
+    rake (12.3.3)
+    regexp_parser (2.1.1)
+    rexml (3.2.5)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.2)
+    rubocop (1.18.3)
+      parallel (~> 1.10)
+      parser (>= 3.0.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.7.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.7.0)
+      parser (>= 3.0.1.1)
+    ruby-progressbar (1.11.0)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (2.0.0)
+    zeitwerk (2.4.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  byebug
+  faker
+  rake (~> 12.0)
+  rspec (~> 3.0)
+  rubocop
+  zantetsuken!
+
+BUNDLED WITH
+   2.1.4

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2021 Simon Fish
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,61 @@
+# Zantetsuken
+
+The Content Security Policy (CSP) initializer in Rails can get cluttered
+fast. Break it down with the help of this gem.
+
+## Installation
+
+Add `gem 'zantetsuken'` to your Gemfile and run `bundle install`.
+Alternatively, install the gem directly by calling `gem install
+zantetsuken` in your shell.
+
+## Usage
+
+Update `config/initializer/content_security_policy` to include the
+following:
+
+```ruby
+Rails.application.config.content_security_policy do |policy|
+  Zantetsuken.load(policy)
+end
+```
+
+This will compose any rulesets you've defined under the
+`Zantetsuken::Ruleset` module into a single
+`ActionDispatch::ContentSecurityPolicy`, which is what Rails uses under
+the hood to build your CSP.
+
+### Defining rulesets
+
+You should define your rulesets under
+`app/lib/zantetsuken/ruleset`. Here's an example:
+
+```ruby
+# app/lib/zantetsuken/ruleset/stripe/js.rb
+
+# frozen_string_literal: true
+
+module Zantetsuken
+  module Ruleset
+    module Stripe
+      # Used for loading Stripe's JS library.
+      class Js < Base
+        ruleset do
+          self.connect_src = 'https://api.stripe.com'
+          self.frame_src   = 'https://js.stripe.com', 'https://hooks.stripe.com'
+          self.script_src  = 'https://js.stripe.com'
+        end
+      end
+    end
+  end
+end
+```
+
+You should inherit from `Zantetsuken::Ruleset::Base` so that the ruleset can be
+composed with others.
+
+## Contributing
+
+Contributions are welcome by way of a pull request. Pull requests with
+failing test cases are preferable to issues, if you feel comfortable
+doing that.

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/bin/console

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'zantetsuken'
+
+# Mock environment checks
+module Rails
+  mattr_accessor :env, default: 'development'.inquiry
+end
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require 'irb'
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/zantetsuken.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'active_model'
+require 'action_dispatch'
+require 'active_support/core_ext/object/instance_variables'
+require 'active_support/core_ext/array/wrap'
+require 'active_support/core_ext/string/inquiry'
+
+require_relative 'zantetsuken/ruleset'
+require_relative 'zantetsuken/ruleset/base'
+
+# A policy that defines sources from which content should be able to load in the
+# browser when you visit this Rails application.
+module Zantetsuken
+  class << self
+    def load(base_policy = ActionDispatch::ContentSecurityPolicy.new)
+      self::Ruleset.load(base_policy)
+    end
+  end
+end

data/lib/zantetsuken/ruleset.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Zantetsuken
+  # Contains definitions for sets of rules that should be applied as part of the
+  # content security policy.
+  module Ruleset
+    class << self
+      def load(base_policy = ActionDispatch::ContentSecurityPolicy.new)
+        load_all_rulesets_in(self).to_actiondispatch_csp(base_policy)
+      end
+
+      private
+
+      def load_all_rulesets_in(mod, base_policy = self::Base.new)
+        mod.constants(false).reduce(base_policy) do |policy, ruleset_class|
+          klass = mod.const_get(ruleset_class)
+          if klass <= Base
+            klass.new.load? ? policy.add(klass.new) : policy
+          else
+            load_all_rulesets_in(klass, policy)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/zantetsuken/ruleset/base.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module Zantetsuken
+  # A set of rules that comprises a Content Security Policy.
+  module Ruleset
+    # Base class for rulesets. Defines the rules to be applied and the behavior
+    # for composing these rulesets into a single instance of
+    # ActionDispatch::ContentSecurityPolicy.
+    class Base
+      include ActiveModel::AttributeAssignment
+      extend ActiveModel::Callbacks
+
+      define_model_callbacks :initialize
+
+      attr_accessor :base_uri, :default_src, :font_src, :img_src, :object_src, :script_src, :frame_src, :connect_src,
+                    :style_src, :child_src, :form_action, :media_src, :report_uri
+
+      class << self
+        def ruleset(&block)
+          after_initialize(&block)
+        end
+      end
+
+      def initialize(**attributes)
+        run_callbacks :initialize do
+          assign_attributes(attributes)
+        end
+      end
+
+      def add(ruleset)
+        tap do
+          assign_attributes(
+            to_h.merge(ruleset.to_h) do |_, existing_rules, new_rules|
+              Array.wrap(existing_rules) | Array.wrap(new_rules)
+            end
+          )
+        end
+      end
+
+      def to_h
+        instance_values.symbolize_keys
+      end
+
+      def to_actiondispatch_csp(policy)
+        instance_values.each do |rule_name, attribute|
+          policy.public_send(rule_name, *attribute)
+        end
+      end
+
+      def load?
+        true
+      end
+    end
+  end
+end

data/lib/zantetsuken/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Zantetsuken
+  VERSION = '0.1.0'
+end

data/zantetsuken.gemspec

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require_relative 'lib/zantetsuken/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'zantetsuken'
+  spec.version       = Zantetsuken::VERSION
+  spec.authors       = ['Simon Fish']
+  spec.email         = ['si@mon.fish']
+
+  spec.summary       = "Organize and build your app's Content Security Policy"
+  spec.description   = 'The Content Security Policy (CSP) in Rails can get big fast. Slice it up with this gem.'
+  spec.homepage      = 'https://github.com/raisedevs/zantetsuken'
+  spec.license       = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.5.0')
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/raisedevs/zantetsuken'
+  spec.metadata['changelog_uri'] = 'https://github.com/raisedevs/zantetsuken/blob/main/CHANGELOG.md'
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_runtime_dependency 'actionpack', '~> 6.1.4', '>= 6.0.0'
+  spec.add_runtime_dependency 'activemodel', '~> 6.1.4', '>= 6.0.0'
+  spec.add_development_dependency 'byebug'
+  spec.add_development_dependency 'faker'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubocop'
+end

metadata

@@ -0,0 +1,161 @@
+--- !ruby/object:Gem::Specification
+name: zantetsuken
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Simon Fish
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2021-07-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.0.0
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faker
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: The Content Security Policy (CSP) in Rails can get big fast. Slice it
+  up with this gem.
+email:
+- si@mon.fish
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/gem-push.yml"
+- ".github/workflows/main.yml"
+- ".gitignore"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/zantetsuken.rb
+- lib/zantetsuken/ruleset.rb
+- lib/zantetsuken/ruleset/base.rb
+- lib/zantetsuken/version.rb
+- zantetsuken.gemspec
+homepage: https://github.com/raisedevs/zantetsuken
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/raisedevs/zantetsuken
+  source_code_uri: https://github.com/raisedevs/zantetsuken
+  changelog_uri: https://github.com/raisedevs/zantetsuken/blob/main/CHANGELOG.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.4
+signing_key:
+specification_version: 4
+summary: Organize and build your app's Content Security Policy
+test_files: []