zendesk_apps_support 4.29.3 → 4.29.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config/locales/en.yml +4 -0
- data/config/locales/translations/zendesk_apps_support.yml +5 -0
- data/lib/zendesk_apps_support/sass_functions.rb +2 -2
- data/lib/zendesk_apps_support/validations/manifest.rb +10 -2
- data/lib/zendesk_apps_support/validations/mime.rb +3 -4
- data/lib/zendesk_apps_support/validations/secure_settings.rb +13 -1
- metadata +43 -23
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '05133378592731040e3105b29a3624fe85d190ba5ed7bfc872d99da645aad8c5'
|
4
|
+
data.tar.gz: 5e3bb520f055e87596585d2cd93821e801ad79a509f5c6bff1a12555d69214f4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c4b261f98f1b4ee30324ba70f7f78b24a9d4fbefc0e5e6c209cecd5764218b6aa738ef6fbdb6989cb5de170f40af454a32d738d371b6ce385a8b14f598ca0cb
|
7
|
+
data.tar.gz: 7c283902ea1fe0907abbcb12679fc12fe2ec3d41884babb1e8a6ee50c781b2b78d76c12ee070302ac46fbe2a6d4a52b4c443d641b90754e3a15419dddb0a5ec6
|
data/config/locales/en.yml
CHANGED
@@ -62,6 +62,7 @@ en:
|
|
62
62
|
other: Unsupported MIME types detected in %{file_names}.
|
63
63
|
multiple_channel_integrations: Specifying multiple channel integrations
|
64
64
|
in requirements.json is not supported.
|
65
|
+
oauth_parameter_required: "Please upgrade to our new oauth format. Learn more: %{link}"
|
65
66
|
invalid_cr_schema_keys:
|
66
67
|
one: 'Custom resources schema contains an invalid key: %{invalid_keys}'
|
67
68
|
other: 'Custom resources schema contains invalid keys: %{invalid_keys}'
|
@@ -122,6 +123,9 @@ en:
|
|
122
123
|
do not match products in translations (%{translation_products})
|
123
124
|
insecure_token_parameter_in_manifest: 'Make sure to set secure to true
|
124
125
|
when using keys in Settings. Learn more: %{link}'
|
126
|
+
default_secure_or_hidden_parameter_in_manifest: Default values for secure
|
127
|
+
or hidden parameters are not stored securely. Be sure to review them
|
128
|
+
and confirm they do not contain sensitive data
|
125
129
|
stylesheet_error: 'Sass error: %{sass_error}'
|
126
130
|
invalid_type_parameter:
|
127
131
|
one: "%{invalid_types} is an invalid parameter type."
|
@@ -351,6 +351,11 @@ parts:
|
|
351
351
|
title: "Validation message to indicate missing secure(true) field in manifest's token parameter. Do not translate 'secure' and 'true'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
352
352
|
value: "Make sure to set secure to true when using keys in Settings. Learn more: %{link}"
|
353
353
|
screenshot: "https://drive.google.com/open?id=1ss3nNN2RG29R7StjCtiH8qjuwFBlRApJ"
|
354
|
+
- translation:
|
355
|
+
key: "txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest"
|
356
|
+
title: "Validation message to indicate that a hidden or secure manifest parameter has a default value. Do not translate 'secure' and 'hidden'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
357
|
+
value: "Default values for secure or hidden parameters are not stored securely. Be sure to review them and confirm they do not contain sensitive data"
|
358
|
+
screenshot: "https://drive.google.com/file/d/1MI6ci6Jz6xtwOXjcbHFCfNi1FjXKOuv9/view?usp=sharing"
|
354
359
|
- translation:
|
355
360
|
key: "txt.apps.admin.error.app_build.stylesheet_error"
|
356
361
|
title: "App builder job: invalid stylesheet syntax"
|
@@ -26,9 +26,9 @@ require 'sassc'
|
|
26
26
|
module SassC::Script::Functions
|
27
27
|
module AppAssetUrl
|
28
28
|
def app_asset_url(name)
|
29
|
-
raise ArgumentError, "Expected #{name} to be a string" unless name.is_a?
|
29
|
+
raise ArgumentError, "Expected #{name} to be a string" unless name.is_a? SassC::Script::Value::String
|
30
30
|
result = %{url("#{app_asset_url_helper(name)}")}
|
31
|
-
SassC::Script::String.new(result)
|
31
|
+
SassC::Script::Value::String.new(result)
|
32
32
|
end
|
33
33
|
|
34
34
|
private
|
@@ -10,6 +10,7 @@ module ZendeskAppsSupport
|
|
10
10
|
REQUIRED_MANIFEST_FIELDS = RUBY_TO_JSON.select { |k| %i[author default_locale].include? k }.freeze
|
11
11
|
OAUTH_REQUIRED_FIELDS = %w[client_id client_secret authorize_uri access_token_uri].freeze
|
12
12
|
PARAMETER_TYPES = ZendeskAppsSupport::Manifest::Parameter::TYPES
|
13
|
+
OAUTH_MANIFEST_LINK = 'https://developer.zendesk.com/apps/docs/developer-guide/manifest#oauth'
|
13
14
|
|
14
15
|
class << self
|
15
16
|
def call(package)
|
@@ -197,14 +198,21 @@ module ZendeskAppsSupport
|
|
197
198
|
|
198
199
|
def oauth_error(manifest)
|
199
200
|
return unless manifest.oauth
|
200
|
-
|
201
|
+
oauth_errors = []
|
201
202
|
missing = OAUTH_REQUIRED_FIELDS.select do |key|
|
202
203
|
manifest.oauth[key].nil? || manifest.oauth[key].empty?
|
203
204
|
end
|
204
205
|
|
205
206
|
if missing.any?
|
206
|
-
|
207
|
+
oauth_errors << \
|
208
|
+
ValidationError.new('oauth_keys.missing', missing_keys: missing.join(', '), count: missing.length)
|
209
|
+
end
|
210
|
+
|
211
|
+
unless manifest.parameters.any? { |param| param.type == 'oauth' }
|
212
|
+
oauth_errors << ValidationError.new('oauth_parameter_required',
|
213
|
+
link: OAUTH_MANIFEST_LINK)
|
207
214
|
end
|
215
|
+
oauth_errors
|
208
216
|
end
|
209
217
|
|
210
218
|
def parameters_error(manifest)
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require '
|
3
|
+
require 'marcel'
|
4
4
|
|
5
5
|
module ZendeskAppsSupport
|
6
6
|
module Validations
|
@@ -20,9 +20,8 @@ module ZendeskAppsSupport
|
|
20
20
|
private
|
21
21
|
|
22
22
|
def block_listed?(app_file)
|
23
|
-
mime_type =
|
24
|
-
|
25
|
-
content_subtype = mime_type.subtype if mime_type
|
23
|
+
mime_type = Marcel::MimeType.for(StringIO.new(app_file.read))
|
24
|
+
content_subtype = mime_type.split('/', 2).last if mime_type
|
26
25
|
extension_name = app_file.extension.delete('.')
|
27
26
|
|
28
27
|
([content_subtype, extension_name] & UNSUPPORTED_MIME_TYPES).any?
|
@@ -11,12 +11,18 @@ module ZendeskAppsSupport
|
|
11
11
|
manifest_params = package.manifest.parameters
|
12
12
|
|
13
13
|
insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
|
14
|
-
|
15
14
|
package.warnings << secure_settings_warning if insecure_params_found
|
15
|
+
|
16
|
+
secure_or_hidden_default_param_found = manifest_params.any? { |param| secure_or_hidden_default_param?(param) }
|
17
|
+
package.warnings << hidden_default_parameter_warning if secure_or_hidden_default_param_found
|
16
18
|
end
|
17
19
|
|
18
20
|
private
|
19
21
|
|
22
|
+
def secure_or_hidden_default_param?(parameter)
|
23
|
+
parameter.default? && (parameter.secure || parameter.type == 'hidden')
|
24
|
+
end
|
25
|
+
|
20
26
|
def insecure_param?(parameter)
|
21
27
|
parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
|
22
28
|
end
|
@@ -25,6 +31,12 @@ module ZendeskAppsSupport
|
|
25
31
|
parameter_type == 'text' || parameter_type == 'password'
|
26
32
|
end
|
27
33
|
|
34
|
+
def hidden_default_parameter_warning
|
35
|
+
I18n.t(
|
36
|
+
'txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest'
|
37
|
+
)
|
38
|
+
end
|
39
|
+
|
28
40
|
def secure_settings_warning
|
29
41
|
I18n.t(
|
30
42
|
'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
|
metadata
CHANGED
@@ -1,17 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: zendesk_apps_support
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.29.
|
4
|
+
version: 4.29.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- James A. Rosen
|
8
8
|
- Likun Liu
|
9
9
|
- Sean Caffery
|
10
10
|
- Daniel Ribeiro
|
11
|
-
autorequire:
|
11
|
+
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2021-05-20 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: i18n
|
@@ -31,16 +31,16 @@ dependencies:
|
|
31
31
|
name: sassc
|
32
32
|
requirement: !ruby/object:Gem::Requirement
|
33
33
|
requirements:
|
34
|
-
- - "
|
34
|
+
- - ">="
|
35
35
|
- !ruby/object:Gem::Version
|
36
|
-
version:
|
36
|
+
version: '0'
|
37
37
|
type: :runtime
|
38
38
|
prerelease: false
|
39
39
|
version_requirements: !ruby/object:Gem::Requirement
|
40
40
|
requirements:
|
41
|
-
- - "
|
41
|
+
- - ">="
|
42
42
|
- !ruby/object:Gem::Version
|
43
|
-
version:
|
43
|
+
version: '0'
|
44
44
|
- !ruby/object:Gem::Dependency
|
45
45
|
name: sass
|
46
46
|
requirement: !ruby/object:Gem::Requirement
|
@@ -73,16 +73,16 @@ dependencies:
|
|
73
73
|
name: image_size
|
74
74
|
requirement: !ruby/object:Gem::Requirement
|
75
75
|
requirements:
|
76
|
-
- - "
|
76
|
+
- - "~>"
|
77
77
|
- !ruby/object:Gem::Version
|
78
|
-
version:
|
78
|
+
version: 2.0.2
|
79
79
|
type: :runtime
|
80
80
|
prerelease: false
|
81
81
|
version_requirements: !ruby/object:Gem::Requirement
|
82
82
|
requirements:
|
83
|
-
- - "
|
83
|
+
- - "~>"
|
84
84
|
- !ruby/object:Gem::Version
|
85
|
-
version:
|
85
|
+
version: 2.0.2
|
86
86
|
- !ruby/object:Gem::Dependency
|
87
87
|
name: erubis
|
88
88
|
requirement: !ruby/object:Gem::Requirement
|
@@ -103,28 +103,34 @@ dependencies:
|
|
103
103
|
requirements:
|
104
104
|
- - "~>"
|
105
105
|
- !ruby/object:Gem::Version
|
106
|
-
version: 2.
|
106
|
+
version: 2.3.1
|
107
107
|
type: :runtime
|
108
108
|
prerelease: false
|
109
109
|
version_requirements: !ruby/object:Gem::Requirement
|
110
110
|
requirements:
|
111
111
|
- - "~>"
|
112
112
|
- !ruby/object:Gem::Version
|
113
|
-
version: 2.
|
113
|
+
version: 2.3.1
|
114
114
|
- !ruby/object:Gem::Dependency
|
115
115
|
name: nokogiri
|
116
116
|
requirement: !ruby/object:Gem::Requirement
|
117
117
|
requirements:
|
118
|
-
- - "
|
118
|
+
- - ">="
|
119
119
|
- !ruby/object:Gem::Version
|
120
120
|
version: 1.8.5
|
121
|
+
- - "<"
|
122
|
+
- !ruby/object:Gem::Version
|
123
|
+
version: 1.11.0
|
121
124
|
type: :runtime
|
122
125
|
prerelease: false
|
123
126
|
version_requirements: !ruby/object:Gem::Requirement
|
124
127
|
requirements:
|
125
|
-
- - "
|
128
|
+
- - ">="
|
126
129
|
- !ruby/object:Gem::Version
|
127
130
|
version: 1.8.5
|
131
|
+
- - "<"
|
132
|
+
- !ruby/object:Gem::Version
|
133
|
+
version: 1.11.0
|
128
134
|
- !ruby/object:Gem::Dependency
|
129
135
|
name: rb-inotify
|
130
136
|
requirement: !ruby/object:Gem::Requirement
|
@@ -140,19 +146,19 @@ dependencies:
|
|
140
146
|
- !ruby/object:Gem::Version
|
141
147
|
version: 0.9.10
|
142
148
|
- !ruby/object:Gem::Dependency
|
143
|
-
name:
|
149
|
+
name: marcel
|
144
150
|
requirement: !ruby/object:Gem::Requirement
|
145
151
|
requirements:
|
146
|
-
- - "
|
152
|
+
- - ">="
|
147
153
|
- !ruby/object:Gem::Version
|
148
|
-
version: 0
|
154
|
+
version: '0'
|
149
155
|
type: :runtime
|
150
156
|
prerelease: false
|
151
157
|
version_requirements: !ruby/object:Gem::Requirement
|
152
158
|
requirements:
|
153
|
-
- - "
|
159
|
+
- - ">="
|
154
160
|
- !ruby/object:Gem::Version
|
155
|
-
version: 0
|
161
|
+
version: '0'
|
156
162
|
- !ruby/object:Gem::Dependency
|
157
163
|
name: ipaddress_2
|
158
164
|
requirement: !ruby/object:Gem::Requirement
|
@@ -251,6 +257,20 @@ dependencies:
|
|
251
257
|
- - '='
|
252
258
|
- !ruby/object:Gem::Version
|
253
259
|
version: 1.17.3
|
260
|
+
- !ruby/object:Gem::Dependency
|
261
|
+
name: parallel
|
262
|
+
requirement: !ruby/object:Gem::Requirement
|
263
|
+
requirements:
|
264
|
+
- - '='
|
265
|
+
- !ruby/object:Gem::Version
|
266
|
+
version: 1.12.1
|
267
|
+
type: :development
|
268
|
+
prerelease: false
|
269
|
+
version_requirements: !ruby/object:Gem::Requirement
|
270
|
+
requirements:
|
271
|
+
- - '='
|
272
|
+
- !ruby/object:Gem::Version
|
273
|
+
version: 1.12.1
|
254
274
|
description: Support to help you develop Zendesk Apps.
|
255
275
|
email:
|
256
276
|
- dev@zendesk.com
|
@@ -304,7 +324,7 @@ homepage: http://github.com/zendesk/zendesk_apps_support
|
|
304
324
|
licenses:
|
305
325
|
- Apache License Version 2.0
|
306
326
|
metadata: {}
|
307
|
-
post_install_message:
|
327
|
+
post_install_message:
|
308
328
|
rdoc_options: []
|
309
329
|
require_paths:
|
310
330
|
- lib
|
@@ -319,8 +339,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
319
339
|
- !ruby/object:Gem::Version
|
320
340
|
version: 1.3.6
|
321
341
|
requirements: []
|
322
|
-
rubygems_version: 3.
|
323
|
-
signing_key:
|
342
|
+
rubygems_version: 3.2.17
|
343
|
+
signing_key:
|
324
344
|
specification_version: 4
|
325
345
|
summary: Support to help you develop Zendesk Apps.
|
326
346
|
test_files: []
|