zendesk_apps_support 4.29.5 → 4.29.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config/locales/en.yml +5 -0
- data/config/locales/translations/zendesk_apps_support.yml +9 -0
- data/lib/zendesk_apps_support/manifest/location_options.rb +1 -0
- data/lib/zendesk_apps_support/sass_functions.rb +2 -2
- data/lib/zendesk_apps_support/validations/manifest.rb +10 -0
- data/lib/zendesk_apps_support/validations/mime.rb +3 -4
- data/lib/zendesk_apps_support/validations/secure_settings.rb +13 -1
- metadata +29 -15
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f7aff48dd5eff958501e5e21f78713b7e2906f9e
|
|
4
|
+
data.tar.gz: d267db414baabe7ced86ec3e1b196c08fb0346e2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a87b22e67e6489bb6d619b24d5ba7ac670e9322a500b06aaf32014328917bdf496d779ae554c83a39258979a6583dfa5a57f2ec3ffd0c432d024d4c14430ab4b
|
|
7
|
+
data.tar.gz: 19b7439b1574327c9b53cac0448db136cc1d2f3be29da878d75d597d5cba7f038c8204bf270295ec6e6ba32c0980ffcd4e20737d3121ca269fa58522d4ffd908
|
data/config/locales/en.yml
CHANGED
|
@@ -96,6 +96,8 @@ en:
|
|
|
96
96
|
blank_location_uri: "%{location} location does not specify a URI."
|
|
97
97
|
invalid_location_uri: "%{uri} is either an invalid location URI, refers
|
|
98
98
|
to a missing asset, or does not use HTTPS."
|
|
99
|
+
invalid_location_flexible_type: "%{flexible} is an invalid type for the
|
|
100
|
+
flexible location parameter."
|
|
99
101
|
name_as_parameter_name: Can't call a parameter 'name'
|
|
100
102
|
invalid_hidden_parameter:
|
|
101
103
|
one: "%{invalid_params} is set to hidden and cannot be required."
|
|
@@ -123,6 +125,9 @@ en:
|
|
|
123
125
|
do not match products in translations (%{translation_products})
|
|
124
126
|
insecure_token_parameter_in_manifest: 'Make sure to set secure to true
|
|
125
127
|
when using keys in Settings. Learn more: %{link}'
|
|
128
|
+
default_secure_or_hidden_parameter_in_manifest: Default values for secure
|
|
129
|
+
or hidden parameters are not stored securely. Be sure to review them
|
|
130
|
+
and confirm they do not contain sensitive data
|
|
126
131
|
stylesheet_error: 'Sass error: %{sass_error}'
|
|
127
132
|
invalid_type_parameter:
|
|
128
133
|
one: "%{invalid_types} is an invalid parameter type."
|
|
@@ -234,6 +234,10 @@ parts:
|
|
|
234
234
|
key: "txt.apps.admin.error.app_build.invalid_location_uri"
|
|
235
235
|
title: "App builder job: invalid URI for an iframe in the manifest"
|
|
236
236
|
value: "%{uri} is either an invalid location URI, refers to a missing asset, or does not use HTTPS."
|
|
237
|
+
- translation:
|
|
238
|
+
key: "txt.apps.admin.error.app_build.invalid_location_flexible_type"
|
|
239
|
+
title: "App builder job: invalid flexible type for an iframe in the manifest"
|
|
240
|
+
value: "%{flexible} is an invalid type for the flexible location parameter."
|
|
237
241
|
- translation:
|
|
238
242
|
key: "txt.apps.admin.error.app_build.name_as_parameter_name"
|
|
239
243
|
title: "App builder job: error message when developer names a parameter 'name'"
|
|
@@ -351,6 +355,11 @@ parts:
|
|
|
351
355
|
title: "Validation message to indicate missing secure(true) field in manifest's token parameter. Do not translate 'secure' and 'true'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
|
352
356
|
value: "Make sure to set secure to true when using keys in Settings. Learn more: %{link}"
|
|
353
357
|
screenshot: "https://drive.google.com/open?id=1ss3nNN2RG29R7StjCtiH8qjuwFBlRApJ"
|
|
358
|
+
- translation:
|
|
359
|
+
key: "txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest"
|
|
360
|
+
title: "Validation message to indicate that a hidden or secure manifest parameter has a default value. Do not translate 'secure' and 'hidden'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
|
361
|
+
value: "Default values for secure or hidden parameters are not stored securely. Be sure to review them and confirm they do not contain sensitive data"
|
|
362
|
+
screenshot: "https://drive.google.com/file/d/1MI6ci6Jz6xtwOXjcbHFCfNi1FjXKOuv9/view?usp=sharing"
|
|
354
363
|
- translation:
|
|
355
364
|
key: "txt.apps.admin.error.app_build.stylesheet_error"
|
|
356
365
|
title: "App builder job: invalid stylesheet syntax"
|
|
@@ -26,9 +26,9 @@ require 'sassc'
|
|
|
26
26
|
module SassC::Script::Functions
|
|
27
27
|
module AppAssetUrl
|
|
28
28
|
def app_asset_url(name)
|
|
29
|
-
raise ArgumentError, "Expected #{name} to be a string" unless name.is_a?
|
|
29
|
+
raise ArgumentError, "Expected #{name} to be a string" unless name.is_a? SassC::Script::Value::String
|
|
30
30
|
result = %{url("#{app_asset_url_helper(name)}")}
|
|
31
|
-
SassC::Script::String.new(result)
|
|
31
|
+
SassC::Script::Value::String.new(result)
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
private
|
|
@@ -271,6 +271,10 @@ module ZendeskAppsSupport
|
|
|
271
271
|
elsif location_options.auto_load?
|
|
272
272
|
errors << ValidationError.new(:blank_location_uri, location: location_options.location.name)
|
|
273
273
|
end
|
|
274
|
+
|
|
275
|
+
if !([true, false].include? location_options.flexible) && !location_options.flexible.nil?
|
|
276
|
+
errors << invalid_location_flexible_error(location_options)
|
|
277
|
+
end
|
|
274
278
|
end
|
|
275
279
|
|
|
276
280
|
Product::PRODUCTS_AVAILABLE.each do |product|
|
|
@@ -319,6 +323,12 @@ module ZendeskAppsSupport
|
|
|
319
323
|
validation_error
|
|
320
324
|
end
|
|
321
325
|
|
|
326
|
+
def invalid_location_flexible_error(location_options)
|
|
327
|
+
flexible_flag = location_options.flexible
|
|
328
|
+
validation_error = ValidationError.new(:invalid_location_flexible_type, flexible: flexible_flag)
|
|
329
|
+
validation_error
|
|
330
|
+
end
|
|
331
|
+
|
|
322
332
|
def valid_absolute_uri?(uri)
|
|
323
333
|
uri.scheme == 'https' || uri.host == 'localhost'
|
|
324
334
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require '
|
|
3
|
+
require 'marcel'
|
|
4
4
|
|
|
5
5
|
module ZendeskAppsSupport
|
|
6
6
|
module Validations
|
|
@@ -20,9 +20,8 @@ module ZendeskAppsSupport
|
|
|
20
20
|
private
|
|
21
21
|
|
|
22
22
|
def block_listed?(app_file)
|
|
23
|
-
mime_type =
|
|
24
|
-
|
|
25
|
-
content_subtype = mime_type.subtype if mime_type
|
|
23
|
+
mime_type = Marcel::MimeType.for(StringIO.new(app_file.read))
|
|
24
|
+
content_subtype = mime_type.split('/', 2).last if mime_type
|
|
26
25
|
extension_name = app_file.extension.delete('.')
|
|
27
26
|
|
|
28
27
|
([content_subtype, extension_name] & UNSUPPORTED_MIME_TYPES).any?
|
|
@@ -11,12 +11,18 @@ module ZendeskAppsSupport
|
|
|
11
11
|
manifest_params = package.manifest.parameters
|
|
12
12
|
|
|
13
13
|
insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
|
|
14
|
-
|
|
15
14
|
package.warnings << secure_settings_warning if insecure_params_found
|
|
15
|
+
|
|
16
|
+
secure_or_hidden_default_param_found = manifest_params.any? { |param| secure_or_hidden_default_param?(param) }
|
|
17
|
+
package.warnings << hidden_default_parameter_warning if secure_or_hidden_default_param_found
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
private
|
|
19
21
|
|
|
22
|
+
def secure_or_hidden_default_param?(parameter)
|
|
23
|
+
parameter.default? && (parameter.secure || parameter.type == 'hidden')
|
|
24
|
+
end
|
|
25
|
+
|
|
20
26
|
def insecure_param?(parameter)
|
|
21
27
|
parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
|
|
22
28
|
end
|
|
@@ -25,6 +31,12 @@ module ZendeskAppsSupport
|
|
|
25
31
|
parameter_type == 'text' || parameter_type == 'password'
|
|
26
32
|
end
|
|
27
33
|
|
|
34
|
+
def hidden_default_parameter_warning
|
|
35
|
+
I18n.t(
|
|
36
|
+
'txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest'
|
|
37
|
+
)
|
|
38
|
+
end
|
|
39
|
+
|
|
28
40
|
def secure_settings_warning
|
|
29
41
|
I18n.t(
|
|
30
42
|
'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: zendesk_apps_support
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.29.
|
|
4
|
+
version: 4.29.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- James A. Rosen
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date:
|
|
14
|
+
date: 2021-08-19 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: i18n
|
|
@@ -31,16 +31,16 @@ dependencies:
|
|
|
31
31
|
name: sassc
|
|
32
32
|
requirement: !ruby/object:Gem::Requirement
|
|
33
33
|
requirements:
|
|
34
|
-
- - "
|
|
34
|
+
- - ">="
|
|
35
35
|
- !ruby/object:Gem::Version
|
|
36
|
-
version:
|
|
36
|
+
version: '0'
|
|
37
37
|
type: :runtime
|
|
38
38
|
prerelease: false
|
|
39
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
40
40
|
requirements:
|
|
41
|
-
- - "
|
|
41
|
+
- - ">="
|
|
42
42
|
- !ruby/object:Gem::Version
|
|
43
|
-
version:
|
|
43
|
+
version: '0'
|
|
44
44
|
- !ruby/object:Gem::Dependency
|
|
45
45
|
name: sass
|
|
46
46
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -103,14 +103,14 @@ dependencies:
|
|
|
103
103
|
requirements:
|
|
104
104
|
- - "~>"
|
|
105
105
|
- !ruby/object:Gem::Version
|
|
106
|
-
version: 2.
|
|
106
|
+
version: 2.3.1
|
|
107
107
|
type: :runtime
|
|
108
108
|
prerelease: false
|
|
109
109
|
version_requirements: !ruby/object:Gem::Requirement
|
|
110
110
|
requirements:
|
|
111
111
|
- - "~>"
|
|
112
112
|
- !ruby/object:Gem::Version
|
|
113
|
-
version: 2.
|
|
113
|
+
version: 2.3.1
|
|
114
114
|
- !ruby/object:Gem::Dependency
|
|
115
115
|
name: nokogiri
|
|
116
116
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -146,19 +146,19 @@ dependencies:
|
|
|
146
146
|
- !ruby/object:Gem::Version
|
|
147
147
|
version: 0.9.10
|
|
148
148
|
- !ruby/object:Gem::Dependency
|
|
149
|
-
name:
|
|
149
|
+
name: marcel
|
|
150
150
|
requirement: !ruby/object:Gem::Requirement
|
|
151
151
|
requirements:
|
|
152
|
-
- - "
|
|
152
|
+
- - ">="
|
|
153
153
|
- !ruby/object:Gem::Version
|
|
154
|
-
version: 0
|
|
154
|
+
version: '0'
|
|
155
155
|
type: :runtime
|
|
156
156
|
prerelease: false
|
|
157
157
|
version_requirements: !ruby/object:Gem::Requirement
|
|
158
158
|
requirements:
|
|
159
|
-
- - "
|
|
159
|
+
- - ">="
|
|
160
160
|
- !ruby/object:Gem::Version
|
|
161
|
-
version: 0
|
|
161
|
+
version: '0'
|
|
162
162
|
- !ruby/object:Gem::Dependency
|
|
163
163
|
name: ipaddress_2
|
|
164
164
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -249,14 +249,28 @@ dependencies:
|
|
|
249
249
|
requirements:
|
|
250
250
|
- - '='
|
|
251
251
|
- !ruby/object:Gem::Version
|
|
252
|
-
version:
|
|
252
|
+
version: 2.2.26
|
|
253
|
+
type: :development
|
|
254
|
+
prerelease: false
|
|
255
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
256
|
+
requirements:
|
|
257
|
+
- - '='
|
|
258
|
+
- !ruby/object:Gem::Version
|
|
259
|
+
version: 2.2.26
|
|
260
|
+
- !ruby/object:Gem::Dependency
|
|
261
|
+
name: parallel
|
|
262
|
+
requirement: !ruby/object:Gem::Requirement
|
|
263
|
+
requirements:
|
|
264
|
+
- - '='
|
|
265
|
+
- !ruby/object:Gem::Version
|
|
266
|
+
version: 1.12.1
|
|
253
267
|
type: :development
|
|
254
268
|
prerelease: false
|
|
255
269
|
version_requirements: !ruby/object:Gem::Requirement
|
|
256
270
|
requirements:
|
|
257
271
|
- - '='
|
|
258
272
|
- !ruby/object:Gem::Version
|
|
259
|
-
version: 1.
|
|
273
|
+
version: 1.12.1
|
|
260
274
|
description: Support to help you develop Zendesk Apps.
|
|
261
275
|
email:
|
|
262
276
|
- dev@zendesk.com
|