zendesk_apps_support 4.29.6 → 4.29.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/config/locales/en.yml +5 -0
- data/config/locales/translations/zendesk_apps_support.yml +9 -0
- data/lib/zendesk_apps_support/manifest/location_options.rb +1 -0
- data/lib/zendesk_apps_support/validations/manifest.rb +10 -0
- data/lib/zendesk_apps_support/validations/mime.rb +3 -4
- data/lib/zendesk_apps_support/validations/secure_settings.rb +13 -1
- metadata +49 -28
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: aa1ee6d9fc91ee5d6cb804b1ba66546f46c2c3c4bf387bebc2116b08dc410903
|
4
|
+
data.tar.gz: a64aba109da369c8f6e7a49ee58cc0672dda29707b1a3b99daeaef1ef340076d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 627216d9ed25f72ebd97434d6375bd4b217c5df2f95551dd3a626ce735992b8b9730077cfc39f99ee144ad908e08aeff17df5179cbd97da24446f4fa08a98722
|
7
|
+
data.tar.gz: 60cd0e5d10b3ba3e3368c6b9fbcff8bd58d28ba442d9dcd8377121e4a50b600cb13564bd2a980ecce1458d0f1afaeca6acf9ac02eb42567c69b524bf33533d24
|
data/config/locales/en.yml
CHANGED
@@ -96,6 +96,8 @@ en:
|
|
96
96
|
blank_location_uri: "%{location} location does not specify a URI."
|
97
97
|
invalid_location_uri: "%{uri} is either an invalid location URI, refers
|
98
98
|
to a missing asset, or does not use HTTPS."
|
99
|
+
invalid_location_flexible_type: "%{flexible} is an invalid type for the
|
100
|
+
flexible location parameter."
|
99
101
|
name_as_parameter_name: Can't call a parameter 'name'
|
100
102
|
invalid_hidden_parameter:
|
101
103
|
one: "%{invalid_params} is set to hidden and cannot be required."
|
@@ -123,6 +125,9 @@ en:
|
|
123
125
|
do not match products in translations (%{translation_products})
|
124
126
|
insecure_token_parameter_in_manifest: 'Make sure to set secure to true
|
125
127
|
when using keys in Settings. Learn more: %{link}'
|
128
|
+
default_secure_or_hidden_parameter_in_manifest: Default values for secure
|
129
|
+
or hidden parameters are not stored securely. Be sure to review them
|
130
|
+
and confirm they do not contain sensitive data
|
126
131
|
stylesheet_error: 'Sass error: %{sass_error}'
|
127
132
|
invalid_type_parameter:
|
128
133
|
one: "%{invalid_types} is an invalid parameter type."
|
@@ -234,6 +234,10 @@ parts:
|
|
234
234
|
key: "txt.apps.admin.error.app_build.invalid_location_uri"
|
235
235
|
title: "App builder job: invalid URI for an iframe in the manifest"
|
236
236
|
value: "%{uri} is either an invalid location URI, refers to a missing asset, or does not use HTTPS."
|
237
|
+
- translation:
|
238
|
+
key: "txt.apps.admin.error.app_build.invalid_location_flexible_type"
|
239
|
+
title: "App builder job: invalid flexible type for an iframe in the manifest"
|
240
|
+
value: "%{flexible} is an invalid type for the flexible location parameter."
|
237
241
|
- translation:
|
238
242
|
key: "txt.apps.admin.error.app_build.name_as_parameter_name"
|
239
243
|
title: "App builder job: error message when developer names a parameter 'name'"
|
@@ -351,6 +355,11 @@ parts:
|
|
351
355
|
title: "Validation message to indicate missing secure(true) field in manifest's token parameter. Do not translate 'secure' and 'true'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
352
356
|
value: "Make sure to set secure to true when using keys in Settings. Learn more: %{link}"
|
353
357
|
screenshot: "https://drive.google.com/open?id=1ss3nNN2RG29R7StjCtiH8qjuwFBlRApJ"
|
358
|
+
- translation:
|
359
|
+
key: "txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest"
|
360
|
+
title: "Validation message to indicate that a hidden or secure manifest parameter has a default value. Do not translate 'secure' and 'hidden'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
361
|
+
value: "Default values for secure or hidden parameters are not stored securely. Be sure to review them and confirm they do not contain sensitive data"
|
362
|
+
screenshot: "https://drive.google.com/file/d/1MI6ci6Jz6xtwOXjcbHFCfNi1FjXKOuv9/view?usp=sharing"
|
354
363
|
- translation:
|
355
364
|
key: "txt.apps.admin.error.app_build.stylesheet_error"
|
356
365
|
title: "App builder job: invalid stylesheet syntax"
|
@@ -271,6 +271,10 @@ module ZendeskAppsSupport
|
|
271
271
|
elsif location_options.auto_load?
|
272
272
|
errors << ValidationError.new(:blank_location_uri, location: location_options.location.name)
|
273
273
|
end
|
274
|
+
|
275
|
+
if !([true, false].include? location_options.flexible) && !location_options.flexible.nil?
|
276
|
+
errors << invalid_location_flexible_error(location_options)
|
277
|
+
end
|
274
278
|
end
|
275
279
|
|
276
280
|
Product::PRODUCTS_AVAILABLE.each do |product|
|
@@ -319,6 +323,12 @@ module ZendeskAppsSupport
|
|
319
323
|
validation_error
|
320
324
|
end
|
321
325
|
|
326
|
+
def invalid_location_flexible_error(location_options)
|
327
|
+
flexible_flag = location_options.flexible
|
328
|
+
validation_error = ValidationError.new(:invalid_location_flexible_type, flexible: flexible_flag)
|
329
|
+
validation_error
|
330
|
+
end
|
331
|
+
|
322
332
|
def valid_absolute_uri?(uri)
|
323
333
|
uri.scheme == 'https' || uri.host == 'localhost'
|
324
334
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require '
|
3
|
+
require 'marcel'
|
4
4
|
|
5
5
|
module ZendeskAppsSupport
|
6
6
|
module Validations
|
@@ -20,9 +20,8 @@ module ZendeskAppsSupport
|
|
20
20
|
private
|
21
21
|
|
22
22
|
def block_listed?(app_file)
|
23
|
-
mime_type =
|
24
|
-
|
25
|
-
content_subtype = mime_type.subtype if mime_type
|
23
|
+
mime_type = Marcel::MimeType.for(StringIO.new(app_file.read))
|
24
|
+
content_subtype = mime_type.split('/', 2).last if mime_type
|
26
25
|
extension_name = app_file.extension.delete('.')
|
27
26
|
|
28
27
|
([content_subtype, extension_name] & UNSUPPORTED_MIME_TYPES).any?
|
@@ -11,12 +11,18 @@ module ZendeskAppsSupport
|
|
11
11
|
manifest_params = package.manifest.parameters
|
12
12
|
|
13
13
|
insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
|
14
|
-
|
15
14
|
package.warnings << secure_settings_warning if insecure_params_found
|
15
|
+
|
16
|
+
secure_or_hidden_default_param_found = manifest_params.any? { |param| secure_or_hidden_default_param?(param) }
|
17
|
+
package.warnings << hidden_default_parameter_warning if secure_or_hidden_default_param_found
|
16
18
|
end
|
17
19
|
|
18
20
|
private
|
19
21
|
|
22
|
+
def secure_or_hidden_default_param?(parameter)
|
23
|
+
parameter.default? && (parameter.secure || parameter.type == 'hidden')
|
24
|
+
end
|
25
|
+
|
20
26
|
def insecure_param?(parameter)
|
21
27
|
parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
|
22
28
|
end
|
@@ -25,6 +31,12 @@ module ZendeskAppsSupport
|
|
25
31
|
parameter_type == 'text' || parameter_type == 'password'
|
26
32
|
end
|
27
33
|
|
34
|
+
def hidden_default_parameter_warning
|
35
|
+
I18n.t(
|
36
|
+
'txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest'
|
37
|
+
)
|
38
|
+
end
|
39
|
+
|
28
40
|
def secure_settings_warning
|
29
41
|
I18n.t(
|
30
42
|
'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
|
metadata
CHANGED
@@ -1,17 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: zendesk_apps_support
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.29.
|
4
|
+
version: 4.29.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- James A. Rosen
|
8
8
|
- Likun Liu
|
9
9
|
- Sean Caffery
|
10
10
|
- Daniel Ribeiro
|
11
|
-
autorequire:
|
11
|
+
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2021-08-30 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: i18n
|
@@ -103,34 +103,28 @@ dependencies:
|
|
103
103
|
requirements:
|
104
104
|
- - "~>"
|
105
105
|
- !ruby/object:Gem::Version
|
106
|
-
version: 2.
|
106
|
+
version: 2.3.1
|
107
107
|
type: :runtime
|
108
108
|
prerelease: false
|
109
109
|
version_requirements: !ruby/object:Gem::Requirement
|
110
110
|
requirements:
|
111
111
|
- - "~>"
|
112
112
|
- !ruby/object:Gem::Version
|
113
|
-
version: 2.
|
113
|
+
version: 2.3.1
|
114
114
|
- !ruby/object:Gem::Dependency
|
115
115
|
name: nokogiri
|
116
116
|
requirement: !ruby/object:Gem::Requirement
|
117
117
|
requirements:
|
118
118
|
- - ">="
|
119
119
|
- !ruby/object:Gem::Version
|
120
|
-
version:
|
121
|
-
- - "<"
|
122
|
-
- !ruby/object:Gem::Version
|
123
|
-
version: 1.11.0
|
120
|
+
version: '0'
|
124
121
|
type: :runtime
|
125
122
|
prerelease: false
|
126
123
|
version_requirements: !ruby/object:Gem::Requirement
|
127
124
|
requirements:
|
128
125
|
- - ">="
|
129
126
|
- !ruby/object:Gem::Version
|
130
|
-
version:
|
131
|
-
- - "<"
|
132
|
-
- !ruby/object:Gem::Version
|
133
|
-
version: 1.11.0
|
127
|
+
version: '0'
|
134
128
|
- !ruby/object:Gem::Dependency
|
135
129
|
name: rb-inotify
|
136
130
|
requirement: !ruby/object:Gem::Requirement
|
@@ -146,19 +140,19 @@ dependencies:
|
|
146
140
|
- !ruby/object:Gem::Version
|
147
141
|
version: 0.9.10
|
148
142
|
- !ruby/object:Gem::Dependency
|
149
|
-
name:
|
143
|
+
name: marcel
|
150
144
|
requirement: !ruby/object:Gem::Requirement
|
151
145
|
requirements:
|
152
|
-
- - "
|
146
|
+
- - ">="
|
153
147
|
- !ruby/object:Gem::Version
|
154
|
-
version: 0
|
148
|
+
version: '0'
|
155
149
|
type: :runtime
|
156
150
|
prerelease: false
|
157
151
|
version_requirements: !ruby/object:Gem::Requirement
|
158
152
|
requirements:
|
159
|
-
- - "
|
153
|
+
- - ">="
|
160
154
|
- !ruby/object:Gem::Version
|
161
|
-
version: 0
|
155
|
+
version: '0'
|
162
156
|
- !ruby/object:Gem::Dependency
|
163
157
|
name: ipaddress_2
|
164
158
|
requirement: !ruby/object:Gem::Requirement
|
@@ -219,16 +213,16 @@ dependencies:
|
|
219
213
|
name: rubocop
|
220
214
|
requirement: !ruby/object:Gem::Requirement
|
221
215
|
requirements:
|
222
|
-
- - "
|
216
|
+
- - ">="
|
223
217
|
- !ruby/object:Gem::Version
|
224
|
-
version: 0
|
218
|
+
version: '0'
|
225
219
|
type: :development
|
226
220
|
prerelease: false
|
227
221
|
version_requirements: !ruby/object:Gem::Requirement
|
228
222
|
requirements:
|
229
|
-
- - "
|
223
|
+
- - ">="
|
230
224
|
- !ruby/object:Gem::Version
|
231
|
-
version: 0
|
225
|
+
version: '0'
|
232
226
|
- !ruby/object:Gem::Dependency
|
233
227
|
name: byebug
|
234
228
|
requirement: !ruby/object:Gem::Requirement
|
@@ -249,14 +243,42 @@ dependencies:
|
|
249
243
|
requirements:
|
250
244
|
- - '='
|
251
245
|
- !ruby/object:Gem::Version
|
252
|
-
version:
|
246
|
+
version: 2.2.26
|
247
|
+
type: :development
|
248
|
+
prerelease: false
|
249
|
+
version_requirements: !ruby/object:Gem::Requirement
|
250
|
+
requirements:
|
251
|
+
- - '='
|
252
|
+
- !ruby/object:Gem::Version
|
253
|
+
version: 2.2.26
|
254
|
+
- !ruby/object:Gem::Dependency
|
255
|
+
name: parallel
|
256
|
+
requirement: !ruby/object:Gem::Requirement
|
257
|
+
requirements:
|
258
|
+
- - '='
|
259
|
+
- !ruby/object:Gem::Version
|
260
|
+
version: 1.12.1
|
253
261
|
type: :development
|
254
262
|
prerelease: false
|
255
263
|
version_requirements: !ruby/object:Gem::Requirement
|
256
264
|
requirements:
|
257
265
|
- - '='
|
258
266
|
- !ruby/object:Gem::Version
|
259
|
-
version: 1.
|
267
|
+
version: 1.12.1
|
268
|
+
- !ruby/object:Gem::Dependency
|
269
|
+
name: rake
|
270
|
+
requirement: !ruby/object:Gem::Requirement
|
271
|
+
requirements:
|
272
|
+
- - ">="
|
273
|
+
- !ruby/object:Gem::Version
|
274
|
+
version: '0'
|
275
|
+
type: :development
|
276
|
+
prerelease: false
|
277
|
+
version_requirements: !ruby/object:Gem::Requirement
|
278
|
+
requirements:
|
279
|
+
- - ">="
|
280
|
+
- !ruby/object:Gem::Version
|
281
|
+
version: '0'
|
260
282
|
description: Support to help you develop Zendesk Apps.
|
261
283
|
email:
|
262
284
|
- dev@zendesk.com
|
@@ -310,7 +332,7 @@ homepage: http://github.com/zendesk/zendesk_apps_support
|
|
310
332
|
licenses:
|
311
333
|
- Apache License Version 2.0
|
312
334
|
metadata: {}
|
313
|
-
post_install_message:
|
335
|
+
post_install_message:
|
314
336
|
rdoc_options: []
|
315
337
|
require_paths:
|
316
338
|
- lib
|
@@ -325,9 +347,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
325
347
|
- !ruby/object:Gem::Version
|
326
348
|
version: 1.3.6
|
327
349
|
requirements: []
|
328
|
-
|
329
|
-
|
330
|
-
signing_key:
|
350
|
+
rubygems_version: 3.0.8
|
351
|
+
signing_key:
|
331
352
|
specification_version: 4
|
332
353
|
summary: Support to help you develop Zendesk Apps.
|
333
354
|
test_files: []
|