zendesk_apps_support 4.29.6 → 4.29.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/config/locales/en.yml +5 -0
- data/config/locales/translations/zendesk_apps_support.yml +9 -0
- data/lib/zendesk_apps_support/manifest/location_options.rb +1 -0
- data/lib/zendesk_apps_support/validations/manifest.rb +10 -0
- data/lib/zendesk_apps_support/validations/mime.rb +3 -4
- data/lib/zendesk_apps_support/validations/secure_settings.rb +13 -1
- metadata +49 -28
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: aa1ee6d9fc91ee5d6cb804b1ba66546f46c2c3c4bf387bebc2116b08dc410903
|
4
|
+
data.tar.gz: a64aba109da369c8f6e7a49ee58cc0672dda29707b1a3b99daeaef1ef340076d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 627216d9ed25f72ebd97434d6375bd4b217c5df2f95551dd3a626ce735992b8b9730077cfc39f99ee144ad908e08aeff17df5179cbd97da24446f4fa08a98722
|
7
|
+
data.tar.gz: 60cd0e5d10b3ba3e3368c6b9fbcff8bd58d28ba442d9dcd8377121e4a50b600cb13564bd2a980ecce1458d0f1afaeca6acf9ac02eb42567c69b524bf33533d24
|
data/config/locales/en.yml
CHANGED
@@ -96,6 +96,8 @@ en:
|
|
96
96
|
blank_location_uri: "%{location} location does not specify a URI."
|
97
97
|
invalid_location_uri: "%{uri} is either an invalid location URI, refers
|
98
98
|
to a missing asset, or does not use HTTPS."
|
99
|
+
invalid_location_flexible_type: "%{flexible} is an invalid type for the
|
100
|
+
flexible location parameter."
|
99
101
|
name_as_parameter_name: Can't call a parameter 'name'
|
100
102
|
invalid_hidden_parameter:
|
101
103
|
one: "%{invalid_params} is set to hidden and cannot be required."
|
@@ -123,6 +125,9 @@ en:
|
|
123
125
|
do not match products in translations (%{translation_products})
|
124
126
|
insecure_token_parameter_in_manifest: 'Make sure to set secure to true
|
125
127
|
when using keys in Settings. Learn more: %{link}'
|
128
|
+
default_secure_or_hidden_parameter_in_manifest: Default values for secure
|
129
|
+
or hidden parameters are not stored securely. Be sure to review them
|
130
|
+
and confirm they do not contain sensitive data
|
126
131
|
stylesheet_error: 'Sass error: %{sass_error}'
|
127
132
|
invalid_type_parameter:
|
128
133
|
one: "%{invalid_types} is an invalid parameter type."
|
@@ -234,6 +234,10 @@ parts:
|
|
234
234
|
key: "txt.apps.admin.error.app_build.invalid_location_uri"
|
235
235
|
title: "App builder job: invalid URI for an iframe in the manifest"
|
236
236
|
value: "%{uri} is either an invalid location URI, refers to a missing asset, or does not use HTTPS."
|
237
|
+
- translation:
|
238
|
+
key: "txt.apps.admin.error.app_build.invalid_location_flexible_type"
|
239
|
+
title: "App builder job: invalid flexible type for an iframe in the manifest"
|
240
|
+
value: "%{flexible} is an invalid type for the flexible location parameter."
|
237
241
|
- translation:
|
238
242
|
key: "txt.apps.admin.error.app_build.name_as_parameter_name"
|
239
243
|
title: "App builder job: error message when developer names a parameter 'name'"
|
@@ -351,6 +355,11 @@ parts:
|
|
351
355
|
title: "Validation message to indicate missing secure(true) field in manifest's token parameter. Do not translate 'secure' and 'true'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
352
356
|
value: "Make sure to set secure to true when using keys in Settings. Learn more: %{link}"
|
353
357
|
screenshot: "https://drive.google.com/open?id=1ss3nNN2RG29R7StjCtiH8qjuwFBlRApJ"
|
358
|
+
- translation:
|
359
|
+
key: "txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest"
|
360
|
+
title: "Validation message to indicate that a hidden or secure manifest parameter has a default value. Do not translate 'secure' and 'hidden'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
361
|
+
value: "Default values for secure or hidden parameters are not stored securely. Be sure to review them and confirm they do not contain sensitive data"
|
362
|
+
screenshot: "https://drive.google.com/file/d/1MI6ci6Jz6xtwOXjcbHFCfNi1FjXKOuv9/view?usp=sharing"
|
354
363
|
- translation:
|
355
364
|
key: "txt.apps.admin.error.app_build.stylesheet_error"
|
356
365
|
title: "App builder job: invalid stylesheet syntax"
|
@@ -271,6 +271,10 @@ module ZendeskAppsSupport
|
|
271
271
|
elsif location_options.auto_load?
|
272
272
|
errors << ValidationError.new(:blank_location_uri, location: location_options.location.name)
|
273
273
|
end
|
274
|
+
|
275
|
+
if !([true, false].include? location_options.flexible) && !location_options.flexible.nil?
|
276
|
+
errors << invalid_location_flexible_error(location_options)
|
277
|
+
end
|
274
278
|
end
|
275
279
|
|
276
280
|
Product::PRODUCTS_AVAILABLE.each do |product|
|
@@ -319,6 +323,12 @@ module ZendeskAppsSupport
|
|
319
323
|
validation_error
|
320
324
|
end
|
321
325
|
|
326
|
+
def invalid_location_flexible_error(location_options)
|
327
|
+
flexible_flag = location_options.flexible
|
328
|
+
validation_error = ValidationError.new(:invalid_location_flexible_type, flexible: flexible_flag)
|
329
|
+
validation_error
|
330
|
+
end
|
331
|
+
|
322
332
|
def valid_absolute_uri?(uri)
|
323
333
|
uri.scheme == 'https' || uri.host == 'localhost'
|
324
334
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require '
|
3
|
+
require 'marcel'
|
4
4
|
|
5
5
|
module ZendeskAppsSupport
|
6
6
|
module Validations
|
@@ -20,9 +20,8 @@ module ZendeskAppsSupport
|
|
20
20
|
private
|
21
21
|
|
22
22
|
def block_listed?(app_file)
|
23
|
-
mime_type =
|
24
|
-
|
25
|
-
content_subtype = mime_type.subtype if mime_type
|
23
|
+
mime_type = Marcel::MimeType.for(StringIO.new(app_file.read))
|
24
|
+
content_subtype = mime_type.split('/', 2).last if mime_type
|
26
25
|
extension_name = app_file.extension.delete('.')
|
27
26
|
|
28
27
|
([content_subtype, extension_name] & UNSUPPORTED_MIME_TYPES).any?
|
@@ -11,12 +11,18 @@ module ZendeskAppsSupport
|
|
11
11
|
manifest_params = package.manifest.parameters
|
12
12
|
|
13
13
|
insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
|
14
|
-
|
15
14
|
package.warnings << secure_settings_warning if insecure_params_found
|
15
|
+
|
16
|
+
secure_or_hidden_default_param_found = manifest_params.any? { |param| secure_or_hidden_default_param?(param) }
|
17
|
+
package.warnings << hidden_default_parameter_warning if secure_or_hidden_default_param_found
|
16
18
|
end
|
17
19
|
|
18
20
|
private
|
19
21
|
|
22
|
+
def secure_or_hidden_default_param?(parameter)
|
23
|
+
parameter.default? && (parameter.secure || parameter.type == 'hidden')
|
24
|
+
end
|
25
|
+
|
20
26
|
def insecure_param?(parameter)
|
21
27
|
parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
|
22
28
|
end
|
@@ -25,6 +31,12 @@ module ZendeskAppsSupport
|
|
25
31
|
parameter_type == 'text' || parameter_type == 'password'
|
26
32
|
end
|
27
33
|
|
34
|
+
def hidden_default_parameter_warning
|
35
|
+
I18n.t(
|
36
|
+
'txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest'
|
37
|
+
)
|
38
|
+
end
|
39
|
+
|
28
40
|
def secure_settings_warning
|
29
41
|
I18n.t(
|
30
42
|
'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
|
metadata
CHANGED
@@ -1,17 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: zendesk_apps_support
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.29.
|
4
|
+
version: 4.29.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- James A. Rosen
|
8
8
|
- Likun Liu
|
9
9
|
- Sean Caffery
|
10
10
|
- Daniel Ribeiro
|
11
|
-
autorequire:
|
11
|
+
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2021-08-30 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: i18n
|
@@ -103,34 +103,28 @@ dependencies:
|
|
103
103
|
requirements:
|
104
104
|
- - "~>"
|
105
105
|
- !ruby/object:Gem::Version
|
106
|
-
version: 2.
|
106
|
+
version: 2.3.1
|
107
107
|
type: :runtime
|
108
108
|
prerelease: false
|
109
109
|
version_requirements: !ruby/object:Gem::Requirement
|
110
110
|
requirements:
|
111
111
|
- - "~>"
|
112
112
|
- !ruby/object:Gem::Version
|
113
|
-
version: 2.
|
113
|
+
version: 2.3.1
|
114
114
|
- !ruby/object:Gem::Dependency
|
115
115
|
name: nokogiri
|
116
116
|
requirement: !ruby/object:Gem::Requirement
|
117
117
|
requirements:
|
118
118
|
- - ">="
|
119
119
|
- !ruby/object:Gem::Version
|
120
|
-
version:
|
121
|
-
- - "<"
|
122
|
-
- !ruby/object:Gem::Version
|
123
|
-
version: 1.11.0
|
120
|
+
version: '0'
|
124
121
|
type: :runtime
|
125
122
|
prerelease: false
|
126
123
|
version_requirements: !ruby/object:Gem::Requirement
|
127
124
|
requirements:
|
128
125
|
- - ">="
|
129
126
|
- !ruby/object:Gem::Version
|
130
|
-
version:
|
131
|
-
- - "<"
|
132
|
-
- !ruby/object:Gem::Version
|
133
|
-
version: 1.11.0
|
127
|
+
version: '0'
|
134
128
|
- !ruby/object:Gem::Dependency
|
135
129
|
name: rb-inotify
|
136
130
|
requirement: !ruby/object:Gem::Requirement
|
@@ -146,19 +140,19 @@ dependencies:
|
|
146
140
|
- !ruby/object:Gem::Version
|
147
141
|
version: 0.9.10
|
148
142
|
- !ruby/object:Gem::Dependency
|
149
|
-
name:
|
143
|
+
name: marcel
|
150
144
|
requirement: !ruby/object:Gem::Requirement
|
151
145
|
requirements:
|
152
|
-
- - "
|
146
|
+
- - ">="
|
153
147
|
- !ruby/object:Gem::Version
|
154
|
-
version: 0
|
148
|
+
version: '0'
|
155
149
|
type: :runtime
|
156
150
|
prerelease: false
|
157
151
|
version_requirements: !ruby/object:Gem::Requirement
|
158
152
|
requirements:
|
159
|
-
- - "
|
153
|
+
- - ">="
|
160
154
|
- !ruby/object:Gem::Version
|
161
|
-
version: 0
|
155
|
+
version: '0'
|
162
156
|
- !ruby/object:Gem::Dependency
|
163
157
|
name: ipaddress_2
|
164
158
|
requirement: !ruby/object:Gem::Requirement
|
@@ -219,16 +213,16 @@ dependencies:
|
|
219
213
|
name: rubocop
|
220
214
|
requirement: !ruby/object:Gem::Requirement
|
221
215
|
requirements:
|
222
|
-
- - "
|
216
|
+
- - ">="
|
223
217
|
- !ruby/object:Gem::Version
|
224
|
-
version: 0
|
218
|
+
version: '0'
|
225
219
|
type: :development
|
226
220
|
prerelease: false
|
227
221
|
version_requirements: !ruby/object:Gem::Requirement
|
228
222
|
requirements:
|
229
|
-
- - "
|
223
|
+
- - ">="
|
230
224
|
- !ruby/object:Gem::Version
|
231
|
-
version: 0
|
225
|
+
version: '0'
|
232
226
|
- !ruby/object:Gem::Dependency
|
233
227
|
name: byebug
|
234
228
|
requirement: !ruby/object:Gem::Requirement
|
@@ -249,14 +243,42 @@ dependencies:
|
|
249
243
|
requirements:
|
250
244
|
- - '='
|
251
245
|
- !ruby/object:Gem::Version
|
252
|
-
version:
|
246
|
+
version: 2.2.26
|
247
|
+
type: :development
|
248
|
+
prerelease: false
|
249
|
+
version_requirements: !ruby/object:Gem::Requirement
|
250
|
+
requirements:
|
251
|
+
- - '='
|
252
|
+
- !ruby/object:Gem::Version
|
253
|
+
version: 2.2.26
|
254
|
+
- !ruby/object:Gem::Dependency
|
255
|
+
name: parallel
|
256
|
+
requirement: !ruby/object:Gem::Requirement
|
257
|
+
requirements:
|
258
|
+
- - '='
|
259
|
+
- !ruby/object:Gem::Version
|
260
|
+
version: 1.12.1
|
253
261
|
type: :development
|
254
262
|
prerelease: false
|
255
263
|
version_requirements: !ruby/object:Gem::Requirement
|
256
264
|
requirements:
|
257
265
|
- - '='
|
258
266
|
- !ruby/object:Gem::Version
|
259
|
-
version: 1.
|
267
|
+
version: 1.12.1
|
268
|
+
- !ruby/object:Gem::Dependency
|
269
|
+
name: rake
|
270
|
+
requirement: !ruby/object:Gem::Requirement
|
271
|
+
requirements:
|
272
|
+
- - ">="
|
273
|
+
- !ruby/object:Gem::Version
|
274
|
+
version: '0'
|
275
|
+
type: :development
|
276
|
+
prerelease: false
|
277
|
+
version_requirements: !ruby/object:Gem::Requirement
|
278
|
+
requirements:
|
279
|
+
- - ">="
|
280
|
+
- !ruby/object:Gem::Version
|
281
|
+
version: '0'
|
260
282
|
description: Support to help you develop Zendesk Apps.
|
261
283
|
email:
|
262
284
|
- dev@zendesk.com
|
@@ -310,7 +332,7 @@ homepage: http://github.com/zendesk/zendesk_apps_support
|
|
310
332
|
licenses:
|
311
333
|
- Apache License Version 2.0
|
312
334
|
metadata: {}
|
313
|
-
post_install_message:
|
335
|
+
post_install_message:
|
314
336
|
rdoc_options: []
|
315
337
|
require_paths:
|
316
338
|
- lib
|
@@ -325,9 +347,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
325
347
|
- !ruby/object:Gem::Version
|
326
348
|
version: 1.3.6
|
327
349
|
requirements: []
|
328
|
-
|
329
|
-
|
330
|
-
signing_key:
|
350
|
+
rubygems_version: 3.0.8
|
351
|
+
signing_key:
|
331
352
|
specification_version: 4
|
332
353
|
summary: Support to help you develop Zendesk Apps.
|
333
354
|
test_files: []
|