zendesk_apps_support 4.29.6 → 4.29.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: e89ddab1603d8b47a42131aa838533db345d7b25
-  data.tar.gz: 581fed15b75d31626cfbd0dcbd6fa954a9fb22e2
+SHA256:
+  metadata.gz: aa1ee6d9fc91ee5d6cb804b1ba66546f46c2c3c4bf387bebc2116b08dc410903
+  data.tar.gz: a64aba109da369c8f6e7a49ee58cc0672dda29707b1a3b99daeaef1ef340076d
 SHA512:
-  metadata.gz: e9408e37d495fec69e354bb0859ca60b2ec1f06c94094815f8f37b5c0fa1302d0b51cd7aa4cd410ba4b643b2decba2c3e56762f33c161b34fc8317447a93f707
-  data.tar.gz: f015c41838160e6ecb4de15e8ab46961948b9dd776bbcab4ba33d794794f26682830f6de69f626979326449a4bf80969a66330cf46a2e5473945104c6a6b3125
+  metadata.gz: 627216d9ed25f72ebd97434d6375bd4b217c5df2f95551dd3a626ce735992b8b9730077cfc39f99ee144ad908e08aeff17df5179cbd97da24446f4fa08a98722
+  data.tar.gz: 60cd0e5d10b3ba3e3368c6b9fbcff8bd58d28ba442d9dcd8377121e4a50b600cb13564bd2a980ecce1458d0f1afaeca6acf9ac02eb42567c69b524bf33533d24

data/config/locales/en.yml

@@ -96,6 +96,8 @@ en:
             blank_location_uri: "%{location} location does not specify a URI."
             invalid_location_uri: "%{uri} is either an invalid location URI, refers
               to a missing asset, or does not use HTTPS."
+            invalid_location_flexible_type: "%{flexible} is an invalid type for the
+              flexible location parameter."
             name_as_parameter_name: Can't call a parameter 'name'
             invalid_hidden_parameter:
               one: "%{invalid_params} is set to hidden and cannot be required."
@@ -123,6 +125,9 @@ en:
                 do not match products in translations (%{translation_products})
               insecure_token_parameter_in_manifest: 'Make sure to set secure to true
                 when using keys in Settings. Learn more: %{link}'
+              default_secure_or_hidden_parameter_in_manifest: Default values for secure
+                or hidden parameters are not stored securely. Be sure to review them
+                and confirm they do not contain sensitive data
             stylesheet_error: 'Sass error: %{sass_error}'
             invalid_type_parameter:
               one: "%{invalid_types} is an invalid parameter type."

data/config/locales/translations/zendesk_apps_support.yml

@@ -234,6 +234,10 @@ parts:
       key: "txt.apps.admin.error.app_build.invalid_location_uri"
       title: "App builder job: invalid URI for an iframe in the manifest"
       value: "%{uri} is either an invalid location URI, refers to a missing asset, or does not use HTTPS."
+  - translation:
+      key: "txt.apps.admin.error.app_build.invalid_location_flexible_type"
+      title: "App builder job: invalid flexible type for an iframe in the manifest"
+      value: "%{flexible} is an invalid type for the flexible location parameter."
   - translation:
       key: "txt.apps.admin.error.app_build.name_as_parameter_name"
       title: "App builder job: error message when developer names a parameter 'name'"
@@ -351,6 +355,11 @@ parts:
       title: "Validation message to indicate missing secure(true) field in manifest's token parameter. Do not translate 'secure' and 'true'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
       value: "Make sure to set secure to true when using keys in Settings. Learn more: %{link}"
       screenshot: "https://drive.google.com/open?id=1ss3nNN2RG29R7StjCtiH8qjuwFBlRApJ"
+  - translation:
+      key: "txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest"
+      title: "Validation message to indicate that a hidden or secure manifest parameter has a default value. Do not translate 'secure' and 'hidden'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
+      value: "Default values for secure or hidden parameters are not stored securely. Be sure to review them and confirm they do not contain sensitive data"
+      screenshot: "https://drive.google.com/file/d/1MI6ci6Jz6xtwOXjcbHFCfNi1FjXKOuv9/view?usp=sharing"
   - translation:
       key: "txt.apps.admin.error.app_build.stylesheet_error"
       title: "App builder job: invalid stylesheet syntax"

data/lib/zendesk_apps_support/manifest/location_options.rb

@@ -7,6 +7,7 @@ module ZendeskAppsSupport
         legacy: 'legacy',
         auto_load: 'autoLoad',
         auto_hide: 'autoHide',
+        flexible: 'flexible',
         signed: 'signed',
         url: 'url'
       }.freeze

data/lib/zendesk_apps_support/validations/manifest.rb

@@ -271,6 +271,10 @@ module ZendeskAppsSupport
             elsif location_options.auto_load?
               errors << ValidationError.new(:blank_location_uri, location: location_options.location.name)
             end
+
+            if !([true, false].include? location_options.flexible) && !location_options.flexible.nil?
+              errors << invalid_location_flexible_error(location_options)
+            end
           end
 
           Product::PRODUCTS_AVAILABLE.each do |product|
@@ -319,6 +323,12 @@ module ZendeskAppsSupport
           validation_error
         end
 
+        def invalid_location_flexible_error(location_options)
+          flexible_flag = location_options.flexible
+          validation_error = ValidationError.new(:invalid_location_flexible_type, flexible: flexible_flag)
+          validation_error
+        end
+
         def valid_absolute_uri?(uri)
           uri.scheme == 'https' || uri.host == 'localhost'
         end

data/lib/zendesk_apps_support/validations/mime.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'mimemagic'
+require 'marcel'
 
 module ZendeskAppsSupport
   module Validations
@@ -20,9 +20,8 @@ module ZendeskAppsSupport
         private
 
         def block_listed?(app_file)
-          mime_type = MimeMagic.by_magic(app_file.read)
-
-          content_subtype = mime_type.subtype if mime_type
+          mime_type = Marcel::MimeType.for(StringIO.new(app_file.read))
+          content_subtype = mime_type.split('/', 2).last if mime_type
           extension_name = app_file.extension.delete('.')
 
           ([content_subtype, extension_name] & UNSUPPORTED_MIME_TYPES).any?

data/lib/zendesk_apps_support/validations/secure_settings.rb

@@ -11,12 +11,18 @@ module ZendeskAppsSupport
           manifest_params = package.manifest.parameters
 
           insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
-
           package.warnings << secure_settings_warning if insecure_params_found
+
+          secure_or_hidden_default_param_found = manifest_params.any? { |param| secure_or_hidden_default_param?(param) }
+          package.warnings << hidden_default_parameter_warning if secure_or_hidden_default_param_found
         end
 
         private
 
+        def secure_or_hidden_default_param?(parameter)
+          parameter.default? && (parameter.secure || parameter.type == 'hidden')
+        end
+
         def insecure_param?(parameter)
           parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
         end
@@ -25,6 +31,12 @@ module ZendeskAppsSupport
           parameter_type == 'text' || parameter_type == 'password'
         end
 
+        def hidden_default_parameter_warning
+          I18n.t(
+            'txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest'
+          )
+        end
+
         def secure_settings_warning
           I18n.t(
             'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',

metadata

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: zendesk_apps_support
 version: !ruby/object:Gem::Version
-  version: 4.29.6
+  version: 4.29.10
 platform: ruby
 authors:
 - James A. Rosen
 - Likun Liu
 - Sean Caffery
 - Daniel Ribeiro
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-12-07 00:00:00.000000000 Z
+date: 2021-08-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: i18n
@@ -103,34 +103,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.3
+        version: 2.3.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.3
+        version: 2.3.1
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.8.5
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: 1.11.0
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.8.5
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: 1.11.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rb-inotify
   requirement: !ruby/object:Gem::Requirement
@@ -146,19 +140,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.9.10
 - !ruby/object:Gem::Dependency
-  name: mimemagic
+  name: marcel
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.3
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.3
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: ipaddress_2
   requirement: !ruby/object:Gem::Requirement
@@ -219,16 +213,16 @@ dependencies:
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.49.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.49.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -249,14 +243,42 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.17.3
+        version: 2.2.26
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.2.26
+- !ruby/object:Gem::Dependency
+  name: parallel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.12.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.17.3
+        version: 1.12.1
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Support to help you develop Zendesk Apps.
 email:
 - dev@zendesk.com
@@ -310,7 +332,7 @@ homepage: http://github.com/zendesk/zendesk_apps_support
 licenses:
 - Apache License Version 2.0
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -325,9 +347,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.6
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.8
-signing_key: 
+rubygems_version: 3.0.8
+signing_key:
 specification_version: 4
 summary: Support to help you develop Zendesk Apps.
 test_files: []