zendesk_apps_support 4.29.7 → 4.29.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '05133378592731040e3105b29a3624fe85d190ba5ed7bfc872d99da645aad8c5'
|
|
4
|
+
data.tar.gz: 5e3bb520f055e87596585d2cd93821e801ad79a509f5c6bff1a12555d69214f4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5c4b261f98f1b4ee30324ba70f7f78b24a9d4fbefc0e5e6c209cecd5764218b6aa738ef6fbdb6989cb5de170f40af454a32d738d371b6ce385a8b14f598ca0cb
|
|
7
|
+
data.tar.gz: 7c283902ea1fe0907abbcb12679fc12fe2ec3d41884babb1e8a6ee50c781b2b78d76c12ee070302ac46fbe2a6d4a52b4c443d641b90754e3a15419dddb0a5ec6
|
data/config/locales/en.yml
CHANGED
|
@@ -123,6 +123,9 @@ en:
|
|
|
123
123
|
do not match products in translations (%{translation_products})
|
|
124
124
|
insecure_token_parameter_in_manifest: 'Make sure to set secure to true
|
|
125
125
|
when using keys in Settings. Learn more: %{link}'
|
|
126
|
+
default_secure_or_hidden_parameter_in_manifest: Default values for secure
|
|
127
|
+
or hidden parameters are not stored securely. Be sure to review them
|
|
128
|
+
and confirm they do not contain sensitive data
|
|
126
129
|
stylesheet_error: 'Sass error: %{sass_error}'
|
|
127
130
|
invalid_type_parameter:
|
|
128
131
|
one: "%{invalid_types} is an invalid parameter type."
|
|
@@ -351,6 +351,11 @@ parts:
|
|
|
351
351
|
title: "Validation message to indicate missing secure(true) field in manifest's token parameter. Do not translate 'secure' and 'true'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
|
352
352
|
value: "Make sure to set secure to true when using keys in Settings. Learn more: %{link}"
|
|
353
353
|
screenshot: "https://drive.google.com/open?id=1ss3nNN2RG29R7StjCtiH8qjuwFBlRApJ"
|
|
354
|
+
- translation:
|
|
355
|
+
key: "txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest"
|
|
356
|
+
title: "Validation message to indicate that a hidden or secure manifest parameter has a default value. Do not translate 'secure' and 'hidden'. Secure(true) in manifest refers to https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings"
|
|
357
|
+
value: "Default values for secure or hidden parameters are not stored securely. Be sure to review them and confirm they do not contain sensitive data"
|
|
358
|
+
screenshot: "https://drive.google.com/file/d/1MI6ci6Jz6xtwOXjcbHFCfNi1FjXKOuv9/view?usp=sharing"
|
|
354
359
|
- translation:
|
|
355
360
|
key: "txt.apps.admin.error.app_build.stylesheet_error"
|
|
356
361
|
title: "App builder job: invalid stylesheet syntax"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require '
|
|
3
|
+
require 'marcel'
|
|
4
4
|
|
|
5
5
|
module ZendeskAppsSupport
|
|
6
6
|
module Validations
|
|
@@ -20,9 +20,8 @@ module ZendeskAppsSupport
|
|
|
20
20
|
private
|
|
21
21
|
|
|
22
22
|
def block_listed?(app_file)
|
|
23
|
-
mime_type =
|
|
24
|
-
|
|
25
|
-
content_subtype = mime_type.subtype if mime_type
|
|
23
|
+
mime_type = Marcel::MimeType.for(StringIO.new(app_file.read))
|
|
24
|
+
content_subtype = mime_type.split('/', 2).last if mime_type
|
|
26
25
|
extension_name = app_file.extension.delete('.')
|
|
27
26
|
|
|
28
27
|
([content_subtype, extension_name] & UNSUPPORTED_MIME_TYPES).any?
|
|
@@ -11,12 +11,18 @@ module ZendeskAppsSupport
|
|
|
11
11
|
manifest_params = package.manifest.parameters
|
|
12
12
|
|
|
13
13
|
insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
|
|
14
|
-
|
|
15
14
|
package.warnings << secure_settings_warning if insecure_params_found
|
|
15
|
+
|
|
16
|
+
secure_or_hidden_default_param_found = manifest_params.any? { |param| secure_or_hidden_default_param?(param) }
|
|
17
|
+
package.warnings << hidden_default_parameter_warning if secure_or_hidden_default_param_found
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
private
|
|
19
21
|
|
|
22
|
+
def secure_or_hidden_default_param?(parameter)
|
|
23
|
+
parameter.default? && (parameter.secure || parameter.type == 'hidden')
|
|
24
|
+
end
|
|
25
|
+
|
|
20
26
|
def insecure_param?(parameter)
|
|
21
27
|
parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
|
|
22
28
|
end
|
|
@@ -25,6 +31,12 @@ module ZendeskAppsSupport
|
|
|
25
31
|
parameter_type == 'text' || parameter_type == 'password'
|
|
26
32
|
end
|
|
27
33
|
|
|
34
|
+
def hidden_default_parameter_warning
|
|
35
|
+
I18n.t(
|
|
36
|
+
'txt.apps.admin.error.app_build.translation.default_secure_or_hidden_parameter_in_manifest'
|
|
37
|
+
)
|
|
38
|
+
end
|
|
39
|
+
|
|
28
40
|
def secure_settings_warning
|
|
29
41
|
I18n.t(
|
|
30
42
|
'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: zendesk_apps_support
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.29.
|
|
4
|
+
version: 4.29.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- James A. Rosen
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2021-
|
|
14
|
+
date: 2021-05-20 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: i18n
|
|
@@ -146,19 +146,19 @@ dependencies:
|
|
|
146
146
|
- !ruby/object:Gem::Version
|
|
147
147
|
version: 0.9.10
|
|
148
148
|
- !ruby/object:Gem::Dependency
|
|
149
|
-
name:
|
|
149
|
+
name: marcel
|
|
150
150
|
requirement: !ruby/object:Gem::Requirement
|
|
151
151
|
requirements:
|
|
152
|
-
- - "
|
|
152
|
+
- - ">="
|
|
153
153
|
- !ruby/object:Gem::Version
|
|
154
|
-
version: 0
|
|
154
|
+
version: '0'
|
|
155
155
|
type: :runtime
|
|
156
156
|
prerelease: false
|
|
157
157
|
version_requirements: !ruby/object:Gem::Requirement
|
|
158
158
|
requirements:
|
|
159
|
-
- - "
|
|
159
|
+
- - ">="
|
|
160
160
|
- !ruby/object:Gem::Version
|
|
161
|
-
version: 0
|
|
161
|
+
version: '0'
|
|
162
162
|
- !ruby/object:Gem::Dependency
|
|
163
163
|
name: ipaddress_2
|
|
164
164
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -257,6 +257,20 @@ dependencies:
|
|
|
257
257
|
- - '='
|
|
258
258
|
- !ruby/object:Gem::Version
|
|
259
259
|
version: 1.17.3
|
|
260
|
+
- !ruby/object:Gem::Dependency
|
|
261
|
+
name: parallel
|
|
262
|
+
requirement: !ruby/object:Gem::Requirement
|
|
263
|
+
requirements:
|
|
264
|
+
- - '='
|
|
265
|
+
- !ruby/object:Gem::Version
|
|
266
|
+
version: 1.12.1
|
|
267
|
+
type: :development
|
|
268
|
+
prerelease: false
|
|
269
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
270
|
+
requirements:
|
|
271
|
+
- - '='
|
|
272
|
+
- !ruby/object:Gem::Version
|
|
273
|
+
version: 1.12.1
|
|
260
274
|
description: Support to help you develop Zendesk Apps.
|
|
261
275
|
email:
|
|
262
276
|
- dev@zendesk.com
|
|
@@ -325,7 +339,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
325
339
|
- !ruby/object:Gem::Version
|
|
326
340
|
version: 1.3.6
|
|
327
341
|
requirements: []
|
|
328
|
-
rubygems_version: 3.
|
|
342
|
+
rubygems_version: 3.2.17
|
|
329
343
|
signing_key:
|
|
330
344
|
specification_version: 4
|
|
331
345
|
summary: Support to help you develop Zendesk Apps.
|