zendesk_apps_support 4.44.1 → 4.45.0.alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config/locales/en.yml +19 -0
- data/config/locales/translations/zendesk_apps_support.yml +29 -0
- data/lib/zendesk_apps_support/package.rb +4 -1
- data/lib/zendesk_apps_support/validations/custom_objects_v2/custom_objects_v2.rb +16 -3
- data/lib/zendesk_apps_support/validations/secure_settings.rb +18 -1
- data/lib/zendesk_apps_support/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9c5272336cd53fc85e70bdf5e2440e4d34421f0e7492aaa7af17379a596b6adf
|
|
4
|
+
data.tar.gz: 8179e2e48d192c9d77894504faa6952b123e68c3cea2866c0a977e23f96132ad
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 60d6a565d4b9c6bf9245c3e6b45de34054769a78d9bcd34cd65783e9e29e8e64938c767e565b1c9ccd884a5be7b959921d747a0ec04650890852cdca90750df9
|
|
7
|
+
data.tar.gz: 542cafd76038e861abffc5b9371296a777fc77147abee9b478ef17c74bf5b48929a22a85d20f6acf817f37742553d921bdebbe414d5302241b622cce8a2da39d
|
data/config/locales/en.yml
CHANGED
|
@@ -175,6 +175,22 @@ en:
|
|
|
175
175
|
invalid_cov2_trigger_conditions_structure_v2: The requirements.json file
|
|
176
176
|
contains an invalid custom object trigger conditions structure. Conditions
|
|
177
177
|
must be a hash with all and any arrays for trigger %{trigger_key}.
|
|
178
|
+
cov2_object_setting_placeholder_not_allowed: The requirements.json file
|
|
179
|
+
contains a placeholder in the objects array. The %{property_name} property
|
|
180
|
+
of object %{object_key} contains a placeholder %{property_value}. Placeholders
|
|
181
|
+
are not allowed in object definitions.
|
|
182
|
+
cov2_field_setting_placeholder_not_allowed: 'The requirements.json file
|
|
183
|
+
contains a placeholder in the object_fields array. The %{property_name}
|
|
184
|
+
property of field %{field_key} (object: %{object_key}) contains a placeholder
|
|
185
|
+
%{property_value}. Placeholders are not allowed in field definitions.'
|
|
186
|
+
cov2_trigger_setting_placeholder_not_allowed: 'The requirements.json file
|
|
187
|
+
contains a placeholder in the object_triggers array. The %{property_name}
|
|
188
|
+
property of trigger %{trigger_key} (object: %{object_key}) contains
|
|
189
|
+
a placeholder %{property_value}. Placeholders are not allowed in trigger
|
|
190
|
+
definitions.'
|
|
191
|
+
setting_placeholders_not_allowed_in_cov2_requirements: The requirements.json
|
|
192
|
+
file contains a setting placeholder in the custom_objects_v2 requirements.
|
|
193
|
+
Setting placeholders are not allowed in custom_objects_v2 requirements.
|
|
178
194
|
missing_required_fields: 'Missing required fields in requirements.json:
|
|
179
195
|
"%{field}" is required in "%{identifier}"'
|
|
180
196
|
duplicate_requirements:
|
|
@@ -258,6 +274,9 @@ en:
|
|
|
258
274
|
default_secure_or_hidden_parameter_in_manifest: Default values for secure
|
|
259
275
|
or hidden parameters are not stored securely. Be sure to review them
|
|
260
276
|
and confirm they do not contain sensitive data
|
|
277
|
+
secure_parameters_with_no_scopes_in_manifest: 'The scopes property is
|
|
278
|
+
not configured for parameter(s): %{params}. This may cause token exposure
|
|
279
|
+
vulnerabilities. Learn about: %{link}'
|
|
261
280
|
stylesheet_error: 'Sass error: %{sass_error}'
|
|
262
281
|
invalid_type_parameter:
|
|
263
282
|
one: "%{invalid_types} is an invalid parameter type."
|
|
@@ -310,6 +310,29 @@ parts:
|
|
|
310
310
|
title: 'App builder job: requirements file contains invalid custom object trigger conditions structure. Conditions must be an object (a set of key-value pairs, like { "all": [], "any": [] } in JSON) with "all" and "any" arrays as keys. Do not translate "requirements.json". Do not translate "all" and "any" as it is part of schema.'
|
|
311
311
|
value: 'The requirements.json file contains an invalid custom object trigger conditions structure. Conditions must be a hash with all and any arrays for trigger %{trigger_key}.'
|
|
312
312
|
screenshot: "https://drive.google.com/file/d/1q9S42EyNDE1GPk8A32LT0n2ZQiBpuCEW/view?usp=sharing"
|
|
313
|
+
- translation:
|
|
314
|
+
key: "txt.apps.admin.error.app_build.cov2_object_setting_placeholder_not_allowed"
|
|
315
|
+
title: 'App builder job: requirements file contains placeholder in custom objects v2 object property. Placeholders are not allowed in object definitions. Leave requirements.json as is (do not translate). Do not translate "objects" as it is part of schema.'
|
|
316
|
+
value: 'The requirements.json file contains a placeholder in the objects array. The %{property_name} property of object %{object_key} contains a placeholder %{property_value}. Placeholders are not allowed in object definitions.'
|
|
317
|
+
screenshot: "https://drive.google.com/file/d/1UYrBruLjZ27WoQ40sWXqd07DNwtblg2W/view?usp=sharing"
|
|
318
|
+
obsolete: "2026-02-05"
|
|
319
|
+
- translation:
|
|
320
|
+
key: "txt.apps.admin.error.app_build.cov2_field_setting_placeholder_not_allowed"
|
|
321
|
+
title: 'App builder job: requirements file contains placeholder in custom objects v2 field property. Placeholders are not allowed in field definitions. Leave requirements.json as is (do not translate). Do not translate "object_fields" as it is part of schema.'
|
|
322
|
+
value: 'The requirements.json file contains a placeholder in the object_fields array. The %{property_name} property of field %{field_key} (object: %{object_key}) contains a placeholder %{property_value}. Placeholders are not allowed in field definitions.'
|
|
323
|
+
screenshot: "https://drive.google.com/file/d/1Bprc1VNv8kmzgbNeQn-noU0ItSci2obm/view?usp=sharing"
|
|
324
|
+
obsolete: "2026-02-05"
|
|
325
|
+
- translation:
|
|
326
|
+
key: "txt.apps.admin.error.app_build.cov2_trigger_setting_placeholder_not_allowed"
|
|
327
|
+
title: 'App builder job: requirements file contains placeholder in custom objects v2 trigger identifier. Placeholders are not allowed in trigger identifiers. Leave requirements.json as is (do not translate). Do not translate "object_triggers" as it is part of schema.'
|
|
328
|
+
value: 'The requirements.json file contains a placeholder in the object_triggers array. The %{property_name} property of trigger %{trigger_key} (object: %{object_key}) contains a placeholder %{property_value}. Placeholders are not allowed in trigger definitions.'
|
|
329
|
+
screenshot: "https://drive.google.com/file/d/1FwnzKj9srIDTxtk-WryA3xHTXGD7uS-W/view?usp=sharing"
|
|
330
|
+
obsolete: "2026-02-05"
|
|
331
|
+
- translation:
|
|
332
|
+
key: "txt.apps.admin.error.app_build.setting_placeholders_not_allowed_in_cov2_requirements"
|
|
333
|
+
title: 'App builder job: requirements file contains placeholder in custom objects v2 requirements. Placeholders are not allowed in custom objects v2 definitions. Leave requirements.json, custom_objects_v2 as is (do not translate)'
|
|
334
|
+
value: 'The requirements.json file contains a setting placeholder in the custom_objects_v2 requirements. Setting placeholders are not allowed in custom_objects_v2 requirements.'
|
|
335
|
+
screenshot: "https://drive.google.com/file/d/18Q9bTUO3gaSg2O0wZzn0OehE5SqmR49e/view?usp=sharing"
|
|
313
336
|
- translation:
|
|
314
337
|
key: "txt.apps.admin.error.app_build.missing_required_fields"
|
|
315
338
|
title: "App builder job: required key missing in requirements, e.g. \"title\" is required in \"my_custom_email_target\""
|
|
@@ -649,3 +672,9 @@ parts:
|
|
|
649
672
|
key: "txt.apps.admin.error.app_build.field_contains_invalid_keys"
|
|
650
673
|
title: "App builder job: Error for invalid field keys. Placeholder %{field} shows parameter fields like \"parameter[name='param'].scopes\" provided in the supplied manifest file, %{keys} shows the invalid keys found within the field."
|
|
651
674
|
value: "%{field} contains invalid keys: %{keys}."
|
|
675
|
+
- translation:
|
|
676
|
+
key: "txt.apps.admin.error.app_build.translation.secure_parameters_with_no_scopes_in_manifest"
|
|
677
|
+
title: "Validation message to indicate missing scopes field in manifest's secure parameter.
|
|
678
|
+
Do not translate 'scopes'. %{params} refers to secure parameters with no scopes configured.
|
|
679
|
+
Scopes in manifest refers to https://developer.zendesk.com/documentation/apps/getting-started/setting-up-new-apps/#scopes"
|
|
680
|
+
value: "The scopes property is not configured for parameter(s): %{params}. This may cause token exposure vulnerabilities. Learn about: %{link}"
|
|
@@ -48,7 +48,10 @@ module ZendeskAppsSupport
|
|
|
48
48
|
errors << Validations::Requirements.call(self, validate_custom_objects_v2:)
|
|
49
49
|
|
|
50
50
|
# only adds warnings
|
|
51
|
-
Validations::SecureSettings.call(
|
|
51
|
+
Validations::SecureSettings.call(
|
|
52
|
+
self,
|
|
53
|
+
validate_scopes_for_secure_parameter: validate_scopes_for_secure_parameter
|
|
54
|
+
)
|
|
52
55
|
Validations::Requests.call(self)
|
|
53
56
|
|
|
54
57
|
unless manifest.requirements_only? || manifest.marketing_only? || manifest.iframe_only?
|
|
@@ -12,11 +12,15 @@ module ZendeskAppsSupport
|
|
|
12
12
|
include Constants
|
|
13
13
|
include ValidationHelpers
|
|
14
14
|
|
|
15
|
+
SETTING_PLACEHOLDER_REGEXP = /\{\{\s*setting\.([\w.-]+)\s*\}\}/
|
|
16
|
+
|
|
15
17
|
def call(requirements)
|
|
16
18
|
structural_errors = validate_overall_requirements_structure(requirements)
|
|
17
19
|
return structural_errors if structural_errors.any?
|
|
18
20
|
|
|
19
|
-
|
|
21
|
+
requirements_json = requirements.to_json
|
|
22
|
+
|
|
23
|
+
payload_size_errors = validate_payload_size(requirements_json)
|
|
20
24
|
return payload_size_errors if payload_size_errors.any?
|
|
21
25
|
|
|
22
26
|
limits_and_schema_errors = [
|
|
@@ -26,18 +30,27 @@ module ZendeskAppsSupport
|
|
|
26
30
|
|
|
27
31
|
return limits_and_schema_errors if limits_and_schema_errors.any?
|
|
28
32
|
|
|
33
|
+
setting_placeholder_errors = validate_setting_placeholders(requirements_json)
|
|
34
|
+
return setting_placeholder_errors if setting_placeholder_errors.any?
|
|
35
|
+
|
|
29
36
|
validate_object_references(requirements)
|
|
30
37
|
end
|
|
31
38
|
|
|
32
39
|
private
|
|
33
40
|
|
|
34
|
-
def validate_payload_size(
|
|
35
|
-
payload_size =
|
|
41
|
+
def validate_payload_size(requirements_json)
|
|
42
|
+
payload_size = requirements_json.bytesize
|
|
36
43
|
return [] if payload_size <= MAX_PAYLOAD_SIZE_BYTES
|
|
37
44
|
|
|
38
45
|
[ValidationError.new(:excessive_cov2_payload_size)]
|
|
39
46
|
end
|
|
40
47
|
|
|
48
|
+
def validate_setting_placeholders(requirements_json)
|
|
49
|
+
return [] unless requirements_json.match?(SETTING_PLACEHOLDER_REGEXP)
|
|
50
|
+
|
|
51
|
+
[ValidationError.new(:setting_placeholders_not_allowed_in_cov2_requirements)]
|
|
52
|
+
end
|
|
53
|
+
|
|
41
54
|
def validate_overall_requirements_structure(requirements)
|
|
42
55
|
errors = validate_structural_requirements(requirements)
|
|
43
56
|
return errors unless errors.empty?
|
|
@@ -7,7 +7,7 @@ module ZendeskAppsSupport
|
|
|
7
7
|
SECURABLE_KEYWORDS_REGEXP = Regexp.new(SECURABLE_KEYWORDS.join('|'), Regexp::IGNORECASE)
|
|
8
8
|
|
|
9
9
|
class << self
|
|
10
|
-
def call(package)
|
|
10
|
+
def call(package, validate_scopes_for_secure_parameter: false)
|
|
11
11
|
manifest_params = package.manifest.parameters
|
|
12
12
|
|
|
13
13
|
insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
|
|
@@ -15,6 +15,11 @@ module ZendeskAppsSupport
|
|
|
15
15
|
|
|
16
16
|
secure_or_hidden_default_param_found = manifest_params.any? { |param| secure_or_hidden_default_param?(param) }
|
|
17
17
|
package.warnings << hidden_default_parameter_warning if secure_or_hidden_default_param_found
|
|
18
|
+
|
|
19
|
+
if validate_scopes_for_secure_parameter
|
|
20
|
+
unscoped_secure_param_names = manifest_params.filter_map { |param| name_if_secure_unscoped(param) }
|
|
21
|
+
package.warnings << no_scopes_warning(unscoped_secure_param_names) if unscoped_secure_param_names.any?
|
|
22
|
+
end
|
|
18
23
|
end
|
|
19
24
|
|
|
20
25
|
private
|
|
@@ -43,6 +48,18 @@ module ZendeskAppsSupport
|
|
|
43
48
|
link: 'https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings'
|
|
44
49
|
)
|
|
45
50
|
end
|
|
51
|
+
|
|
52
|
+
def name_if_secure_unscoped(param)
|
|
53
|
+
param.name if param.secure && !param.scopes&.any?
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def no_scopes_warning(param_names)
|
|
57
|
+
I18n.t(
|
|
58
|
+
'txt.apps.admin.error.app_build.translation.secure_parameters_with_no_scopes_in_manifest',
|
|
59
|
+
params: param_names.join(I18n.t('txt.apps.admin.error.app_build.listing_comma')),
|
|
60
|
+
link: 'https://developer.zendesk.com/documentation/apps/getting-started/setting-up-new-apps/#scopes'
|
|
61
|
+
)
|
|
62
|
+
end
|
|
46
63
|
end
|
|
47
64
|
end
|
|
48
65
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: zendesk_apps_support
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.45.0.alpha.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- James A. Rosen
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2025-
|
|
14
|
+
date: 2025-12-08 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: i18n
|