From 8a308953b78bb885d5683b5c56b1d4fbbb156bd2 Mon Sep 17 00:00:00 2001 From: Du Peng Date: Fri, 25 Oct 2024 17:36:32 +0200 Subject: [PATCH 1/2] (bug) unable to run rails db:migrate if the database is empty --- CHANGELOG.md | 2 + ...igrate_settings_value_to_history_values.rb | 2 + ...0230126160900_create_notification_types.rb | 24 +++--- ...add_label_i18n_path_to_statistic_tables.rb | 84 ++++++++++--------- 4 files changed, 62 insertions(+), 50 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1177ea370..6cdaaae9a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## Next release +- Fix a bug: unable to run rails db:migrate if the database is empty + ## v6.3.34 2024 October 21 - Fix a bug: unable to run open project update task diff --git a/db/migrate/20181217103441_migrate_settings_value_to_history_values.rb b/db/migrate/20181217103441_migrate_settings_value_to_history_values.rb index d7964b4a3..3b8e100ff 100644 --- a/db/migrate/20181217103441_migrate_settings_value_to_history_values.rb +++ b/db/migrate/20181217103441_migrate_settings_value_to_history_values.rb @@ -3,6 +3,8 @@ class MigrateSettingsValueToHistoryValues < ActiveRecord::Migration[4.2] def up user = User.admins.first + return unless user + Setting.all.each do |setting| hv = HistoryValue.new( setting: setting, diff --git a/db/migrate/20230126160900_create_notification_types.rb b/db/migrate/20230126160900_create_notification_types.rb index 2deedb941..111ad3924 100644 --- a/db/migrate/20230126160900_create_notification_types.rb +++ b/db/migrate/20230126160900_create_notification_types.rb @@ -96,18 +96,20 @@ class CreateNotificationTypes < ActiveRecord::Migration[5.2] add_index :notification_types, :name, unique: true - # Records previous notification types - NOTIFICATIONS_TYPES.each do |notification_type| - NotificationType.create!( - id: notification_type[:id], - name: notification_type[:name], - category: notification_type[:category], - is_configurable: notification_type[:is_configurable] - ) - end + if NotificationType.count > 0 + # Records previous notification types + NOTIFICATIONS_TYPES.each do |notification_type| + NotificationType.create!( + id: notification_type[:id], + name: notification_type[:name], + category: notification_type[:category], + is_configurable: notification_type[:is_configurable] + ) + end - last_id = NotificationType.order(:id).last.id - execute "SELECT setval('public.notification_types_id_seq', #{last_id})" + last_id = NotificationType.order(:id).last.id + execute "SELECT setval('public.notification_types_id_seq', #{last_id})" + end add_foreign_key :notifications, :notification_types end diff --git a/db/migrate/20231103093436_add_label_i18n_path_to_statistic_tables.rb b/db/migrate/20231103093436_add_label_i18n_path_to_statistic_tables.rb index e5d392622..3600a0449 100644 --- a/db/migrate/20231103093436_add_label_i18n_path_to_statistic_tables.rb +++ b/db/migrate/20231103093436_add_label_i18n_path_to_statistic_tables.rb @@ -36,64 +36,70 @@ class AddLabelI18nPathToStatisticTables < ActiveRecord::Migration[7.0] # StatisticField - StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_subscription.id).update!(label: nil, label_i18n_path: 'statistics.group') + if StatisticField.count > 0 + StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_subscription.id).update!(label: nil, label_i18n_path: 'statistics.group') - StatisticField.find_by!(key: 'spaceDates', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.space_dates') - StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.group') + StatisticField.find_by!(key: 'spaceDates', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.space_dates') + StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.group') - StatisticField.find_by!(key: 'machineDates', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.machine_dates') - StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.group') + StatisticField.find_by!(key: 'machineDates', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.machine_dates') + StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.group') - StatisticField.find_by!(key: 'trainingId', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.training_id') - StatisticField.find_by!(key: 'trainingDate', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.training_date') - StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.group') + StatisticField.find_by!(key: 'trainingId', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.training_id') + StatisticField.find_by!(key: 'trainingDate', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.training_date') + StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.group') - StatisticField.find_by!(key: 'name', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_name') - StatisticField.find_by!(key: 'eventId', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_id') - StatisticField.find_by!(key: 'eventDate', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_date') - StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.group') - StatisticField.find_by!(key: 'eventTheme', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_theme') - StatisticField.find_by!(key: 'ageRange', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.age_range') + StatisticField.find_by!(key: 'name', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_name') + StatisticField.find_by!(key: 'eventId', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_id') + StatisticField.find_by!(key: 'eventDate', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_date') + StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.group') + StatisticField.find_by!(key: 'eventTheme', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.event_theme') + StatisticField.find_by!(key: 'ageRange', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.age_range') - StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_account.id).update!(label: nil, label_i18n_path: 'statistics.group') + StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_account.id).update!(label: nil, label_i18n_path: 'statistics.group') - StatisticField.find_by!(key: 'themes', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.themes') - StatisticField.find_by!(key: 'components', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.components') - StatisticField.find_by!(key: 'machines', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.machines') - StatisticField.find_by!(key: 'status', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.project_status') - StatisticField.find_by!(key: 'name', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.project_name') - StatisticField.find_by!(key: 'projectUserNames', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.project_user_names') + StatisticField.find_by!(key: 'themes', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.themes') + StatisticField.find_by!(key: 'components', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.components') + StatisticField.find_by!(key: 'machines', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.machines') + StatisticField.find_by!(key: 'status', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.project_status') + StatisticField.find_by!(key: 'name', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.project_name') + StatisticField.find_by!(key: 'projectUserNames', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.project_user_names') - StatisticField.find_by!(key: 'userId', statistic_index_id: statistic_index_user.id).update!(label: nil, label_i18n_path: 'statistics.user_id') + StatisticField.find_by!(key: 'userId', statistic_index_id: statistic_index_user.id).update!(label: nil, label_i18n_path: 'statistics.user_id') - StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_order.id).update!(label: nil, label_i18n_path: 'statistics.group') + StatisticField.find_by!(key: 'groupName', statistic_index_id: statistic_index_order.id).update!(label: nil, label_i18n_path: 'statistics.group') + end # StatisticType - StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.bookings') - StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') + if StatisticType.count > 0 + StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.bookings') + StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_machine.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') - StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.bookings') - StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') + StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.bookings') + StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_training.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') - StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.tickets_number') - StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') + StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.tickets_number') + StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_event.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') - StatisticType.find_by!(key: 'member', statistic_index_id: statistic_index_account.id).update!(label: nil, label_i18n_path: 'statistics.users') + StatisticType.find_by!(key: 'member', statistic_index_id: statistic_index_account.id).update!(label: nil, label_i18n_path: 'statistics.users') - StatisticType.find_by!(key: 'project', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.projects') + StatisticType.find_by!(key: 'project', statistic_index_id: statistic_index_project.id).update!(label: nil, label_i18n_path: 'statistics.projects') - StatisticType.find_by!(key: 'revenue', statistic_index_id: statistic_index_user.id).update!(label: nil, label_i18n_path: 'statistics.revenue') + StatisticType.find_by!(key: 'revenue', statistic_index_id: statistic_index_user.id).update!(label: nil, label_i18n_path: 'statistics.revenue') - StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.bookings') - StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') + StatisticType.find_by!(key: 'booking', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.bookings') + StatisticType.find_by!(key: 'hour', statistic_index_id: statistic_index_space.id).update!(label: nil, label_i18n_path: 'statistics.hours_number') - StatisticType.find_by!(key: 'store', statistic_index_id: statistic_index_order.id).update!(label: nil, label_i18n_path: 'statistics.store') + StatisticType.find_by!(key: 'store', statistic_index_id: statistic_index_order.id).update!(label: nil, label_i18n_path: 'statistics.store') + end # StatisticSubType - StatisticSubType.find_by!(key: 'created').update!(label: nil, label_i18n_path: 'statistics.account_creation') - StatisticSubType.find_by!(key: 'published').update!(label: nil, label_i18n_path: 'statistics.project_publication') - StatisticSubType.find_by!(key: 'paid-processed').update!(label: nil, label_i18n_path: 'statistics.paid-rocessed') - StatisticSubType.find_by!(key: 'aborted').update!(label: nil, label_i18n_path: 'statistics.aborted') + if StatisticSubType.count > 0 + StatisticSubType.find_by!(key: 'created').update!(label: nil, label_i18n_path: 'statistics.account_creation') + StatisticSubType.find_by!(key: 'published').update!(label: nil, label_i18n_path: 'statistics.project_publication') + StatisticSubType.find_by!(key: 'paid-processed').update!(label: nil, label_i18n_path: 'statistics.paid-rocessed') + StatisticSubType.find_by!(key: 'aborted').update!(label: nil, label_i18n_path: 'statistics.aborted') + end end end From 7dcfccb9ef55f3c0e7afca042a5a3a759bc3475c Mon Sep 17 00:00:00 2001 From: Du Peng Date: Wed, 13 Nov 2024 11:44:45 +0100 Subject: [PATCH 2/2] Version 6.3.35 --- CHANGELOG.md | 6 ++ Gemfile | 12 +-- Gemfile.lock | 223 ++++++++++++++++++++++-------------------- config/application.rb | 2 +- package.json | 4 +- yarn.lock | 46 ++++++--- 6 files changed, 162 insertions(+), 131 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6cdaaae9a..bb4b2587d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,13 @@ ## Next release +## v6.3.35 2024 November 13 + - Fix a bug: unable to run rails db:migrate if the database is empty +- Fix a bug: timeout error when search projects with openprojects +- Fix a security issue: updated omniauth-saml to 2.2.1 to fix [CVE-2024-45409](https://github.com/advisories/GHSA-jw9c-mfg7-9rx2) +- Fix a security issue: puma to 6.4.3 to fix [CVE-2024-45614](https://security.snyk.io/vuln/SNYK-RUBY-PUMA-8062124) +- Fix a security issue: rails to 7.0.86 to fix [CVE-2024-47889](https://vulert.com/vuln-db/CVE-2024-47889) ## v6.3.34 2024 October 21 diff --git a/Gemfile b/Gemfile index df50cd435..dc9e4c2a8 100644 --- a/Gemfile +++ b/Gemfile @@ -3,11 +3,11 @@ source 'https://rubygems.org' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 7.0' +gem 'rails', '7.0.8.6' # Used by rails 5.2 to reduce the app boot time by over 50% gem 'bootsnap' # Use Puma as web server -gem 'puma', '6.4.2' +gem 'puma', '6.4.3' gem 'shakapacker', '6.6.0' # rails 6 compatibility with ruby 3 (may not be required after upgrade to rails 7) @@ -42,7 +42,7 @@ group :development do gem 'foreman' gem 'web-console', '>= 4.2.0' # Preview mail in the browser - gem 'listen', "~> 3.5" + gem 'listen', '~> 3.5' gem 'overcommit' gem 'rb-readline' # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring @@ -72,8 +72,8 @@ gem 'devise', '>= 4.9' gem 'omniauth', '~> 2.1' gem 'omniauth-oauth2' gem 'omniauth_openid_connect' -gem 'omniauth-saml' gem 'omniauth-rails_csrf_protection', '~> 1.0' +gem 'omniauth-saml' gem 'rolify' @@ -151,7 +151,7 @@ gem 'acts_as_list' gem 'sentry-rails' gem 'sentry-ruby' -gem "reverse_markdown" +gem 'reverse_markdown' -gem "ancestry" +gem 'ancestry' gem 'silencer', require: false diff --git a/Gemfile.lock b/Gemfile.lock index cb7821972..1ad7a95f0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -4,76 +4,76 @@ GEM Ascii85 (1.1.0) aasm (5.0.8) concurrent-ruby (~> 1.0) - actioncable (7.0.8.1) - actionpack (= 7.0.8.1) - activesupport (= 7.0.8.1) + actioncable (7.0.8.6) + actionpack (= 7.0.8.6) + activesupport (= 7.0.8.6) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.8.1) - actionpack (= 7.0.8.1) - activejob (= 7.0.8.1) - activerecord (= 7.0.8.1) - activestorage (= 7.0.8.1) - activesupport (= 7.0.8.1) + actionmailbox (7.0.8.6) + actionpack (= 7.0.8.6) + activejob (= 7.0.8.6) + activerecord (= 7.0.8.6) + activestorage (= 7.0.8.6) + activesupport (= 7.0.8.6) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.8.1) - actionpack (= 7.0.8.1) - actionview (= 7.0.8.1) - activejob (= 7.0.8.1) - activesupport (= 7.0.8.1) + actionmailer (7.0.8.6) + actionpack (= 7.0.8.6) + actionview (= 7.0.8.6) + activejob (= 7.0.8.6) + activesupport (= 7.0.8.6) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp rails-dom-testing (~> 2.0) - actionpack (7.0.8.1) - actionview (= 7.0.8.1) - activesupport (= 7.0.8.1) + actionpack (7.0.8.6) + actionview (= 7.0.8.6) + activesupport (= 7.0.8.6) rack (~> 2.0, >= 2.2.4) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.8.1) - actionpack (= 7.0.8.1) - activerecord (= 7.0.8.1) - activestorage (= 7.0.8.1) - activesupport (= 7.0.8.1) + actiontext (7.0.8.6) + actionpack (= 7.0.8.6) + activerecord (= 7.0.8.6) + activestorage (= 7.0.8.6) + activesupport (= 7.0.8.6) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.8.1) - activesupport (= 7.0.8.1) + actionview (7.0.8.6) + activesupport (= 7.0.8.6) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) active_record_query_trace (1.8) - activejob (7.0.8.1) - activesupport (= 7.0.8.1) + activejob (7.0.8.6) + activesupport (= 7.0.8.6) globalid (>= 0.3.6) - activemodel (7.0.8.1) - activesupport (= 7.0.8.1) - activerecord (7.0.8.1) - activemodel (= 7.0.8.1) - activesupport (= 7.0.8.1) - activestorage (7.0.8.1) - actionpack (= 7.0.8.1) - activejob (= 7.0.8.1) - activerecord (= 7.0.8.1) - activesupport (= 7.0.8.1) + activemodel (7.0.8.6) + activesupport (= 7.0.8.6) + activerecord (7.0.8.6) + activemodel (= 7.0.8.6) + activesupport (= 7.0.8.6) + activestorage (7.0.8.6) + actionpack (= 7.0.8.6) + activejob (= 7.0.8.6) + activerecord (= 7.0.8.6) + activesupport (= 7.0.8.6) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (7.0.8.1) + activesupport (7.0.8.6) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) acts_as_list (1.0.4) activerecord (>= 4.2) - addressable (2.8.6) - public_suffix (>= 2.0.2, < 6.0) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) aes_key_wrap (1.1.0) afm (0.2.2) ancestry (4.3.3) @@ -89,7 +89,9 @@ GEM descendants_tracker (~> 0.0.4) ice_nine (~> 0.11.0) thread_safe (~> 0.3, >= 0.3.1) - bcrypt (3.1.18) + base64 (0.2.0) + bcrypt (3.1.20) + bigdecimal (3.1.8) bindata (2.5.0) bindex (0.8.1) bootsnap (1.16.0) @@ -97,8 +99,8 @@ GEM brpoplpush-redis_script (0.1.3) concurrent-ruby (~> 1.0, >= 1.0.5) redis (>= 1.0, < 6) - builder (3.2.4) - bullet (7.0.0) + builder (3.3.0) + bullet (8.0.0) activesupport (>= 3.0.0) uniform_notifier (~> 1.11) camertron-eprun (1.1.1) @@ -123,7 +125,7 @@ GEM coderay (1.1.3) coercible (1.0.0) descendants_tracker (~> 0.0.1) - concurrent-ruby (1.2.3) + concurrent-ruby (1.3.4) connection_pool (2.4.1) coveralls_reborn (0.18.0) simplecov (>= 0.18.1, < 0.20.0) @@ -133,11 +135,12 @@ GEM crack (0.4.3) safe_yaml (~> 1.0.0) crass (1.0.6) + csv (3.3.0) database_cleaner (1.8.3) - date (3.3.3) + date (3.4.0) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) - devise (4.9.0) + devise (4.9.4) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0) @@ -169,14 +172,15 @@ GEM faraday multi_json equalizer (0.0.11) - erubi (1.12.0) + erubi (1.13.0) et-orbi (1.2.7) tzinfo faker (2.10.2) i18n (>= 1.6, < 2) faraday (0.17.3) multipart-post (>= 1.2, < 3) - ffi (1.16.3) + ffi (1.17.0-x86_64-darwin) + ffi (1.17.0-x86_64-linux-gnu) foreman (0.87.0) forgery (0.7.0) friendly_id (5.1.0) @@ -190,17 +194,18 @@ GEM hashery (2.1.2) hashie (5.0.0) htmlentities (4.3.4) - httparty (0.21.0) + httparty (0.22.0) + csv mini_mime (>= 1.0.0) multi_xml (>= 0.5.2) httpclient (2.8.3) - i18n (1.14.4) + i18n (1.14.6) concurrent-ruby (~> 1.0) icalendar (2.7.1) ice_cube (~> 0.16) ice_cube (0.16.4) ice_nine (0.11.2) - image_processing (1.12.2) + image_processing (1.13.0) mini_magick (>= 4.9.5, < 5) ruby-vips (>= 2.0.17, < 3) iniparse (1.5.0) @@ -232,9 +237,10 @@ GEM listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - loofah (2.19.1) + logger (1.6.1) + loofah (2.23.1) crass (~> 1.0.2) - nokogiri (>= 1.5.9) + nokogiri (>= 1.12.0) mail (2.8.1) mini_mime (>= 0.1.1) net-imap @@ -244,13 +250,13 @@ GEM matrix (0.4.2) message_format (0.0.6) twitter_cldr (~> 5.0) - method_source (1.0.0) + method_source (1.1.0) mimemagic (0.4.3) nokogiri (~> 1) rake - mini_magick (4.12.0) + mini_magick (4.13.2) mini_mime (1.1.5) - minitest (5.22.3) + minitest (5.25.1) minitest-reporters (1.4.2) ansi builder @@ -258,21 +264,22 @@ GEM ruby-progressbar msgpack (1.6.1) multi_json (1.15.0) - multi_xml (0.6.0) + multi_xml (0.7.1) + bigdecimal (~> 3.1) multipart-post (2.1.1) - net-imap (0.3.4) + net-imap (0.5.1) date net-protocol net-pop (0.1.2) net-protocol - net-protocol (0.2.1) + net-protocol (0.2.2) timeout - net-smtp (0.3.3) + net-smtp (0.5.0) net-protocol - nio4r (2.7.0) - nokogiri (1.16.2-x86_64-darwin) + nio4r (2.7.4) + nokogiri (1.16.7-x86_64-darwin) racc (~> 1.4) - nokogiri (1.16.2-x86_64-linux) + nokogiri (1.16.7-x86_64-linux) racc (~> 1.4) oauth2 (1.4.4) faraday (>= 0.8, < 2.0) @@ -281,7 +288,7 @@ GEM multi_xml (~> 0.5) rack (>= 1.2, < 3) oj (3.14.2) - omniauth (2.1.1) + omniauth (2.1.2) hashie (>= 3.4.6) rack (>= 2.2.3) rack-protection @@ -291,9 +298,9 @@ GEM omniauth-rails_csrf_protection (1.0.1) actionpack (>= 4.2) omniauth (~> 2.0) - omniauth-saml (2.1.0) - omniauth (~> 2.0) - ruby-saml (~> 1.12) + omniauth-saml (2.2.1) + omniauth (~> 2.1) + ruby-saml (~> 1.17) omniauth_openid_connect (0.6.1) omniauth (>= 1.9, < 3) openid_connect (~> 1.1) @@ -308,8 +315,8 @@ GEM validate_email validate_url webfinger (~> 1.2) - openlab_ruby (0.0.7) - httparty (~> 0.20) + openlab_ruby (0.0.8) + httparty (~> 0.22) orm_adapter (0.5.0) overcommit (0.59.1) childprocess (>= 0.6.3, < 5) @@ -337,55 +344,58 @@ GEM pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (5.0.4) - puma (6.4.2) + public_suffix (6.0.1) + puma (6.4.3) nio4r (~> 2.0) pundit (2.1.0) activesupport (>= 3.0.0) raabro (1.4.0) - racc (1.7.3) - rack (2.2.8.1) + racc (1.8.1) + rack (2.2.10) rack-oauth2 (1.21.3) activesupport attr_required httpclient json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (3.0.5) - rack + rack-protection (3.2.0) + base64 (>= 0.1.0) + rack (~> 2.2, >= 2.2.4) rack-proxy (0.7.6) rack rack-test (2.1.0) rack (>= 1.3) railroady (1.5.3) - rails (7.0.8.1) - actioncable (= 7.0.8.1) - actionmailbox (= 7.0.8.1) - actionmailer (= 7.0.8.1) - actionpack (= 7.0.8.1) - actiontext (= 7.0.8.1) - actionview (= 7.0.8.1) - activejob (= 7.0.8.1) - activemodel (= 7.0.8.1) - activerecord (= 7.0.8.1) - activestorage (= 7.0.8.1) - activesupport (= 7.0.8.1) + rails (7.0.8.6) + actioncable (= 7.0.8.6) + actionmailbox (= 7.0.8.6) + actionmailer (= 7.0.8.6) + actionpack (= 7.0.8.6) + actiontext (= 7.0.8.6) + actionview (= 7.0.8.6) + activejob (= 7.0.8.6) + activemodel (= 7.0.8.6) + activerecord (= 7.0.8.6) + activestorage (= 7.0.8.6) + activesupport (= 7.0.8.6) bundler (>= 1.15.0) - railties (= 7.0.8.1) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) + railties (= 7.0.8.6) + rails-dom-testing (2.2.0) + activesupport (>= 5.0.0) + minitest nokogiri (>= 1.6) - rails-html-sanitizer (1.5.0) - loofah (~> 2.19, >= 2.19.1) - railties (7.0.8.1) - actionpack (= 7.0.8.1) - activesupport (= 7.0.8.1) + rails-html-sanitizer (1.6.0) + loofah (~> 2.21) + nokogiri (~> 1.14) + railties (7.0.8.6) + actionpack (= 7.0.8.6) + activesupport (= 7.0.8.6) method_source rake (>= 12.2) thor (~> 1.0) zeitwerk (~> 2.5) rainbow (3.0.0) - rake (13.1.0) + rake (13.2.1) rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) @@ -399,12 +409,12 @@ GEM redis (>= 3, < 5) regexp_parser (2.5.0) repost (0.3.2) - responders (3.1.0) + responders (3.1.1) actionpack (>= 5.2) railties (>= 5.2) reverse_markdown (2.1.1) nokogiri - rexml (3.2.5) + rexml (3.3.9) rolify (5.3.0) rubocop (1.31.2) json (~> 2.3) @@ -424,11 +434,12 @@ GEM rubocop (>= 1.7.0, < 2.0) ruby-progressbar (1.10.1) ruby-rc4 (0.1.5) - ruby-saml (1.16.0) + ruby-saml (1.17.0) nokogiri (>= 1.13.10) rexml - ruby-vips (2.2.1) + ruby-vips (2.2.2) ffi (~> 1.12) + logger rubyXL (3.4.25) nokogiri (>= 1.10.8) rubyzip (>= 1.3.0) @@ -476,7 +487,7 @@ GEM spring-watcher-listen (2.1.0) listen (>= 2.7, < 4.0) spring (>= 4) - ssrf_filter (1.1.2) + ssrf_filter (1.2.0) stripe (5.29.0) swd (1.3.0) activesupport (>= 3) @@ -487,10 +498,10 @@ GEM ffi (~> 1.1) term-ansicolor (1.7.1) tins (~> 1.0) - thor (1.3.0) + thor (1.3.2) thread_safe (0.3.6) tilt (2.3.0) - timeout (0.3.2) + timeout (0.4.2) tins (1.25.0) sync ttfunk (1.7.0) @@ -503,7 +514,7 @@ GEM tzinfo-data (1.2020.4) tzinfo (>= 1.0.0) unicode-display_width (1.4.1) - uniform_notifier (1.14.2) + uniform_notifier (1.16.0) validate_email (0.1.6) activemodel (>= 3.0) mail (>= 2.2.5) @@ -533,7 +544,7 @@ GEM websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.7) + zeitwerk (2.7.1) PLATFORMS x86_64-darwin-20 @@ -595,10 +606,10 @@ DEPENDENCIES prawn prawn-table pry - puma (= 6.4.2) + puma (= 6.4.3) pundit railroady - rails (~> 7.0) + rails (= 7.0.8.6) rb-readline recurrence redis-session-store diff --git a/config/application.rb b/config/application.rb index 1f85d8a6a..0720ad7b6 100644 --- a/config/application.rb +++ b/config/application.rb @@ -29,7 +29,7 @@ class FabManager::Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. config.load_defaults 7.0 - config.active_support.cache_format_version = 6.1 + config.active_support.cache_format_version = 7.0 config.active_record.verify_foreign_keys_for_fixtures = false # prevent this new behavior with rails >= 5.0 # see https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#active-record-belongs-to-required-by-default-option diff --git a/package.json b/package.json index dde4b939b..7fd79467f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "fab-manager", - "version": "6.3.34", + "version": "6.3.35", "description": "Fab-manager is the FabLab management solution. It provides a comprehensive, web-based, open-source tool to simplify your administrative tasks and your marker's projects.", "keywords": [ "fablab", @@ -45,7 +45,7 @@ "react-refresh": "^0.11.0", "react-select-event": "^5.5.1", "react-test-renderer": "^17.0.2", - "webpack-dev-server": "^4.9.0" + "webpack-dev-server": "^4.15.2" }, "dependencies": { "@babel/core": "^7.20.2", diff --git a/yarn.lock b/yarn.lock index dcc280f82..02acb15d4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3553,10 +3553,10 @@ resolved "https://registry.yarnpkg.com/@types/tough-cookie/-/tough-cookie-4.0.2.tgz#6286b4c7228d58ab7866d19716f3696e03a09397" integrity sha512-Q5vtl1W5ue16D+nIaW8JWebSSraJVlK+EthKn7e7UcD4KWsaSJ8BqGPXNaPghgtcn/fhvrN17Tv8ksUsQpiplw== -"@types/ws@^8.5.1": - version "8.5.4" - resolved "https://registry.yarnpkg.com/@types/ws/-/ws-8.5.4.tgz#bb10e36116d6e570dd943735f86c933c1587b8a5" - integrity sha512-zdQDHKUgcX/zBc4GrwsE/7dVdAD8JR4EuiAXiiUhhfyIJXXb2+PrGshFyeXWQPMmmZ2XxgaqclgpIC7eTXc1mg== +"@types/ws@^8.5.5": + version "8.5.13" + resolved "https://registry.yarnpkg.com/@types/ws/-/ws-8.5.13.tgz#6414c280875e2691d0d1e080b05addbf5cb91e20" + integrity sha512-osM/gWBTPKgHV8XkTunnegTRIsvF6owmf5w+JtAfOw472dptdm0dlGv4xCt6GwQRcC2XVOvvRE/0bAoQcL2QkA== dependencies: "@types/node" "*" @@ -7639,6 +7639,14 @@ klona@^2.0.4: resolved "https://registry.yarnpkg.com/klona/-/klona-2.0.5.tgz#d166574d90076395d9963aa7a928fabb8d76afbc" integrity sha512-pJiBpiXMbt7dkzXe8Ghj/u4FfXOOa98fPW+bihOJ4SjnoijweJrNThJfd3ifXpXhREjpoF2mZVH1GfS9LV3kHQ== +launch-editor@^2.6.0: + version "2.9.1" + resolved "https://registry.yarnpkg.com/launch-editor/-/launch-editor-2.9.1.tgz#253f173bd441e342d4344b4dae58291abb425047" + integrity sha512-Gcnl4Bd+hRO9P9icCP/RVVT2o8SFlPXofuCxvA2SaZuH45whSvf5p8x5oih5ftLiVhEI4sp5xDY+R+b3zJBh5w== + dependencies: + picocolors "^1.0.0" + shell-quote "^1.8.1" + leven@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/leven/-/leven-3.1.0.tgz#77891de834064cccba82ae7842bb6b14a13ed7f2" @@ -9659,6 +9667,11 @@ shebang-regex@^3.0.0: resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== +shell-quote@^1.8.1: + version "1.8.1" + resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.8.1.tgz#6dbf4db75515ad5bac63b4f1894c3a154c766680" + integrity sha512-6j1W9l1iAs/4xYBI1SYOVZyFcCis9b4KCLQ8fgAGG07QvzaRLVVRQvAy85yNmmZSjYjg4MWh4gNvlPujU/5LpA== + side-channel@^1.0.4: version "1.0.4" resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.4.tgz#efce5c8fdc104ee751b25c58d4290011fa5ea2cf" @@ -10464,7 +10477,7 @@ webpack-cli@4: rechoir "^0.7.0" webpack-merge "^5.7.3" -webpack-dev-middleware@^5.3.1: +webpack-dev-middleware@^5.3.4: version "5.3.4" resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-5.3.4.tgz#eb7b39281cbce10e104eb2b8bf2b63fce49a3517" integrity sha512-BVdTqhhs+0IfoeAf7EoH5WE+exCmqGerHfDM0IL096Px60Tq2Mn9MAbnaGUe6HiMa41KMCYF19gyzZmBcq/o4Q== @@ -10475,10 +10488,10 @@ webpack-dev-middleware@^5.3.1: range-parser "^1.2.1" schema-utils "^4.0.0" -webpack-dev-server@^4.9.0: - version "4.11.1" - resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-4.11.1.tgz#ae07f0d71ca0438cf88446f09029b92ce81380b5" - integrity sha512-lILVz9tAUy1zGFwieuaQtYiadImb5M3d+H+L1zDYalYoDl0cksAB1UNyuE5MMWJrG6zR1tXkCP2fitl7yoUJiw== +webpack-dev-server@^4.15.2: + version "4.15.2" + resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-4.15.2.tgz#9e0c70a42a012560860adb186986da1248333173" + integrity sha512-0XavAZbNJ5sDrCbkpWL8mia0o5WPOd2YGtxrEiZkBK9FjLppIUK2TgxK6qGD2P3hUXTJNNPVibrerKcx5WkR1g== dependencies: "@types/bonjour" "^3.5.9" "@types/connect-history-api-fallback" "^1.3.5" @@ -10486,7 +10499,7 @@ webpack-dev-server@^4.9.0: "@types/serve-index" "^1.9.1" "@types/serve-static" "^1.13.10" "@types/sockjs" "^0.3.33" - "@types/ws" "^8.5.1" + "@types/ws" "^8.5.5" ansi-html-community "^0.0.8" bonjour-service "^1.0.11" chokidar "^3.5.3" @@ -10499,6 +10512,7 @@ webpack-dev-server@^4.9.0: html-entities "^2.3.2" http-proxy-middleware "^2.0.3" ipaddr.js "^2.0.1" + launch-editor "^2.6.0" open "^8.0.9" p-retry "^4.5.0" rimraf "^3.0.2" @@ -10507,8 +10521,8 @@ webpack-dev-server@^4.9.0: serve-index "^1.9.1" sockjs "^0.3.24" spdy "^4.0.2" - webpack-dev-middleware "^5.3.1" - ws "^8.4.2" + webpack-dev-middleware "^5.3.4" + ws "^8.13.0" webpack-merge@5, webpack-merge@^5.7.3: version "5.8.0" @@ -10684,10 +10698,10 @@ ws@^8.11.0: resolved "https://registry.yarnpkg.com/ws/-/ws-8.11.0.tgz#6a0d36b8edfd9f96d8b25683db2f8d7de6e8e143" integrity sha512-HPG3wQd9sNQoT9xHyNCXoDUa+Xw/VevmY9FoHyQ+g+rrMn4j6FB4np7Z0OhdTgjx6MgQLK7jwSy1YecU1+4Asg== -ws@^8.4.2: - version "8.5.0" - resolved "https://registry.yarnpkg.com/ws/-/ws-8.5.0.tgz#bfb4be96600757fe5382de12c670dab984a1ed4f" - integrity sha512-BWX0SWVgLPzYwF8lTzEy1egjhS4S4OEAHfsO8o65WOVsrnSRGaSiUaa9e0ggGlkMTtBlmOpEXiie9RUcBO86qg== +ws@^8.13.0: + version "8.18.0" + resolved "https://registry.yarnpkg.com/ws/-/ws-8.18.0.tgz#0d7505a6eafe2b0e712d232b42279f53bc289bbc" + integrity sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw== xml-name-validator@^4.0.0: version "4.0.0"