diff --git a/.bundler-audit.yml b/.bundler-audit.yml new file mode 100644 index 000000000..a61d230a1 --- /dev/null +++ b/.bundler-audit.yml @@ -0,0 +1,2 @@ +ignore: + - CVE-2024-21510 # https://github.com/thoughtbot/upcase/security/dependabot/113 diff --git a/.circleci/config.yml b/.circleci/config.yml index 3d768691b..9103a9fbd 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,7 +3,7 @@ jobs: build: parallelism: 3 docker: - - image: cimg/ruby:3.2.5-node-browsers + - image: cimg/ruby:3.3.6-node-browsers environment: BUNDLE_JOBS: 3 BUNDLE_RETRY: 3 diff --git a/.ruby-version b/.ruby-version index 5ae69bd5f..9c25013db 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.2.5 +3.3.6 diff --git a/.tool-versions b/.tool-versions index ebf08ae6c..cbc003219 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,3 +1,3 @@ nodejs 20.18.0 -ruby 3.2.5 +ruby 3.3.6 yarn 1.22.22 diff --git a/Gemfile b/Gemfile index 38a2eaec2..35dd5a43b 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source "https://rubygems.org" -ruby "3.2.5" +ruby "3.3.6" git_source(:github) do |repo_name| "https://github.com/#{repo_name}.git" @@ -47,7 +47,7 @@ gem "pg_search" gem "psych" gem "puma" gem "rack-rewrite" -gem "rails", "7.0.8.4" +gem "rails", "7.2.2" gem "rails_admin" gem "recipient_interceptor" gem "redcarpet" diff --git a/Gemfile.lock b/Gemfile.lock index 5426c6574..507fc5203 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -6,81 +6,87 @@ GEM GEM remote: https://rubygems.org/ specs: - actioncable (7.0.8.4) - actionpack (= 7.0.8.4) - activesupport (= 7.0.8.4) + actioncable (7.2.2) + actionpack (= 7.2.2) + activesupport (= 7.2.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.8.4) - actionpack (= 7.0.8.4) - activejob (= 7.0.8.4) - activerecord (= 7.0.8.4) - activestorage (= 7.0.8.4) - activesupport (= 7.0.8.4) - mail (>= 2.7.1) - net-imap - net-pop - net-smtp - actionmailer (7.0.8.4) - actionpack (= 7.0.8.4) - actionview (= 7.0.8.4) - activejob (= 7.0.8.4) - activesupport (= 7.0.8.4) - mail (~> 2.5, >= 2.5.4) - net-imap - net-pop - net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.8.4) - actionview (= 7.0.8.4) - activesupport (= 7.0.8.4) - rack (~> 2.0, >= 2.2.4) + zeitwerk (~> 2.6) + actionmailbox (7.2.2) + actionpack (= 7.2.2) + activejob (= 7.2.2) + activerecord (= 7.2.2) + activestorage (= 7.2.2) + activesupport (= 7.2.2) + mail (>= 2.8.0) + actionmailer (7.2.2) + actionpack (= 7.2.2) + actionview (= 7.2.2) + activejob (= 7.2.2) + activesupport (= 7.2.2) + mail (>= 2.8.0) + rails-dom-testing (~> 2.2) + actionpack (7.2.2) + actionview (= 7.2.2) + activesupport (= 7.2.2) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4, < 3.2) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.8.4) - actionpack (= 7.0.8.4) - activerecord (= 7.0.8.4) - activestorage (= 7.0.8.4) - activesupport (= 7.0.8.4) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + useragent (~> 0.16) + actiontext (7.2.2) + actionpack (= 7.2.2) + activerecord (= 7.2.2) + activestorage (= 7.2.2) + activesupport (= 7.2.2) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.8.4) - activesupport (= 7.0.8.4) + actionview (7.2.2) + activesupport (= 7.2.2) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) active_model_serializers (0.10.14) actionpack (>= 4.1) activemodel (>= 4.1) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - activejob (7.0.8.4) - activesupport (= 7.0.8.4) + activejob (7.2.2) + activesupport (= 7.2.2) globalid (>= 0.3.6) - activemodel (7.0.8.4) - activesupport (= 7.0.8.4) + activemodel (7.2.2) + activesupport (= 7.2.2) activemodel-serializers-xml (1.0.3) activemodel (>= 5.0.0.a) activesupport (>= 5.0.0.a) builder (~> 3.1) - activerecord (7.0.8.4) - activemodel (= 7.0.8.4) - activesupport (= 7.0.8.4) - activestorage (7.0.8.4) - actionpack (= 7.0.8.4) - activejob (= 7.0.8.4) - activerecord (= 7.0.8.4) - activesupport (= 7.0.8.4) + activerecord (7.2.2) + activemodel (= 7.2.2) + activesupport (= 7.2.2) + timeout (>= 0.4.0) + activestorage (7.2.2) + actionpack (= 7.2.2) + activejob (= 7.2.2) + activerecord (= 7.2.2) + activesupport (= 7.2.2) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.8.4) - concurrent-ruby (~> 1.0, >= 1.0.2) + activesupport (7.2.2) + base64 + benchmark (>= 0.3) + bigdecimal + concurrent-ruby (~> 1.0, >= 1.3.1) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - tzinfo (~> 2.0) - acts_as_list (1.2.2) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) + acts_as_list (1.2.4) activerecord (>= 6.1) activesupport (>= 6.1) addressable (2.8.7) @@ -92,23 +98,24 @@ GEM autoprefixer-rails (10.4.19.0) execjs (~> 2) aws-eventstream (1.3.0) - aws-partitions (1.985.0) - aws-sdk-core (3.209.1) + aws-partitions (1.1013.0) + aws-sdk-core (3.213.0) aws-eventstream (~> 1, >= 1.3.0) - aws-partitions (~> 1, >= 1.651.0) + aws-partitions (~> 1, >= 1.992.0) aws-sigv4 (~> 1.9) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.94.0) - aws-sdk-core (~> 3, >= 3.207.0) + aws-sdk-kms (1.96.0) + aws-sdk-core (~> 3, >= 3.210.0) aws-sigv4 (~> 1.5) - aws-sdk-s3 (1.167.0) - aws-sdk-core (~> 3, >= 3.207.0) + aws-sdk-s3 (1.173.0) + aws-sdk-core (~> 3, >= 3.210.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.5) - aws-sigv4 (1.10.0) + aws-sigv4 (1.10.1) aws-eventstream (~> 1, >= 1.0.2) base64 (0.2.0) bcrypt (3.1.20) + benchmark (0.4.0) bigdecimal (3.1.8) bootsnap (1.18.4) msgpack (~> 1.2) @@ -136,7 +143,7 @@ GEM activesupport childprocess (5.1.0) logger (~> 1.5) - clearance (2.8.0) + clearance (2.9.2) actionmailer (>= 5.0) activemodel (>= 5.0) activerecord (>= 5.0) @@ -160,17 +167,17 @@ GEM rexml crass (1.0.6) csv (3.3.0) - database_cleaner (2.0.2) + database_cleaner (2.1.0) database_cleaner-active_record (>= 2, < 3) - database_cleaner-active_record (2.1.0) + database_cleaner-active_record (2.2.0) activerecord (>= 5.a) database_cleaner-core (~> 2.0.0) database_cleaner-core (2.0.1) - date (3.3.4) - delayed_job (4.1.12) - activesupport (>= 3.0, < 8.0) - delayed_job_active_record (4.1.10) - activerecord (>= 3.0, < 8.0) + date (3.4.0) + delayed_job (4.1.13) + activesupport (>= 3.0, < 9.0) + delayed_job_active_record (4.1.11) + activerecord (>= 3.0, < 9.0) delayed_job (>= 3.0, < 5) diff-lcs (1.5.1) docile (1.4.0) @@ -194,16 +201,18 @@ GEM erubi (1.13.0) eventmachine (1.2.7) execjs (2.9.1) - factory_bot (6.4.6) + factory_bot (6.5.0) activesupport (>= 5.0.0) - factory_bot_rails (6.4.3) - factory_bot (~> 6.4) + factory_bot_rails (6.4.4) + factory_bot (~> 6.5) railties (>= 5.0.0) - faraday (2.9.2) - faraday-net_http (>= 2.0, < 3.2) + faraday (2.12.0) + faraday-net_http (>= 2.0, < 3.4) + json + logger faraday-multipart (1.0.4) multipart-post (~> 2) - faraday-net_http (3.1.0) + faraday-net_http (3.3.0) net-http faraday-retry (2.2.1) faraday (~> 2.0) @@ -214,8 +223,8 @@ GEM ffi (>= 1.15.5) rake flutie (2.2.0) - font-awesome-rails (4.7.0.8) - railties (>= 3.2, < 8.0) + font-awesome-rails (4.7.0.9) + railties (>= 3.2, < 9.0) formatador (0.2.5) formtastic (5.0.0) actionpack (>= 6.0.0) @@ -249,6 +258,10 @@ GEM inline_svg (1.10.0) activesupport (>= 3.0) nokogiri (>= 1.6) + io-console (0.7.2) + irb (1.14.1) + rdoc (>= 4.0.0) + reline (>= 0.4.2) jmespath (1.6.2) jquery-rails (4.6.0) rails-dom-testing (>= 1, < 3) @@ -256,7 +269,7 @@ GEM thor (>= 0.14, < 2.0) jquery-ui-rails (7.0.0) railties (>= 3.2.16) - json (2.7.2) + json (2.8.2) jsonapi-renderer (0.2.2) jwt (2.8.1) base64 @@ -281,7 +294,7 @@ GEM rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) logger (1.6.1) - loofah (2.22.0) + loofah (2.23.1) crass (~> 1.0.2) nokogiri (>= 1.12.0) lumberjack (1.2.8) @@ -301,8 +314,8 @@ GEM nokogiri (~> 1) rake mini_mime (1.1.5) - mini_portile2 (2.8.7) - minitest (5.25.1) + mini_portile2 (2.8.8) + minitest (5.25.2) msgpack (1.7.2) multi_json (1.15.0) multi_xml (0.6.0) @@ -315,9 +328,9 @@ GEM sass (>= 3.3) nenv (0.3.0) nested_form (0.3.2) - net-http (0.4.1) + net-http (0.5.0) uri - net-imap (0.4.16) + net-imap (0.5.1) date net-protocol net-pop (0.1.2) @@ -326,7 +339,7 @@ GEM timeout net-smtp (0.5.0) net-protocol - nio4r (2.7.3) + nio4r (2.7.4) nokogiri (1.16.7) mini_portile2 (~> 2.8.2) racc (~> 1.4) @@ -344,7 +357,7 @@ GEM rack (>= 1.2, < 4) snaky_hash (~> 2.0) version_gem (~> 1.1) - octokit (9.1.0) + octokit (9.2.0) faraday (>= 1, < 3) sawyer (~> 0.9) omniauth (2.1.2) @@ -360,7 +373,7 @@ GEM omniauth-rails_csrf_protection (1.0.2) actionpack (>= 4.2) omniauth (~> 2.0) - ostruct (0.6.0) + ostruct (0.6.1) paperclip (6.1.0) activemodel (>= 4.2.0) activesupport (>= 4.2.0) @@ -368,23 +381,23 @@ GEM mimemagic (~> 0.3.0) terrapin (~> 0.6.0) parallel (1.26.3) - parser (3.3.5.0) + parser (3.3.6.0) ast (~> 2.4.1) racc - pg (1.5.8) + pg (1.5.9) pg_search (2.3.7) activerecord (>= 6.1) activesupport (>= 6.1) pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) - psych (5.1.2) + psych (5.2.0) stringio public_suffix (6.0.1) puma (6.4.3) nio4r (~> 2.0) racc (1.8.1) - rack (2.2.9) + rack (2.2.10) rack-cors (2.0.2) rack (>= 2.0.0) rack-livereload (0.5.2) @@ -395,22 +408,27 @@ GEM base64 (>= 0.1.0) rack (~> 2.2, >= 2.2.4) rack-rewrite (1.5.1) + rack-session (1.0.2) + rack (< 3) rack-test (2.1.0) rack (>= 1.3) - rails (7.0.8.4) - actioncable (= 7.0.8.4) - actionmailbox (= 7.0.8.4) - actionmailer (= 7.0.8.4) - actionpack (= 7.0.8.4) - actiontext (= 7.0.8.4) - actionview (= 7.0.8.4) - activejob (= 7.0.8.4) - activemodel (= 7.0.8.4) - activerecord (= 7.0.8.4) - activestorage (= 7.0.8.4) - activesupport (= 7.0.8.4) + rackup (1.0.1) + rack (< 3) + webrick + rails (7.2.2) + actioncable (= 7.2.2) + actionmailbox (= 7.2.2) + actionmailer (= 7.2.2) + actionpack (= 7.2.2) + actiontext (= 7.2.2) + actionview (= 7.2.2) + activejob (= 7.2.2) + activemodel (= 7.2.2) + activerecord (= 7.2.2) + activestorage (= 7.2.2) + activesupport (= 7.2.2) bundler (>= 1.15.0) - railties (= 7.0.8.4) + railties (= 7.2.2) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -422,7 +440,7 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - rails_admin (3.2.0) + rails_admin (3.2.1) activemodel-serializers-xml (>= 1.0) csv kaminari (>= 0.14, < 2.0) @@ -430,19 +448,22 @@ GEM rails (>= 6.0, < 8) turbo-rails (>= 1.0, < 3) rails_stdout_logging (0.0.5) - railties (7.0.8.4) - actionpack (= 7.0.8.4) - activesupport (= 7.0.8.4) - method_source + railties (7.2.2) + actionpack (= 7.2.2) + activesupport (= 7.2.2) + irb (~> 1.13) + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.2.1) rb-fsevent (0.11.2) rb-inotify (0.11.1) ffi (~> 1.0) - recipient_interceptor (0.3.2) + rdoc (6.8.1) + psych (>= 4.0.0) + recipient_interceptor (0.3.3) mail redcarpet (3.6.0) redis (5.3.0) @@ -450,21 +471,23 @@ GEM redis-client (0.22.2) connection_pool regexp_parser (2.9.2) + reline (0.5.11) + io-console (~> 0.5) request_store (1.7.0) rack (>= 1.4) responders (3.1.1) actionpack (>= 5.2) railties (>= 5.2) - rexml (3.3.8) - rspec-core (3.13.1) + rexml (3.3.9) + rspec-core (3.13.2) rspec-support (~> 3.13.0) rspec-expectations (3.13.3) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.1) + rspec-mocks (3.13.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-rails (7.0.1) + rspec-rails (7.1.0) actionpack (>= 7.0) activesupport (>= 7.0) railties (>= 7.0) @@ -475,20 +498,19 @@ GEM rspec-support (3.13.1) rspec_junit_formatter (0.6.0) rspec-core (>= 2, < 4, != 2.12.0) - rubocop (1.65.1) + rubocop (1.68.0) json (~> 2.3) language_server-protocol (>= 3.17.0) parallel (~> 1.10) parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 2.4, < 3.0) - rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.31.1, < 2.0) + rubocop-ast (>= 1.32.2, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.32.3) + rubocop-ast (1.36.1) parser (>= 3.3.1.0) - rubocop-performance (1.21.1) + rubocop-performance (1.22.1) rubocop (>= 1.48.1, < 2.0) rubocop-ast (>= 1.31.1, < 2.0) ruby-progressbar (1.13.0) @@ -513,16 +535,17 @@ GEM scenic (1.8.0) activerecord (>= 4.0.0) railties (>= 4.0.0) + securerandom (0.3.2) selenium-webdriver (4.25.0) base64 (~> 0.2) logger (~> 1.4) rexml (~> 3.2, >= 3.2.5) rubyzip (>= 1.2.2, < 3.0) websocket (~> 1.0) - sentry-rails (5.20.1) + sentry-rails (5.21.0) railties (>= 5.0) - sentry-ruby (~> 5.20.1) - sentry-ruby (5.20.1) + sentry-ruby (~> 5.21.0) + sentry-ruby (5.21.0) bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) shellany (0.0.1) @@ -557,25 +580,25 @@ GEM sprockets-redirect (1.0.0) activesupport (>= 3.1.0) rack - standard (1.40.1) + standard (1.42.1) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.0) - rubocop (~> 1.65.0) + rubocop (~> 1.68.0) standard-custom (~> 1.0.0) - standard-performance (~> 1.4) + standard-performance (~> 1.5) standard-custom (1.0.2) lint_roller (~> 1.0) rubocop (~> 1.50) - standard-performance (1.4.0) + standard-performance (1.5.0) lint_roller (~> 1.1) - rubocop-performance (~> 1.21.0) - stringio (3.1.1) + rubocop-performance (~> 1.22.0) + stringio (3.1.2) terrapin (0.6.0) climate_control (>= 0.0.3, < 1.0) thor (1.3.2) tilt (2.3.0) timecop (0.9.10) - timeout (0.4.1) + timeout (0.4.2) turbo-rails (2.0.10) actionpack (>= 6.0.0) railties (>= 6.0.0) @@ -587,7 +610,8 @@ GEM unf_ext unf_ext (0.0.9.1) unicode-display_width (2.6.0) - uri (0.13.0) + uri (1.0.1) + useragent (0.16.10) validates_email_format_of (1.8.2) i18n (>= 0.8.0) simpleidn @@ -606,7 +630,7 @@ GEM wrapped (0.1.0) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.6.18) + zeitwerk (2.7.1) PLATFORMS ruby @@ -669,7 +693,7 @@ DEPENDENCIES rack-livereload rack-mini-profiler rack-rewrite - rails (= 7.0.8.4) + rails (= 7.2.2) rails-assets-lodash! rails-controller-testing rails_admin @@ -705,7 +729,7 @@ DEPENDENCIES wrapped RUBY VERSION - ruby 3.2.5p208 + ruby 3.3.6p108 BUNDLED WITH - 2.5.21 + 2.5.23