From cf7ee65b2e65e2b462fcca3093d9635f38af9a31 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 21:54:41 +0900 Subject: [PATCH 01/17] Bump yargs from 17.1.1 to 17.2.1 (#16790) Bumps [yargs](https://github.com/yargs/yargs) from 17.1.1 to 17.2.1. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs/compare/v17.1.1...v17.2.1) --- updated-dependencies: - dependency-name: yargs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index f19f7a4930..9e2d2b8c67 100644 --- a/package.json +++ b/package.json @@ -187,7 +187,7 @@ "react-test-renderer": "^16.14.0", "sass-lint": "^1.13.1", "webpack-dev-server": "^3.11.2", - "yargs": "^17.1.1" + "yargs": "^17.2.1" }, "resolutions": { "kind-of": "^6.0.3" diff --git a/yarn.lock b/yarn.lock index fda6c7c5c6..77fb01b370 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11523,10 +11523,10 @@ yargs@^16.0.3: y18n "^5.0.5" yargs-parser "^20.2.2" -yargs@^17.1.1: - version "17.1.1" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.1.1.tgz#c2a8091564bdb196f7c0a67c1d12e5b85b8067ba" - integrity sha512-c2k48R0PwKIqKhPMWjeiF6y2xY/gPMUlro0sgxqXpbOIohWiLNXWslsootttv7E1e73QPAMQSg5FeySbVcpsPQ== +yargs@^17.2.1: + version "17.2.1" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.2.1.tgz#e2c95b9796a0e1f7f3bf4427863b42e0418191ea" + integrity sha512-XfR8du6ua4K6uLGm5S6fA+FIJom/MdJcFNVY8geLlp2v8GYbOXD4EB1tPNZsRn4vBzKGMgb5DRZMeWuFc2GO8Q== dependencies: cliui "^7.0.2" escalade "^3.1.1" From 4ca96c104aa2bbe155aba1346f654a6bd6c1d669 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 21:54:55 +0900 Subject: [PATCH 02/17] Bump @testing-library/react from 12.1.0 to 12.1.1 (#16788) Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 12.1.0 to 12.1.1. - [Release notes](https://github.com/testing-library/react-testing-library/releases) - [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md) - [Commits](https://github.com/testing-library/react-testing-library/compare/v12.1.0...v12.1.1) --- updated-dependencies: - dependency-name: "@testing-library/react" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 9e2d2b8c67..7192541aea 100644 --- a/package.json +++ b/package.json @@ -173,7 +173,7 @@ }, "devDependencies": { "@testing-library/jest-dom": "^5.14.1", - "@testing-library/react": "^12.1.0", + "@testing-library/react": "^12.1.1", "babel-eslint": "^10.1.0", "babel-jest": "^27.2.0", "eslint": "^7.32.0", diff --git a/yarn.lock b/yarn.lock index 77fb01b370..f102dcad30 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1482,10 +1482,10 @@ lodash "^4.17.15" redent "^3.0.0" -"@testing-library/react@^12.1.0": - version "12.1.0" - resolved "https://registry.yarnpkg.com/@testing-library/react/-/react-12.1.0.tgz#3e9a4002b0b8f986a738a2f88fc458b5af319f35" - integrity sha512-Ge3Ht3qXE82Yv9lyPpQ7ZWgzo/HgOcHu569Y4ZGWcZME38iOFiOg87qnu6hTEa8jTJVL7zYovnvD3GE2nsNIoQ== +"@testing-library/react@^12.1.1": + version "12.1.1" + resolved "https://registry.yarnpkg.com/@testing-library/react/-/react-12.1.1.tgz#e693943aa48d0190099acdc3928a751d73bcf7d5" + integrity sha512-JDyWbvMuedEpP6SPL4Cvbhk59TVxQ3pwuR6ZfJHdRsHuxDd/ziSMA3nVM3fViaSbsQhuQFE/mvFrPrvQbL5kRQ== dependencies: "@babel/runtime" "^7.12.5" "@testing-library/dom" "^8.0.0" From c96f854a1a14631e9a20e2f6534f9ed5cc7bebfd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 21:55:23 +0900 Subject: [PATCH 03/17] Bump babel-jest from 27.2.0 to 27.2.2 (#16787) Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 27.2.0 to 27.2.2. - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v27.2.2/packages/babel-jest) --- updated-dependencies: - dependency-name: babel-jest dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 49 +++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 40 insertions(+), 11 deletions(-) diff --git a/package.json b/package.json index 7192541aea..387fbfc1c7 100644 --- a/package.json +++ b/package.json @@ -175,7 +175,7 @@ "@testing-library/jest-dom": "^5.14.1", "@testing-library/react": "^12.1.1", "babel-eslint": "^10.1.0", - "babel-jest": "^27.2.0", + "babel-jest": "^27.2.2", "eslint": "^7.32.0", "eslint-plugin-import": "~2.24.2", "eslint-plugin-jsx-a11y": "~6.4.1", diff --git a/yarn.lock b/yarn.lock index f102dcad30..2885a22604 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1380,10 +1380,10 @@ jest-haste-map "^27.2.0" jest-runtime "^27.2.0" -"@jest/transform@^27.2.0": - version "27.2.0" - resolved "https://registry.yarnpkg.com/@jest/transform/-/transform-27.2.0.tgz#e7e6e49d2591792db2385c33cdbb4379d407068d" - integrity sha512-Q8Q/8xXIZYllk1AF7Ou5sV3egOZsdY/Wlv09CSbcexBRcC1Qt6lVZ7jRFAZtbHsEEzvOCyFEC4PcrwKwyjXtCg== +"@jest/transform@^27.2.0", "@jest/transform@^27.2.2": + version "27.2.2" + resolved "https://registry.yarnpkg.com/@jest/transform/-/transform-27.2.2.tgz#89b16b4de84354fb48d15712b3ea34cadc1cb600" + integrity sha512-l4Z/7PpajrOjCiXLWLfMY7fgljY0H8EwW7qdzPXXuv2aQF8kY2+Uyj3O+9Popnaw1V7JCw32L8EeI/thqFDkPA== dependencies: "@babel/core" "^7.1.0" "@jest/types" "^27.1.1" @@ -1392,7 +1392,7 @@ convert-source-map "^1.4.0" fast-json-stable-stringify "^2.0.0" graceful-fs "^4.2.4" - jest-haste-map "^27.2.0" + jest-haste-map "^27.2.2" jest-regex-util "^27.0.6" jest-util "^27.2.0" micromatch "^4.0.4" @@ -2305,12 +2305,12 @@ babel-eslint@^10.1.0: eslint-visitor-keys "^1.0.0" resolve "^1.12.0" -babel-jest@^27.2.0: - version "27.2.0" - resolved "https://registry.yarnpkg.com/babel-jest/-/babel-jest-27.2.0.tgz#c0f129a81f1197028aeb4447acbc04564c8bfc52" - integrity sha512-bS2p+KGGVVmWXBa8+i6SO/xzpiz2Q/2LnqLbQknPKefWXVZ67YIjA4iXup/jMOEZplga9PpWn+wrdb3UdDwRaA== +babel-jest@^27.2.0, babel-jest@^27.2.2: + version "27.2.2" + resolved "https://registry.yarnpkg.com/babel-jest/-/babel-jest-27.2.2.tgz#d7e96f3f6f56be692de948092697e1bfea7f1184" + integrity sha512-XNFNNfGKnZXzhej7TleVP4s9ktH5JjRW8Rmcbb223JJwKB/gmTyeWN0JfiPtSgnjIjDXtKNoixiy0QUHtv3vFA== dependencies: - "@jest/transform" "^27.2.0" + "@jest/transform" "^27.2.2" "@jest/types" "^27.1.1" "@types/babel__core" "^7.1.14" babel-plugin-istanbul "^6.0.0" @@ -6369,6 +6369,26 @@ jest-haste-map@^27.2.0: optionalDependencies: fsevents "^2.3.2" +jest-haste-map@^27.2.2: + version "27.2.2" + resolved "https://registry.yarnpkg.com/jest-haste-map/-/jest-haste-map-27.2.2.tgz#81ccb57b1e1cd513aaaadf5016aad5dab0ede552" + integrity sha512-kaKiq+GbAvk6/sq++Ymor4Vzk6+lr0vbKs2HDVPdkKsHX2lIJRyvhypZG/QsNfQnROKWIZSpUpGuv2HySSosvA== + dependencies: + "@jest/types" "^27.1.1" + "@types/graceful-fs" "^4.1.2" + "@types/node" "*" + anymatch "^3.0.3" + fb-watchman "^2.0.0" + graceful-fs "^4.2.4" + jest-regex-util "^27.0.6" + jest-serializer "^27.0.6" + jest-util "^27.2.0" + jest-worker "^27.2.2" + micromatch "^4.0.4" + walker "^1.0.7" + optionalDependencies: + fsevents "^2.3.2" + jest-jasmine2@^27.2.0: version "27.2.0" resolved "https://registry.yarnpkg.com/jest-jasmine2/-/jest-jasmine2-27.2.0.tgz#1ece0ee37c348b59ed3dfcfe509fc24e3377b12d" @@ -6623,6 +6643,15 @@ jest-worker@^27.2.0: merge-stream "^2.0.0" supports-color "^8.0.0" +jest-worker@^27.2.2: + version "27.2.2" + resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-27.2.2.tgz#636deeae8068abbf2b34b4eb9505f8d4e5bd625c" + integrity sha512-aG1xq9KgWB2CPC8YdMIlI8uZgga2LFNcGbHJxO8ctfXAydSaThR4EewKQGg3tBOC+kS3vhPGgymsBdi9VINjPw== + dependencies: + "@types/node" "*" + merge-stream "^2.0.0" + supports-color "^8.0.0" + jest@^27.2.0: version "27.2.0" resolved "https://registry.yarnpkg.com/jest/-/jest-27.2.0.tgz#3bc329287d699d26361e2094919630eefdf1ac0d" From 1cd8fc0737742ef241b419d668abe758bfd33fd8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 21:55:37 +0900 Subject: [PATCH 04/17] Bump utf-8-validate from 5.0.5 to 5.0.6 (#16786) Bumps [utf-8-validate](https://github.com/websockets/utf-8-validate) from 5.0.5 to 5.0.6. - [Release notes](https://github.com/websockets/utf-8-validate/releases) - [Commits](https://github.com/websockets/utf-8-validate/compare/v5.0.5...v5.0.6) --- updated-dependencies: - dependency-name: utf-8-validate dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 387fbfc1c7..dbe3bbb7c0 100644 --- a/package.json +++ b/package.json @@ -194,6 +194,6 @@ }, "optionalDependencies": { "bufferutil": "^4.0.3", - "utf-8-validate": "^5.0.5" + "utf-8-validate": "^5.0.6" } } diff --git a/yarn.lock b/yarn.lock index 2885a22604..459501cce4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -10976,10 +10976,10 @@ user-home@^2.0.0: dependencies: os-homedir "^1.0.0" -utf-8-validate@^5.0.5: - version "5.0.5" - resolved "https://registry.yarnpkg.com/utf-8-validate/-/utf-8-validate-5.0.5.tgz#dd32c2e82c72002dc9f02eb67ba6761f43456ca1" - integrity sha512-+pnxRYsS/axEpkrrEpzYfNZGXp0IjC/9RIxwM5gntY4Koi8SHmUGSfxfWqxZdRxrtaoVstuOzUp/rbs3JSPELQ== +utf-8-validate@^5.0.6: + version "5.0.6" + resolved "https://registry.yarnpkg.com/utf-8-validate/-/utf-8-validate-5.0.6.tgz#e1b3e0a5cc8648a3b44c1799fbb170d1aaaffe80" + integrity sha512-hoY0gOf9EkCw+nimK21FVKHUIG1BMqSiRwxB/q3A9yKZOrOI99PP77BxmarDqWz6rG3vVYiBWfhG8z2Tl+7fZA== dependencies: node-gyp-build "^4.2.0" From ab090d2abdcd6bf64d136e6a14acce7fae2d29b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 21:55:50 +0900 Subject: [PATCH 05/17] Bump autoprefixer from 9.8.6 to 9.8.7 (#16785) Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.8.6 to 9.8.7. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/9.8.7/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/9.8.6...9.8.7) --- updated-dependencies: - dependency-name: autoprefixer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 17 +++++++++++------ 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index dbe3bbb7c0..d5005b3df3 100644 --- a/package.json +++ b/package.json @@ -72,7 +72,7 @@ "@rails/ujs": "^6.1.4", "array-includes": "^3.1.3", "arrow-key-navigation": "^1.2.0", - "autoprefixer": "^9.8.6", + "autoprefixer": "^9.8.7", "axios": "^0.21.4", "babel-loader": "^8.2.2", "babel-plugin-lodash": "^3.3.4", diff --git a/yarn.lock b/yarn.lock index 459501cce4..a2ea6e5f7d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2263,14 +2263,14 @@ atob@^2.1.2: resolved "https://registry.yarnpkg.com/atob/-/atob-2.1.2.tgz#6d9517eb9e030d2436666651e86bd9f6f13533c9" integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg== -autoprefixer@^9.8.6: - version "9.8.6" - resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-9.8.6.tgz#3b73594ca1bf9266320c5acf1588d74dea74210f" - integrity sha512-XrvP4VVHdRBCdX1S3WXVD8+RyG9qeb1D5Sn1DeLiG2xfSpzellk5k54xbUERJ3M5DggQxes39UGOTP8CFrEGbg== +autoprefixer@^9.8.7: + version "9.8.7" + resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-9.8.7.tgz#e3c12de18a800af1a1a8155fbc01dc7de29ea184" + integrity sha512-7Hg99B1eTH5+LgmUBUSmov1Z3bsggQJS7v3IMGo6wcScnbRuvtMc871J9J+4bSbIqa9LSX/zypFXJ8sXHpMJeQ== dependencies: browserslist "^4.12.0" caniuse-lite "^1.0.30001109" - colorette "^1.2.1" + nanocolors "^0.2.8" normalize-range "^0.1.2" num2fraction "^1.2.2" postcss "^7.0.32" @@ -3137,7 +3137,7 @@ color@^3.0.0: color-convert "^1.9.1" color-string "^1.5.2" -colorette@^1.2.1, colorette@^1.2.2: +colorette@^1.2.2: version "1.2.2" resolved "https://registry.yarnpkg.com/colorette/-/colorette-1.2.2.tgz#cbcc79d5e99caea2dbf10eb3a26fd8b3e6acfa94" integrity sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w== @@ -7413,6 +7413,11 @@ nan@^2.12.1: resolved "https://registry.yarnpkg.com/nan/-/nan-2.14.1.tgz#d7be34dfa3105b91494c3147089315eff8874b01" integrity sha512-isWHgVjnFjh2x2yuJ/tj3JbwoHu3UC2dX5G/88Cm24yB6YopVgxvBObDY7n5xW6ExmFhJpSEQqFPvq9zaXc8Jw== +nanocolors@^0.2.8: + version "0.2.11" + resolved "https://registry.yarnpkg.com/nanocolors/-/nanocolors-0.2.11.tgz#f2573e6872f1b70067423fc68bbc9d0de2f3bbee" + integrity sha512-83ttyvfJj66dKMadWfBkEUOEDFfRc8FpzTJvh1MySR/pzWFmFikTQZGOV6kHZRz7yR/heiQ1y/MHBBN5P/e7WQ== + nanoid@^3.1.23: version "3.1.23" resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.1.23.tgz#f744086ce7c2bc47ee0a8472574d5c78e4183a81" From 47076761cc7029382387e55d095b819701d0d861 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 21:56:18 +0900 Subject: [PATCH 06/17] Bump glob from 7.1.7 to 7.2.0 (#16782) Bumps [glob](https://github.com/isaacs/node-glob) from 7.1.7 to 7.2.0. - [Release notes](https://github.com/isaacs/node-glob/releases) - [Changelog](https://github.com/isaacs/node-glob/blob/master/changelog.md) - [Commits](https://github.com/isaacs/node-glob/compare/v7.1.7...v7.2.0) --- updated-dependencies: - dependency-name: glob dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 14 +++++++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index d5005b3df3..15a4180595 100644 --- a/package.json +++ b/package.json @@ -96,7 +96,7 @@ "express": "^4.17.1", "file-loader": "^6.2.0", "font-awesome": "^4.7.0", - "glob": "^7.1.7", + "glob": "^7.2.0", "history": "^4.10.1", "http-link-header": "^1.0.3", "immutable": "^3.8.2", diff --git a/yarn.lock b/yarn.lock index a2ea6e5f7d..90416f294b 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5103,7 +5103,19 @@ glob-parent@^5.1.2, glob-parent@~5.1.0: dependencies: is-glob "^4.0.1" -glob@^7.0.0, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.7, glob@~7.1.1: +glob@^7.0.0, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.2.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/glob/-/glob-7.2.0.tgz#d15535af7732e02e948f4c41628bd910293f6023" + integrity sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q== + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^3.0.4" + once "^1.3.0" + path-is-absolute "^1.0.0" + +glob@~7.1.1: version "7.1.7" resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.7.tgz#3b193e9233f01d42d0b3f78294bbeeb418f94a90" integrity sha512-OvD9ENzPLbegENnYP5UUfJIirTg4+XwMWGaQfQTY0JenxNvvIKP3U3/tAQSPIu/lHxXYSZmpXlUHeqAIdKzBLQ== From 8a7404003b8d77916ed444ba3f660d1136d6a390 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 21:56:40 +0900 Subject: [PATCH 07/17] Bump json-ld from 3.1.9 to 3.1.10 (#16779) Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.9 to 3.1.10. - [Release notes](https://github.com/ruby-rdf/json-ld/releases) - [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.9...3.1.10) --- updated-dependencies: - dependency-name: json-ld dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 8806e58572..c5cfa7bd0a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -292,7 +292,7 @@ GEM jmespath (1.4.0) json (2.5.1) json-canonicalization (0.2.1) - json-ld (3.1.9) + json-ld (3.1.10) htmlentities (~> 4.3) json-canonicalization (~> 0.2) link_header (~> 0.0, >= 0.0.8) From ff39e3616d8131fe2402ed19d14fcc24413d55c7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:00:33 +0900 Subject: [PATCH 08/17] Bump doorkeeper from 5.5.2 to 5.5.3 (#16778) Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.5.2 to 5.5.3. - [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases) - [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md) - [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.5.2...v5.5.3) --- updated-dependencies: - dependency-name: doorkeeper dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index c5cfa7bd0a..d14c76830d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -188,7 +188,7 @@ GEM docile (1.3.4) domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - doorkeeper (5.5.2) + doorkeeper (5.5.3) railties (>= 5) dotenv (2.7.6) dotenv-rails (2.7.6) From ad50610196234a92b2915b4d058b630e636e180f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:00:52 +0900 Subject: [PATCH 09/17] Bump sidekiq-unique-jobs from 7.1.5 to 7.1.7 (#16777) Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 7.1.5 to 7.1.7. - [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases) - [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/main/CHANGELOG.md) - [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.1.5...v7.1.7) --- updated-dependencies: - dependency-name: sidekiq-unique-jobs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d14c76830d..bdb1b049db 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -567,11 +567,11 @@ GEM sidekiq (>= 3) thwait tilt (>= 1.4.0) - sidekiq-unique-jobs (7.1.5) + sidekiq-unique-jobs (7.1.7) brpoplpush-redis_script (> 0.1.1, <= 2.0.0) concurrent-ruby (~> 1.0, >= 1.0.5) - sidekiq (>= 5.0, < 7.0) - thor (>= 0.20, < 2.0) + sidekiq (>= 5.0, < 8.0) + thor (>= 0.20, < 3.0) simple-navigation (4.3.0) activesupport (>= 2.3.2) simple_form (5.1.0) From 0b0d3ebea27503a86818da1fcd2698c82d44d1ad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:01:14 +0900 Subject: [PATCH 10/17] Bump tzinfo-data from 1.2021.1 to 1.2021.2 (#16776) Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2021.1 to 1.2021.2. - [Release notes](https://github.com/tzinfo/tzinfo-data/releases) - [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2021.1...v1.2021.2) --- updated-dependencies: - dependency-name: tzinfo-data dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index bdb1b049db..6b86bdf7a1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -625,7 +625,7 @@ GEM unf (~> 0.1.0) tzinfo (2.0.4) concurrent-ruby (~> 1.0) - tzinfo-data (1.2021.1) + tzinfo-data (1.2021.2) tzinfo (>= 1.0.0) unf (0.1.4) unf_ext From b9e36e90d64026ec151baf2254c86af010b888b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:01:30 +0900 Subject: [PATCH 11/17] Bump nokogiri from 1.12.4 to 1.12.5 (#16775) Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.4 to 1.12.5. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.4...v1.12.5) --- updated-dependencies: - dependency-name: nokogiri dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6b86bdf7a1..f5b482d2f7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -365,7 +365,7 @@ GEM net-ssh (>= 2.6.5, < 7.0.0) net-ssh (6.1.0) nio4r (2.5.8) - nokogiri (1.12.4) + nokogiri (1.12.5) mini_portile2 (~> 2.6.1) racc (~> 1.4) nsa (0.2.8) From 626eca4d56b574528d33ca553d5b8dab6fb9ac1d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:02:20 +0900 Subject: [PATCH 12/17] Bump webpacker from 5.4.2 to 5.4.3 (#16757) Bumps [webpacker](https://github.com/rails/webpacker) from 5.4.2 to 5.4.3. - [Release notes](https://github.com/rails/webpacker/releases) - [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md) - [Commits](https://github.com/rails/webpacker/compare/v5.4.2...v5.4.3) --- updated-dependencies: - dependency-name: webpacker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index f5b482d2f7..6653567c50 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -648,7 +648,7 @@ GEM addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) - webpacker (5.4.2) + webpacker (5.4.3) activesupport (>= 5.2) rack-proxy (>= 0.6.1) railties (>= 5.2) From 90598b18cf849f86ece544a442072d483cc2cb6b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:02:46 +0900 Subject: [PATCH 13/17] Bump parallel_tests from 3.7.1 to 3.7.3 (#16754) Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.7.1 to 3.7.3. - [Release notes](https://github.com/grosser/parallel_tests/releases) - [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md) - [Commits](https://github.com/grosser/parallel_tests/compare/v3.7.1...v3.7.3) --- updated-dependencies: - dependency-name: parallel_tests dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6653567c50..f9091dab50 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -398,7 +398,7 @@ GEM mimemagic (~> 0.3.0) terrapin (~> 0.6.0) parallel (1.21.0) - parallel_tests (3.7.1) + parallel_tests (3.7.3) parallel parser (3.0.2.0) ast (~> 2.4.1) From 3f697fcdf181bf3a93d99b11344c685b821667e5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:03:12 +0900 Subject: [PATCH 14/17] Bump eslint-plugin-react from 7.25.1 to 7.26.0 (#16784) Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.25.1 to 7.26.0. - [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases) - [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md) - [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.25.1...v7.26.0) --- updated-dependencies: - dependency-name: eslint-plugin-react dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 83 ++++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 79 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 15a4180595..a7782e1123 100644 --- a/package.json +++ b/package.json @@ -180,7 +180,7 @@ "eslint-plugin-import": "~2.24.2", "eslint-plugin-jsx-a11y": "~6.4.1", "eslint-plugin-promise": "~5.1.0", - "eslint-plugin-react": "~7.25.1", + "eslint-plugin-react": "~7.26.0", "jest": "^27.2.0", "raf": "^3.4.1", "react-intl-translations-manager": "^5.0.3", diff --git a/yarn.lock b/yarn.lock index 90416f294b..8a8ab3a866 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4136,6 +4136,30 @@ es-abstract@^1.18.0-next.0, es-abstract@^1.18.0-next.1, es-abstract@^1.18.0-next string.prototype.trimend "^1.0.3" string.prototype.trimstart "^1.0.3" +es-abstract@^1.18.1: + version "1.18.6" + resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.18.6.tgz#2c44e3ea7a6255039164d26559777a6d978cb456" + integrity sha512-kAeIT4cku5eNLNuUKhlmtuk1/TRZvQoYccn6TO0cSVdf1kzB0T7+dYuVK9MWM7l+/53W2Q8M7N2c6MQvhXFcUQ== + dependencies: + call-bind "^1.0.2" + es-to-primitive "^1.2.1" + function-bind "^1.1.1" + get-intrinsic "^1.1.1" + get-symbol-description "^1.0.0" + has "^1.0.3" + has-symbols "^1.0.2" + internal-slot "^1.0.3" + is-callable "^1.2.4" + is-negative-zero "^2.0.1" + is-regex "^1.1.4" + is-string "^1.0.7" + object-inspect "^1.11.0" + object-keys "^1.1.1" + object.assign "^4.1.2" + string.prototype.trimend "^1.0.4" + string.prototype.trimstart "^1.0.4" + unbox-primitive "^1.0.1" + es-abstract@^1.18.2: version "1.18.3" resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.18.3.tgz#25c4c3380a27aa203c44b2b685bba94da31b63e0" @@ -4340,23 +4364,24 @@ eslint-plugin-promise@~5.1.0: resolved "https://registry.yarnpkg.com/eslint-plugin-promise/-/eslint-plugin-promise-5.1.0.tgz#fb2188fb734e4557993733b41aa1a688f46c6f24" integrity sha512-NGmI6BH5L12pl7ScQHbg7tvtk4wPxxj8yPHH47NvSmMtFneC077PSeY3huFj06ZWZvtbfxSPt3RuOQD5XcR4ng== -eslint-plugin-react@~7.25.1: - version "7.25.1" - resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-7.25.1.tgz#9286b7cd9bf917d40309760f403e53016eda8331" - integrity sha512-P4j9K1dHoFXxDNP05AtixcJEvIT6ht8FhYKsrkY0MPCPaUMYijhpWwNiRDZVtA8KFuZOkGSeft6QwH8KuVpJug== +eslint-plugin-react@~7.26.0: + version "7.26.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-react/-/eslint-plugin-react-7.26.0.tgz#3ae019a35d542b98e5af9e2f96b89c232c74b55b" + integrity sha512-dceliS5itjk4EZdQYtLMz6GulcsasguIs+VTXuiC7Q5IPIdGTkyfXVdmsQOqEhlD9MciofH4cMcT1bw1WWNxCQ== dependencies: array-includes "^3.1.3" array.prototype.flatmap "^1.2.4" doctrine "^2.1.0" estraverse "^5.2.0" - has "^1.0.3" jsx-ast-utils "^2.4.1 || ^3.0.0" minimatch "^3.0.4" object.entries "^1.1.4" object.fromentries "^2.0.4" + object.hasown "^1.0.0" object.values "^1.1.4" prop-types "^15.7.2" resolve "^2.0.0-next.3" + semver "^6.3.0" string.prototype.matchall "^4.0.5" eslint-scope@^4.0.3: @@ -5083,6 +5108,14 @@ get-stream@^6.0.0: resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-6.0.1.tgz#a262d8eef67aced57c2852ad6167526a43cbf7b7" integrity sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg== +get-symbol-description@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/get-symbol-description/-/get-symbol-description-1.0.0.tgz#7fdb81c900101fbd564dd5f1a30af5aadc1e58d6" + integrity sha512-2EmdH1YvIQiZpltCNgkuiUnyukzxM/R6NDJX31Ke3BG1Nq5b0S2PhX59UKi9vZpPDQVdqn+1IcaAwnzTT5vCjw== + dependencies: + call-bind "^1.0.2" + get-intrinsic "^1.1.1" + get-value@^2.0.3, get-value@^2.0.6: version "2.0.6" resolved "https://registry.yarnpkg.com/get-value/-/get-value-2.0.6.tgz#dc15ca1c672387ca76bd37ac0a395ba2042a2c28" @@ -5261,6 +5294,13 @@ has-symbols@^1.0.2: resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.2.tgz#165d3070c00309752a1236a479331e3ac56f1423" integrity sha512-chXa79rL/UC2KlX17jo3vRGz0azaWEx5tGqZg5pO3NUyEJVB17dMruQlzCCOfUvElghKcm5194+BCRvi2Rv/Gw== +has-tostringtag@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/has-tostringtag/-/has-tostringtag-1.0.0.tgz#7e133818a7d394734f941e73c3d3f9291e658b25" + integrity sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ== + dependencies: + has-symbols "^1.0.2" + has-unicode@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" @@ -5847,6 +5887,11 @@ is-callable@^1.2.3: resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.3.tgz#8b1e0500b73a1d76c70487636f368e519de8db8e" integrity sha512-J1DcMe8UYTBSrKezuIUTUwjXsho29693unXM2YhJUTR2txK/eG47bvNa/wipPFmZFgr/N6f1GA66dv0mEyTIyQ== +is-callable@^1.2.4: + version "1.2.4" + resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.4.tgz#47301d58dd0259407865547853df6d61fe471945" + integrity sha512-nsuwtxZfMX67Oryl9LCQ+upnC0Z0BgpwntpS89m1H/TLF0zNfzfLMV/9Wa/6MZsj0acpEjAO0KF1xT6ZdLl95w== + is-ci@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-3.0.0.tgz#c7e7be3c9d8eef7d0fa144390bd1e4b88dc4c994" @@ -6082,6 +6127,14 @@ is-regex@^1.1.3: call-bind "^1.0.2" has-symbols "^1.0.2" +is-regex@^1.1.4: + version "1.1.4" + resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.4.tgz#eef5663cd59fa4c0ae339505323df6854bb15958" + integrity sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg== + dependencies: + call-bind "^1.0.2" + has-tostringtag "^1.0.0" + is-resolvable@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.1.0.tgz#fb18f87ce1feb925169c9a407c19318a3206ed88" @@ -6107,6 +6160,13 @@ is-string@^1.0.6: resolved "https://registry.yarnpkg.com/is-string/-/is-string-1.0.6.tgz#3fe5d5992fb0d93404f32584d4b0179a71b54a5f" integrity sha512-2gdzbKUuqtQ3lYNrUTQYoClPhm7oQu4UdpSZMp1/DGgkHBT8E2Z1l0yMdb6D4zNAxwDiMv8MdulKROJGNl0Q0w== +is-string@^1.0.7: + version "1.0.7" + resolved "https://registry.yarnpkg.com/is-string/-/is-string-1.0.7.tgz#0dd12bf2006f255bb58f695110eff7491eebc0fd" + integrity sha512-tE2UXzivje6ofPW7l23cjDOMa09gb7xlAqG6jG5ej6uPV32TlWP3NKPigtaGeHNu9fohccRYvIiZMfOOnOYUtg== + dependencies: + has-tostringtag "^1.0.0" + is-symbol@^1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/is-symbol/-/is-symbol-1.0.3.tgz#38e1014b9e6329be0de9d24a414fd7441ec61937" @@ -7638,6 +7698,11 @@ object-inspect@^1.10.3: resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.10.3.tgz#c2aa7d2d09f50c99375704f7a0adf24c5782d369" integrity sha512-e5mCJlSH7poANfC8z8S9s9S2IN5/4Zb3aZ33f5s8YqoazCFzNLloLU8r5VCG+G7WoqLvAAZoVMcy3tp/3X0Plw== +object-inspect@^1.11.0: + version "1.11.0" + resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.11.0.tgz#9dceb146cedd4148a0d9e51ab88d34cf509922b1" + integrity sha512-jp7ikS6Sd3GxQfZJPyH3cjcbJF6GZPClgdV+EFygjFLQ5FmW/dRUnTd9PQ9k0JhoNDabWFbpF1yCdSWCC6gexg== + object-inspect@^1.8.0: version "1.8.0" resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.8.0.tgz#df807e5ecf53a609cc6bfe93eac3cc7be5b3a9d0" @@ -7715,6 +7780,14 @@ object.getownpropertydescriptors@^2.1.0: define-properties "^1.1.3" es-abstract "^1.17.0-next.1" +object.hasown@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/object.hasown/-/object.hasown-1.0.0.tgz#bdbade33cfacfb25d7f26ae2b6cb870bf99905c2" + integrity sha512-qYMF2CLIjxxLGleeM0jrcB4kiv3loGVAjKQKvH8pSU/i2VcRRvUNmxbD+nEMmrXRfORhuVJuH8OtSYCZoue3zA== + dependencies: + define-properties "^1.1.3" + es-abstract "^1.18.1" + object.pick@^1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/object.pick/-/object.pick-1.3.0.tgz#87a10ac4c1694bd2e1cbf53591a66141fb5dd747" From 7442c0d3478abdfaf67f00b10643bffca927698d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:03:43 +0900 Subject: [PATCH 15/17] Bump bootsnap from 1.8.1 to 1.9.1 (#16759) Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.8.1 to 1.9.1. - [Release notes](https://github.com/Shopify/bootsnap/releases) - [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md) - [Commits](https://github.com/Shopify/bootsnap/compare/v1.8.1...v1.9.1) --- updated-dependencies: - dependency-name: bootsnap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index fecd8ad260..c9e4b8e7b2 100644 --- a/Gemfile +++ b/Gemfile @@ -25,7 +25,7 @@ gem 'blurhash', '~> 0.1' gem 'active_model_serializers', '~> 0.10' gem 'addressable', '~> 2.8' -gem 'bootsnap', '~> 1.8.1', require: false +gem 'bootsnap', '~> 1.9.1', require: false gem 'browser' gem 'charlock_holmes', '~> 0.7.7' gem 'iso-639' diff --git a/Gemfile.lock b/Gemfile.lock index f9091dab50..184feb2e9b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -104,7 +104,7 @@ GEM debug_inspector (>= 0.0.1) blurhash (0.1.5) ffi (~> 1.14) - bootsnap (1.8.1) + bootsnap (1.9.1) msgpack (~> 1.0) brakeman (5.1.1) browser (4.2.0) @@ -677,7 +677,7 @@ DEPENDENCIES better_errors (~> 2.9) binding_of_caller (~> 1.0) blurhash (~> 0.1) - bootsnap (~> 1.8.1) + bootsnap (~> 1.9.1) brakeman (~> 5.1) browser bullet (~> 6.1) From 0e4a4db141550843c4996880c7f6c00e54808d78 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Sep 2021 22:03:59 +0900 Subject: [PATCH 16/17] Bump aws-sdk-s3 from 1.102.0 to 1.103.0 (#16756) Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.102.0 to 1.103.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile | 2 +- Gemfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index c9e4b8e7b2..2ee2a771dd 100644 --- a/Gemfile +++ b/Gemfile @@ -17,7 +17,7 @@ gem 'makara', '~> 0.5' gem 'pghero', '~> 2.8' gem 'dotenv-rails', '~> 2.7' -gem 'aws-sdk-s3', '~> 1.102', require: false +gem 'aws-sdk-s3', '~> 1.103', require: false gem 'fog-core', '<= 2.1.0' gem 'fog-openstack', '~> 0.3', require: false gem 'paperclip', '~> 6.0' diff --git a/Gemfile.lock b/Gemfile.lock index 184feb2e9b..e4bbe9ce99 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -79,7 +79,7 @@ GEM encryptor (~> 3.0.0) awrence (1.1.1) aws-eventstream (1.2.0) - aws-partitions (1.496.0) + aws-partitions (1.503.0) aws-sdk-core (3.121.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.239.0) @@ -88,7 +88,7 @@ GEM aws-sdk-kms (1.48.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.102.0) + aws-sdk-s3 (1.103.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) @@ -673,7 +673,7 @@ DEPENDENCIES active_record_query_trace (~> 1.8) addressable (~> 2.8) annotate (~> 3.1) - aws-sdk-s3 (~> 1.102) + aws-sdk-s3 (~> 1.103) better_errors (~> 2.9) binding_of_caller (~> 1.0) blurhash (~> 0.1) From fc3ae1343df5adb83a3733958a4436981feb380f Mon Sep 17 00:00:00 2001 From: Claire Date: Wed, 29 Sep 2021 23:52:36 +0200 Subject: [PATCH 17/17] Switch from unmaintained paperclip to kt-paperclip (#16724) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Switch from unmaintained paperclip to kt-paperclip * Drop some compatibility monkey-patches not required by kt-paperclip * Drop media spoof check monkey-patching It's broken with kt-paperclip and hopefully it won't be needed anymore * Fix regression introduced by paperclip 6.1.0 * Do not rely on pathname to call FastImage * Add test for ogg vorbis file with cover art * Add audio/vorbis to the accepted content-types This seems erroneous as this would be the content-type for a vorbis stream without an ogg container, but that's what the `marcel` gem outputs, so… * Restore missing for_as_default method * Refactor Attachmentable concern and delay Paperclip's content-type spoof check Check for content-type spoofing *after* setting the extension ourselves, this fixes a regression with kt-paperclip's validations being more strict than paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown extensions. * Please CodeClimate * Add audio/vorbis to the unreliable set It doesn't correspond to a file format and thus has no extension associated. --- Gemfile | 2 +- Gemfile.lock | 17 ++--- app/lib/fast_geometry_parser.rb | 2 +- app/models/account.rb | 2 +- app/models/concerns/attachmentable.rb | 61 ++++++++---------- app/models/custom_emoji.rb | 6 +- app/models/media_attachment.rb | 6 +- app/models/preview_card.rb | 6 +- config/application.rb | 3 - lib/paperclip/attachment_extensions.rb | 29 +++++++++ .../media_type_spoof_detector_extensions.rb | 35 ---------- lib/paperclip/schema_extensions.rb | 37 ----------- lib/paperclip/url_generator_extensions.rb | 10 --- lib/paperclip/validation_extensions.rb | 58 ----------------- spec/fixtures/files/boop.ogg | Bin 0 -> 11379 bytes spec/models/media_attachment_spec.rb | 24 +++++++ 16 files changed, 99 insertions(+), 199 deletions(-) delete mode 100644 lib/paperclip/media_type_spoof_detector_extensions.rb delete mode 100644 lib/paperclip/schema_extensions.rb delete mode 100644 lib/paperclip/validation_extensions.rb create mode 100644 spec/fixtures/files/boop.ogg diff --git a/Gemfile b/Gemfile index 2ee2a771dd..d871d5ef05 100644 --- a/Gemfile +++ b/Gemfile @@ -20,7 +20,7 @@ gem 'dotenv-rails', '~> 2.7' gem 'aws-sdk-s3', '~> 1.103', require: false gem 'fog-core', '<= 2.1.0' gem 'fog-openstack', '~> 0.3', require: false -gem 'paperclip', '~> 6.0' +gem 'kt-paperclip', '~> 7.0' gem 'blurhash', '~> 0.1' gem 'active_model_serializers', '~> 0.10' diff --git a/Gemfile.lock b/Gemfile.lock index e4bbe9ce99..42fe0e8f81 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -316,6 +316,12 @@ GEM activerecord kaminari-core (= 1.2.1) kaminari-core (1.2.1) + kt-paperclip (7.0.0) + activemodel (>= 4.2.0) + activesupport (>= 4.2.0) + marcel (~> 1.0.1) + mime-types + terrapin (~> 0.6.0) launchy (2.5.0) addressable (~> 2.7) letter_opener (1.7.0) @@ -351,9 +357,6 @@ GEM mime-types (3.3.1) mime-types-data (~> 3.2015) mime-types-data (3.2020.0512) - mimemagic (0.3.10) - nokogiri (~> 1) - rake mini_mime (1.1.1) mini_portile2 (2.6.1) minitest (5.14.4) @@ -391,12 +394,6 @@ GEM openssl-signature_algorithm (0.4.0) orm_adapter (0.5.0) ox (2.14.5) - paperclip (6.0.0) - activemodel (>= 4.2.0) - activesupport (>= 4.2.0) - mime-types - mimemagic (~> 0.3.0) - terrapin (~> 0.6.0) parallel (1.21.0) parallel_tests (3.7.3) parallel @@ -720,6 +717,7 @@ DEPENDENCIES json-ld json-ld-preloaded (~> 3.1) kaminari (~> 1.2) + kt-paperclip (~> 7.0) letter_opener (~> 1.7) letter_opener_web (~> 1.4) link_header (~> 0.0) @@ -738,7 +736,6 @@ DEPENDENCIES omniauth-rails_csrf_protection (~> 0.1) omniauth-saml (~> 1.10) ox (~> 2.14) - paperclip (~> 6.0) parallel (~> 1.21) parallel_tests (~> 3.7) parslet diff --git a/app/lib/fast_geometry_parser.rb b/app/lib/fast_geometry_parser.rb index 5209c2bc59..f3395a833d 100644 --- a/app/lib/fast_geometry_parser.rb +++ b/app/lib/fast_geometry_parser.rb @@ -2,7 +2,7 @@ class FastGeometryParser def self.from_file(file) - width, height = FastImage.size(file.path) + width, height = FastImage.size(file) raise Paperclip::Errors::NotIdentifiedByImageMagickError if width.nil? diff --git a/app/models/account.rb b/app/models/account.rb index 2f2a55b553..291d3e5713 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -62,12 +62,12 @@ class Account < ApplicationRecord MENTION_RE = /(?<=^|[^\/[:word:]])@((#{USERNAME_RE})(?:@[[:word:]\.\-]+[[:word:]]+)?)/i URL_PREFIX_RE = /\Ahttp(s?):\/\/[^\/]+/ + include Attachmentable include AccountAssociations include AccountAvatar include AccountFinderConcern include AccountHeader include AccountInteractions - include Attachmentable include Paginable include AccountCounters include DomainNormalizable diff --git a/app/models/concerns/attachmentable.rb b/app/models/concerns/attachmentable.rb index c5febb8286..01fae4236f 100644 --- a/app/models/concerns/attachmentable.rb +++ b/app/models/concerns/attachmentable.rb @@ -15,50 +15,47 @@ module Attachmentable # those files, it is necessary to use the output of the # `file` utility instead INCORRECT_CONTENT_TYPES = %w( + audio/vorbis video/ogg video/webm ).freeze included do - before_post_process :obfuscate_file_name - before_post_process :set_file_extensions - before_post_process :check_image_dimensions - before_post_process :set_file_content_type + def self.has_attached_file(name, options = {}) # rubocop:disable Naming/PredicateName + options = { validate_media_type: false }.merge(options) + super(name, options) + send(:"before_#{name}_post_process") do + attachment = send(name) + check_image_dimension(attachment) + set_file_content_type(attachment) + obfuscate_file_name(attachment) + set_file_extension(attachment) + Paperclip::Validators::MediaTypeSpoofDetectionValidator.new(attributes: [name]).validate(self) + end + end end private - def set_file_content_type - self.class.attachment_definitions.each_key do |attachment_name| - attachment = send(attachment_name) - - next if attachment.blank? || attachment.queued_for_write[:original].blank? || !INCORRECT_CONTENT_TYPES.include?(attachment.instance_read(:content_type)) + def set_file_content_type(attachment) # rubocop:disable Naming/AccessorMethodName + return if attachment.blank? || attachment.queued_for_write[:original].blank? || !INCORRECT_CONTENT_TYPES.include?(attachment.instance_read(:content_type)) - attachment.instance_write :content_type, calculated_content_type(attachment) - end + attachment.instance_write :content_type, calculated_content_type(attachment) end - def set_file_extensions - self.class.attachment_definitions.each_key do |attachment_name| - attachment = send(attachment_name) + def set_file_extension(attachment) # rubocop:disable Naming/AccessorMethodName + return if attachment.blank? - next if attachment.blank? - - attachment.instance_write :file_name, [Paperclip::Interpolations.basename(attachment, :original), appropriate_extension(attachment)].delete_if(&:blank?).join('.') - end + attachment.instance_write :file_name, [Paperclip::Interpolations.basename(attachment, :original), appropriate_extension(attachment)].delete_if(&:blank?).join('.') end - def check_image_dimensions - self.class.attachment_definitions.each_key do |attachment_name| - attachment = send(attachment_name) + def check_image_dimension(attachment) + return if attachment.blank? || !/image.*/.match?(attachment.content_type) || attachment.queued_for_write[:original].blank? - next if attachment.blank? || !/image.*/.match?(attachment.content_type) || attachment.queued_for_write[:original].blank? + width, height = FastImage.size(attachment.queued_for_write[:original].path) + matrix_limit = attachment.content_type == 'image/gif' ? GIF_MATRIX_LIMIT : MAX_MATRIX_LIMIT - width, height = FastImage.size(attachment.queued_for_write[:original].path) - matrix_limit = attachment.content_type == 'image/gif' ? GIF_MATRIX_LIMIT : MAX_MATRIX_LIMIT - - raise Mastodon::DimensionsValidationError, "#{width}x#{height} images are not supported" if width.present? && height.present? && (width * height > matrix_limit) - end + raise Mastodon::DimensionsValidationError, "#{width}x#{height} images are not supported" if width.present? && height.present? && (width * height > matrix_limit) end def appropriate_extension(attachment) @@ -79,13 +76,9 @@ module Attachmentable '' end - def obfuscate_file_name - self.class.attachment_definitions.each_key do |attachment_name| - attachment = send(attachment_name) + def obfuscate_file_name(attachment) + return if attachment.blank? || attachment.queued_for_write[:original].blank? || attachment.options[:preserve_files] - next if attachment.blank? || attachment.queued_for_write[:original].blank? || attachment.options[:preserve_files] - - attachment.instance_write :file_name, SecureRandom.hex(8) + File.extname(attachment.instance_read(:file_name)) - end + attachment.instance_write :file_name, SecureRandom.hex(8) + File.extname(attachment.instance_read(:file_name)) end end diff --git a/app/models/custom_emoji.rb b/app/models/custom_emoji.rb index 7cb03b8199..a85feb73a1 100644 --- a/app/models/custom_emoji.rb +++ b/app/models/custom_emoji.rb @@ -21,6 +21,8 @@ # class CustomEmoji < ApplicationRecord + include Attachmentable + LIMIT = 50.kilobytes SHORTCODE_RE_FRAGMENT = '[a-zA-Z0-9_]{2,}' @@ -34,7 +36,7 @@ class CustomEmoji < ApplicationRecord belongs_to :category, class_name: 'CustomEmojiCategory', optional: true has_one :local_counterpart, -> { where(domain: nil) }, class_name: 'CustomEmoji', primary_key: :shortcode, foreign_key: :shortcode - has_attached_file :image, styles: { static: { format: 'png', convert_options: '-coalesce -strip' } } + has_attached_file :image, styles: { static: { format: 'png', convert_options: '-coalesce -strip' } }, validate_media_type: false before_validation :downcase_domain @@ -49,8 +51,6 @@ class CustomEmoji < ApplicationRecord remotable_attachment :image, LIMIT - include Attachmentable - after_commit :remove_entity_cache def local? diff --git a/app/models/media_attachment.rb b/app/models/media_attachment.rb index 66d800b7b4..cc48f65ed3 100644 --- a/app/models/media_attachment.rb +++ b/app/models/media_attachment.rb @@ -31,6 +31,8 @@ class MediaAttachment < ApplicationRecord self.inheritance_column = nil + include Attachmentable + enum type: [:image, :gifv, :video, :unknown, :audio] enum processing: [:queued, :in_progress, :complete, :failed], _prefix: true @@ -50,7 +52,7 @@ class MediaAttachment < ApplicationRecord IMAGE_MIME_TYPES = %w(image/jpeg image/png image/gif).freeze VIDEO_MIME_TYPES = %w(video/webm video/mp4 video/quicktime video/ogg).freeze VIDEO_CONVERTIBLE_MIME_TYPES = %w(video/webm video/quicktime).freeze - AUDIO_MIME_TYPES = %w(audio/wave audio/wav audio/x-wav audio/x-pn-wave audio/ogg audio/mpeg audio/mp3 audio/webm audio/flac audio/aac audio/m4a audio/x-m4a audio/mp4 audio/3gpp video/x-ms-asf).freeze + AUDIO_MIME_TYPES = %w(audio/wave audio/wav audio/x-wav audio/x-pn-wave audio/ogg audio/vorbis audio/mpeg audio/mp3 audio/webm audio/flac audio/aac audio/m4a audio/x-m4a audio/mp4 audio/3gpp video/x-ms-asf).freeze BLURHASH_OPTIONS = { x_comp: 4, @@ -182,8 +184,6 @@ class MediaAttachment < ApplicationRecord validates_attachment_size :thumbnail, less_than: IMAGE_LIMIT remotable_attachment :thumbnail, IMAGE_LIMIT, suppress_errors: true, download_on_assign: false - include Attachmentable - validates :account, presence: true validates :description, length: { maximum: MAX_DESCRIPTION_LENGTH }, if: :local? validates :file, presence: true, if: :local? diff --git a/app/models/preview_card.rb b/app/models/preview_card.rb index a6ec839f80..bca3a3ce8f 100644 --- a/app/models/preview_card.rb +++ b/app/models/preview_card.rb @@ -27,6 +27,8 @@ # class PreviewCard < ApplicationRecord + include Attachmentable + IMAGE_MIME_TYPES = ['image/jpeg', 'image/png', 'image/gif'].freeze LIMIT = 1.megabytes @@ -41,9 +43,7 @@ class PreviewCard < ApplicationRecord has_and_belongs_to_many :statuses - has_attached_file :image, processors: [:thumbnail, :blurhash_transcoder], styles: ->(f) { image_styles(f) }, convert_options: { all: '-quality 80 -strip' } - - include Attachmentable + has_attached_file :image, processors: [:thumbnail, :blurhash_transcoder], styles: ->(f) { image_styles(f) }, convert_options: { all: '-quality 80 -strip' }, validate_media_type: false validates :url, presence: true, uniqueness: true validates_attachment_content_type :image, content_type: IMAGE_MIME_TYPES diff --git a/config/application.rb b/config/application.rb index 1761bdc2e6..68855a567f 100644 --- a/config/application.rb +++ b/config/application.rb @@ -25,11 +25,8 @@ require_relative '../lib/exceptions' require_relative '../lib/enumerable' require_relative '../lib/sanitize_ext/sanitize_config' require_relative '../lib/redis/namespace_extensions' -require_relative '../lib/paperclip/schema_extensions' -require_relative '../lib/paperclip/validation_extensions' require_relative '../lib/paperclip/url_generator_extensions' require_relative '../lib/paperclip/attachment_extensions' -require_relative '../lib/paperclip/media_type_spoof_detector_extensions' require_relative '../lib/paperclip/lazy_thumbnail' require_relative '../lib/paperclip/gif_transcoder' require_relative '../lib/paperclip/transcoder' diff --git a/lib/paperclip/attachment_extensions.rb b/lib/paperclip/attachment_extensions.rb index 271f8b6034..786f558e9b 100644 --- a/lib/paperclip/attachment_extensions.rb +++ b/lib/paperclip/attachment_extensions.rb @@ -6,6 +6,35 @@ module Paperclip instance_read(:meta) end + # monkey-patch to avoid unlinking too avoid unlinking source file too early + # see https://github.com/kreeti/kt-paperclip/issues/64 + def post_process_style(name, style) #:nodoc: + raise "Style #{name} has no processors defined." if style.processors.blank? + + intermediate_files = [] + original = @queued_for_write[:original] + # if we're processing the original, close + unlink the source tempfile + intermediate_files << original if name == :original + + @queued_for_write[name] = style.processors. + inject(original) do |file, processor| + file = Paperclip.processor(processor).make(file, style.processor_options, self) + intermediate_files << file unless file == original + file + end + + unadapted_file = @queued_for_write[name] + @queued_for_write[name] = Paperclip.io_adapters. + for(@queued_for_write[name], @options[:adapter_options]) + unadapted_file.close if unadapted_file.respond_to?(:close) + @queued_for_write[name] + rescue Paperclip::Errors::NotIdentifiedByImageMagickError => e + log("An error was received while processing: #{e.inspect}") + (@errors[:processing] ||= []) << e.message if @options[:whiny] + ensure + unlink_files(intermediate_files) + end + # We overwrite this method to support delayed processing in # Sidekiq. Since we process the original file to reduce disk # usage, and we still want to generate thumbnails straight diff --git a/lib/paperclip/media_type_spoof_detector_extensions.rb b/lib/paperclip/media_type_spoof_detector_extensions.rb deleted file mode 100644 index 43337cc688..0000000000 --- a/lib/paperclip/media_type_spoof_detector_extensions.rb +++ /dev/null @@ -1,35 +0,0 @@ -# frozen_string_literal: true - -module Paperclip - module MediaTypeSpoofDetectorExtensions - def mapping_override_mismatch? - !Array(mapped_content_type).include?(calculated_content_type) && !Array(mapped_content_type).include?(type_from_mime_magic) - end - - def calculated_media_type_from_mime_magic - @calculated_media_type_from_mime_magic ||= type_from_mime_magic.split('/').first - end - - def calculated_type_mismatch? - !media_types_from_name.include?(calculated_media_type) && !media_types_from_name.include?(calculated_media_type_from_mime_magic) - end - - def type_from_mime_magic - @type_from_mime_magic ||= begin - begin - File.open(@file.path) do |file| - MimeMagic.by_magic(file)&.type || '' - end - rescue Errno::ENOENT - '' - end - end - end - - def type_from_file_command - @type_from_file_command ||= FileCommandContentTypeDetector.new(@file.path).detect - end - end -end - -Paperclip::MediaTypeSpoofDetector.prepend(Paperclip::MediaTypeSpoofDetectorExtensions) diff --git a/lib/paperclip/schema_extensions.rb b/lib/paperclip/schema_extensions.rb deleted file mode 100644 index 8d065676a1..0000000000 --- a/lib/paperclip/schema_extensions.rb +++ /dev/null @@ -1,37 +0,0 @@ -# frozen_string_literal: true - -# Monkey-patch various Paperclip methods for Ruby 3.0 compatibility - -module Paperclip - module Schema - module StatementsExtensions - def add_attachment(table_name, *attachment_names) - raise ArgumentError, 'Please specify attachment name in your add_attachment call in your migration.' if attachment_names.empty? - - options = attachment_names.extract_options! - - attachment_names.each do |attachment_name| - COLUMNS.each_pair do |column_name, column_type| - column_options = options.merge(options[column_name.to_sym] || {}) - add_column(table_name, "#{attachment_name}_#{column_name}", column_type, **column_options) - end - end - end - end - - module TableDefinitionExtensions - def attachment(*attachment_names) - options = attachment_names.extract_options! - attachment_names.each do |attachment_name| - COLUMNS.each_pair do |column_name, column_type| - column_options = options.merge(options[column_name.to_sym] || {}) - column("#{attachment_name}_#{column_name}", column_type, **column_options) - end - end - end - end - end -end - -Paperclip::Schema::Statements.prepend(Paperclip::Schema::StatementsExtensions) -Paperclip::Schema::TableDefinition.prepend(Paperclip::Schema::TableDefinitionExtensions) diff --git a/lib/paperclip/url_generator_extensions.rb b/lib/paperclip/url_generator_extensions.rb index e1d6df2c29..a2cf5929af 100644 --- a/lib/paperclip/url_generator_extensions.rb +++ b/lib/paperclip/url_generator_extensions.rb @@ -2,16 +2,6 @@ module Paperclip module UrlGeneratorExtensions - # Monkey-patch Paperclip to use Addressable::URI's normalization instead - # of the long-deprecated URI.esacpe - def escape_url(url) - if url.respond_to?(:escape) - url.escape - else - Addressable::URI.parse(url).normalize.to_str.gsub(escape_regex) { |m| "%#{m.ord.to_s(16).upcase}" } - end - end - def for_as_default(style_name) attachment_options[:interpolator].interpolate(default_url, @attachment, style_name) end diff --git a/lib/paperclip/validation_extensions.rb b/lib/paperclip/validation_extensions.rb deleted file mode 100644 index 0df0434f66..0000000000 --- a/lib/paperclip/validation_extensions.rb +++ /dev/null @@ -1,58 +0,0 @@ -# frozen_string_literal: true - -# Monkey-patch various Paperclip validators for Ruby 3.0 compatibility - -module Paperclip - module Validators - module AttachmentSizeValidatorExtensions - def validate_each(record, attr_name, _value) - base_attr_name = attr_name - attr_name = "#{attr_name}_file_size".to_sym - value = record.send(:read_attribute_for_validation, attr_name) - - if value.present? - options.slice(*Paperclip::Validators::AttachmentSizeValidator::AVAILABLE_CHECKS).each do |option, option_value| - option_value = option_value.call(record) if option_value.is_a?(Proc) - option_value = extract_option_value(option, option_value) - - next if value.send(Paperclip::Validators::AttachmentSizeValidator::CHECKS[option], option_value) - - error_message_key = options[:in] ? :in_between : option - [attr_name, base_attr_name].each do |error_attr_name| - record.errors.add(error_attr_name, error_message_key, **filtered_options(value).merge( - min: min_value_in_human_size(record), - max: max_value_in_human_size(record), - count: human_size(option_value) - )) - end - end - end - end - end - - module AttachmentContentTypeValidatorExtensions - def mark_invalid(record, attribute, types) - record.errors.add attribute, :invalid, **options.merge({ types: types.join(', ') }) - end - end - - module AttachmentPresenceValidatorExtensions - def validate_each(record, attribute, _value) - if record.send("#{attribute}_file_name").blank? - record.errors.add(attribute, :blank, **options) - end - end - end - - module AttachmentFileNameValidatorExtensions - def mark_invalid(record, attribute, patterns) - record.errors.add attribute, :invalid, options.merge({ names: patterns.join(', ') }) - end - end - end -end - -Paperclip::Validators::AttachmentSizeValidator.prepend(Paperclip::Validators::AttachmentSizeValidatorExtensions) -Paperclip::Validators::AttachmentContentTypeValidator.prepend(Paperclip::Validators::AttachmentContentTypeValidatorExtensions) -Paperclip::Validators::AttachmentPresenceValidator.prepend(Paperclip::Validators::AttachmentPresenceValidatorExtensions) -Paperclip::Validators::AttachmentFileNameValidator.prepend(Paperclip::Validators::AttachmentFileNameValidatorExtensions) diff --git a/spec/fixtures/files/boop.ogg b/spec/fixtures/files/boop.ogg new file mode 100644 index 0000000000000000000000000000000000000000..23cbbedb16469381437b6d2ce18cf02b1e2b2be0 GIT binary patch literal 11379 zcmaiadA!q9_IMsU$mkPM0iOyZ$a@rR)22&Qlr~M9q)oFm-SCOslcwpGrkgS%JP;8b zL_lRw5qXLV&Y*(AsN;s>hN1#0GN7p7ira|uL&x9kL!IyUkKgBadz0Rrd+xdSo_n@? z6DFG#ph3{DN&4=xH`~Rv#;ZT=IH#jltR!Tu4d`%hX#YXbTt~;i|KlA@yXEhx-LhTt z>J6_N&;RBBk*@on@M{O3ApZx@${(*~to94-<_lqyX(#}U0#}d>`tccwVzD#F7YfY_ zlSTE|nGi(dK_@_W&UX13%r~1Qv7pG~Go0;IZ{PBzMA%b^31~f`CffiZ5eb;$;YQvc z#9^AqHUdGXp7dG^1K3$`r=soR?+K6Vl!#jiH&={f?RqCn2{czX8VvCX!Wdz^CDG)^NZIW}WXw%g?3J9%U`Pv5BZOBJ zGlUe3n@izFH7*qFmTbs_V_8oOGbilcU`ADAB{j$UH3LdnjcFk(h2yX_9SK<~K?|!{ ziIy#EOT%_U%AU6nEW@VL21PO`A(o2U%Ylqj43U!HQ#i>ZNGzWyI^~i`@}dv-`4nf# zBaot8!U3SzhLL3thKJ-5Kx)Iv01&OKT*(uq6+cTgii*LTEP*;(StMm6#PTt6>XoXc!zREt3`$GF(qHSS%@p zOxdc33ps68If2rZlA9@0QA1S$7i_oIl?2S7Rak&^do5SWmUC9s9Fg^u!vXVl-C?)2 zm?Ub^La2(Rl?-WdrOj!9W+EsTl8HPU@kTIdW+Hg zQH#${<0Q=k_4lG8AHe(h#p<%v8%Ik~8*m^Tcu}s8QaMoBgD`e1=YALw&lobuYrW8{) zXp}jp%SO%kM%0_C32X>vVXW*|$xMNX8JmQRyDO$97EH@2B4!Q{iCCqSb%u2% z>kzoIspT}Wn9uKu(|!f3WGF)gF~o^dxf1lj4Jj(rH8n(+8)Ph+wrhOIgA@w}*6RSu z5wwVrKUNYk2Z7(aFNk6HjS-%bJb|Z)_~(~OMw@Wh_x1KCe1Ff<)fon&gN)} zzG@*8wrjfA*itIixV1$CDKfN5i3mlL$)F?K^byTeCMRd&EEVRAD^MjZ9HBzrvRQlM%~8o5X$&nB{EEGmT9fE(eFv{X-| z@<^E{?4?r0OIWHVYk(FV947f3am^l!TD*$U~gs({UzXGe?MkkoG4NcAs8LpkZHw zP%)gUn3Pgf4>l#H$-#P(C^;D(<8uwC+s)adn5CGBMG}@|t>Vc@bTVG%auSm%stBvb z+!UpzEU82(>(1Gl;gUTRkSyhO*|Uu#oRW!vOTe`TCmHb;CcC2ksz-Jvv`SHCaNby|seTiJ)~LAd zCva09k1|bzopidaX(Hq(aZ)tzHe!Ak=?jZ~*rrE}=CX@v(E@IEr8quSVC<$=GU?=S zM6EO4h(A$cE!KpM468(~W|oYJVnD6uNUA6`aHQBY1{l#&YpJ<#(I#b0w25!gSXR}z zbdA;0InicCF{6w02oXcQ6$wVH$yO?8W-WZpU>9f;!*L`>79&zgX~g|v5do|$WQ{h7 z%E7GIAbh$XDew+krj}?@=0q|O^ERoBnMt}zddsdGBZx2Q&RKE}gWH{i2|Ukank^!g zs7W~|%p^=y0ZF8ZmRq%vcBeZla%B-~*?sPEBSn;9H&ZQ_z@Rf)B^S>+z*3h}Eq~1D z#uTj*a%5OiySGa2~qKD1l~wE0bk05 z$D!6;X#zJ^$_kuF+v+AS+ye9PiI{^AG(8m?989L{1&7p?jFbzkqZEl{*g%?)X= ztVX%oc| z3YkjBY8g+g8m`A9CZuX2GDylM)vzQ|wkE2w)9(&DOeLQ&1GJ6y6|Lzesq>bK>|_w0 zN@Ffh+?fui34sXnfQ|Kv5I{^YAImwI5Qy|xgWFJM-L;m@%4<1PvWxjNhUXIk<0*JC zFK)BbjhaBIh%XW_D~(9K>a(>1NTMRwIYT+X!la3;7igQD!`zj0Cgcwm!xAgCY7QYp zIo(p6gC(zCAS%(Q;^eY?-WdhfwuVIO)Zm_Ja`iH6&ZHM9~Zw}8tf zbVae7tASQDlBk+ZY)T4~IU=r+GFLSk%Gns$vfz9&YfY3O z#K@#MWr+AaGA?`cWC+KjbvaYXlTxC{Wvx}oz=TQJ9yb~hZ#F_`gzCfHaV}^~#s!mH zDUgYH(n5h?)UTLwEf?cMGPpHua(ReK83Vhc2x;@UD{kGx(**8Mnu28s%>%Hj*t9dQ zFj>IKWGvLQTf_*91WS}N#w~egGUW)y3N5Ts^@b5s6ty!!i3dG#EkqE4?xvw=w`K`X zMhts{VzbT#42a+oTrpO5acmKI8(OI)O_{P@N$8nCAsX}-Xt$}zIDAb(&4aKNX{Ov+ z9;|gD?jf@U#iPgtsp)K}g4m>pYAMRG;i|3+MPtw+X8j5o9lfrYt0n$uK^-ANgf*{XpI;O=557KmF29EDAlLNaZwyE2?s)k#sbDLFBeQ{wJA zU#1%r?(@V8c_jwdq6H<)hwWq~*7R~}5;I8Ax>v%|f{vM_LK15x{qb1ZR&$r+OvG2k z4O&Q}jn1Gfxf5g}3ZzNXkU*kYuvol?9BuY^g<#5=;uL{vrb{uC&X&0l=g3oFuTHo_ z#-yj@)SY>6g7?-OSrsRN&5|1|Cq(odQ+Kfx+oGC;$U2)W*c`wmJMXik3;{n6piSVa zV|kCk9F>Vg(o-auFr0L|h^*FBn{}&5hnluhy%weMM3CZ{X1OSHV9OW8f++9vu+DH) zqR}W56s>VJ;ml>RQV5L|ixpFmtQk`t&Z1gfARebVTb7Wk6dz_noXbTR!k)Uj?jV^K zf#G!0pRC|n92iwc%95-nY5@<>Ts&BDxvGwWty)7>-l6I(V=`eu^(t>F6|8g!wsBZfCmoRpTMmWdt_T$)3EGO6;!O}=c;#YA_L)jG0n3`@yy{0>K?NMx zWaBP1%9KGoR@Y7#RGp*CrIOBZo}`t+RJSDgGG=ot*f6+#s+x{c zT+7vLMB`4OS@F?LJ5fSf4NsbMaQSl3m-m}d4o$YzGLz>>KFI07QgM734hH?OFRsfW z4CfFst~VSOG+HgX@i-kZBW`0trm`?ou!X@lt4TZ7K%&J|&}#>Qc9{oK zl`q6&;iizoEPybgm*PQ>E27bOh%Hx42vA&L(Pfj|s0YhdXN4>R`HCg1Imt`;F>9{r zNN7Y;b!8mMys_joD++FF%276va%GJrtyxD}?h+RC77gYA!g~xhe;PHq>LHQyV;GJH z^suIs&_)Q3@;)??cQY&qOoLJa^ciQGb$<|5xsb;WbPtcQ<*X1jI+A40UoRODPc&xp zmUBV5WeSGqOnvhQSepCbm2thDc#@vFQpojd7Q;eQM?o6hgH)?#-z(a5y@a&o=3F zRm6D%4qT05CA{7u17a0EFJ{`7CPM-zAYoJ{siNMHA((H4%D$vO>+tdsA!D>Etj}nn zG}RAw#znuGgu%I^ZnG8fk|~;WQkVue7+<5FB}o%PR2tTx9wMr$xvWG2sZfDV7eY#& z&nIkB-4b)z9gN5BaH6m!EtG|NE9o<5&5VI)W!mRLV$P-}(_&q!Wvxw4D`m4}!zi~{ ztHne%IS%JQ9pnWNW@(#+Gdu$QvwGN5$SMq!4g&W)!?S zSS^!TcZy!xZ)>J7HsCSmDk57o#_Dp> zN0}lH1@%UFkynr+S1fawa^j2_V^j<0@(4w)eMZcIW8(0C&xn6NH*TL1drq7iyQ#RN zU`$YjmJ78Skx=_|-07lt(TZ0TDx1yDn9(ux#OsDXy0B0OG!ud*YvZPQ`n5CqIw!c; z@rSxxJC!fSyZool>oWUiy)s2xI%(Y+*P>b7*S@h-gxU?Rb2i5IEq0EW)Hh{DWZC?w zGeBt(3Se>@*6I4~hNBXwb&fc@?~utcdj7|bAG`W+G|~xRM<({2;(C15{0%5To@^!9 z`NPm7U473^?_NCbdDG)(^bN6gFPZm|X~*01PjW3HJ~N z9pm~uPB4OD=;LGiUU9CU&^HYoacAgFUDH}=JH z*Go5dy|k(8q!E9Jg7+&O&EM7<4^bxUaa&+00f&9t!4@`gM;el)(Xih*7%Z8qv3K!ysrb1PuY*AeeB8ce(rZptyI7y6=DFSu4}y z2bu#OcD^ZR?jN?uGrluhw?H^vP;?Cn&959UZ+2;2mE5{F>;f6Q!w}ns2O{)`pdLetPBVQ(pk3 z^EWn^uDWqEC=J~x-?YlN36zMfP5v*wHcV@i8n}J7{nM`1r?nr~Ke=_~U*6abO3VwN z{&RKb?IX`NEe-i=kUBkwwmU3;%iA6p4t*(rk zw*CY=C$^Ucf|zf+cAa|mfAcq8ub(=F8w2tMZ<(!c3Am`I_pa2VkIk9&&Vt@!bM}M$ zqaKf}Oh^A$J~4Ihu5cm{_7fB7d10LPDtct{^3LC;2^JJ8jr9)58~N~L-{)imanodSrnF-kG;>&6BNuozor|K!G~j zDDAZP-p1nl8;jRBZaT7PnRNTg_4ltbynOE$+aCJ-|Cdi15b((mRGsXtO!o4VaUK)~ zxI1@ro4Z}l!ISaI^jF?QPRw!FX)^#r!_^Z;=iTX%G?TeCNSezI=wtKIWfAMS*cx4p>2 z*ytBlI{TIn1xy& z?nJxqSpG6P^^RM{^z?(rp2Mq`?<7B2eao9Y{H!=&@7i z({N^N@7~k!-7ApS5GxlH>9O?gpcp-a7FSN8Ei^q=6i&m%(?ww=EpAS~j;QYj#ruX~q{i!0LYE?1;`>*?@g zpouEh<{YT@_TH-ZMl!RGEqF`Udsn0ngwxSu>E0Lj=m(DZ-`Ya&-L1bR>Ie4dAK$L- z`w=wL#gz+Y1H8QpK4=#9pLr)I>id`X&IZlSEX=mQ_f+AMzpBZ7mp=U0^G180`rGv0 zeYR~+(YNXQkDP^lU|)#5^{5Ky?XULEzE$5ZeZGwiioN0VyT`=v4|BjEKKNnIfpOyA zV}Rugcdxu7er!(vS0}9yw=4i7IDDJh8~M|rBR@T5uIjTu+fA=N_0T1MFIN{{3Uq#0 z7X%IRcMo2$aKi}b!y(YPzSWrDxoGTsUw6XL8L#oKp8FT@{0-ygFGbIv z0$xjZ-`&qrzPtPOxOz4%;A8oXyH~|-u=c$f>+avoQa9Y+KVg<)^(=AjSbfVfbZYCSO#`GT3I?MBq)v8GfRsRiQ6&sLyCYO? z6CmY-_ptm8pu$JNfK*}A$9tU81?$EnyQjQxM)IMJn(Hq7)syqz05jjtQcE^&j?G$v zUiWL~i#G#O%BCMc1t8_4tXsw@H(7sJ6?+g=D7j6atkRCcpS&X|*2l&vppO_J^~s(j z_~c^n$-q3Ezx-OD_k-GcKV%XG54+pB2tK?H83BK?dii4b@WgdI{7F|IZ$3P6`7*v; z;z#wbTgEGQFX#E(MxghD+IoK$GUbfnKy9Z$OGiOhmbzZ~_7V;e->pr5={xr>1ZdXT z0}!Bn>MJK8y1st^N7Q?JkGVN35MUtSGe9ct>6G;%Yxa67zU7)=>w78HqI7( z*0|8_Hbk9eUpQ;8zW>;QIC{}zh0nJgJ^t)B7rzKWUk@1$tr>Jy$m{5taMJXFQGvh> ztgVxnG`|zL(*91K0=98n34|r4yGM_m@bDOD5s=jpHv<=WDlC%dG{nk$6P@4>2dwHRYqSlvd6jv9d`Hf<$zQ1CGd#;b#KRf zE3{6EynpjMi4CjgvpltN`-CKrsXeg`oA#`_7|87z$_DhEE=s=Og^0HE$zw}-1>O_W zjy`$op2P<0;rHivKKtm{|;0Wj%i=FgUK7@V3(hZohK*H`ub@VLbmE3@p{Jc*}VbgrHpxAgbe>Q^$*E#P1n-<~ef*s7VVZX^STfx_f)bw;ee4&LPkUzyi}u z)-)IzeRAie!<|!SmL3Jstt+*VK&B75Zuko5RQPmg^7-8#4Vt-NJO1AGq1EvR=Uw>K zMV+qBd7aOH2#q41erBZol5ZAHegEK)JJ#~U2fl9ttA7dvy*RY<)LmVkg)a>AUiac~ z0z|_g?SP&h4m~|-klT%1ck|twp4s)mHyvX@kn(F9GGxd=3CJNdWXQlrQbXnfr`S&I zkEGi0>V{b#bagHJ`JZ+-mFayNJF^-tfSy07ki?8a|)-<&_~)K#42>gVTvfBon`+rPbO-j*ful^@#f zzIaLMnfp%ieDROdBj?W@y#`w1`A2@}dFLZj!Fucr9@Tn|%|7;r8*Hx^=6$6f4_#m0 z2Q6{ml^>e?Y|p-lGogc5o+7*rU*YldyB4;X-r0XAJ5K3)Ve&(3W?uCKa^>JbQ00l# zmsi|NH^57^&CbntZaX{+>T{jNo;~98@Ami2gw{-b>L2UGsrMee;EmU|d~x}Ig8!Pm zVNl<*x3LF5yXS!+r4bVkkP|NFr`tzz7t*g^_>CT4^@l#!h1oTK{mWM8T3`?X|M_L)pZ^{9 za@;Lzq2Qsz@oPTM-BQg?fE>RxyMFnH?TdBS96xmKfj=Gpet+-Luh-uCEgxg8TQAkV z6aR40J7-@vW5(=2s#2!zVf-zkny|)OHUmQJ-YA9+TZuzJ4bMR{qr?<1%@vj zQyM;V#tV1YpZa?({c*h59>{?iAHMPC2OoQPjqiB7^+Yo^xA@D4AzS&$_r9M1JvB$@ zGwfbk9NYcSC0nmp*nbyxf%2DxDqs1teac0@obuMx`8OWAXy|);^DDMan+3M*%#YKK zMQ2VQ3Dc{{{OA9EWHp`hcT3P2Q)hg4-$%Q*TW)^!(cz&lM&$-WT{Fha4L~-@wQv5Z z{1B)#S3ZDt?7R(_&8^b{yWTM0M=bI_bo^-e#lOB0{L@$JV~LxqT{E`XXF!vo?X5FS zPhWlfx$9T`ae*Z>`qKCAnKyOn+TmZr2g`Y$cze$KSC`Knv#s~5M$Z#B&OO@Mlot|% zB>R2u{W8&e?4_sA|NQQm(=LuL_RhTJt1X-0MI+dck3KVa$cwmLeB{((@o6AJcl~t1 zWBs?#m#ts8>8kg)9NPT+)Sq5haAb4w$aNh~=wRe2>HXzT(BIC#;Fi%FVvm#`^b5Wr z-+K;Ub^4grgCmh4&{HwIKc?F1Y@`QH7`5&qsM(~ujQ_}zow zym9Z&OQ9FG&G_f@@`zK{FQ596d-y%mn$SGpO1pn~`jKbFXQmDP==mt={rSx$FJHBT z{&eu$&pvzO1wVC6?u6JuIK6pHx$8sc&ua;1?UTLe;qFJ};`pI&yEZ$172`RkxF zZe2I+a_ojx7hmBRe99H#{r~*vm(hQH?b4wOlScx|&Uc1Qj&@toy}ivVhTk@5$Kh}8 zdady9>(ANy-Iu%HJLmQ@FI#i|oa5Guu6c9Udtyh|$Gfk5@Y#nR|7w>Xdgs|+IL&cZNmv^7F{=5E1|3&1JgIYW8c*FPYzj~O}+qO(W%NKhOT>b6+%>Jilpq`5G zB?OJRaxjEI_K}yKH^StGpxkTnWyKpWe{jpc9Aj=tE-4=cd$X>NKmX;?_ScvPFBlYj ztmELJ5_ILCUb@0I2zuI7KQQkid+u4stk*)5v+EX2Xnh)iPC4hy-s5}D z-SN=5hu)1Xc*L-NFa*ivPhVR5>XmcnTm?Q3{p5qk_gFvwa*4+=yz2dK<#+%69hpqcluT|Wa?UBzIsy_Jco`0V* zpSkC!AAa8W=nBa({DU()cDO#?XM2BQeF8E1oW@8=oOoYx(UKo_4?B43YsB60(?*@M z@{-igy~|!4G4!^DGj2Lh?;Q?7%PQYbnjDcjCK02jV3%!t?$L*bLhGNrTAx1tMfkRR z?8JZhPjm_a7VGIp>S(iI&`d z#)^(@=bbWQr59y7p{oi%{l{Rt?TNVu(bL99)z3RF`FfM*j~_0TOp7dA?!5g+jo9(x zvq#Sw(hdD*#rr@1aM!Kht|1S$TB9$1T{{9VJU(tPbiU;d*yWjf+h=cCAHL?7eaClx z>}&1$;i)}ek9+O#bMh-s6o>pd{MXB8d^hR2m!Ez3&-}?wMv%eQt=lenbKcycSI>5Z$6LnqegDl3ONTO7vm<}}V&D2(QWrk7edD!< zEzxsMUi{t@dlJP1{-Gy*{q3Et?1LXa_{%HrFSY*Z+zX)UOz6^;KONmLdmHdmU^567 N4Wzk~pzQRM|1ZT8j`{!q literal 0 HcmV?d00001 diff --git a/spec/models/media_attachment_spec.rb b/spec/models/media_attachment_spec.rb index 456bc42167..edab67d476 100644 --- a/spec/models/media_attachment_spec.rb +++ b/spec/models/media_attachment_spec.rb @@ -114,6 +114,30 @@ RSpec.describe MediaAttachment, type: :model do end end + describe 'ogg with cover art' do + let(:media) { MediaAttachment.create(account: Fabricate(:account), file: attachment_fixture('boop.ogg')) } + + it 'detects it as an audio file' do + expect(media.type).to eq 'audio' + end + + it 'sets meta for the duration' do + expect(media.file.meta['original']['duration']).to be_within(0.05).of(0.235102) + end + + it 'extracts thumbnail' do + expect(media.thumbnail.present?).to eq true + end + + it 'extracts colors from thumbnail' do + expect(media.file.meta['colors']['background']).to eq '#3088d4' + end + + it 'gives the file a random name' do + expect(media.file_file_name).to_not eq 'boop.ogg' + end + end + describe 'jpeg' do let(:media) { MediaAttachment.create(account: Fabricate(:account), file: attachment_fixture('attachment.jpg')) }