Merge pull request #11 from CodingAnarchy/update-rails-version

Update actionview for security patch; drop support for Rails 5.1 and Ruby 2.4
CodingAnarchy · Sep 12, 2020 · c75a52b · c75a52b
2 parents c680ec5 + 9e4a595
commit c75a52b
Show file tree

Hide file tree

Showing 7 changed files with 42 additions and 73 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -3,19 +3,14 @@ sudo: false
 language: ruby
 cache: bundler
 rvm:
-  - 2.4.9
-  - 2.5.7
-  - 2.6.5
+  - 2.5.8
+  - 2.6.6
+  - 2.7.1
 before_install: gem install bundler
 gemfile:
   - Gemfile
-  - gemfiles/rails51.gemfile
   - gemfiles/rails52.gemfile
   - gemfiles/rails6.gemfile
 
-jobs:
-  exclude:
-    - rvm: 2.4.9
-      gemfile: Gemfile
-    - rvm: 2.4.9
-      gemfile: gemfiles/rails6.gemfile
+# jobs:
+#   exclude:
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,63 +1,63 @@
 PATH
   remote: .
   specs:
-    cognito_token_verifier (0.3.2)
-      activesupport (>= 4.2, < 6.1)
+    cognito_token_verifier (0.4.0)
+      activesupport (>= 5.2, < 6.1)
       json-jwt (~> 1.11)
       rest-client (~> 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (6.0.3.2)
-      actionview (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
+    actionpack (6.0.3.3)
+      actionview (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
       rack (~> 2.0, >= 2.0.8)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.0.3.2)
-      activesupport (= 6.0.3.2)
+    actionview (6.0.3.3)
+      activesupport (= 6.0.3.3)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activesupport (6.0.3.2)
+    activesupport (6.0.3.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
       zeitwerk (~> 2.2, >= 2.2.2)
-    aes_key_wrap (1.0.1)
-    bindata (2.4.4)
+    aes_key_wrap (1.1.0)
+    bindata (2.4.8)
     builder (3.2.4)
-    byebug (11.0.1)
-    concurrent-ruby (1.1.6)
+    byebug (11.1.3)
+    concurrent-ruby (1.1.7)
     crass (1.0.6)
-    diff-lcs (1.3)
+    diff-lcs (1.4.4)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
     erubi (1.9.0)
     http-accept (1.7.0)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    i18n (1.8.3)
+    i18n (1.8.5)
       concurrent-ruby (~> 1.0)
-    json-jwt (1.11.0)
+    json-jwt (1.13.0)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
-    loofah (2.6.0)
+    loofah (2.7.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (1.0.0)
-    mime-types (3.3)
+    mime-types (3.3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2019.1009)
+    mime-types-data (3.2020.0512)
     mini_portile2 (2.4.0)
-    minitest (5.14.1)
+    minitest (5.14.2)
     netrc (0.11.0)
-    nokogiri (1.10.9)
+    nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
     rack (2.2.3)
     rack-test (1.1.0)
@@ -67,9 +67,9 @@ GEM
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.3.0)
       loofah (~> 2.3)
-    railties (6.0.3.2)
-      actionpack (= 6.0.3.2)
-      activesupport (= 6.0.3.2)
+    railties (6.0.3.3)
+      actionpack (= 6.0.3.3)
+      activesupport (= 6.0.3.3)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.20.3, < 2.0)
@@ -79,42 +79,42 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rspec-core (3.9.0)
-      rspec-support (~> 3.9.0)
-    rspec-expectations (3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-rails (3.9.0)
+    rspec-rails (3.9.1)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
       rspec-core (~> 3.9.0)
       rspec-expectations (~> 3.9.0)
       rspec-mocks (~> 3.9.0)
       rspec-support (~> 3.9.0)
-    rspec-support (3.9.0)
+    rspec-support (3.9.3)
     thor (1.0.1)
     thread_safe (0.3.6)
     tzinfo (1.2.7)
       thread_safe (~> 0.1)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.6)
-    zeitwerk (2.3.0)
+    unf_ext (0.0.7.7)
+    zeitwerk (2.4.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  actionpack (>= 4.2, < 6.1)
+  actionpack (>= 5.2, < 6.1)
   bundler (~> 2.0)
   byebug (~> 11.0)
   cognito_token_verifier!
   rake (>= 10.0, < 14.0)
   rspec-rails (~> 3.0)
 
 BUNDLED WITH
-   2.0.2
+   2.1.4
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # CognitoTokenVerifier [![Build Status](https://travis-ci.org/CodingAnarchy/cognito_token_verifier.svg?branch=master)](https://travis-ci.org/CodingAnarchy/cognito_token_verifier)
 
-Verify and decode AWS Cognito tokens for use in your Rails 5.2+ application. Rails 4.2 may work on 0.3+, but as it is no longer supported for security fixes by the Rails team, I make no guarantees of this and changes may result that break compatibility.
+Verify and decode AWS Cognito tokens for use in your Rails 5.2+ application. Rails versions <= 5.2 are incompatible with the required gemspec as of  0.4+, as they are no longer supported for security fixes by the Rails team.
 
 ## Installation
 

diff --git a/cognito_token_verifier.gemspec b/cognito_token_verifier.gemspec
@@ -31,13 +31,13 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency "activesupport", [">= 4.2", "< 6.1"]
+  spec.add_runtime_dependency "activesupport", [">= 5.2", "< 6.1"]
   spec.add_runtime_dependency "json-jwt", "~> 1.11"
   spec.add_runtime_dependency "rest-client", "~> 2.0"
 
   spec.add_development_dependency "byebug", "~> 11.0"
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", [">= 10.0", "< 14.0"]
   spec.add_development_dependency "rspec-rails", "~> 3.0"
-  spec.add_development_dependency "actionpack", [">= 4.2", "< 6.1"]
+  spec.add_development_dependency "actionpack", [">= 5.2", "< 6.1"]
 end
diff --git a/gemfiles/rails51.gemfile b/gemfiles/rails51.gemfile
diff --git a/lib/cognito_token_verifier/version.rb b/lib/cognito_token_verifier/version.rb
@@ -1,3 +1,3 @@
 module CognitoTokenVerifier
-  VERSION = "0.3.2"
+  VERSION = "0.4.0"
 end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -7,21 +7,6 @@
 require "support/auth_helper"
 require "byebug"
 
-if RUBY_VERSION >= '2.6.0'
-  if Rails.version < '5'
-    class ActionController::TestResponse < ActionDispatch::TestResponse
-      def recycle!
-        # hack to avoid MonitorMixin double-initialize error:
-        @mon_mutex_owner_object_id = nil
-        @mon_mutex = nil
-        initialize
-      end
-    end
-  else
-    puts "Monkey patch for ActionController::TestResponse no longer needed"
-  end
-end
-
 RSpec.configure do |config|
   # Enable flags like --only-failures and --next-failure
   config.example_status_persistence_file_path = ".rspec_status"