* Update gems

.slim-lint.yml

@@ -4,24 +4,3 @@ exclude:
 linters:
   LineLength:
     enabled: false
-
-  RuboCop:
-    enabled: true
-    ignored_cops:
-      - Lint/BlockAlignment
-      - Lint/EndAlignment
-      - Lint/Void
-      - Metrics/LineLength
-      - Style/AlignHash
-      - Style/AlignParameters
-      - Style/BlockNesting
-      - Style/FileName
-      - Style/FirstParameterIndentation
-      - Style/FrozenStringLiteralComment
-      - Style/IfUnlessModifier
-      - Style/IndentationConsistency
-      - Style/IndentationWidth
-      - Style/Next
-      - Style/TrailingBlankLines
-      - Style/TrailingWhitespace
-      - Style/WhileUntilModifier

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## 0.34.1
+
+* Update gems
+
 ## 0.34.0
 
 * Add slim_lint gem

Gemfile.lock

@@ -42,7 +42,7 @@ GEM
     airbrake-ruby (1.0.4)
     arel (6.0.3)
     ast (2.2.0)
-    autoprefixer-rails (6.3.2)
+    autoprefixer-rails (6.3.3)
       execjs
       json
     bcrypt (3.1.10)
@@ -52,7 +52,7 @@ GEM
       rack (>= 0.9.0)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
-    bson (4.0.1)
+    bson (4.0.2)
     builder (3.2.2)
     bullet (5.0.0)
       activesupport (>= 3.0.0)
@@ -177,9 +177,9 @@ GEM
     mime-types (2.99)
     mini_portile2 (2.0.0)
     minitest (5.8.4)
-    mongo (2.2.2)
+    mongo (2.2.3)
       bson (~> 4.0)
-    mongoid (5.1.0)
+    mongoid (5.1.1)
       activemodel (~> 4.0)
       mongo (~> 2.1)
       origin (~> 2.2)
@@ -211,7 +211,7 @@ GEM
     newrelic_moped (1.0.1)
       moped
       newrelic_rpm (~> 3.11)
-    newrelic_rpm (3.14.3.313)
+    newrelic_rpm (3.15.0.314)
     nokogiri (1.6.7.2)
       mini_portile2 (~> 2.0.0.rc2)
     oauth2 (1.1.0)
@@ -230,7 +230,7 @@ GEM
       omniauth (~> 1.2)
     origin (2.2.0)
     orm_adapter (0.5.0)
-    parser (2.3.0.5)
+    parser (2.3.0.6)
       ast (~> 2.2)
     powerpack (0.1.1)
     pry (0.10.3)
@@ -302,7 +302,7 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 3.0)
       netrc (~> 0.7)
-    rgeo (0.5.2)
+    rgeo (0.5.3)
     rspec (3.4.0)
       rspec-core (~> 3.4.0)
       rspec-expectations (~> 3.4.0)
@@ -340,8 +340,8 @@ GEM
       sprockets (>= 2.8, < 4.0)
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
-    secure_headers (2.5.1)
-      user_agent_parser
+    secure_headers (3.0.0)
+      useragent
     selenium-webdriver (2.52.0)
       childprocess (~> 0.5)
       multi_json (~> 1.0)
@@ -372,7 +372,7 @@ GEM
     slim_assets (0.0.2)
       slim
       tilt
-    slim_lint (0.7.0)
+    slim_lint (0.7.1)
       rake (~> 10.0)
       rubocop (>= 0.36.0)
       slim (~> 3.0)
@@ -422,7 +422,7 @@ GEM
       rack
       raindrops (~> 0.7)
     uniform_notifier (1.9.0)
-    user_agent_parser (2.3.0)
+    useragent (0.16.3)
     vegas (0.1.11)
       rack (>= 1.0.0)
     warden (1.2.6)
@@ -431,7 +431,7 @@ GEM
       activemodel (>= 4.2)
       debug_inspector
       railties (>= 4.2)
-    webmock (1.22.6)
+    webmock (1.23.0)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff

VERSION

@@ -1 +1 @@
-0.34.0
+0.34.1

app/controllers/application_controller.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 class ApplicationController < ActionController::Base
-  ensure_security_headers
   protect_from_forgery with: :exception
 
   before_action :authenticate_user!

config/initializers/secure_headers.rb

@@ -1,21 +1,11 @@
 # frozen_string_literal: true
 if defined?(SecureHeaders)
   SecureHeaders::Configuration.default do |config|
-    config.hsts = { max_age: 20.years.to_i, include_subdomains: true }
+    config.hsts = "max-age=#{20.years.to_i}; includeSubdomains"
     config.x_frame_options = 'DENY'
     config.x_content_type_options = 'nosniff'
     config.x_xss_protection = '1; mode=block'
     config.x_download_options = 'noopen'
     config.x_permitted_cross_domain_policies = 'none'
-    config.csp = false
-    # config.csp = {
-    #  default_src: 'self https:',
-    #  font_src: 'self http://fonts.gstatic.com',
-    #  frame_src: 'https: https://*.facebook.com http://*.facebook.com',
-    #  img_src: 'data: http: https:',
-    #  report_uri: '/report_uri',
-    #  script_src: 'self eval inline http://*.facebook.net http://*.googleapis.com http://maps.gstatic.com https://*.facebook.net https://*.googleapis.com https://maps.gstatic.com',
-    #  style_src: 'self inline http://fonts.googleapis.com http://netdna.bootstrapcdn.com https://fonts.googleapis.com https://netdna.bootstrapcdn.com'
-    # }
   end
 end