From b1d988f2e232ea3899dec6f11340c7ff80d5b9e7 Mon Sep 17 00:00:00 2001 From: simukappu Date: Mon, 20 Mar 2023 22:09:18 +0900 Subject: [PATCH 01/11] Update gem dependencies in test cases --- .github/workflows/build.yml | 20 ++++++++++---------- gemfiles/Gemfile.rails-7.0 | 2 -- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5f0b429..4e9d805 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,27 +30,27 @@ jobs: include: # https://www.ruby-lang.org/en/downloads - gemfile: gemfiles/Gemfile.rails-5.0 - ruby-version: 2.7.5 + ruby-version: 2.7.7 - gemfile: gemfiles/Gemfile.rails-5.1 - ruby-version: 2.7.5 + ruby-version: 2.7.7 - gemfile: gemfiles/Gemfile.rails-5.2 - ruby-version: 2.7.5 + ruby-version: 2.7.7 - gemfile: gemfiles/Gemfile.rails-6.0 - ruby-version: 3.0.3 + ruby-version: 3.2.1 - gemfile: gemfiles/Gemfile.rails-6.1 - ruby-version: 3.0.3 + ruby-version: 3.2.1 - gemfile: gemfiles/Gemfile.rails-7.0 - ruby-version: 3.0.3 + ruby-version: 3.2.1 - gemfile: Gemfile - ruby-version: 3.0.3 + ruby-version: 3.2.1 orm: active_record test-db: mysql - gemfile: Gemfile - ruby-version: 3.0.3 + ruby-version: 3.2.1 orm: active_record test-db: postgresql - gemfile: Gemfile - ruby-version: 3.0.3 + ruby-version: 3.2.1 orm: mongoid test-db: mongodb - gemfile: Gemfile @@ -97,7 +97,7 @@ jobs: - 27017:27017 env: MONGO_INITDB_DATABASE: activity_notification_test - options: --health-cmd mongo --health-interval 10s --health-timeout 5s --health-retries 5 + options: --health-cmd mongosh --health-interval 10s --health-timeout 5s --health-retries 5 steps: - uses: actions/checkout@v2 diff --git a/gemfiles/Gemfile.rails-7.0 b/gemfiles/Gemfile.rails-7.0 index f03d7e2..908accf 100644 --- a/gemfiles/Gemfile.rails-7.0 +++ b/gemfiles/Gemfile.rails-7.0 @@ -5,8 +5,6 @@ gemspec path: '../' gem 'rails', '~> 7.0.0' # https://github.com/lynndylanhurley/devise_token_auth/pull/1517 gem 'devise_token_auth', git: 'https://github.com/lynndylanhurley/devise_token_auth.git' -# https://jira.mongodb.org/browse/MONGOID-5193 -gem 'mongoid', git: 'https://github.com/mongodb/mongoid.git' gem 'sprockets-rails' From 0d99ede9635dc7a6a4f4d906b6714885e66841db Mon Sep 17 00:00:00 2001 From: Zsolt Kozaroczy Date: Mon, 20 Mar 2023 15:44:02 +0100 Subject: [PATCH 02/11] Add yaml_column_permitted_classes to fix broken serialization with latest Rails patches (#167) * Pin committee-rails version * Remove git reference of mongoid to use the already released and compatible version * Add yaml_column_permitted_classes to fix broken serialization with latest Rails patches * Add instructions for users who had to override yaml_column_permitted_classes and can't use the gem's default fix --- Gemfile | 2 +- docs/Setup.md | 16 ++++++++++++++++ gemfiles/Gemfile.rails-5.0 | 2 +- gemfiles/Gemfile.rails-5.1 | 2 +- gemfiles/Gemfile.rails-5.2 | 2 +- gemfiles/Gemfile.rails-6.0 | 2 +- gemfiles/Gemfile.rails-6.1 | 2 +- gemfiles/Gemfile.rails-7.0 | 4 +--- lib/activity_notification/models.rb | 22 +++++++++++++++++++++- 9 files changed, 44 insertions(+), 10 deletions(-) diff --git a/Gemfile b/Gemfile index 29e05d9..c459a87 100644 --- a/Gemfile +++ b/Gemfile @@ -20,7 +20,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails' + gem 'committee-rails', '0.5.1' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/docs/Setup.md b/docs/Setup.md index 6af7956..e7ffb2a 100644 --- a/docs/Setup.md +++ b/docs/Setup.md @@ -46,6 +46,22 @@ The same can be done for the subscription table name, e.g., if you're using the config.subscription_table_name = "notifications_subscriptions" ``` +If you're redefining `yaml_column_permitted_classes` in *config/application.rb*, then you need to add a few classes to the whitelist to make sure *activity_notification* still works as expected. + +```ruby +config.active_record.yaml_column_permitted_classes ||= [] + +# your override(s), e.g: MyWhitelistedClass +config.active_record.yaml_column_permitted_classes << MyWhitelistedClass + +# overrides required for activity_notification to work +config.yaml_column_permitted_classes << ActiveSupport::HashWithIndifferentAccess +config.yaml_column_permitted_classes << ActiveSupport::TimeWithZone +config.yaml_column_permitted_classes << ActiveSupport::TimeZone +config.yaml_column_permitted_classes << Symbol +config.yaml_column_permitted_classes << Time +``` + #### Using Mongoid ORM When you use *activity_notification* with [Mongoid](http://mongoid.org) ORM, set **AN_ORM** environment variable to **mongoid**: diff --git a/gemfiles/Gemfile.rails-5.0 b/gemfiles/Gemfile.rails-5.0 index 46b0219..e416690 100644 --- a/gemfiles/Gemfile.rails-5.0 +++ b/gemfiles/Gemfile.rails-5.0 @@ -17,7 +17,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails' + gem 'committee-rails', '0.5.1' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-5.1 b/gemfiles/Gemfile.rails-5.1 index e209b3a..e4ab636 100644 --- a/gemfiles/Gemfile.rails-5.1 +++ b/gemfiles/Gemfile.rails-5.1 @@ -16,7 +16,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails' + gem 'committee-rails', '0.5.1' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-5.2 b/gemfiles/Gemfile.rails-5.2 index b0ff27f..ffd0a2a 100644 --- a/gemfiles/Gemfile.rails-5.2 +++ b/gemfiles/Gemfile.rails-5.2 @@ -16,7 +16,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails' + gem 'committee-rails', '0.5.1' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-6.0 b/gemfiles/Gemfile.rails-6.0 index 87565e3..b76aed8 100644 --- a/gemfiles/Gemfile.rails-6.0 +++ b/gemfiles/Gemfile.rails-6.0 @@ -14,7 +14,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails' + gem 'committee-rails', '0.5.1' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-6.1 b/gemfiles/Gemfile.rails-6.1 index 5dadcd8..9bd9cf1 100644 --- a/gemfiles/Gemfile.rails-6.1 +++ b/gemfiles/Gemfile.rails-6.1 @@ -14,7 +14,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails' + gem 'committee-rails', '0.5.1' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-7.0 b/gemfiles/Gemfile.rails-7.0 index f03d7e2..2c87271 100644 --- a/gemfiles/Gemfile.rails-7.0 +++ b/gemfiles/Gemfile.rails-7.0 @@ -5,8 +5,6 @@ gemspec path: '../' gem 'rails', '~> 7.0.0' # https://github.com/lynndylanhurley/devise_token_auth/pull/1517 gem 'devise_token_auth', git: 'https://github.com/lynndylanhurley/devise_token_auth.git' -# https://jira.mongodb.org/browse/MONGOID-5193 -gem 'mongoid', git: 'https://github.com/mongodb/mongoid.git' gem 'sprockets-rails' @@ -20,7 +18,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails' + gem 'committee-rails', '0.5.1' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/lib/activity_notification/models.rb b/lib/activity_notification/models.rb index d7f2692..6bcd42a 100644 --- a/lib/activity_notification/models.rb +++ b/lib/activity_notification/models.rb @@ -17,4 +17,24 @@ module Models end end -ActiveRecord::Base.class_eval { include ActivityNotification::Models } if defined?(ActiveRecord::Base) +if defined?(ActiveRecord::Base) + ActiveRecord::Base.class_eval { include ActivityNotification::Models } + + if (Gem::Version.new("5.2.8.1") <= Rails.gem_version && Gem::Version.new("6.0") > Rails.gem_version) || + (Gem::Version.new("6.0.5.1") <= Rails.gem_version && Gem::Version.new("6.1") > Rails.gem_version) || + (Gem::Version.new("6.1.6.1") <= Rails.gem_version && Gem::Version.new("7.0") > Rails.gem_version) + ActiveRecord::Base.yaml_column_permitted_classes ||= [] + ActiveRecord::Base.yaml_column_permitted_classes << ActiveSupport::HashWithIndifferentAccess + ActiveRecord::Base.yaml_column_permitted_classes << ActiveSupport::TimeWithZone + ActiveRecord::Base.yaml_column_permitted_classes << ActiveSupport::TimeZone + ActiveRecord::Base.yaml_column_permitted_classes << Symbol + ActiveRecord::Base.yaml_column_permitted_classes << Time + elsif Gem::Version.new("7.0.3.1") <= Rails.gem_version + ActiveRecord.yaml_column_permitted_classes ||= [] + ActiveRecord.yaml_column_permitted_classes << ActiveSupport::HashWithIndifferentAccess + ActiveRecord.yaml_column_permitted_classes << ActiveSupport::TimeWithZone + ActiveRecord.yaml_column_permitted_classes << ActiveSupport::TimeZone + ActiveRecord.yaml_column_permitted_classes << Symbol + ActiveRecord.yaml_column_permitted_classes << Time + end +end From 1a777ccfa8f758689cc7ef332473b0b8a4c46ffd Mon Sep 17 00:00:00 2001 From: simukappu Date: Mon, 20 Mar 2023 23:53:27 +0900 Subject: [PATCH 03/11] Fix tests with broken serialization issue - #166 --- Gemfile | 9 ++++++--- gemfiles/Gemfile.rails-5.0 | 2 +- gemfiles/Gemfile.rails-5.1 | 2 +- gemfiles/Gemfile.rails-5.2 | 2 +- gemfiles/Gemfile.rails-6.0 | 3 ++- gemfiles/Gemfile.rails-6.1 | 2 +- gemfiles/Gemfile.rails-7.0 | 5 ++--- lib/activity_notification/models.rb | 8 +++++--- 8 files changed, 19 insertions(+), 14 deletions(-) diff --git a/Gemfile b/Gemfile index c459a87..4f538f5 100644 --- a/Gemfile +++ b/Gemfile @@ -2,13 +2,16 @@ source 'https://rubygems.org' gemspec -gem 'rails', '~> 6.0.0' +gem 'rails', '~> 7.0.0' group :production do + gem 'sprockets-rails' gem 'puma' gem 'pg' gem 'devise' - gem 'devise_token_auth' + # gem 'devise_token_auth' + # https://github.com/lynndylanhurley/devise_token_auth/pull/1517 + gem 'devise_token_auth', git: 'https://github.com/lynndylanhurley/devise_token_auth.git' end group :development do @@ -20,7 +23,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails', '0.5.1' + gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-5.0 b/gemfiles/Gemfile.rails-5.0 index e416690..b5ed521 100644 --- a/gemfiles/Gemfile.rails-5.0 +++ b/gemfiles/Gemfile.rails-5.0 @@ -17,7 +17,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails', '0.5.1' + gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-5.1 b/gemfiles/Gemfile.rails-5.1 index e4ab636..88a3989 100644 --- a/gemfiles/Gemfile.rails-5.1 +++ b/gemfiles/Gemfile.rails-5.1 @@ -16,7 +16,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails', '0.5.1' + gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-5.2 b/gemfiles/Gemfile.rails-5.2 index ffd0a2a..eddd5f4 100644 --- a/gemfiles/Gemfile.rails-5.2 +++ b/gemfiles/Gemfile.rails-5.2 @@ -16,7 +16,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails', '0.5.1' + gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-6.0 b/gemfiles/Gemfile.rails-6.0 index b76aed8..fe4cd93 100644 --- a/gemfiles/Gemfile.rails-6.0 +++ b/gemfiles/Gemfile.rails-6.0 @@ -3,6 +3,7 @@ source 'https://rubygems.org' gemspec path: '../' gem 'rails', '~> 6.0.0' +gem 'psych', '< 4' group :development do gem 'bullet' @@ -14,7 +15,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails', '0.5.1' + gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-6.1 b/gemfiles/Gemfile.rails-6.1 index 9bd9cf1..6ce4b8e 100644 --- a/gemfiles/Gemfile.rails-6.1 +++ b/gemfiles/Gemfile.rails-6.1 @@ -14,7 +14,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails', '0.5.1' + gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/gemfiles/Gemfile.rails-7.0 b/gemfiles/Gemfile.rails-7.0 index 2c87271..a272003 100644 --- a/gemfiles/Gemfile.rails-7.0 +++ b/gemfiles/Gemfile.rails-7.0 @@ -3,11 +3,10 @@ source 'https://rubygems.org' gemspec path: '../' gem 'rails', '~> 7.0.0' +gem 'sprockets-rails' # https://github.com/lynndylanhurley/devise_token_auth/pull/1517 gem 'devise_token_auth', git: 'https://github.com/lynndylanhurley/devise_token_auth.git' -gem 'sprockets-rails' - group :development do gem 'bullet' gem 'rack-cors' @@ -18,7 +17,7 @@ group :test do gem 'ammeter' gem 'timecop' gem 'committee' - gem 'committee-rails', '0.5.1' + gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false end diff --git a/lib/activity_notification/models.rb b/lib/activity_notification/models.rb index 6bcd42a..5b848e0 100644 --- a/lib/activity_notification/models.rb +++ b/lib/activity_notification/models.rb @@ -20,9 +20,11 @@ module Models if defined?(ActiveRecord::Base) ActiveRecord::Base.class_eval { include ActivityNotification::Models } - if (Gem::Version.new("5.2.8.1") <= Rails.gem_version && Gem::Version.new("6.0") > Rails.gem_version) || - (Gem::Version.new("6.0.5.1") <= Rails.gem_version && Gem::Version.new("6.1") > Rails.gem_version) || - (Gem::Version.new("6.1.6.1") <= Rails.gem_version && Gem::Version.new("7.0") > Rails.gem_version) + # https://github.com/simukappu/activity_notification/issues/166 + # https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017 + if (Gem::Version.new("5.2.8.1") <= Rails.gem_version && Rails.gem_version < Gem::Version.new("6.0")) || + (Gem::Version.new("6.0.5.1") <= Rails.gem_version && Rails.gem_version < Gem::Version.new("6.1")) || + (Gem::Version.new("6.1.6.1") <= Rails.gem_version && Rails.gem_version < Gem::Version.new("7.0")) ActiveRecord::Base.yaml_column_permitted_classes ||= [] ActiveRecord::Base.yaml_column_permitted_classes << ActiveSupport::HashWithIndifferentAccess ActiveRecord::Base.yaml_column_permitted_classes << ActiveSupport::TimeWithZone From 9b6ab63c35464b116e35c38e751fc88604ee2486 Mon Sep 17 00:00:00 2001 From: simukappu Date: Tue, 21 Mar 2023 00:01:58 +0900 Subject: [PATCH 04/11] Bump version to v2.2.4 --- CHANGELOG.md | 7 +++++++ lib/activity_notification/version.rb | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 96d4201..2d641f8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.2.4 / 2023-03-20 +[Full Changelog](http://github.com/simukappu/activity_notification/compare/v2.2.3...v2.2.4) + +Bug Fixes: + +* Fix broken serialization with Rails security patch - [#166](https://github.com/simukappu/activity_notification/issues/166) [#167](https://github.com/simukappu/activity_notification/pull/167) + ## 2.2.3 / 2022-02-12 [Full Changelog](http://github.com/simukappu/activity_notification/compare/v2.2.2...v2.2.3) diff --git a/lib/activity_notification/version.rb b/lib/activity_notification/version.rb index 3563485..a315420 100644 --- a/lib/activity_notification/version.rb +++ b/lib/activity_notification/version.rb @@ -1,3 +1,3 @@ module ActivityNotification - VERSION = "2.2.3" + VERSION = "2.2.4" end From 70f51343ce6f893e10b3c45189d827ed02c0444d Mon Sep 17 00:00:00 2001 From: JP Rosevear Date: Tue, 2 Jul 2024 10:11:45 -0400 Subject: [PATCH 05/11] Rails 7.1 support (#177) --- .github/workflows/build.yml | 21 +++++++++++++-------- Gemfile | 6 ++---- activity_notification.gemspec | 6 +++--- gemfiles/Gemfile.rails-5.1 | 1 + gemfiles/Gemfile.rails-7.1 | 24 ++++++++++++++++++++++++ spec/concerns/renderable_spec.rb | 2 +- spec/spec_helper.rb | 1 + 7 files changed, 45 insertions(+), 16 deletions(-) create mode 100644 gemfiles/Gemfile.rails-7.1 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4e9d805..eb04fde 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,7 +3,7 @@ name: build on: push: branches: - - '**' + - 'master' - '!images' pull_request: branches: @@ -23,6 +23,7 @@ jobs: - gemfiles/Gemfile.rails-6.0 - gemfiles/Gemfile.rails-6.1 - gemfiles/Gemfile.rails-7.0 + - gemfiles/Gemfile.rails-7.1 orm: - active_record - mongoid @@ -36,21 +37,23 @@ jobs: - gemfile: gemfiles/Gemfile.rails-5.2 ruby-version: 2.7.7 - gemfile: gemfiles/Gemfile.rails-6.0 - ruby-version: 3.2.1 + ruby-version: 2.7.7 - gemfile: gemfiles/Gemfile.rails-6.1 - ruby-version: 3.2.1 + ruby-version: 2.7.7 - gemfile: gemfiles/Gemfile.rails-7.0 - ruby-version: 3.2.1 + ruby-version: 3.1.6 + - gemfile: gemfiles/Gemfile.rails-7.1 + ruby-version: 3.2.4 - gemfile: Gemfile - ruby-version: 3.2.1 + ruby-version: 3.3.3 orm: active_record test-db: mysql - gemfile: Gemfile - ruby-version: 3.2.1 + ruby-version: 3.3.3 orm: active_record test-db: postgresql - gemfile: Gemfile - ruby-version: 3.2.1 + ruby-version: 3.3.3 orm: mongoid test-db: mongodb - gemfile: Gemfile @@ -64,6 +67,8 @@ jobs: orm: dynamoid - gemfile: gemfiles/Gemfile.rails-7.0 orm: dynamoid + - gemfile: gemfiles/Gemfile.rails-7.1 + orm: dynamoid env: RAILS_ENV: test @@ -100,7 +105,7 @@ jobs: options: --health-cmd mongosh --health-interval 10s --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set up Ruby uses: ruby/setup-ruby@v1 with: diff --git a/Gemfile b/Gemfile index 4f538f5..a19e085 100644 --- a/Gemfile +++ b/Gemfile @@ -2,16 +2,14 @@ source 'https://rubygems.org' gemspec -gem 'rails', '~> 7.0.0' +gem 'rails', '~> 7.1.0' group :production do gem 'sprockets-rails' gem 'puma' gem 'pg' gem 'devise' - # gem 'devise_token_auth' - # https://github.com/lynndylanhurley/devise_token_auth/pull/1517 - gem 'devise_token_auth', git: 'https://github.com/lynndylanhurley/devise_token_auth.git' + gem 'devise_token_auth' end group :development do diff --git a/activity_notification.gemspec b/activity_notification.gemspec index 17402c0..611ea57 100644 --- a/activity_notification.gemspec +++ b/activity_notification.gemspec @@ -20,16 +20,16 @@ Gem::Specification.new do |s| s.require_paths = ["lib"] s.required_ruby_version = '>= 2.1.0' - s.add_dependency 'railties', '>= 5.0.0', '< 7.1' + s.add_dependency 'railties', '>= 5.0.0', '< 7.2' s.add_dependency 'i18n', '>= 0.5.0' s.add_dependency 'jquery-rails', '>= 3.1.1' s.add_dependency 'swagger-blocks', '>= 3.0.0' s.add_development_dependency 'puma', '>= 3.12.0' - s.add_development_dependency 'sqlite3', '>= 1.3.13' + s.add_development_dependency 'sqlite3', '>= 1.3.13', '< 2.0' s.add_development_dependency 'mysql2', '>= 0.5.2' s.add_development_dependency 'pg', '>= 1.0.0' - s.add_development_dependency 'mongoid', '>= 4.0.0' + s.add_development_dependency 'mongoid', '>= 4.0.0', '< 9.0' s.add_development_dependency 'dynamoid', '3.1.0' s.add_development_dependency 'rspec-rails', '>= 3.8.0' s.add_development_dependency 'factory_bot_rails', '>= 4.11.0', '< 5.0.0' diff --git a/gemfiles/Gemfile.rails-5.1 b/gemfiles/Gemfile.rails-5.1 index 88a3989..4bd36e3 100644 --- a/gemfiles/Gemfile.rails-5.1 +++ b/gemfiles/Gemfile.rails-5.1 @@ -19,6 +19,7 @@ group :test do gem 'committee-rails', '< 0.6' # gem 'coveralls', require: false gem 'coveralls_reborn', require: false + gem 'mongoid', '>= 4.0.0', '< 8.0' end gem 'dotenv-rails', groups: [:development, :test] diff --git a/gemfiles/Gemfile.rails-7.1 b/gemfiles/Gemfile.rails-7.1 new file mode 100644 index 0000000..ad6b894 --- /dev/null +++ b/gemfiles/Gemfile.rails-7.1 @@ -0,0 +1,24 @@ +source 'https://rubygems.org' + +gemspec path: '../' + +gem 'rails', '~> 7.1.0' +gem 'sprockets-rails' +gem 'devise_token_auth' + +group :development do + gem 'bullet' + gem 'rack-cors' +end + +group :test do + gem 'rails-controller-testing' + gem 'ammeter' + gem 'timecop' + gem 'committee' + gem 'committee-rails', '< 0.6' + # gem 'coveralls', require: false + gem 'coveralls_reborn', require: false +end + +gem 'dotenv-rails', groups: [:development, :test] diff --git a/spec/concerns/renderable_spec.rb b/spec/concerns/renderable_spec.rb index 78a5efa..39d2526 100644 --- a/spec/concerns/renderable_spec.rb +++ b/spec/concerns/renderable_spec.rb @@ -77,7 +77,7 @@ test_instance.target = create(:admin) test_instance.key = "notification.#{simple_text_key}" expect(test_instance.text) - .to eq("translation missing: en.notification.admin.#{simple_text_key}.text") + .to eq("Translation missing: en.notification.admin.#{simple_text_key}.text") end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 609a3ce..5767bb8 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -46,6 +46,7 @@ def clean_database end RSpec.configure do |config| + config.expect_with :minitest, :rspec config.include FactoryBot::Syntax::Methods config.before(:each) do FactoryBot.reload From bbe26c07f4e8bbf66bc22ef0855c2275ed6a3f69 Mon Sep 17 00:00:00 2001 From: simukappu Date: Tue, 2 Jul 2024 23:18:46 +0900 Subject: [PATCH 06/11] Update test build condition --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eb04fde..d9f9e92 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,7 +4,7 @@ on: push: branches: - 'master' - - '!images' + - 'development' pull_request: branches: - '**' From 1eb9e7d4d4e4b07fb131f910cc8f4b3ad7ad88b8 Mon Sep 17 00:00:00 2001 From: simukappu Date: Tue, 2 Jul 2024 23:24:57 +0900 Subject: [PATCH 07/11] Update test gemfiles with new devise_token_auth --- gemfiles/Gemfile.rails-7.0 | 2 -- gemfiles/Gemfile.rails-7.1 | 1 - 2 files changed, 3 deletions(-) diff --git a/gemfiles/Gemfile.rails-7.0 b/gemfiles/Gemfile.rails-7.0 index a272003..0896ce3 100644 --- a/gemfiles/Gemfile.rails-7.0 +++ b/gemfiles/Gemfile.rails-7.0 @@ -4,8 +4,6 @@ gemspec path: '../' gem 'rails', '~> 7.0.0' gem 'sprockets-rails' -# https://github.com/lynndylanhurley/devise_token_auth/pull/1517 -gem 'devise_token_auth', git: 'https://github.com/lynndylanhurley/devise_token_auth.git' group :development do gem 'bullet' diff --git a/gemfiles/Gemfile.rails-7.1 b/gemfiles/Gemfile.rails-7.1 index ad6b894..33d2bdf 100644 --- a/gemfiles/Gemfile.rails-7.1 +++ b/gemfiles/Gemfile.rails-7.1 @@ -4,7 +4,6 @@ gemspec path: '../' gem 'rails', '~> 7.1.0' gem 'sprockets-rails' -gem 'devise_token_auth' group :development do gem 'bullet' From dd8d68188647abf6cfc2b54ce51c6ab985548859 Mon Sep 17 00:00:00 2001 From: simukappu Date: Tue, 2 Jul 2024 23:29:24 +0900 Subject: [PATCH 08/11] Bump version to v2.3.0 --- CHANGELOG.md | 7 +++++++ lib/activity_notification/version.rb | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d641f8..c3bf32e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.3.0 / 2024-06-02 +[Full Changelog](http://github.com/simukappu/activity_notification/compare/v2.2.4...v2.3.0) + +Enhancements: + +* Allow use with Rails 7.1 - [#173](https://github.com/simukappu/activity_notification/issues/173) [#177](https://github.com/simukappu/activity_notification/pull/177) + ## 2.2.4 / 2023-03-20 [Full Changelog](http://github.com/simukappu/activity_notification/compare/v2.2.3...v2.2.4) diff --git a/lib/activity_notification/version.rb b/lib/activity_notification/version.rb index a315420..10931b9 100644 --- a/lib/activity_notification/version.rb +++ b/lib/activity_notification/version.rb @@ -1,3 +1,3 @@ module ActivityNotification - VERSION = "2.2.4" + VERSION = "2.3.0" end From 770940025da8e09bb689f739b3f78a4e7bbb1997 Mon Sep 17 00:00:00 2001 From: JP Rosevear Date: Mon, 22 Jul 2024 20:19:48 -0400 Subject: [PATCH 09/11] fix serialize arguments for Rails 7.1+ (#179) --- lib/activity_notification/orm/active_record/notification.rb | 6 +++++- lib/activity_notification/orm/active_record/subscription.rb | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/activity_notification/orm/active_record/notification.rb b/lib/activity_notification/orm/active_record/notification.rb index b654090..ba73b52 100644 --- a/lib/activity_notification/orm/active_record/notification.rb +++ b/lib/activity_notification/orm/active_record/notification.rb @@ -45,7 +45,11 @@ class Notification < ::ActiveRecord::Base belongs_to :notifier, polymorphic: true, optional: true # Serialize parameters Hash - serialize :parameters, Hash + if Rails.gem_version >= Gem::Version.new('7.1') + serialize :parameters, type: Hash, coder: YAML + else + serialize :parameters, Hash + end validates :target, presence: true validates :notifiable, presence: true diff --git a/lib/activity_notification/orm/active_record/subscription.rb b/lib/activity_notification/orm/active_record/subscription.rb index 408cad4..efa0ff4 100644 --- a/lib/activity_notification/orm/active_record/subscription.rb +++ b/lib/activity_notification/orm/active_record/subscription.rb @@ -14,7 +14,11 @@ class Subscription < ::ActiveRecord::Base belongs_to :target, polymorphic: true # Serialize parameters Hash - serialize :optional_targets, Hash + if Rails.gem_version >= Gem::Version.new('7.1') + serialize :optional_targets, type: Hash, coder: YAML + else + serialize :optional_targets, Hash + end validates :target, presence: true validates :key, presence: true, uniqueness: { scope: :target } From 3f47fab0c1ac0df9b303f552fdf728f6b319d931 Mon Sep 17 00:00:00 2001 From: simukappu Date: Tue, 23 Jul 2024 09:24:31 +0900 Subject: [PATCH 10/11] Update test coverage with #179 --- lib/activity_notification/orm/active_record/notification.rb | 2 ++ lib/activity_notification/orm/active_record/subscription.rb | 2 ++ 2 files changed, 4 insertions(+) diff --git a/lib/activity_notification/orm/active_record/notification.rb b/lib/activity_notification/orm/active_record/notification.rb index ba73b52..68596bd 100644 --- a/lib/activity_notification/orm/active_record/notification.rb +++ b/lib/activity_notification/orm/active_record/notification.rb @@ -45,11 +45,13 @@ class Notification < ::ActiveRecord::Base belongs_to :notifier, polymorphic: true, optional: true # Serialize parameters Hash + # :nocov: if Rails.gem_version >= Gem::Version.new('7.1') serialize :parameters, type: Hash, coder: YAML else serialize :parameters, Hash end + # :nocov: validates :target, presence: true validates :notifiable, presence: true diff --git a/lib/activity_notification/orm/active_record/subscription.rb b/lib/activity_notification/orm/active_record/subscription.rb index efa0ff4..72046fb 100644 --- a/lib/activity_notification/orm/active_record/subscription.rb +++ b/lib/activity_notification/orm/active_record/subscription.rb @@ -14,11 +14,13 @@ class Subscription < ::ActiveRecord::Base belongs_to :target, polymorphic: true # Serialize parameters Hash + # :nocov: if Rails.gem_version >= Gem::Version.new('7.1') serialize :optional_targets, type: Hash, coder: YAML else serialize :optional_targets, Hash end + # :nocov: validates :target, presence: true validates :key, presence: true, uniqueness: { scope: :target } From a58b4650844d8f04d62fd83c611513d4f89e6c4b Mon Sep 17 00:00:00 2001 From: simukappu Date: Tue, 23 Jul 2024 09:27:32 +0900 Subject: [PATCH 11/11] Bump version to v2.3.1 --- CHANGELOG.md | 7 +++++++ lib/activity_notification/version.rb | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c3bf32e..afdb108 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## 2.3.1 / 2024-07-23 +[Full Changelog](http://github.com/simukappu/activity_notification/compare/v2.3.0...v2.3.1) + +Bug Fixes: + +* Fix serialize arguments for Rails 7.1 - [#178](https://github.com/simukappu/activity_notification/issues/178) [#179](https://github.com/simukappu/activity_notification/pull/179) + ## 2.3.0 / 2024-06-02 [Full Changelog](http://github.com/simukappu/activity_notification/compare/v2.2.4...v2.3.0) diff --git a/lib/activity_notification/version.rb b/lib/activity_notification/version.rb index 10931b9..f9eb778 100644 --- a/lib/activity_notification/version.rb +++ b/lib/activity_notification/version.rb @@ -1,3 +1,3 @@ module ActivityNotification - VERSION = "2.3.0" + VERSION = "2.3.1" end