Conversation
Bumps the bundler group with 1 update in the / directory: [net-imap](https://github.com/ruby/net-imap). Updates `net-imap` from 0.4.19 to 0.4.20 - [Release notes](https://github.com/ruby/net-imap/releases) - [Commits](ruby/net-imap@v0.4.19...v0.4.20) --- updated-dependencies: - dependency-name: net-imap dependency-version: 0.4.20 dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] <support@github.com>
This commit updates the .cursorrules file to include instructions for using Brakeman to scan for security vulnerabilities. This addition aims to enhance the security practices within the codebase, ensuring that potential vulnerabilities are identified and addressed effectively.
This commit integrates Brakeman into the project for security vulnerability scanning by adding it to the Gemfile and creating a Rake task for running scans. Additionally, a GitHub Actions workflow is set up to automate Brakeman scans on push and pull request events, ensuring continuous security checks. The .gitignore is updated to exclude Brakeman report files from version control.
This commit updates the Brakeman configuration and GitHub Actions workflow to streamline security scanning processes. The workflow now runs weekly and on specific branches, while the Rake tasks are restructured for clarity. A new Brakeman configuration file is added to customize scan options, ensuring effective vulnerability detection. Additionally, the test task is updated to include Brakeman scans, reinforcing security checks in the CI pipeline.
This commit updates the Brakeman configuration file to enhance security scanning by specifying paths to ignore and refining the list of checks to exclude. The new configuration aims to focus on critical vulnerabilities while reducing noise from less significant warnings, ensuring a more effective security assessment process. Additionally, comments are added to clarify the rationale behind ignored checks, reinforcing the commitment to maintaining robust security practices.
This commit modifies the Rake tasks for running Brakeman security scans by removing unnecessary flags and improving the output messages. The changes ensure clearer communication of scan results, indicating whether security issues were found, thereby enhancing the overall security assessment process in the CI pipeline.
This commit updates the set_address and set_container methods in the AddressesController, AssignmentsController, and BulkContestInstancesController to utilize policy_scope for fetching records. This change enhances authorization checks by ensuring that only accessible records are retrieved based on user permissions, thereby improving security and adherence to best practices.
This commit modifies the error handling in the ApplicationController to redirect users to the root path with an alert message when an ActiveRecord::RecordNotFound exception occurs. This change improves user experience by providing clearer feedback on authorization issues, ensuring that users are informed when they attempt to access restricted resources.
This commit enhances the ContainersController by implementing policy_scope for container retrieval, ensuring that only authorized records are accessed. It introduces new authorization methods for creating and managing containers, improving security and adherence to best practices. Additionally, the structure of the controller is refined for better readability and maintainability.
…_scope This commit updates the set_container and set_contest_description methods in the ContestDescriptionsController to utilize policy_scope for record retrieval. This change enhances security by ensuring that only authorized contest descriptions and containers are accessed, aligning with best practices for authorization in the application.
This commit enhances the email_preferences, send_round_results, and export_entries methods in the ContestInstancesController by implementing error handling for unauthorized access using Pundit. It ensures that users receive appropriate flash messages and are redirected to the root path when they attempt to perform unauthorized actions. Additionally, the set_container method is updated to utilize policy_scope for improved security in record retrieval, aligning with best practices for authorization.
This commit introduces a new Scope class within the ContestDescriptionPolicy to manage record retrieval based on user roles. It allows users with the 'axis_mundi' role to access all contest descriptions, while judges can only access descriptions they are assigned to. For users with container roles, access is limited to their respective containers. This enhancement improves authorization handling and aligns with best practices for security in the application.
This commit introduces a new Scope class within the ContestInstancePolicy to manage record retrieval based on user roles. It allows users with the 'axis_mundi' role to access all contest instances, while users with specific container roles can only access instances linked to their respective containers. This enhancement improves authorization handling and aligns with best practices for security in the application.
This commit updates the EntriesController to improve the handling of entry retrieval and authorization. A new before_action, set_entry_for_profile, is introduced specifically for the applicant_profile action to ensure proper authorization. Additionally, the logic for retrieving entries for container administrators is refined to include both Collection Administrators and Collection Managers, enhancing security and adherence to best practices in authorization.
This commit introduces a new Scope class within the EntryPolicy to manage record retrieval based on user roles. It allows users with the 'axis_mundi' role to access all entries, while collection administrators and managers can only see entries from their respective containers. Judges are restricted to entries they are assigned to, and regular users can only view their own entries. This enhancement improves authorization handling and aligns with best practices for security in the application.
This commit refactors the test Rake tasks to enhance the output format and modularize the test execution logic. A new helper method, run_test, is introduced to streamline the execution of RSpec, Jest, and Brakeman tasks, providing clearer feedback on the success or failure of each test. This change improves maintainability and readability of the test tasks.
This commit updates the visibility logic for the 'Contest Collections' button in the static pages view, allowing access to users with employee, administrator, or manager roles. Additionally, it introduces system tests to verify that only users with the appropriate roles can see the button, improving the user experience and ensuring proper access control.
This commit refines the output formatting in the test Rake tasks by replacing conditional statements with a more concise ternary operator. This change enhances readability and maintains the clarity of success or failure messages for RSpec, Jest, and Brakeman tests, contributing to improved maintainability of the task file.
…ae303 Bump net-imap from 0.4.19 to 0.4.20 in the bundler group across 1 directory
Brakeman add
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.