diff --git a/.circleci/config.yml b/.circleci/config.yml index 79a2f8f..dbb0f2a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,7 +5,7 @@ version: 2.1 defaults: &defaults working_directory: ~/truemail-server docker: - - image: cimg/ruby:3.2.0-node + - image: cimg/ruby:3.3.0-node references: install_bundler: &install_bundler @@ -64,6 +64,10 @@ jobs: - <<: *save_bundle_cache - <<: *install_linters + - run: + name: Running commit linters + command: lefthook run commit-linters + - run: name: Running code style linters command: lefthook run code-style-linters diff --git a/.circleci/linter_configs/.commitspell.yml b/.circleci/linter_configs/.commitspell.yml new file mode 100644 index 0000000..104148d --- /dev/null +++ b/.circleci/linter_configs/.commitspell.yml @@ -0,0 +1,41 @@ +--- + +enableGlobDot: true + +patterns: + - name: GithubUser + pattern: /\[@.+\]/gmx + +languageSettings: + - languageId: markdown + ignoreRegExpList: + - Email + - GithubUser + +words: + - autoreleasing + - bagage + - bagages + - bestwebua + - configurator + - codebases + - codeclimate + - commitspell + - changeloglint + - ffaker + - gemset + - gemspecs + - healthcheck + - lefthook + - markdownlint + - multihomed + - punycode + - rcptto + - rubocop + - representer + - shortcuting + - simplecov + - stdlib + - substeps + - truemail + - yamlint diff --git a/.circleci/linter_configs/.lefthook.yml b/.circleci/linter_configs/.lefthook.yml index 05407a5..adc407b 100644 --- a/.circleci/linter_configs/.lefthook.yml +++ b/.circleci/linter_configs/.lefthook.yml @@ -4,6 +4,11 @@ no_tty: true skip_output: - meta +commit-linters: + commands: + commitspell: + run: .circleci/scripts/commitspell.sh -c '.circleci/linter_configs/.commitspell.yml' + code-style-linters: commands: reek: diff --git a/.circleci/scripts/commitspell.sh b/.circleci/scripts/commitspell.sh new file mode 100755 index 0000000..d284cd0 --- /dev/null +++ b/.circleci/scripts/commitspell.sh @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +configuration=$(if [ "$2" = "" ]; then echo "$2"; else echo " $1 $2"; fi) +latest_commit=$(git rev-parse HEAD) + +spellcheck_info() { + echo "Checking the spelling of the latest commit ($latest_commit) message..." +} + +compose_cspell_command() { + echo "cspell-cli lint stdin$configuration" +} + +cspell="$(compose_cspell_command)" + +spellcheck_latest_commit() { + git log -1 --pretty=%B | $cspell +} + +spellcheck_info +spellcheck_latest_commit diff --git a/.codeclimate.yml b/.codeclimate.yml index 22f4659..d660540 100644 --- a/.codeclimate.yml +++ b/.codeclimate.yml @@ -9,7 +9,7 @@ checks: plugins: rubocop: enabled: true - channel: rubocop-1-57 + channel: rubocop-1-61 reek: enabled: true diff --git a/.ruby-version b/.ruby-version index a9cadc6..03463f3 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -ruby-3.2.0 +ruby-3.3.0 diff --git a/CHANGELOG.md b/CHANGELOG.md index 30d2353..df02671 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [0.10.0] - 2024-03-02 + +### Changed + +- Updated application dependencies (`rack` 2.2.8.1, `net-smtp` 0.4.0.1, `truemail` 3.3) +- Updated Ruby version to 3.3.0 +- Updated development dependencies +- Updated application version +- Updated readme + +### Fixed + +- Fixed security vulnerability issues: [CVE-2024-25126](https://github.com/advisories/GHSA-22f2-v57c-j9cx), [CVE-2024-26141](https://github.com/advisories/GHSA-xj5v-6v4g-jfw6), [CVE-2024-26146](https://github.com/advisories/GHSA-54rr-7fvw-6x8f) + ## [0.9.0] - 2023-11-01 ### Changed diff --git a/Gemfile b/Gemfile index 78c07cf..eabe522 100644 --- a/Gemfile +++ b/Gemfile @@ -5,23 +5,23 @@ source 'https://rubygems.org' ruby(::File.read(::File.join(::File.dirname(__FILE__), '.ruby-version')).strip[/-(.+)/, 1]) gem 'dry-struct', '~> 1.6' -gem 'net-smtp', '~> 0.4.0' -gem 'rack', '~> 2.2', '>= 2.2.8' +gem 'net-smtp', '~> 0.4.0.1' +gem 'rack', '~> 2.2', '>= 2.2.8.1' gem 'thin', '~> 1.8', '>= 1.8.2' -gem 'truemail', '~> 3.1' +gem 'truemail', '~> 3.3' group :development, :test do gem 'pry-byebug', '~> 3.10', '>= 3.10.1' gem 'rack-test', '~> 2.1' - gem 'rspec', '~> 3.12' + gem 'rspec', '~> 3.13' # Code quality gem 'bundler-audit', '~> 0.9.1', require: false - gem 'fasterer', '~> 0.10.1', require: false - gem 'reek', '~> 6.1', '>= 6.1.4', require: false - gem 'rubocop', '~> 1.57', '>= 1.57.2', require: false - gem 'rubocop-performance', '~> 1.19', '>= 1.19.1', require: false - gem 'rubocop-rspec', '~> 2.25', require: false + gem 'fasterer', '~> 0.11.0', require: false + gem 'reek', '~> 6.3', require: false + gem 'rubocop', '~> 1.61', require: false + gem 'rubocop-performance', '~> 1.20', '>= 1.20.2', require: false + gem 'rubocop-rspec', '~> 2.27', require: false end group :test do diff --git a/Gemfile.lock b/Gemfile.lock index 7b4b838..26ccc56 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,53 +2,64 @@ GEM remote: https://rubygems.org/ specs: ast (2.4.2) + bigdecimal (3.1.6) bundler-audit (0.9.1) bundler (>= 1.2.0, < 3) thor (~> 1.0) byebug (11.1.3) coderay (1.1.3) - colorize (0.8.1) - concurrent-ruby (1.2.2) + concurrent-ruby (1.2.3) daemons (1.4.1) - diff-lcs (1.5.0) + diff-lcs (1.5.1) docile (1.4.0) + dry-configurable (1.1.0) + dry-core (~> 1.0, < 2) + zeitwerk (~> 2.6) dry-core (1.0.1) concurrent-ruby (~> 1.0) zeitwerk (~> 2.6) dry-inflector (1.0.0) + dry-initializer (3.1.1) dry-logic (1.5.0) concurrent-ruby (~> 1.0) dry-core (~> 1.0, < 2) zeitwerk (~> 2.6) + dry-schema (1.13.3) + concurrent-ruby (~> 1.0) + dry-configurable (~> 1.0, >= 1.0.1) + dry-core (~> 1.0, < 2) + dry-initializer (~> 3.0) + dry-logic (>= 1.4, < 2) + dry-types (>= 1.7, < 2) + zeitwerk (~> 2.6) dry-struct (1.6.0) dry-core (~> 1.0, < 2) dry-types (>= 1.7, < 2) ice_nine (~> 0.11) zeitwerk (~> 2.6) - dry-types (1.7.1) + dry-types (1.7.2) + bigdecimal (~> 3.0) concurrent-ruby (~> 1.0) dry-core (~> 1.0) dry-inflector (~> 1.0) dry-logic (~> 1.4) zeitwerk (~> 2.6) eventmachine (1.2.7) - fasterer (0.10.1) - colorize (~> 0.7) + fasterer (0.11.0) ruby_parser (>= 3.19.1) ice_nine (0.11.2) - json (2.6.3) + json (2.7.1) json_matchers (0.11.1) json_schema json_schema (0.21.0) - kwalify (0.7.2) language_server-protocol (3.17.0.3) method_source (1.0.0) - net-protocol (0.2.1) + net-protocol (0.2.2) timeout - net-smtp (0.4.0) + net-smtp (0.4.0.1) net-protocol - parallel (1.23.0) - parser (3.2.2.4) + parallel (1.24.0) + parser (3.3.0.5) ast (~> 2.4.1) racc pry (0.14.2) @@ -57,58 +68,60 @@ GEM pry-byebug (3.10.1) byebug (~> 11.0) pry (>= 0.13, < 0.15) - racc (1.7.2) - rack (2.2.8) + racc (1.7.3) + rack (2.2.8.1) rack-test (2.1.0) rack (>= 1.3) rainbow (3.1.1) - reek (6.1.4) - kwalify (~> 0.7.0) - parser (~> 3.2.0) + reek (6.3.0) + dry-schema (~> 1.13.0) + parser (~> 3.3.0) rainbow (>= 2.0, < 4.0) - regexp_parser (2.8.2) + rexml (~> 3.1) + regexp_parser (2.9.0) rexml (3.2.6) - rspec (3.12.0) - rspec-core (~> 3.12.0) - rspec-expectations (~> 3.12.0) - rspec-mocks (~> 3.12.0) - rspec-core (3.12.2) - rspec-support (~> 3.12.0) - rspec-expectations (3.12.3) + rspec (3.13.0) + rspec-core (~> 3.13.0) + rspec-expectations (~> 3.13.0) + rspec-mocks (~> 3.13.0) + rspec-core (3.13.0) + rspec-support (~> 3.13.0) + rspec-expectations (3.13.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-mocks (3.12.6) + rspec-support (~> 3.13.0) + rspec-mocks (3.13.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-support (3.12.1) - rubocop (1.57.2) + rspec-support (~> 3.13.0) + rspec-support (3.13.1) + rubocop (1.61.0) json (~> 2.3) language_server-protocol (>= 3.17.0) parallel (~> 1.10) - parser (>= 3.2.2.4) + parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.28.1, < 2.0) + rubocop-ast (>= 1.30.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.30.0) - parser (>= 3.2.1.0) - rubocop-capybara (2.19.0) + rubocop-ast (1.31.1) + parser (>= 3.3.0.4) + rubocop-capybara (2.20.0) + rubocop (~> 1.41) + rubocop-factory_bot (2.25.1) rubocop (~> 1.41) - rubocop-factory_bot (2.24.0) - rubocop (~> 1.33) - rubocop-performance (1.19.1) - rubocop (>= 1.7.0, < 2.0) - rubocop-ast (>= 0.4.0) - rubocop-rspec (2.25.0) + rubocop-performance (1.20.2) + rubocop (>= 1.48.1, < 2.0) + rubocop-ast (>= 1.30.0, < 2.0) + rubocop-rspec (2.27.0) rubocop (~> 1.40) rubocop-capybara (~> 2.17) rubocop-factory_bot (~> 2.22) ruby-progressbar (1.13.0) - ruby_parser (3.20.3) + ruby_parser (3.21.0) + racc (~> 1.5) sexp_processor (~> 4.16) - sexp_processor (4.17.0) + sexp_processor (4.17.1) simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) @@ -121,39 +134,40 @@ GEM daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) - thor (1.3.0) - timeout (0.4.0) - truemail (3.1.0) + thor (1.3.1) + timeout (0.4.1) + truemail (3.3.0) simpleidn (~> 0.2.1) unf (0.1.4) unf_ext - unf_ext (0.0.8.2) + unf_ext (0.0.9.1) unicode-display_width (2.5.0) - zeitwerk (2.6.12) + zeitwerk (2.6.13) PLATFORMS arm64-darwin-22 + ruby DEPENDENCIES bundler-audit (~> 0.9.1) dry-struct (~> 1.6) - fasterer (~> 0.10.1) + fasterer (~> 0.11.0) json_matchers (~> 0.11.1) - net-smtp (~> 0.4.0) + net-smtp (~> 0.4.0.1) pry-byebug (~> 3.10, >= 3.10.1) - rack (~> 2.2, >= 2.2.8) + rack (~> 2.2, >= 2.2.8.1) rack-test (~> 2.1) - reek (~> 6.1, >= 6.1.4) - rspec (~> 3.12) - rubocop (~> 1.57, >= 1.57.2) - rubocop-performance (~> 1.19, >= 1.19.1) - rubocop-rspec (~> 2.25) + reek (~> 6.3) + rspec (~> 3.13) + rubocop (~> 1.61) + rubocop-performance (~> 1.20, >= 1.20.2) + rubocop-rspec (~> 2.27) simplecov (~> 0.22.0) thin (~> 1.8, >= 1.8.2) - truemail (~> 3.1) + truemail (~> 3.3) RUBY VERSION - ruby 3.2.0p0 + ruby 3.3.0p0 BUNDLED WITH - 2.4.6 + 2.5.5 diff --git a/LICENSE.txt b/LICENSE.txt index 6c4c953..a4cc3ba 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2020-2023 Vladislav Trotsenko +Copyright (c) 2020-2024 Vladislav Trotsenko Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 2553911..8edf154 100644 --- a/README.md +++ b/README.md @@ -65,8 +65,8 @@ Before run application you must configure it first. List of available env vars n | `WHITELISTED_DOMAINS` | `somedomain1.com` | - | Validation of email which [contains whitelisted domain](https://truemail-rb.org/truemail-gem/#/validations-layers?id=whitelist-case) always will return `true`. Other validations will not processed even if it was defined in `VALIDATION_TYPE_FOR`. Accepts one ore more values separated by commas. | | `BLACKLISTED_DOMAINS` | `somedomain2.com` | - | Validation of email which [contains blacklisted domain](https://truemail-rb.org/truemail-gem/#/validations-layers?id=blacklist-case) always will return `false`. Other validations will not processed even if it was defined in `VALIDATION_TYPE_FOR`. Accepts one ore more values separated by commas. | | `WHITELIST_VALIDATION` | `true` | - | With this option Truemail will validate email which [contains whitelisted domain only](https://truemail-rb.org/truemail-gem/#/validations-layers?id=whitelist-validation-case), i.e. if domain whitelisted, validation will passed to Regex, MX or SMTP validators. Validation of email which not contains whitelisted domain always will return `false`. It is equal `false` by default. | -| `BLACKLISTED_MX_IP_ADDRESSES` | `127.0.1.1,127.0.1.2` | - | With this option Truemail will filter out unwanted mx servers via predefined list of ip addresses. It can be used as a part of DEA (disposable email address) validations. Accepts one ore more values separated by commas. -| `DNS` | `8.8.8.8,8.8.4.4:53` | - | This option will provide to use custom DNS gateway when Truemail interacts with DNS. If you won't specify nameserver's ports Truemail will use default DNS TCP/UDP port 53. Accepts one ore more values separated by commas. By default Truemail uses DNS gateway from system settings. +| `BLACKLISTED_MX_IP_ADDRESSES` | `127.0.1.1,127.0.1.2` | - | With this option Truemail will filter out unwanted mx servers via predefined list of ip addresses. It can be used as a part of DEA (disposable email address) validations. Accepts one ore more values separated by commas. | +| `DNS` | `8.8.8.8,8.8.4.4:53` | - | This option will provide to use custom DNS gateway when Truemail interacts with DNS. If you won't specify nameserver's ports Truemail will use default DNS TCP/UDP port 53. Accepts one ore more values separated by commas. By default Truemail uses DNS gateway from system settings. | | `NOT_RFC_MX_LOOKUP_FLOW` | `true` | - | This option will provide to use not RFC MX lookup flow. It means that MX and Null MX records will be checked on the DNS validation layer only. By default [this option is disabled](https://truemail-rb.org/truemail-gem/#/validations-layers?id=not-rfc-mx-lookup-flow). | | `SMTP_PORT` | `2525` | - | SMTP port number. It is equal to `25` by default. | | `SMTP_FAIL_FAST` | `true` | - | This option will provide to use SMTP fail fast behavior. When [smtp_fail_fast is enabled](https://truemail-rb.org/truemail-gem/#/validations-layers?id=smtp-fail-fast-enabled) it means that Truemail ends smtp validation session after first attempt on the first mx server in any fail cases (network connection/timeout error, smtp validation error). By default this option is disabled, available for SMTP validation only. | @@ -218,9 +218,9 @@ Content-Type: application/json Server: thin { - "core": "3.0.1", - "platform": "ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-darwin20]", - "version": "0.5.0" + "core": "3.3.0", + "platform": "ruby 3.3.0 (2023-12-25 revision 5124f9ac75) [arm64-darwin22]", + "version": "0.10.0" } ``` diff --git a/app/truemail_server/version.rb b/app/truemail_server/version.rb index 82b84e0..4b6f4ae 100644 --- a/app/truemail_server/version.rb +++ b/app/truemail_server/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module TruemailServer - VERSION = '0.9.0' + VERSION = '0.10.0' end diff --git a/config/initializers/truemail.rb b/config/initializers/truemail.rb index 827353f..979bc2e 100644 --- a/config/initializers/truemail.rb +++ b/config/initializers/truemail.rb @@ -6,5 +6,5 @@ truemail_core_params = System::Configuration::COMMAND_LINE_ATTRS[0...-2] System::Configuration.command_line_params .slice(*truemail_core_params) - .each { |key, value| config.public_send("#{key}=", value) } + .each { |key, value| config.public_send(:"#{key}=", value) } end diff --git a/spec/support/helpers/rack_helpers.rb b/spec/support/helpers/rack_helpers.rb index 5827adc..1d98db2 100644 --- a/spec/support/helpers/rack_helpers.rb +++ b/spec/support/helpers/rack_helpers.rb @@ -14,7 +14,7 @@ def reset_command_line_params! end def reload_rack_cascade! - TruemailServer.send(:remove_const, :RackCascade) + TruemailServer.send(:remove_const, :RackCascade) # rubocop:disable RSpec/RemoveConst load 'app/truemail_server/rack_cascade.rb' end end diff --git a/spec/system/configuration_spec.rb b/spec/system/configuration_spec.rb index 2fd0171..eebe08a 100644 --- a/spec/system/configuration_spec.rb +++ b/spec/system/configuration_spec.rb @@ -45,8 +45,8 @@ it 'raises System::Configuration::Error' do expect { command_line_params }.to raise_error( - System::Configuration::Error, - System::Configuration::INVALID_COMMAND_LINE_PARAMS + described_class::Error, + described_class::INVALID_COMMAND_LINE_PARAMS ) end end diff --git a/spec/truemail_server/router_spec.rb b/spec/truemail_server/router_spec.rb index 4afde44..6f1c89c 100644 --- a/spec/truemail_server/router_spec.rb +++ b/spec/truemail_server/router_spec.rb @@ -51,7 +51,7 @@ let(:headers) { { 'HTTP_AUTHORIZATION' => 'token' } } it 'processes params and proxies request data to controller' do - expect(TruemailServer::Router::Resolver).to receive(:call).with(path).and_return(controller) + expect(described_class::Resolver).to receive(:call).with(path).and_return(controller) expect(router).to eq(params: params.transform_keys(&:to_sym), headers:) end end