Removing prefixout updating gems

* Removed prefixout dependency from covalence issue #90 * Updated all gems with bundle update which addressed a few security vulnerabilites. * Updated docs and covalence version to 0.9.8
unifio · Jun 10, 2020 · 57532d2 · 57532d2
1 parent 36cb9d1
commit 57532d2
Show file tree

Hide file tree

Showing 6 changed files with 85 additions and 73 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -8,10 +8,10 @@ jobs:
       - image: circleci/ruby:2.5.5
 
     environment:
-      COVALENCE_VERSION: 0.9.7
-      TERRAFORM_VERSION: 0.12.6
+      COVALENCE_VERSION: 0.9.8
+      TERRAFORM_VERSION: 0.12.26
       SOPS_VERSION: 3.3.1
-      BUNDLER_VERSION: 1.17.2
+      BUNDLER_VERSION: 1.17.3
 
     steps:
       - checkout
@@ -25,11 +25,7 @@ jobs:
             sudo chmod +x /usr/local/bin/terraform;
             # Install Sops
             sudo wget -q "https://github.com/mozilla/sops/releases/download/${SOPS_VERSION}/sops-${SOPS_VERSION}.linux" -O /usr/local/bin/sops
-            sudo chmod +x /usr/local/bin/sops
-            # prefixout used in covaelnce for logging output of commands delivered
-            sudo wget -qO /tmp/prefixout_0.1.0_linux_amd64.zip "https://github.com/unifio/prefixout/releases/download/v0.1.0/prefixout_0.1.0_linux_amd64.zip" && \
-            sudo unzip -d /usr/local/bin /tmp/prefixout_0.1.0_linux_amd64.zip && \
-            sudo chmod +x /usr/local/bin/prefixout;
+            sudo chmod +x /usr/local/bin/sops;
             # Insstall bundler version in Gemlock before install
             gem install bundler:${BUNDLER_VERSION}
             # Install gem bundle

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 0.9.8 (Jun 10, 2020)
+IMPROVEMENTS:
+- Updated all gems to the latest in the Gemfile.lock.
+
+BACKWARDS INCOMPATIBILITIES:
+- Issue [#90](https://github.com/unifio/covalence/issues/90) Removed prefixout dependency from covalence. Directory prefix will no longer be displayed in output. Directory is already output prior to execution.
+
+FIXES:
+- [activesupport](https://github.com/advisories/GHSA-2p68-f74v-9wc6) upgraded activesupport to version 5.2.4.3 or later.
+- [nokogiri](https://github.com/advisories/GHSA-7553-jr98-vx47) Upgrade nokogiri to version 1.10.8 or later.
+
 ## 0.9.7 (Sep 14, 2019)
 
 IMPROVEMENTS:

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    covalence (0.9.7)
+    covalence (0.9.8)
       activemodel (~> 5.2.0)
       activesupport (~> 5.2.0)
       aws-sdk-s3 (~> 1)
@@ -19,39 +19,40 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (5.2.3)
-      activesupport (= 5.2.3)
-    activesupport (5.2.3)
+    activemodel (5.2.4.3)
+      activesupport (= 5.2.4.3)
+    activesupport (5.2.4.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    addressable (2.6.0)
-      public_suffix (>= 2.0.2, < 4.0)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
     ast (2.4.0)
     awesome_print (1.8.0)
-    aws-eventstream (1.0.3)
-    aws-partitions (1.209.0)
-    aws-sdk-core (3.66.0)
-      aws-eventstream (~> 1.0, >= 1.0.2)
-      aws-partitions (~> 1.0)
+    aws-eventstream (1.1.0)
+    aws-partitions (1.327.0)
+    aws-sdk-core (3.98.0)
+      aws-eventstream (~> 1, >= 1.0.2)
+      aws-partitions (~> 1, >= 1.239.0)
       aws-sigv4 (~> 1.1)
       jmespath (~> 1.0)
-    aws-sdk-kms (1.24.0)
-      aws-sdk-core (~> 3, >= 3.61.1)
+    aws-sdk-kms (1.33.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
       aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.48.0)
-      aws-sdk-core (~> 3, >= 3.61.1)
+    aws-sdk-s3 (1.67.1)
+      aws-sdk-core (~> 3, >= 3.96.1)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.1)
-    aws-sigv4 (1.1.0)
+    aws-sigv4 (1.1.4)
       aws-eventstream (~> 1.0, >= 1.0.2)
     axiom-types (0.1.1)
       descendants_tracker (~> 0.0.4)
       ice_nine (~> 0.11.0)
       thread_safe (~> 0.3, >= 0.3.1)
     backport (1.1.2)
-    builder (3.2.3)
+    benchmark (0.1.0)
+    builder (3.2.4)
     byebug (10.0.2)
     ci_reporter (2.0.0)
       builder (>= 2.1.2)
@@ -60,7 +61,7 @@ GEM
       rspec (>= 2.14, < 4)
     coercible (1.0.0)
       descendants_tracker (~> 0.0.1)
-    concurrent-ruby (1.1.5)
+    concurrent-ruby (1.1.6)
     consul_loader (1.0.0)
       rest-client
     crack (0.4.3)
@@ -73,61 +74,67 @@ GEM
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
     dotenv (2.4.0)
+    e2mmap (0.1.0)
     equalizer (0.0.11)
     fabrication (2.20.2)
-    hashdiff (1.0.0)
+    hashdiff (1.0.1)
     hiera (3.4.6)
     highline (1.7.10)
-    htmlentities (4.3.4)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    i18n (1.6.0)
+    i18n (1.8.3)
       concurrent-ruby (~> 1.0)
     ice_nine (0.11.2)
-    jaro_winkler (1.5.3)
+    jaro_winkler (1.5.4)
     jmespath (1.4.0)
     json (2.1.0)
-    kramdown (1.17.0)
-    mime-types (3.3)
+    maruku (0.7.3)
+    mime-types (3.3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2019.0904)
+    mime-types-data (3.2020.0512)
     mini_portile2 (2.4.0)
-    minitest (5.11.3)
+    minitest (5.14.1)
     netrc (0.11.0)
-    nokogiri (1.10.4)
+    nokogiri (1.10.9)
       mini_portile2 (~> 2.4.0)
-    parallel (1.17.0)
-    parser (2.6.3.0)
+    parallel (1.19.1)
+    parser (2.7.1.3)
       ast (~> 2.4.0)
-    public_suffix (3.1.1)
+    public_suffix (4.0.5)
     rainbow (3.0.0)
-    rake (12.3.3)
+    rake (13.0.1)
+    regexp_parser (1.7.1)
     rest-client (2.0.2)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    reverse_markdown (1.1.0)
+    reverse_markdown (2.0.0)
       nokogiri
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.2)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.4)
+    rexml (3.2.4)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.1)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.2)
-    rubocop (0.74.0)
-      jaro_winkler (~> 1.5.1)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.3)
+    rubocop (0.85.1)
       parallel (~> 1.10)
-      parser (>= 2.6)
+      parser (>= 2.7.0.1)
       rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.7)
+      rexml
+      rubocop-ast (>= 0.0.3)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-ast (0.0.3)
+      parser (>= 2.7.0.1)
     ruby-progressbar (1.10.1)
     safe_yaml (1.0.5)
     semantic (1.6.1)
@@ -137,27 +144,29 @@ GEM
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
     slop (4.6.2)
-    solargraph (0.35.2)
+    solargraph (0.39.8)
       backport (~> 1.1)
+      benchmark
       bundler (>= 1.17.2)
-      htmlentities (~> 4.3, >= 4.3.4)
+      e2mmap
       jaro_winkler (~> 1.5)
-      kramdown (~> 1.16)
+      maruku (~> 0.7, >= 0.7.3)
+      nokogiri (~> 1.9, >= 1.9.1)
       parser (~> 2.3)
-      reverse_markdown (~> 1.0, >= 1.0.5)
+      reverse_markdown (>= 1.0.5, < 3)
       rubocop (~> 0.52)
-      thor (~> 0.19, >= 0.19.4)
+      thor (~> 1.0)
       tilt (~> 2.0)
-      yard (~> 0.9)
-    thor (0.20.3)
+      yard (~> 0.9, >= 0.9.24)
+    thor (1.0.1)
     thread_safe (0.3.6)
-    tilt (2.0.9)
-    tzinfo (1.2.5)
+    tilt (2.0.10)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.6)
-    unicode-display_width (1.6.0)
+    unf_ext (0.0.7.7)
+    unicode-display_width (1.7.0)
     virtus (1.0.5)
       axiom-types (~> 0.1)
       coercible (~> 1.0)
@@ -167,7 +176,7 @@ GEM
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff
-    yard (0.9.20)
+    yard (0.9.25)
 
 PLATFORMS
   ruby

diff --git a/README.md b/README.md
@@ -106,7 +106,6 @@ $ bin/covalence spec
 ```
 
 To run the Rspec test locally without container, you will need to install the following:
-* prefixout -- https://github.com/WhistleLabs/prefixout
 * sops -- https://github.com/mozilla/sops
 
 ### UAT
@@ -502,7 +501,6 @@ You will probably need the following packages installed locally
 - Terraform
 - Packer
 - Sops
-- [prefixout](https://github.com/unifio/prefixout/releases)
 
 Execute the following to build the gem:
 

diff --git a/lib/covalence/core/cli_wrappers/popen_wrapper.rb b/lib/covalence/core/cli_wrappers/popen_wrapper.rb
@@ -77,9 +77,7 @@ def spawn_subprocess(env, run_cmd,
         # so when the parent dies, child will know to terminate itself.
         Signal.trap("INT") { logger.info "Trapped Ctrl-c. Disable parent process from exiting, orphaning the child fork below which may or may not work" }
         wait_thread = nil
-        prefix=path.gsub(/^\/workspace*/,'')
-        whole_cmd=['prefixout', '-p', "#{prefix} ", '--'].concat(run_cmd.split)
-        Open3.popen3(env, *whole_cmd, :chdir=>workdir) do |stdin, stdout, stderr, wait_thr|
+        Open3.popen3(env, *run_cmd, :chdir=>workdir) do |stdin, stdout, stderr, wait_thr|
           mappings = { stdin_io => stdin, stdout => stdout_io, stderr => stderr_io }
           wait_thread = wait_thr
 

diff --git a/lib/covalence/version.rb b/lib/covalence/version.rb
@@ -1,3 +1,3 @@
 module Covalence
-  VERSION = "0.9.7"
+  VERSION = "0.9.8"
 end