From 4ec327f705445b2456c7d9712cc428e3c33ba8c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Sun, 9 Sep 2018 08:35:44 +0000 Subject: [PATCH 1/7] [Security] Bump rubyzip from 1.2.1 to 1.2.2 Bumps [rubyzip](https://github.com/rubyzip/rubyzip) from 1.2.1 to 1.2.2. **This update includes security fixes.** - [Release notes](https://github.com/rubyzip/rubyzip/releases) - [Changelog](https://github.com/rubyzip/rubyzip/blob/master/Changelog.md) - [Commits](https://github.com/rubyzip/rubyzip/compare/v1.2.1...v1.2.2) Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 305bdb6f4..00f381168 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -454,7 +454,7 @@ GEM ruby_dep (1.5.0) ruby_parser (3.11.0) sexp_processor (~> 4.9) - rubyzip (1.2.1) + rubyzip (1.2.2) sass (3.5.6) sass-listen (~> 4.0.0) sass-listen (4.0.0) From 7301c6cd6cb3881c3c994938a4bc9a8fc09350b9 Mon Sep 17 00:00:00 2001 From: Awesome Code Date: Tue, 11 Sep 2018 03:02:54 +0000 Subject: [PATCH 2/7] Auto corrected by following Ruby RSpec/HooksBeforeExamples --- spec/controllers/likes_controller_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/controllers/likes_controller_spec.rb b/spec/controllers/likes_controller_spec.rb index 0e9b8ae6b..f256e6ce3 100644 --- a/spec/controllers/likes_controller_spec.rb +++ b/spec/controllers/likes_controller_spec.rb @@ -9,8 +9,8 @@ describe LikesController do before { sign_in member } describe "POST create" do - it { expect(response.content_type).to eq "application/json" } before { post :create, post_id: blogpost.id, format: :json } + it { expect(response.content_type).to eq "application/json" } it { expect(Like.last.likeable_id).to eq(blogpost.id) } it { expect(Like.last.likeable_type).to eq('Post') } From d248f992098863398cef00c19a5208d0ee659016 Mon Sep 17 00:00:00 2001 From: Awesome Code Date: Tue, 11 Sep 2018 03:29:48 +0000 Subject: [PATCH 3/7] Auto corrected by following Ruby rspec layout --- spec/controllers/likes_controller_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/controllers/likes_controller_spec.rb b/spec/controllers/likes_controller_spec.rb index f256e6ce3..bee2ab192 100644 --- a/spec/controllers/likes_controller_spec.rb +++ b/spec/controllers/likes_controller_spec.rb @@ -10,6 +10,7 @@ describe LikesController do describe "POST create" do before { post :create, post_id: blogpost.id, format: :json } + it { expect(response.content_type).to eq "application/json" } it { expect(Like.last.likeable_id).to eq(blogpost.id) } From ef60f74624ea3db3d2b2070fb569a424e22a2dab Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Tue, 11 Sep 2018 15:57:09 +1200 Subject: [PATCH 4/7] Removed extra blank lines --- spec/features/home/home_spec.rb | 1 - spec/views/members/show.rss.haml_spec.rb | 1 - 2 files changed, 2 deletions(-) diff --git a/spec/features/home/home_spec.rb b/spec/features/home/home_spec.rb index c8759d48b..caf3a6b90 100644 --- a/spec/features/home/home_spec.rb +++ b/spec/features/home/home_spec.rb @@ -23,7 +23,6 @@ feature "home page" do harvest.photos << photo end - before { visit root_path } shared_examples 'shows seeds' do diff --git a/spec/views/members/show.rss.haml_spec.rb b/spec/views/members/show.rss.haml_spec.rb index 46a986ae3..bb74e1526 100644 --- a/spec/views/members/show.rss.haml_spec.rb +++ b/spec/views/members/show.rss.haml_spec.rb @@ -11,7 +11,6 @@ describe 'members/show.rss.haml', type: "view" do render end - it 'shows RSS feed title' do is_expected.to match(/member\d+'s recent posts/) end From b69759754fd1930fa00cc6b8450f6731513569f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Tue, 11 Sep 2018 04:12:12 +0000 Subject: [PATCH 5/7] Bump sidekiq from 5.1.3 to 5.2.1 Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.1.3 to 5.2.1. - [Release notes](https://github.com/mperham/sidekiq/releases) - [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md) - [Commits](https://github.com/mperham/sidekiq/compare/v5.1.3...v5.2.1) Signed-off-by: dependabot[bot] --- Gemfile.lock | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 00f381168..106f5d901 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -123,7 +123,7 @@ GEM rails-i18n (>= 4.0.0) sass-rails (>= 4.0.3) concurrent-ruby (1.0.5) - connection_pool (2.2.1) + connection_pool (2.2.2) coveralls (0.8.19) json (>= 1.8, < 3) simplecov (~> 0.12.0) @@ -413,7 +413,7 @@ GEM rb-fsevent (0.10.3) rb-inotify (0.9.10) ffi (>= 0.5.0, < 2) - redis (4.0.1) + redis (4.0.2) responders (2.4.0) actionpack (>= 4.2.0, < 5.3) railties (>= 4.2.0, < 5.3) @@ -474,9 +474,8 @@ GEM rubyzip (~> 1.2) sexp_processor (4.11.0) shellany (0.0.1) - sidekiq (5.1.3) - concurrent-ruby (~> 1.0) - connection_pool (~> 2.2, >= 2.2.0) + sidekiq (5.2.1) + connection_pool (~> 2.2, >= 2.2.2) rack-protection (>= 1.5.0) redis (>= 3.3.5, < 5) simplecov (0.12.0) From ea67df0da3a96fca030ab1e2268fc6035ce98f61 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Wed, 12 Sep 2018 10:59:13 +1200 Subject: [PATCH 6/7] Added dependabot to contributors again --- CONTRIBUTORS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 6a768ee85..fba00e2c3 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -90,5 +90,5 @@ submit the change with your pull request. ### Security and Dependency Updates - DeppBot / [deppbot](https://github.com/deppbot) -- dependabot[bot] / [dependabot-bot](https://github.com/dependabot-bot) +- dependabot[bot] / [dependabot-bot] / [dependabot] (https://github.com/dependabot-bot) - dependabot / [dependabot](https://github.com/dependabot) From 4bdcb782d97c3d95aa7403b6d04f8c3c94925ed7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Fri, 5 Oct 2018 02:37:04 +0000 Subject: [PATCH 7/7] [Security] Bump nokogiri from 1.8.4 to 1.8.5 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.8.4 to 1.8.5. **This update includes security fixes.** - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.8.4...v1.8.5) Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 106f5d901..f5c117992 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -311,7 +311,7 @@ GEM multipart-post (2.0.0) nenv (0.3.0) newrelic_rpm (5.2.0.345) - nokogiri (1.8.4) + nokogiri (1.8.5) mini_portile2 (~> 2.3.0) notiffany (0.1.1) nenv (~> 0.1)