denny · duknic · May 12, 2021 · May 18, 2021 · May 18, 2021 · May 20, 2021
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -4,17 +4,18 @@
 
 version: 2.1
 orbs:
-  ruby: circleci/ruby@1.1.1
+  ruby: circleci/ruby@2.2.1
 jobs:
   build:
     docker:
-      - image: circleci/ruby:2.7.3-node-browsers
+      - image: cimg/ruby:3.3.5-browsers
         environment:
         - RACK_ENV=test
         - RAILS_ENV=test
         - DATABASE_URL=postgres://testuser:testpass@127.0.0.1:5432/mahbucket_test
+        - SKIP_AUTH=true
 
-      - image: circleci/postgres:10-alpine-ram
+      - image: cimg/postgres:10.20
         environment:
           - POSTGRES_USER=testuser
           - POSTGRES_PASSWORD=testpass
@@ -37,3 +38,5 @@ jobs:
 
       - ruby/rubocop-check
       - ruby/rspec-test
+      - store_artifacts:
+          path: ./log/
diff --git a/.github/workflows/dependabot-auto-approve-and-merge.yml b/.github/workflows/dependabot-auto-approve-and-merge.yml
@@ -0,0 +1,11 @@
+name: Dependabot auto-approve and auto-merge
+on: pull_request
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot-workflow:
+    uses: 38degrees/github-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@main
+
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -1,3 +1,5 @@
+inherit_from: .rubocop_todo.yml
+
 require:
   - rubocop-performance
   - rubocop-rails
@@ -33,7 +35,7 @@ Metrics/BlockLength:
 # This set of tests use IP addresses for good reasons
 Style/IpAddresses:
   Exclude:
-    - spec/features/ip_restrictions_spec.rb
+    - spec/requests/ip_restrictions_spec.rb
 
 # This might be worth enabling at some point?
 Bundler/GemVersion:

diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
@@ -0,0 +1,30 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2023-03-06 15:31:07 UTC using RuboCop version 1.47.0.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 6
+Capybara/SpecificMatcher:
+  Exclude:
+    - 'spec/features/user_views_items_spec.rb'
+    - 'spec/requests/ip_restrictions_spec.rb'
+
+# Offense count: 1
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: slashes, arguments
+Rails/FilePath:
+  Exclude:
+    - 'spec/rails_helper.rb'
+
+# Offense count: 3
+Rails/I18nLocaleTexts:
+  Exclude:
+    - 'app/controllers/items_controller.rb'
+
+# Offense count: 1
+Style/TopLevelMethodDefinition:
+  Exclude:
+    - 'spec/support/capybara.rb'
diff --git a/.ruby-version b/.ruby-version
diff --git a/Gemfile b/Gemfile
@@ -1,38 +1,44 @@
+ruby "3.3.5"
+
 source 'https://rubygems.org' do
-  gem 'rails', '~> 6.0.3'
+  gem 'rails', '~> 6.1.7'
 
   # Use postgres as the database for Active Record
   gem 'pg'
   # Use Puma as the app server
   gem 'puma', '~> 5.6'
   # Use SCSS for stylesheets
-  gem 'sass-rails', '~> 6.0'
+  gem 'sass-rails'
   # Use Uglifier as compressor for JavaScript assets
-  gem 'uglifier', '>= 1.3.0'
+  gem 'uglifier'
   # Use CoffeeScript for .coffee assets and views
-  gem 'coffee-rails', '~> 5.0'
+  gem 'coffee-rails'
 
   # Use jquery as the JavaScript library
   gem 'jquery-rails'
   # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
-  gem 'turbolinks', '~> 5'
+  gem 'turbolinks'
   # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
-  gem 'jbuilder', '~> 2.10'
+  gem 'jbuilder'
   # Use Redis adapter to run Action Cable in production
   # gem 'redis', '~> 3.0'
   # Use ActiveModel has_secure_password
   # gem 'bcrypt', '~> 3.1.7'
 
   # Authenticate via Google OAuth
-  gem 'omniauth', '~> 1.9.1'
+  gem 'omniauth', '~> 2.0'
   gem 'omniauth-google-oauth2'
+  gem 'omniauth-rails_csrf_protection'
   gem 'repost'
 
   # Store files on Amazon S3
   gem 'aws-sdk-s3'
-  gem 'paperclip', '~> 6.1.0'
-  gem 'paperclip-meta'
-
+  # Paperclip is no longer maintained and isn't compatible with Ruby 3.
+  # We switched to kt-paperclip.  Sadly we use paperclip-meta for width and height
+  # which is tied to the original paperclip. The author refused the PR that fixes this
+  # so we're now using a version that someone else has fixed!
+  gem "kt-paperclip", '>= 7.0.1'
+  gem 'paperclip-meta', git: 'https://github.com/GoodMeasuresLLC/paperclip-meta'
   # Add tag features
   gem 'acts-as-taggable-on'
 
@@ -42,6 +48,10 @@ source 'https://rubygems.org' do
   # New Relic monitoring
   gem 'newrelic_rpm'
 
+  # Error reporting
+  gem 'sentry-rails'
+  gem 'sentry-ruby'
+
   # https://github.com/advisories/GHSA-vr8q-g5c7-m54m
   gem "nokogiri", ">= 1.11.0.rc4"
 
@@ -51,11 +61,11 @@ source 'https://rubygems.org' do
     gem 'bundler-audit', require: false
     gem 'capybara'
     gem 'pry-rails'
-    gem 'rspec-rails', '~> 4.0'
+    gem 'rspec-rails'
   end
 
   group :development do
-    gem 'listen', '~> 3.2.1'
+    gem 'listen'
     gem 'rails-erd'
     gem 'rubocop', require: false
     gem 'rubocop-performance', require: false
@@ -70,6 +80,5 @@ source 'https://rubygems.org' do
     gem 'rspec'
     gem 'rspec_junit_formatter'
     gem 'selenium-webdriver'
-    gem 'webdrivers', '~> 4.4'
   end
 end