LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

fix: Downgrade rack-cors to 2.0.0 to fix CVE-2024-27456 (#9032)

Browse Source
This commit is contained in:
Pranav
2024-02-27 20:20:59 -08:00
committed by GitHub
parent ac249c75c4
commit dca14ef82d
5 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@@ -3,7 +3,7 @@ source 'https://rubygems.org'
ruby '3.2.2' ruby '3.2.2'
##-- base gems for rails --## ##-- base gems for rails --##
gem 'rack-cors', require: 'rack/cors' gem 'rack-cors', '2.0.0', require: 'rack/cors'
gem 'rails', '~> 7.0.8.1' gem 'rails', '~> 7.0.8.1'
# Reduces boot times through caching; required in config/boot.rb # Reduces boot times through caching; required in config/boot.rb
gem 'bootsnap', require: false gem 'bootsnap', require: false

4
Gemfile.lock
View File

@@ -564,7 +564,7 @@ GEM
rack (>= 1.0, < 4) rack (>= 1.0, < 4)
rack-contrib (2.4.0) rack-contrib (2.4.0)
rack (< 4) rack (< 4)
rack-cors (2.0.1) rack-cors (2.0.0)
rack (>= 2.0.0) rack (>= 2.0.0)
rack-mini-profiler (3.2.0) rack-mini-profiler (3.2.0)
rack (>= 1.2.0) rack (>= 1.2.0)
@@ -918,7 +918,7 @@ DEPENDENCIES
puma puma
pundit pundit
rack-attack (>= 6.7.0) rack-attack (>= 6.7.0)
rack-cors rack-cors (= 2.0.0)
rack-mini-profiler (>= 3.2.0) rack-mini-profiler (>= 3.2.0)
rack-timeout rack-timeout
rails (~> 7.0.8.1) rails (~> 7.0.8.1)

1
app/javascript/dashboard/routes/dashboard/settings/reports/components/CsatMetrics.vue
View File

@@ -21,6 +21,7 @@
<div <div
v-if="metrics.totalResponseCount && !ratingFilterEnabled" v-if="metrics.totalResponseCount && !ratingFilterEnabled"
ref="csatHorizontalBarChart"
class="w-full md:w-1/2 md:max-w-[50%] flex-1 rtl:[direction:initial] p-4" class="w-full md:w-1/2 md:max-w-[50%] flex-1 rtl:[direction:initial] p-4"
> >
<h3 <h3

6
app/javascript/dashboard/routes/dashboard/settings/reports/components/specs/CSATMetrics.spec.js
View File

@@ -54,11 +54,13 @@ describe('CsatMetrics.vue', () => {
}); });
it('hides report card if rating filter is enabled', () => { it('hides report card if rating filter is enabled', () => {
expect(wrapper.find('.report-card').exists()).toBe(false); expect(wrapper.find({ ref: 'csatHorizontalBarChart' }).exists()).toBe(
false
);
}); });
it('shows report card if rating filter is not enabled', async () => { it('shows report card if rating filter is not enabled', async () => {
await wrapper.setProps({ filters: {} }); await wrapper.setProps({ filters: {} });
expect(wrapper.find('.report-card').exists()).toBe(true); expect(wrapper.find({ ref: 'csatHorizontalBarChart' }).exists()).toBe(true);
}); });
}); });

2
app/javascript/dashboard/routes/dashboard/settings/reports/components/specs/__snapshots__/CSATMetrics.spec.js.snap
View File

@@ -1,7 +1,7 @@
// Jest Snapshot v1, https://goo.gl/fbAQLP // Jest Snapshot v1, https://goo.gl/fbAQLP
exports[`CsatMetrics.vue computes response count correctly 1`] = ` exports[`CsatMetrics.vue computes response count correctly 1`] = `
<div class="flex flex-wrap mx-0 bg-white dark:bg-slate-800 rounded-[4px] p-4 mb-5 border border-solid border-slate-75 dark:border-slate-700"> <div class="flex-col lg:flex-row flex flex-wrap mx-0 bg-white dark:bg-slate-800 rounded-[4px] p-4 mb-5 border border-solid border-slate-75 dark:border-slate-700">
<csat-metric-card-stub label="CSAT_REPORTS.METRIC.TOTAL_RESPONSES.LABEL" value="100" infotext="CSAT_REPORTS.METRIC.TOTAL_RESPONSES.TOOLTIP"></csat-metric-card-stub> <csat-metric-card-stub label="CSAT_REPORTS.METRIC.TOTAL_RESPONSES.LABEL" value="100" infotext="CSAT_REPORTS.METRIC.TOTAL_RESPONSES.TOOLTIP"></csat-metric-card-stub>
<csat-metric-card-stub label="CSAT_REPORTS.METRIC.SATISFACTION_SCORE.LABEL" value="--" infotext="CSAT_REPORTS.METRIC.SATISFACTION_SCORE.TOOLTIP" disabled="true"></csat-metric-card-stub> <csat-metric-card-stub label="CSAT_REPORTS.METRIC.SATISFACTION_SCORE.LABEL" value="--" infotext="CSAT_REPORTS.METRIC.SATISFACTION_SCORE.TOOLTIP" disabled="true"></csat-metric-card-stub>
<csat-metric-card-stub label="CSAT_REPORTS.METRIC.RESPONSE_RATE.LABEL" value="90%" infotext="CSAT_REPORTS.METRIC.RESPONSE_RATE.TOOLTIP"></csat-metric-card-stub> <csat-metric-card-stub label="CSAT_REPORTS.METRIC.RESPONSE_RATE.LABEL" value="90%" infotext="CSAT_REPORTS.METRIC.RESPONSE_RATE.TOOLTIP"></csat-metric-card-stub>