Switch to Ruby 3.0+ Compatible Bitbucket Omniauth Provider

* switch to ruby 3-compatible omniauth provider * vuln bump for commonmarker * remove latest brakeman check until ruby 3.0 installed * fix comment's indentation
zendesk · Jun 5, 2023 · 107efb4 · 107efb4
1 parent 6d405b2
commit 107efb4
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 13 deletions.
diff --git a/Gemfile b/Gemfile
@@ -30,7 +30,7 @@ gem 'omniauth-github', git: "https://github.com/omniauth/omniauth-github.git" #
 gem 'omniauth-google-oauth2'
 gem 'omniauth-ldap'
 gem 'omniauth-gitlab'
-gem 'omniauth-bitbucket'
+gem 'omniauth-atlassian-bitbucket'
 gem 'omniauth-rails_csrf_protection' # remove once https://github.com/omniauth/omniauth/pull/809 is resolved
 gem 'octokit'
 gem 'faraday', '~> 2.7'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -309,7 +309,7 @@ GEM
     chef-utils (18.1.29)
       concurrent-ruby
     coderay (1.1.1)
-    commonmarker (0.23.8)
+    commonmarker (0.23.9)
     concurrent-ruby (1.2.2)
     connection_pool (2.2.1)
     crack (0.4.3)
@@ -455,7 +455,6 @@ GEM
       racc (~> 1.4)
     nokogiri (1.14.3-x86_64-linux)
       racc (~> 1.4)
-    oauth (0.5.6)
     oauth2 (1.4.11)
       faraday (>= 0.17.3, < 3.0)
       jwt (>= 1.0, < 3.0)
@@ -468,10 +467,8 @@ GEM
     omniauth (1.9.2)
       hashie (>= 3.4.6)
       rack (>= 1.6.2, < 3)
-    omniauth-bitbucket (0.0.2)
-      multi_json (~> 1.7)
-      omniauth (~> 1.1)
-      omniauth-oauth (~> 1.0)
+    omniauth-atlassian-bitbucket (0.1.0)
+      omniauth-oauth2
     omniauth-gitlab (1.0.2)
       omniauth (~> 1.0)
       omniauth-oauth2 (~> 1.0)
@@ -485,9 +482,6 @@ GEM
       omniauth (~> 1.0)
       pyu-ruby-sasl (~> 0.0.3.2)
       rubyntlm (~> 0.3.4)
-    omniauth-oauth (1.1.0)
-      oauth
-      omniauth (~> 1.0)
     omniauth-oauth2 (1.7.3)
       oauth2 (>= 1.4, < 3)
       omniauth (>= 1.9, < 3)
@@ -709,7 +703,7 @@ DEPENDENCIES
   net-http-persistent
   octokit
   omniauth
-  omniauth-bitbucket
+  omniauth-atlassian-bitbucket
   omniauth-github!
   omniauth-gitlab
   omniauth-google-oauth2

diff --git a/Rakefile b/Rakefile
@@ -52,7 +52,9 @@ end
 
 desc "'Run brakeman, use `bundle exec brakeman --add-engine-path 'plugins/*' -I` to add or remove obsolete ignores"
 task :brakeman do
-  system("brakeman --no-pager --add-engine-path 'plugins/*' --ensure-latest") ||
+  system("brakeman --no-pager --add-engine-path 'plugins/*'") ||
+    # TODO: Need to readd --ensure-latest once upgraded to ruby 3.0
+    # system("brakeman --no-pager --add-engine-path 'plugins/*' --ensure-latest") ||
     abort("Fix the found issues, or add new ignored with:\nbundle exec brakeman --add-engine-path 'plugins/*' -I")
 end
 

diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
@@ -61,7 +61,7 @@
   end
 
   if Rails.application.config.samson.auth.bitbucket
-    require 'omniauth-bitbucket'
+    require 'omniauth-atlassian-bitbucket'
     provider(
       :bitbucket,
       ENV.fetch('BITBUCKET_KEY'),