From d4b339555da4454c9851600b0e7360f11b89eb56 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Apr 2025 06:59:55 +0200 Subject: [PATCH 1/3] Bump the github-actions group with 2 updates (#437) Bumps the github-actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [actions/dependency-review-action](https://github.com/actions/dependency-review-action). Updates `step-security/harden-runner` from 2.11.0 to 2.11.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf) Updates `actions/dependency-review-action` from 4.5.0 to 4.6.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/3b139cfc5fae8b618d3eae3675e383bb1769c019...ce3cf9537a52e8119d91fd484ab5b8a807627bf8) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.11.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 4.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/part_docs.yml | 2 +- .github/workflows/part_publish.yml | 2 +- .github/workflows/part_release.yml | 2 +- .github/workflows/part_test.yml | 26 +++++++++++++------------- .github/workflows/pr.yml | 4 ++-- .github/workflows/scorecards.yml | 2 +- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/part_docs.yml b/.github/workflows/part_docs.yml index ba756c0..8f403e7 100644 --- a/.github/workflows/part_docs.yml +++ b/.github/workflows/part_docs.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit diff --git a/.github/workflows/part_publish.yml b/.github/workflows/part_publish.yml index cce5ef5..c7d025d 100644 --- a/.github/workflows/part_publish.yml +++ b/.github/workflows/part_publish.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit diff --git a/.github/workflows/part_release.yml b/.github/workflows/part_release.yml index 08accc1..a1d71d0 100644 --- a/.github/workflows/part_release.yml +++ b/.github/workflows/part_release.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit diff --git a/.github/workflows/part_test.yml b/.github/workflows/part_test.yml index 66d063a..461203d 100644 --- a/.github/workflows/part_test.yml +++ b/.github/workflows/part_test.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -49,7 +49,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -74,7 +74,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -121,7 +121,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -168,7 +168,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -222,7 +222,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -264,7 +264,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -310,7 +310,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -346,7 +346,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -375,7 +375,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -413,7 +413,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -445,7 +445,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit @@ -470,7 +470,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 6f356cc..af679f3 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -38,11 +38,11 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit - name: 'Checkout Repository' uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Dependency Review' - uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 \ No newline at end of file + uses: actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6.0 \ No newline at end of file diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 29ab060..a03d01c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: egress-policy: audit From 96c640a234019f954a5617f8d0de44c7c22ab388 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonatan=20M=C3=A4nnchen?= Date: Mon, 7 Apr 2025 16:04:22 +0200 Subject: [PATCH 2/3] Fix Optional Igniter (#438) (#439) --- ...oidcc.gen.provider_configuration_worker.ex | 276 +++++++++--------- 1 file changed, 140 insertions(+), 136 deletions(-) diff --git a/lib/mix/tasks/oidcc.gen.provider_configuration_worker.ex b/lib/mix/tasks/oidcc.gen.provider_configuration_worker.ex index e44fd58..adb9780 100644 --- a/lib/mix/tasks/oidcc.gen.provider_configuration_worker.ex +++ b/lib/mix/tasks/oidcc.gen.provider_configuration_worker.ex @@ -1,145 +1,149 @@ -defmodule Mix.Tasks.Oidcc.Gen.ProviderConfigurationWorker do - @example """ - mix oidcc.gen.provider_configuration_worker \\ - --name MyApp.OpenIDProvider \\ - --issuer https://accounts.google.com \ - """ - - @shortdoc "Generate an OpenID Connect provider configuration worker" - if !Code.ensure_loaded?(Igniter) do - @shortdoc "#{@shortdoc} | Install `igniter` to use" - end - - @moduledoc """ - #{@shortdoc} - - Adds an `Oidcc.ProviderConfiguration.Worker` to your application and - configures it via the `runtime.exs` configuration file. - - ## Example - - ```bash - #{@example} - ``` - - ## Options - - * `--name` or `-n` - The name of the provider configuration worker - * `--issuer` or `-i` - The issuer of the provider - """ - - if Code.ensure_loaded?(Igniter) do - use Igniter.Mix.Task - - alias Igniter.Project.Application - alias Igniter.Project.Config - alias Igniter.Project.Module - - @impl Igniter.Mix.Task - def info(_argv, _composing_task) do - %Igniter.Mix.Task.Info{ - # dependencies to add - adds_deps: [], - # dependencies to add and call their associated installers, if they exist - installs: [], - # An example invocation - example: @example, - # Accept additional arguments that are not in your schema - # Does not guarantee that, when composed, the only options you get are the ones you define - extra_args?: false, - # A list of environments that this should be installed in, only relevant if this is an installer. - only: nil, - # a list of positional arguments, i.e `[:file]` - positional: [], - # Other tasks your task composes using `Igniter.compose_task`, passing in the CLI argv - # This ensures your option schema includes options from nested tasks - composes: [], - # `OptionParser` schema - schema: [name: :string, issuer: :string], - # CLI aliases - aliases: [n: :name, i: :issuer] - } - end - - @impl Igniter.Mix.Task - def igniter(igniter, argv) do - # extract positional arguments according to `positional` above - {_arguments, argv} = positional_args!(argv) - # extract options according to `schema` and `aliases` above - options = setup_options(argv, igniter) - - igniter - |> configure_issuer(options) - |> add_application_worker(options) - end - - defp setup_options(argv, igniter) do - argv - |> options!() - |> Keyword.update( - :name, - Module.module_name(igniter, "OpenIDProvider"), - &Module.parse/1 - ) - |> Keyword.put(:app_name, Igniter.Project.Application.app_name(igniter)) - end - - defp configure_issuer(igniter, options) do - env_prefix = - options[:name] |> Macro.underscore() |> String.upcase() |> String.replace("/", "_") - - config = - case Keyword.fetch(options, :issuer) do - {:ok, issuer} -> - quote do - [issuer: System.get_env(unquote("#{env_prefix}_ISSUER"), unquote(issuer))] - end - - :error -> +case Code.ensure_loaded(Igniter.Mix.Task) do + {:module, Igniter.Mix.Task} -> + defmodule Mix.Tasks.Oidcc.Gen.ProviderConfigurationWorker do + @example """ + mix oidcc.gen.provider_configuration_worker \\ + --name MyApp.OpenIDProvider \\ + --issuer https://accounts.google.com \ + """ + + @shortdoc "Generate an OpenID Connect provider configuration worker" + + @moduledoc """ + #{@shortdoc} + + Adds an `Oidcc.ProviderConfiguration.Worker` to your application and + configures it via the `runtime.exs` configuration file. + + ## Example + + ```bash + #{@example} + ``` + + ## Options + + * `--name` or `-n` - The name of the provider configuration worker + * `--issuer` or `-i` - The issuer of the provider + """ + + use Igniter.Mix.Task + + alias Igniter.Project.Application + alias Igniter.Project.Config + alias Igniter.Project.Module + + @impl Igniter.Mix.Task + def info(_argv, _composing_task) do + %Igniter.Mix.Task.Info{ + # dependencies to add + adds_deps: [], + # dependencies to add and call their associated installers, if they exist + installs: [], + # An example invocation + example: @example, + # Accept additional arguments that are not in your schema + # Does not guarantee that, when composed, the only options you get are the ones you define + extra_args?: false, + # A list of environments that this should be installed in, only relevant if this is an installer. + only: nil, + # a list of positional arguments, i.e `[:file]` + positional: [], + # Other tasks your task composes using `Igniter.compose_task`, passing in the CLI argv + # This ensures your option schema includes options from nested tasks + composes: [], + # `OptionParser` schema + schema: [name: :string, issuer: :string], + # CLI aliases + aliases: [n: :name, i: :issuer] + } + end + + @impl Igniter.Mix.Task + def igniter(igniter, argv) do + # extract positional arguments according to `positional` above + {_arguments, argv} = positional_args!(argv) + # extract options according to `schema` and `aliases` above + options = setup_options(argv, igniter) + + igniter + |> configure_issuer(options) + |> add_application_worker(options) + end + + defp setup_options(argv, igniter) do + argv + |> options!() + |> Keyword.update( + :name, + Module.module_name(igniter, "OpenIDProvider"), + &Module.parse/1 + ) + |> Keyword.put(:app_name, Igniter.Project.Application.app_name(igniter)) + end + + defp configure_issuer(igniter, options) do + env_prefix = + options[:name] |> Macro.underscore() |> String.upcase() |> String.replace("/", "_") + + config = + case Keyword.fetch(options, :issuer) do + {:ok, issuer} -> + quote do + [issuer: System.get_env(unquote("#{env_prefix}_ISSUER"), unquote(issuer))] + end + + :error -> + quote do + [issuer: System.fetch_env!(unquote("#{env_prefix}_ISSUER"))] + end + end + + Config.configure_new( + igniter, + "runtime.exs", + options[:app_name], + [options[:name]], + {:code, config} + ) + end + + defp add_application_worker(igniter, options) do + Application.add_new_child( + igniter, + {Oidcc.ProviderConfiguration.Worker, + {:code, quote do - [issuer: System.fetch_env!(unquote("#{env_prefix}_ISSUER"))] - end - end - - Config.configure_new( - igniter, - "runtime.exs", - options[:app_name], - [options[:name]], - {:code, config} - ) + %{ + name: unquote(options[:name]), + issuer: + Application.fetch_env!(unquote(options[:app_name]), unquote(options[:name]))[ + :issuer + ] + } + end}} + ) + end end - defp add_application_worker(igniter, options) do - Application.add_new_child( - igniter, - {Oidcc.ProviderConfiguration.Worker, - {:code, - quote do - %{ - name: unquote(options[:name]), - issuer: - Application.fetch_env!(unquote(options[:app_name]), unquote(options[:name]))[ - :issuer - ] - } - end}} - ) - end - else - use Mix.Task + _ -> + defmodule Mix.Tasks.Oidcc.Gen.ProviderConfigurationWorker do + @shortdoc "Generate an OpenID Connect provider configuration worker | Install `igniter` to use" + @moduledoc @shortdoc + + use Mix.Task - @impl Mix.Task - def run(_argv) do - Mix.shell().error(""" - The task 'oidcc.gen.provider_configuration_worker' requires igniter to be run. + @impl Mix.Task + def run(_argv) do + Mix.shell().error(""" + The task 'oidcc.gen.provider_configuration_worker' requires igniter to be run. - Please install igniter and try again. + Please install igniter and try again. - For more information, see: https://hexdocs.pm/igniter - """) + For more information, see: https://hexdocs.pm/igniter + """) - exit({:shutdown, 1}) + exit({:shutdown, 1}) + end end - end end From 1982df393960983709e0c068fecb6bf8571ca095 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonatan=20M=C3=A4nnchen?= Date: Mon, 7 Apr 2025 14:05:04 +0000 Subject: [PATCH 3/3] Release v3.5.1 --- src/oidcc.app.src | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/oidcc.app.src b/src/oidcc.app.src index 8e5d144..ad8557b 100644 --- a/src/oidcc.app.src +++ b/src/oidcc.app.src @@ -1,6 +1,6 @@ {application, oidcc, [ {description, "OpenID Connect client library for the BEAM."}, - {vsn, "3.5.0"}, + {vsn, "3.5.1"}, {registered, []}, {applications, [kernel, stdlib, inets, ssl, public_key, telemetry, jose]}, {env, []},