forked from opf/openproject
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Gemfile
395 lines (296 loc) · 11.3 KB
/
Gemfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
#-- copyright
# OpenProject is an open source project management software.
# Copyright (C) 2012-2024 the OpenProject GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See COPYRIGHT and LICENSE files for more details.
#++
source "https://rubygems.org"
# TODO: Once packager.io and heroku buildpacks support bundler 2.4.22,
# then we can use the new bundler syntax `ruby file: '.ruby-version'`.
# https://github.com/heroku/heroku-buildpack-ruby/issues/1408#issuecomment-1841596215
ruby File.read(".ruby-version").strip
gem "actionpack-xml_parser", "~> 2.0.0"
gem "activemodel-serializers-xml", "~> 1.0.1"
gem "activerecord-import", "~> 1.7.0"
gem "activerecord-session_store", "~> 2.1.0"
gem "ox"
gem "rails", "~> 7.1.3"
gem "responders", "~> 3.0"
gem "ffi", "~> 1.15"
gem "rdoc", ">= 2.4.2"
gem "doorkeeper", "~> 5.7.0"
# Maintain our own omniauth due to relative URL root issues
# see upstream PR: https://github.com/omniauth/omniauth/pull/903
gem "omniauth", git: "https://github.com/opf/omniauth", ref: "fe862f986b2e846e291784d2caa3d90a658c67f0"
gem "request_store", "~> 1.7.0"
gem "warden", "~> 1.2"
gem "warden-basic_auth", "~> 0.2.1"
gem "will_paginate", "~> 4.0.0"
gem "friendly_id", "~> 5.5.0"
gem "acts_as_list", "~> 1.2.0"
gem "acts_as_tree", "~> 2.9.0"
gem "awesome_nested_set", "~> 3.6.0"
gem "closure_tree", "~> 7.4.0"
gem "rubytree", "~> 2.0.0"
# Only used in down migrations now.
# Is to be removed once the referencing migrations have been squashed.
gem "typed_dag", "~> 2.0.2", require: false
gem "addressable", "~> 2.8.0"
# Remove whitespace from model input
gem "auto_strip_attributes", "~> 2.5"
# Provide timezone info for TZInfo used by AR
gem "tzinfo-data", "~> 1.2024.1"
# to generate html-diffs (e.g. for wiki comparison)
gem "htmldiff"
# Generate url slugs with #to_url and other string niceties
gem "stringex", "~> 2.8.5"
# CommonMark markdown parser with GFM extension
gem "commonmarker", "~> 1.1.3"
# HTML pipeline for transformations on text formatter output
# such as sanitization or additional features
gem "html-pipeline", "~> 2.14.0"
# Tasklist parsing and renderer
gem "deckar01-task_list", "~> 2.3.1"
# Requires escape-utils for faster escaping
gem "escape_utils", "~> 1.3"
# Syntax highlighting used in html-pipeline with rouge
gem "rouge", "~> 4.3.0"
# HTML sanitization used for html-pipeline
gem "sanitize", "~> 6.1.0"
# HTML autolinking for mails and urls (replaces autolink)
gem "rinku", "~> 2.0.4", require: %w[rinku rails_rinku]
# Version parsing with semver
gem "semantic", "~> 1.6.1"
# generates SVG Graphs
# used for statistics on svn repositories
gem "svg-graph", "~> 2.2.0"
gem "date_validator", "~> 0.12.0"
gem "email_validator", "~> 2.2.3"
gem "json_schemer", "~> 2.3.0"
gem "ruby-duration", "~> 3.2.0"
# `config/initializers/mail_starttls_patch.rb` has also been patched to
# fix STARTTLS handling until https://github.com/mikel/mail/pull/1536 is
# released.
gem "mail", "= 2.8.1"
gem "csv", "~> 3.3"
# provide compatible filesystem information for available storage
gem "sys-filesystem", "~> 1.5.0", require: false
gem "bcrypt", "~> 3.1.6"
gem "multi_json", "~> 1.15.0"
gem "oj", "~> 3.16.0"
gem "daemons"
gem "good_job", "= 3.26.2" # update should be done manually in sync with saas-openproject version.
gem "rack-protection", "~> 3.2.0"
# Rack::Attack is a rack middleware to protect your web app from bad clients.
# It allows whitelisting, blacklisting, throttling, and tracking based
# on arbitrary properties of the request.
# https://github.com/kickstarter/rack-attack
gem "rack-attack", "~> 6.7.0"
# CSP headers
gem "secure_headers", "~> 6.5.0"
# Browser detection for incompatibility checks
gem "browser", "~> 6.0.0"
# Providing health checks
gem "okcomputer", "~> 1.18.1"
gem "gon", "~> 6.4.0"
# Lograge to provide sane and non-verbose logging
gem "lograge", "~> 0.14.0"
# Structured warnings to selectively disable them in production
gem "structured_warnings", "~> 0.4.0"
# catch exceptions and send them to any airbrake compatible backend
# don't require by default, instead load on-demand when actually configured
gem "airbrake", "~> 13.0.0", require: false
gem "markly", "~> 0.10" # another markdown parser like commonmarker, but with AST support used in PDF export
gem "md_to_pdf", git: "https://github.com/opf/md-to-pdf", ref: "32603f09a249999a00e8ca23eb17215b46a26c0f"
gem "prawn", "~> 2.4"
gem "ttfunk", "~> 1.7.0" # remove after https://github.com/prawnpdf/prawn/issues/1346 resolved.
# prawn implicitly depends on matrix gem no longer in ruby core with 3.1
gem "matrix", "~> 0.4.2"
gem "meta-tags", "~> 2.21.0"
gem "paper_trail", "~> 15.1.0"
gem "op-clamav-client", "~> 3.4", require: "clamav"
group :production do
# we use dalli as standard memcache client
# requires memcached 1.4+
gem "dalli", "~> 3.2.0"
gem "redis", "~> 5.2.0"
end
gem "i18n-js", "~> 4.2.3"
gem "rails-i18n", "~> 7.0.0"
gem "sprockets", "~> 3.7.2" # lock sprockets below 4.0
gem "sprockets-rails", "~> 3.5.1"
gem "puma", "~> 6.4"
gem "puma-plugin-statsd", "~> 2.0"
gem "rack-timeout", "~> 0.7.0", require: "rack/timeout/base"
gem "nokogiri", "~> 1.16.0"
gem "carrierwave", "~> 1.3.4"
gem "carrierwave_direct", "~> 2.1.0"
gem "fog-aws"
gem "aws-sdk-core", "~> 3.107"
# File upload via fog + screenshots on travis
gem "aws-sdk-s3", "~> 1.91"
gem "openproject-token", "~> 4.0"
gem "plaintext", "~> 0.3.2"
gem "ruby-progressbar", "~> 1.13.0", require: false
gem "mini_magick", "~> 4.13.0", require: false
gem "validate_url"
# Storages support code
gem "dry-container"
gem "dry-monads"
# ActiveRecord extension which adds typecasting to store accessors
gem "store_attribute", "~> 1.0"
# Appsignal integration
gem "appsignal", "~> 3.10.0", require: false
gem "view_component"
# Lookbook
gem "lookbook", "~> 2.3.0"
# Require factory_bot for usage with openproject plugins testing
gem "factory_bot", "~> 6.4.0", require: false
# require factory_bot_rails for convenience in core development
gem "factory_bot_rails", "~> 6.4.0", require: false
gem "turbo-rails", "~> 2.0.0"
gem "httpx"
group :test do
gem "launchy", "~> 3.0.0"
gem "rack-test", "~> 2.1.0"
gem "shoulda-context", "~> 2.0"
# Test prof provides factories from code
# and other niceties
gem "test-prof", "~> 1.3.0"
gem "turbo_tests", github: "opf/turbo_tests", ref: "with-patches"
gem "rack_session_access"
gem "rspec", "~> 3.13.0"
# also add to development group, so 'spec' rake task gets loaded
gem "rspec-rails", "~> 6.1.0", group: :development
# Retry failures within the same environment
gem "retriable", "~> 3.1.1"
gem "rspec-retry", "~> 0.6.1"
# Accessibility tests
gem "axe-core-rspec"
# Modify ENV
gem "climate_control"
# XML comparison tests
gem "compare-xml", "~> 0.66", require: false
# PDF Export tests
gem "pdf-inspector", "~> 1.2"
# brings back testing for 'assigns' and 'assert_template' extracted in rails 5
gem "rails-controller-testing", "~> 1.0.2"
gem "capybara", "~> 3.40.0"
gem "capybara_accessible_selectors", git: "https://github.com/citizensadvice/capybara_accessible_selectors", branch: "main"
gem "capybara-screenshot", "~> 1.0.17"
gem "cuprite", "~> 0.15.0"
gem "selenium-devtools"
gem "selenium-webdriver", "~> 4.20"
gem "fuubar", "~> 2.5.0"
gem "timecop", "~> 0.9.0"
# Record your test suite's HTTP interactions and replay them during future test runs for fast, deterministic, accurate tests.
gem "vcr"
# Mock backend requests (for ruby tests)
gem "webmock", "~> 3.12", require: false
# Mock selenium requests through proxy (for feature tests)
gem "puffing-billy", "~> 4.0.0"
gem "table_print", "~> 1.5.6"
gem "equivalent-xml", "~> 0.6"
gem "json_spec", "~> 1.1.4"
gem "shoulda-matchers", "~> 6.0", require: nil
gem "parallel_tests", "~> 4.0"
end
group :ldap do
gem "net-ldap", "~> 0.19.0"
end
group :development do
gem "listen", "~> 3.9.0" # Use for event-based reloaders
gem "letter_opener_web"
gem "spring"
gem "spring-commands-rspec"
gem "spring-commands-rubocop"
gem "colored2"
# git hooks manager
gem "lefthook", require: false
end
group :development, :test do
gem "dotenv-rails"
# Tracing and profiling gems
gem "flamegraph", require: false
gem "rack-mini-profiler", require: false
gem "ruby-prof", require: false
gem "stackprof", require: false
# REPL with debug commands
gem "debug"
gem "pry-byebug", "~> 3.10.0", platforms: [:mri]
gem "pry-doc"
gem "pry-rails", "~> 0.3.6"
gem "pry-rescue", "~> 1.6.0"
# ruby linting
gem "rubocop", require: false
gem "rubocop-capybara", require: false
gem "rubocop-factory_bot", require: false
gem "rubocop-openproject", require: false
gem "rubocop-performance", require: false
gem "rubocop-rails", require: false
gem "rubocop-rspec", require: false
gem "rubocop-rspec_rails", require: false
# erb linting
gem "erb_lint", require: false
gem "erblint-github", require: false
# Brakeman scanner
gem "brakeman", "~> 6.1.0"
# i18n-tasks helps find and manage missing and unused translations.
gem "i18n-tasks", "~> 1.0.13"
end
gem "bootsnap", "~> 1.18.0", require: false
# API gems
gem "grape", "~> 2.1.0"
gem "grape_logging", "~> 1.8.4"
gem "roar", "~> 1.2.0"
# CORS for API
gem "rack-cors", "~> 2.0.2"
# Gmail API
gem "google-apis-gmail_v1", require: false
gem "googleauth", require: false
# Required for contracts
gem "disposable", "~> 0.6.2"
platforms :mri, :mingw, :x64_mingw do
group :postgres do
gem "pg", "~> 1.5.0"
end
# Support application loading when no database exists yet.
gem "activerecord-nulldb-adapter", "~> 1.0.0"
# Have application level locks on the database to have a mutex shared between workers/hosts.
# We e.g. employ this to safeguard the creation of journals.
gem "with_advisory_lock", "~> 5.1.0"
end
# Load Gemfile.modules explicitly to allow dependabot to work
eval_gemfile "./Gemfile.modules"
# Load Gemfile.local, Gemfile.plugins and custom Gemfiles
gemfiles = Dir.glob File.expand_path("{Gemfile.plugins,Gemfile.local}", __dir__)
gemfiles << ENV["CUSTOM_PLUGIN_GEMFILE"] unless ENV["CUSTOM_PLUGIN_GEMFILE"].nil?
gemfiles.each do |file|
# We use send to allow dependabot to function
# don't use eval_gemfile(file) here as it will break dependabot!
send(:eval_gemfile, file) if File.readable?(file)
end
gem "openproject-octicons", "~>19.15.0"
gem "openproject-octicons_helper", "~>19.15.0"
gem "openproject-primer_view_components", "~>0.37.1"