-
Notifications
You must be signed in to change notification settings - Fork 124
/
Gemfile
137 lines (114 loc) · 3.51 KB
/
Gemfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# frozen_string_literal: true
source 'https://rubygems.org'
# ruby=ruby-3.0
# ruby-gemset=conjur
# make sure to use tls for github
git_source(:github) { |name| "https://github.com/#{name}.git" }
# Do not use fuzzy version matching (~>) with the Ruby version. It doesn't play
# nicely with RVM and we should be explicit since Ruby is such a fundamental
# part of a Rails project. The Ruby version is also locked in place by the
# Docker base image so it won't be updated with fuzzy matching.
gem 'base58'
gem 'command_class'
gem 'http', '~> 4.2.0'
gem 'iso8601'
gem 'jbuilder', '~> 2.7.0'
gem 'mustache'
gem 'nokogiri', '>= 1.8.2'
gem 'puma', '~> 6', '>= 6.4.2'
gem 'rack', '~> 2.2', '>= 2.2.8.1'
gem 'rails', '~> 6.1', '>= 6.1.7.8'
gem 'rake'
gem 'pg'
gem 'sequel'
gem 'sequel-pg_advisory_locking'
gem 'sequel-postgres-schemata', require: false
gem 'sequel-rails'
gem 'activesupport', '~> 6.1', '>= 6.1.4.6'
gem 'base32-crockford'
gem 'bcrypt'
gem 'gli', require: false
gem 'listen'
gem 'rexml', '~> 3.3.9'
gem 'slosilo', '~> 3.0'
# Explicitly required as there are vulnerabilities in older versions
gem "ffi", ">= 1.9.24"
gem "loofah", ">= 2.2.3"
# Pinned to update for role member search, using ref so merging and removing
# the branch doesn't immediately break this link
gem 'conjur-api', '~> 5.pre'
gem 'conjur-policy-parser', path: 'gems/policy-parser'
gem 'conjur-rack', path: 'gems/conjur-rack'
gem 'conjur-rack-heartbeat'
gem 'rack-rewrite'
# Putting this here currently confuses debify, so instead load it in
# application.rb gem 'conjur_audit', path: 'engines/conjur_audit'
gem 'dry-struct'
gem 'dry-types'
gem 'dry-validation'
gem 'net-ldap'
# for AWS rotator
gem 'aws-sdk-iam', require: false
# we need this version since any newer introduces braking change that causes issues with safe_yaml: https://github.com/ruby/psych/discussions/571
gem 'psych', '=3.3.2'
group :production do
gem 'rails_12factor'
end
# authn-k8s
gem 'event_emitter'
gem 'kubeclient'
gem 'websocket'
# authn-oidc, gcp, azure, jwt
# gem 'jwt', '2.2.2' # version frozen due to authn-jwt requirements
gem 'jwt', '2.7.1'
# authn-oidc
gem 'openid_connect', '~> 2.0'
gem "anyway_config"
gem 'i18n', '~> 1.8.11'
gem 'json_schemer'
gem 'prometheus-client'
group :development, :test do
gem 'aruba'
gem 'ci_reporter_rspec'
gem 'conjur-cli', '~> 6.2'
gem 'conjur-debify', require: false
gem 'csr'
gem 'cucumber', '~> 7.1'
gem 'database_cleaner', '~> 1.8'
gem 'debase', '~> 0.2.5.beta2'
gem 'debase-ruby_core_source', '~> 3.3'
gem 'debug' # For VSCode debugging
gem 'faye-websocket'
gem 'json_spec', '~> 1.1'
gem 'net-ssh'
gem 'parallel'
gem 'parallel_tests'
gem 'pry-byebug'
gem 'pry-rails'
gem 'rails-controller-testing'
gem 'rails_layout'
gem 'rake_shared_context'
gem 'rspec'
gem 'rspec-core'
gem 'rspec-rails'
# We use a post-coverage hook to sleep covered processes until we're ready to
# collect the coverage reports in CI. Because of this, we don't want bundler
# to auto-load simplecov. Rather we require it directly when we need it.
gem 'simplecov', require: false
gem 'spring'
gem 'spring-commands-cucumber'
gem 'spring-commands-rspec'
gem 'table_print'
gem 'vcr'
gem 'webmock'
gem 'webrick'
end
group :development do
# NOTE: minor version of this needs to match codeclimate channel
gem 'rubocop', '>= 1.4.0', require: false
gem 'reek', require: false
gem 'rubocop-checkstyle_formatter', require: false # for Jenkins
end
group :test do
gem 'haikunator', '~> 1' # for generating random names in tests
end