From b31c9557214570d579f46a0c5ea0039d8c2cd9ba Mon Sep 17 00:00:00 2001
From: Kivanio Barbosa <kivanio@gmail.com>
Date: Mon, 7 Aug 2023 09:40:00 -0400
Subject: [PATCH] Fix github workflows

---
 .github/workflows/brakeman.yml |  10 +-
 .github/workflows/linters.yml  |   5 +-
 .github/workflows/main.yml     |   2 +-
 .github/workflows/rubocop.yml  |  11 +-
 .gitignore                     |   1 -
 Gemfile                        |   2 +
 Gemfile.lock                   | 217 +++++++++++++++++++++++++++++++++
 7 files changed, 228 insertions(+), 20 deletions(-)
 create mode 100644 Gemfile.lock

diff --git a/.github/workflows/brakeman.yml b/.github/workflows/brakeman.yml
index 7cef51dda..01669a1c4 100644
--- a/.github/workflows/brakeman.yml
+++ b/.github/workflows/brakeman.yml
@@ -37,20 +37,14 @@ jobs:
       - name: Install Ruby and gems
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '3.2'
+          ruby-version: '2.7'
           bundler-cache: true
 
-      - name: Setup Brakeman
-        env:
-          BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
-        run: |
-          gem install brakeman --version $BRAKEMAN_VERSION
-
       # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Scan
         continue-on-error: true
         run: |
-          brakeman -f sarif -o output.sarif.json .
+          bundle exec brakeman -f sarif -o output.sarif.json .
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index cdc097771..1c53b07f1 100644
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -2,7 +2,8 @@ name: linters
 on:
   push:
     branches: [master]
-  pull_request: ['master']
+  pull_request:
+    branches: ['master']
 jobs:
   lint:
     runs-on: ubuntu-latest
@@ -13,7 +14,7 @@ jobs:
       - name: Install Ruby and gems
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '3.2'
+          ruby-version: '2.7'
           bundler-cache: true
 
       - name: Lint Ruby files
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 1128c23a5..6e04cd819 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -5,7 +5,7 @@
 # This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
 # For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
 
-name: Ruby
+name: CI
 
 on:
   push:
diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml
index 2f2c41267..af7e36c69 100644
--- a/.github/workflows/rubocop.yml
+++ b/.github/workflows/rubocop.yml
@@ -25,16 +25,11 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v3
 
-      # If running on a self-hosted runner, check it meets the requirements
-      # listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
       - name: Set up Ruby
-        uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
+        uses: ruby/setup-ruby@v1
         with:
-          ruby-version: 2.6
-
-      # This step is not necessary if you add the gem to your Gemfile
-      - name: Install Code Scanning integration
-        run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install
+          ruby-version: 2.7
+          bundler-cache: true # runs 'bundle install' and caches installed
 
       - name: Install dependencies
         run: bundle install
diff --git a/.gitignore b/.gitignore
index c04dbae05..aaa2bb6bf 100644
--- a/.gitignore
+++ b/.gitignore
@@ -31,4 +31,3 @@ pkg
 pkg/*.8
 doc
 doc/*.*
-Gemfile.lock
diff --git a/Gemfile b/Gemfile
index 68fb7ff1a..6638ac5a8 100644
--- a/Gemfile
+++ b/Gemfile
@@ -17,6 +17,8 @@ group :development do
 end
 
 group :test do
+  gem 'brakeman'
+  gem 'code-scanning-rubocop'
   gem 'json'
   gem 'rake'
   gem 'rspec'
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 000000000..1a25e436b
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,217 @@
+PATH
+  remote: .
+  specs:
+    brcobranca (10.1.0)
+      activesupport (>= 5.2.6)
+      parseline (>= 1.0.3)
+      rghost (>= 0.9.8)
+      rghost_barcode (>= 0.9)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (7.0.6)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+    addressable (2.8.5)
+      public_suffix (>= 2.0.2, < 6.0)
+    ast (2.4.2)
+    async (2.6.3)
+      console (~> 1.10)
+      fiber-annotation
+      io-event (~> 1.1)
+      timers (~> 4.1)
+    async-http (0.60.2)
+      async (>= 1.25)
+      async-io (>= 1.28)
+      async-pool (>= 0.2)
+      protocol-http (~> 0.24.0)
+      protocol-http1 (~> 0.15.0)
+      protocol-http2 (~> 0.15.0)
+      traces (>= 0.10.0)
+    async-http-faraday (0.12.0)
+      async-http (~> 0.42)
+      faraday
+    async-io (1.35.0)
+      async
+    async-pool (0.4.0)
+      async (>= 1.25)
+    backport (1.2.0)
+    benchmark (0.2.1)
+    brakeman (6.0.1)
+    code-scanning-rubocop (0.6.1)
+      rubocop (~> 1.0)
+    coderay (1.1.3)
+    concurrent-ruby (1.2.2)
+    console (1.21.0)
+      fiber-annotation
+      fiber-local
+    diff-lcs (1.5.0)
+    docile (1.4.0)
+    e2mmap (0.1.0)
+    faraday (2.7.10)
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-http-cache (2.5.0)
+      faraday (>= 0.8)
+    faraday-net_http (3.0.2)
+    faraday-retry (2.2.0)
+      faraday (~> 2.0)
+    fiber-annotation (0.2.0)
+    fiber-local (1.0.0)
+    github_changelog_generator (1.16.4)
+      activesupport
+      async (>= 1.25.0)
+      async-http-faraday
+      faraday-http-cache
+      multi_json
+      octokit (~> 4.6)
+      rainbow (>= 2.2.1)
+      rake (>= 10.0)
+    i18n (1.14.1)
+      concurrent-ruby (~> 1.0)
+    io-event (1.2.3)
+    jaro_winkler (1.5.6)
+    json (2.6.3)
+    kramdown (2.4.0)
+      rexml
+    kramdown-parser-gfm (1.1.0)
+      kramdown (~> 2.0)
+    language_server-protocol (3.17.0.3)
+    method_source (1.0.0)
+    minitest (5.19.0)
+    multi_json (1.15.0)
+    nokogiri (1.15.3-arm64-darwin)
+      racc (~> 1.4)
+    octokit (4.25.1)
+      faraday (>= 1, < 3)
+      sawyer (~> 0.9)
+    parallel (1.23.0)
+    parseline (1.0.3)
+    parser (3.2.2.3)
+      ast (~> 2.4.1)
+      racc
+    protocol-hpack (1.4.2)
+    protocol-http (0.24.7)
+    protocol-http1 (0.15.1)
+      protocol-http (~> 0.22)
+    protocol-http2 (0.15.1)
+      protocol-hpack (~> 1.4)
+      protocol-http (~> 0.18)
+    pry (0.14.2)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    public_suffix (5.0.3)
+    racc (1.7.1)
+    rainbow (3.1.1)
+    rake (13.0.6)
+    rbs (2.8.4)
+    regexp_parser (2.8.1)
+    reverse_markdown (2.1.1)
+      nokogiri
+    rexml (3.2.6)
+    rghost (0.9.8)
+    rghost_barcode (0.9)
+    rspec (3.12.0)
+      rspec-core (~> 3.12.0)
+      rspec-expectations (~> 3.12.0)
+      rspec-mocks (~> 3.12.0)
+    rspec-core (3.12.2)
+      rspec-support (~> 3.12.0)
+    rspec-expectations (3.12.3)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.12.0)
+    rspec-mocks (3.12.6)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.12.0)
+    rspec-support (3.12.1)
+    rubocop (1.55.1)
+      json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
+      parallel (~> 1.10)
+      parser (>= 3.2.2.3)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.28.1, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 2.4.0, < 3.0)
+    rubocop-ast (1.29.0)
+      parser (>= 3.2.1.0)
+    rubocop-capybara (2.18.0)
+      rubocop (~> 1.41)
+    rubocop-factory_bot (2.23.1)
+      rubocop (~> 1.33)
+    rubocop-packaging (0.5.2)
+      rubocop (>= 1.33, < 2.0)
+    rubocop-performance (1.18.0)
+      rubocop (>= 1.7.0, < 2.0)
+      rubocop-ast (>= 0.4.0)
+    rubocop-rspec (2.23.0)
+      rubocop (~> 1.33)
+      rubocop-capybara (~> 2.17)
+      rubocop-factory_bot (~> 2.22)
+    ruby-progressbar (1.13.0)
+    ruby2_keywords (0.0.5)
+    sawyer (0.9.2)
+      addressable (>= 2.3.5)
+      faraday (>= 0.17.3, < 3)
+    simplecov (0.22.0)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    solargraph (0.49.0)
+      backport (~> 1.2)
+      benchmark
+      bundler (~> 2.0)
+      diff-lcs (~> 1.4)
+      e2mmap
+      jaro_winkler (~> 1.5)
+      kramdown (~> 2.3)
+      kramdown-parser-gfm (~> 1.1)
+      parser (~> 3.0)
+      rbs (~> 2.0)
+      reverse_markdown (~> 2.0)
+      rubocop (~> 1.38)
+      thor (~> 1.0)
+      tilt (~> 2.0)
+      yard (~> 0.9, >= 0.9.24)
+    test-prof (1.2.2)
+    thor (1.2.2)
+    tilt (2.2.0)
+    timecop (0.9.6)
+    timers (4.3.5)
+    traces (0.11.1)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (2.4.2)
+    yard (0.9.34)
+
+PLATFORMS
+  arm64-darwin-22
+
+DEPENDENCIES
+  brakeman
+  brcobranca!
+  code-scanning-rubocop
+  faraday-retry
+  github_changelog_generator
+  json
+  pry
+  rake
+  rspec
+  rubocop
+  rubocop-packaging
+  rubocop-performance
+  rubocop-rspec
+  simplecov
+  solargraph
+  test-prof
+  timecop
+
+BUNDLED WITH
+   2.4.14