-
Notifications
You must be signed in to change notification settings - Fork 526
Expand file tree
/
Copy pathGemfile
More file actions
435 lines (328 loc) · 14 KB
/
Copy pathGemfile
File metadata and controls
435 lines (328 loc) · 14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
source 'https://rubygems.org'
ruby '>= 3.0', '< 3.5'
# after pushing this fuzzy match thru chef, commit to make this be:
# ruby '3.3.4'
# Ruby 2.7 no longer includes some libraries by default; install
# the ones we need here
# see https://www.ruby-lang.org/en/news/2019/12/25/ruby-2-7-0-released/
gem 'thwait'
# Ruby >= 2.7.7 targets a version of CGI with over-restrictive domain
# validation; manually target a later version to pick up https://github.com/ruby/cgi/pull/29
gem 'cgi', '~> 0.3.6'
# Ruby 3.0 no longer provides sorted_set by default, so install it manually
# see https://github.com/ruby/set/pull/2
gem 'sorted_set'
gem 'mutex_m' # needed for httpclient in Ruby >= 3.4, drop explicit dep if we upgrade httpclient
gem 'abbrev' # needed for activesupport in Ruby >= 3.4, drop explicit dep after we upgrade to activesupport >= 7.2
gem 'drb' # needed for activesupport in Ruby >= 3.4, drop explicit after we upgrade to activesupport >= 7.2
gem 'observer' # needed for activesupport in Ruby >= 3.4, drop explicit after we upgrade to activesupport >= 7.2
gem 'syslog' # needed for activesupport in Ruby >= 3.4, drop explicit after we upgrade to activesupport >= 7.2
gem 'rails', '~> 7.0'
gem 'rails-controller-testing', '~> 1.0.5'
# Compile Sprockets assets concurrently in `assets:precompile`.
# TODO: update to Sprockets 4.x mainline, which includes this change but also
# other breaking changes from 3.x
# Ref: https://github.com/rails/sprockets/pull/469
# Ref: https://github.com/rails/sprockets/blob/main/UPGRADING.md#manifestjs
gem 'sprockets', github: 'code-dot-org/sprockets', ref: 'concurrent_asset_bundle_3.x'
# Starting in Rails 7, sprockets is no longer an automatic dependency, so we
# need to declare it specifically. We pin to the specific version we are
# currently using to reduce moving parts during the Rails upgrade; we can
# loosen this to something like "~> 3.5" once we're fully on Rails 7.
# In the long term, we probably want to migrate away from sprockets entirely.
gem 'sprockets-rails', '3.3.0'
# Rails depends on zeitwerk ~>2.3, but cpath support added in 2.6.9 plays a bit
# nicer with some of our more convoluted model names (eg, LevelsScriptLevel).
gem 'zeitwerk', '~> 2.6.9'
# provide `respond_to` methods
# (see: http://guides.rubyonrails.org/4_2_release_notes.html#respond-with-class-level-respond-to)
gem 'responders', '~> 3.0'
gem 'sinatra', '2.2.3', require: 'sinatra/base'
gem 'mysql2', '>= 0.4.1'
gem 'dalli' # memcached
gem 'dalli-elasticache' # ElastiCache Auto Discovery memcached nodes
gem 'google_drive'
gem 'jumphash'
gem 'os'
gem 'parallel'
gem 'redis', '~> 4.8.1'
gem 'redis-actionpack', '~> 5.4.0'
# Using commit ref on fork until maintainer publishes a new version.
gem 'redis-slave-read', require: false, github: 'code-dot-org/redis-slave-read', ref: 'cfe1bd0f5cf65eee5b52560139cab133f22cb880'
gem 'xxhash'
# Google APIs. Formerly just the `google-api-client` gem
# See https://github.com/googleapis/google-api-ruby-client/blob/main/google-api-client/OVERVIEW.md
gem 'google-apis-core'
gem 'google-apis-analytics_v3'
gem 'google-apis-classroom_v1'
gem 'google-apis-youtube_v3'
# CSRF protection for Sinatra.
gem 'rack_csrf'
# Allow profiling in all environments (including production). It will only be enabled when
# CDO.rack_mini_profiler_enabled is set. See dashboard/config/initializers/mini_profiler.rb
gem 'memory_profiler'
gem 'rack-mini-profiler'
gem 'annotaterb', '~> 4.19', group: [:development, :test]
group :development do
gem 'aws-google', '~> 0.2.3'
gem 'web-console', '~> 4.2.0'
# Bootsnap pre-caches Ruby require paths + bytecode and speeds up boot time significantly.
# We only use it in development atm to get a feel for it, and the benefit is greatest here.
gem 'bootsnap', '>= 1.14.0', require: false
gem 'localhost'
end
# Rack::Cache middleware used in development/test;
# Rack::Cache::Response used by Rack::Optimize in non-development environments.
gem 'rack-cache'
group :development, :test do
gem 'rerun'
gem 'thin'
# Use debugger
#gem 'debugger' unless ENV['RM_INFO']
gem 'active_record_query_trace'
gem 'benchmark-ips'
gem 'better_errors', '>= 2.7.0'
gem 'brakeman'
gem 'database_cleaner-active_record', '~> 2.1.0'
gem 'haml-rails' # haml (instead of erb) generators
gem 'prosopite'
gem 'ruby-prof', '>= 1.7.0'
gem 'vcr', require: false
# For unit testing.
gem 'webmock', '~> 3.8', require: false
gem 'faker', '~> 3.4', require: false
gem 'fakeredis', require: false
gem 'mocha', '~> 1.2.1', require: false
gem 'timecop', '>= 0.9.4' # required for Ruby 3.1 support
# For UI testing.
gem 'cucumber'
gem 'eyes_selenium', '>= 6.0.4' # required for Ruby 3.2 support
gem 'fakefs', '~> 2.5.0', require: false
gem 'minitest', '~> 5.15'
gem 'minitest-around'
gem 'minitest-rails', '~> 7.0', require: false
gem 'minitest-reporters', '~> 1.2.0.beta3'
gem 'minitest-spec-context', '~> 0.0.3'
gem 'minitest-stub-const', '~> 0.6'
gem 'net-http-persistent'
gem 'rinku'
gem 'rspec', require: false
# Starting with version 4.6, Selenium uses Selenium Manager, eliminating the need for the webdriver gem.
# See: https://github.com/titusfortner/webdrivers/commit/5b3dc29ff5cdb7bec110de949e78184c789ef63a
gem 'selenium-webdriver', '~> 4.6'
gem 'simplecov', '~> 0.22.0', require: false
gem 'spring', '~> 3.1.1'
gem 'spring-commands-testunit'
# For pegasus PDF generation / merging testing.
gem 'parallel_tests'
gem 'pdf-reader', require: false
end
# Needed for unit testing, and also for /rails/mailers email previews.
gem 'factory_bot_rails', '~> 6.2', group: [:development, :staging, :test, :adhoc]
# For pegasus PDF generation.
gem 'open_uri_redirections', require: false
# Optimizes copy-on-write memory usage with GC before web-application fork.
gem 'nakayoshi_fork'
gem 'jmespath', '~> 1.4' # Used by our pumactl wrapper shell script to filter JSON output.
gem 'puma_worker_killer'
gem 'sd_notify' # required for Puma to support systemd's Type=notify
# We are using Puma just 2 commits past Puma 7.2 release, but crucially this includes a PR
# that enables Puma to dump backtraces when it receives SIGPWR on Linux. We need this
# PR for debugging and it is not included in a release (yet).
#
# Backtrace PR: https://github.com/puma/puma/pull/3829
#
# We should switch to Puma 7.3 as soon as it is released and remove this comment, (expected ~Mar-May 2026)
gem 'puma', git: 'https://github.com/puma/puma.git', ref: '42161dd0fc3f3ad9d51359e4037c75b351b18219'
# gem 'puma', '~> 7.2'
gem 'chronic', '~> 0.10.2'
gem 'sass-rails', '~> 6.0.0'
# Temporarily use our own fork of sassc-rails (a dependency of sass-rails),
# while we try to get some bugs fixed upstream.
# See https://github.com/sass/sassc-rails/pull/153 for context.
gem 'sassc-rails', github: 'code-dot-org/sassc-rails', ref: 'frozen-array-fix'
# Use Uglifier as compressor for JavaScript assets.
gem 'uglifier', '>= 1.3.0'
# Use jquery as the JavaScript library.
gem 'jquery-rails'
gem 'phantomjs', '~> 1.9.7.1'
# For emoji in utility output.
gem 'gemoji'
# Authentication and permissions.
gem 'cancancan', '~> 3.5.0'
gem 'devise', '~> 4.9.0'
gem 'devise_invitable', '~> 2.0.12'
gem 'omniauth-classlink', '~> 0.3.1'
gem 'omniauth-clever', '~> 3.0.0', github: 'code-dot-org/omniauth-clever', tag: 'v3.0.0'
gem 'omniauth-facebook', '~> 10.0.0'
gem 'omniauth-google-oauth2', '~> 1.1.3'
gem 'omniauth-microsoft_v2_auth', github: 'dooly-ai/omniauth-microsoft_v2_auth'
# Resolve CVE 2015 9284
# see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9284
gem 'omniauth-rails_csrf_protection', '~> 1.0.2'
gem 'bootstrap-sass', '~> 2.3.2.2'
gem 'haml', '~> 5.2.0'
gem 'jquery-ui-rails', '~> 6.0.1'
gem 'nokogiri', '~> 1.18.9'
gem 'highline', '~> 3.1.0'
gem 'honeybadger', '>= 4.5.6' # error monitoring
gem 'redcarpet', '~> 3.6.0'
gem 'geocoder'
gem 'mini_magick', ">=4.10.0"
gem 'rmagick', '~> 4.2.5'
gem 'acts_as_list'
gem 'kaminari' # pagination
gem 'stringex', '~> 2.5.2' # Provides String.to_ascii
gem 'naturally' # for sorting string naturally
gem 'retryable' # retry code blocks when they throw exceptions
# Used by `uglifier` to minify JS assets in the Asset Pipeline.
gem 'execjs'
# JavaScript runtime used by ExecJS.
# TODO: Either resume installing in all environments once Ubuntu and Mac OS
# support the same version of mini_racer, or remove this dependency entirely
# once node is installed in production. For more details, see
# https://codedotorg.atlassian.net/browse/INF-708
gem 'mini_racer', group: [:staging, :test, :production, :levelbuilder]
gem 'jwt', '~> 2.7.0'
# SMS API for send-to-phone feature; 6.0 includes some breaking changes which
# we'll need to prepare for:
# https://github.com/twilio/twilio-ruby/blob/6.0.0/UPGRADE.md#2023-05-03-5xx-to-6xx
gem 'twilio-ruby', '< 6.0'
# TwitterCldr uses Unicode's Common Locale Data Repository (CLDR)
# to format certain types of text into their localized equivalents.
gem 'twitter_cldr', '~> 6.12.1'
gem 'sequel', '~> 5.29'
gem 'user_agent_parser'
gem 'paranoia', '~> 2.5.0'
# JSON model serializer for REST APIs.
gem 'active_model_serializers', '~> 0.10.13'
# AWS SDK and associated service APIs.
gem 'aws-sdk-acm'
gem 'aws-sdk-applicationautoscaling'
gem 'aws-sdk-autoscaling'
gem 'aws-sdk-bedrockagentruntime'
gem 'aws-sdk-cloudformation'
gem 'aws-sdk-cloudfront'
gem 'aws-sdk-cloudwatch'
gem 'aws-sdk-cloudwatchlogs'
gem 'aws-sdk-comprehend'
gem 'aws-sdk-core', '>= 3.239.2'
gem 'aws-sdk-databasemigrationservice'
gem 'aws-sdk-devicefarm'
gem 'aws-sdk-dynamodb'
gem 'aws-sdk-ec2', '~> 1.424.0' # required for Ruby 3.2 support
gem 'aws-sdk-firehose'
gem 'aws-sdk-glue'
gem 'aws-sdk-rds', '>= 1.205.0'
gem 'aws-sdk-redshiftdataapiservice'
gem 'aws-sdk-route53'
gem 'aws-sdk-s3', '~> 1.113'
gem 'aws-sdk-sagemaker'
gem 'aws-sdk-sagemakerruntime'
gem 'aws-sdk-secretsmanager'
# Lint tools
group :development, :staging, :levelbuilder, :test do
gem 'haml_lint', require: false
gem 'rubocop', '~> 1.28', require: false
gem 'rubocop-factory_bot', require: false
gem 'rubocop-performance', require: false
gem 'rubocop-rails', require: false
gem 'rubocop-rails-accessibility', require: false
gem 'scss_lint', require: false
end
# Reduce volume of production logs
# Ref: https://github.com/roidrage/lograge/pull/252
gem 'lograge', github: 'code-dot-org/lograge', ref: 'debug_exceptions'
gem 'request_store', '~> 1.6.0', require: false
# Enforce SSL
gem 'rack-ssl-enforcer'
# PubSub for NetSim
gem 'pusher', '~> 1.3.1', require: false
gem 'youtube-dl.rb', group: [:development, :staging, :levelbuilder]
gem 'daemons', '1.1.9' # Pinned to old version, see PR 57938
gem 'httparty', '~> 0.24'
gem 'oj', '~> 3.10'
gem 'rest-client', '~> 2.0.1'
# A rest-client dependency
# Needs to be at least this version to install successfully on some ARM processors.
gem 'unf_ext', '0.0.7.4'
# Generate SSL certificates.
gem 'acmesmith', '~> 2.3.1'
gem 'addressable'
# bcrypt version specified due to "Invalid Hash" error in Linux
gem 'bcrypt', '3.1.13'
gem 'sshkit'
gem 'validates_email_format_of'
gem 'validate_url', '~> 1.0.15'
# Target 14.0.5 specifically, because 14.0.6 removed an important performance optimization.
gem 'composite_primary_keys', '14.0.5'
# GitHub API; used by the DotD script to automatically create new
# releases on deploy
gem 'octokit'
# Used to create a prefix trie of student names within a section
gem 'full-name-splitter', github: 'pahanix/full-name-splitter'
gem 'rambling-trie', '>= 2.1.1'
# Ref: https://github.com/toy/image_optim/pull/145
# Also include sRGB color profile conversion.
gem 'image_optim', github: 'code-dot-org/image_optim', ref: 'cdo'
# Image-optimization tools and binaries.
gem 'image_optim_pack', '~> 0.5.0', github: 'code-dot-org/image_optim_pack', ref: 'guetzli'
gem 'image_optim_rails', '~> 0.4.0'
gem 'image_size', require: false
# Auto strip model attributes before validation (opt in)
gem 'auto_strip_attributes', '~> 2.1'
# Used to sort UTF8 strings properly
gem 'sort_alphabetical', github: 'grosser/sort_alphabetical'
gem 'recaptcha', require: 'recaptcha/rails'
gem 'loofah', '~> 2.19.1'
# Install pg gem only on specific production hosts.
require_pg = lambda do
require 'socket'
%w[production-daemon production-console].include?(Socket.gethostname)
end
install_if require_pg do
# v1.3.0 required to support Postgres 14
gem 'pg', '~> 1.3.0', require: false
end
gem 'activerecord-import', '~> 1.3.0'
gem 'active_record_union'
gem 'scenic'
gem 'scenic-mysql_adapter'
gem 'colorize'
gem 'require_all', require: false
gem 'dotiw'
gem 'ruby-progressbar'
gem 'pry', '~> 0.14.0'
# Google's Compact Language Detector
gem 'cld'
gem "pycall", ">= 1.5.2"
gem "delayed_job_active_record", "~> 4.1"
gem 'rack-cors', '~> 2.0.1'
# pin http to 5.0 or greater so that statsig does not pull in an older version.
# older versions depend on http-parser which breaks some developer builds.
# Speculatively target 5.3 specifically to diagnose some S3 networking errors
gem 'http', '~> 5.3.1'
gem 'statsig', '~> 2.5.5'
gem 'mailgun-ruby', '~>1.2.14'
gem 'mailjet', '~> 1.7.3'
# Used for generating js file that defines all Rails named routes as js helper functions.
gem 'js-routes', '~> 2.3', require: false
gem 'json-jwt', '~> 1.15'
gem "json-schema", "~> 4.3"
gem "csv"
gem "async", "~> 1.32"
gem "webrick", "~> 1.9"
gem 'rubyzip'
# Automatically include all rails engines under dashboard/
Dir[Bundler.root.join('{,dashboard/}engines/*/*.gemspec')].sort.each do |gemspec_path|
gem File.basename(gemspec_path, '.gemspec'), path: '.', glob: '{,dashboard/}engines/*/*.gemspec'
end
# OpenSSL 3.6 broke Ruby's OpenSSL bindings, see: https://github.com/ruby/openssl/issues/949
# By using the openssl gem, we can pick up the fixes without needing to upgrade Ruby.
# This gem line can be removed once we upgrade to Ruby 3.4 >= 3.4.8, or Ruby 3.3 >= 3.3.10 or Ruby 3.2 >= 3.2.10
# which will include the openssl fix by default, see: https://github.com/ruby/openssl/issues/949#issuecomment-3388132260
gem 'openssl', '>= 3.3.1'
# Used for Clever Client
gem 'typhoeus', '~> 1.0', '>= 1.0.1'
# Used for Vite integration, only available in development and adhoc at this time.
gem "vite_rails", "~> 3.0", group: [:development, :adhoc, :staging, :test]