From ebd776e96f30158e7fd81835a8ed3a5eef57e0be Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Tue, 3 Oct 2023 20:24:28 +0530
Subject: [PATCH 1/9] Update Gemfile

---
 Gemfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile b/Gemfile
index 50057d8..183e500 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,8 +1,8 @@
 source 'https://rubygems.org'
 
 
-# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem 'rails', '4.2.5'
+
+gem 'rails', '6.1.7.4'
 # Use sqlite3 as the database for Active Record
 gem 'sqlite3'
 # Use Uglifier as compressor for JavaScript assets

From 86c56a56a080c8fde222d04c53f6209ed33cd5af Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Tue, 3 Oct 2023 20:35:41 +0530
Subject: [PATCH 2/9] Update Gemfile.lock

---
 Gemfile.lock | 60 ++++++++++++++++++++++++++--------------------------
 1 file changed, 30 insertions(+), 30 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index ece6bbf..3362cd3 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,41 +1,41 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (4.2.5)
-      actionpack (= 4.2.5)
-      actionview (= 4.2.5)
-      activejob (= 4.2.5)
+    actionmailer (6.1.7.4)
+      actionpack (= 6.1.7.4)
+      actionview (= 6.1.7.4)
+      activejob (= 6.1.7.4)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.5)
-      actionview (= 4.2.5)
-      activesupport (= 4.2.5)
+    actionpack (6.1.7.4)
+      actionview (= 6.1.7.4)
+      activesupport (= 6.1.7.4)
       rack (~> 1.6)
       rack-test (~> 0.6.2)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.5)
-      activesupport (= 4.2.5)
+    actionview (6.1.7.4)
+      activesupport (= 6.1.7.4)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (4.2.5)
-      activesupport (= 4.2.5)
+    activejob (6.1.7.4)
+      activesupport (= 6.1.7.4)
       globalid (>= 0.3.0)
     activemerchant (1.47.0)
       activesupport (>= 3.2.14, < 5.0.0)
       builder (>= 2.1.2, < 4.0.0)
       i18n (>= 0.6.9)
       nokogiri (~> 1.4)
-    activemodel (4.2.5)
-      activesupport (= 4.2.5)
+    activemodel (6.1.7.4)
+      activesupport (= 6.1.7.4)
       builder (~> 3.1)
-    activerecord (4.2.5)
-      activemodel (= 4.2.5)
-      activesupport (= 4.2.5)
+    activerecord (6.1.7.4)
+      activemodel (= 6.1.7.4)
+      activesupport (= 6.1.7.4)
       arel (~> 6.0)
-    activesupport (4.2.5)
+    activesupport (6.1.7.4)
       i18n (~> 0.7)
       json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
@@ -202,16 +202,16 @@ GEM
       rack
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (4.2.5)
-      actionmailer (= 4.2.5)
-      actionpack (= 4.2.5)
-      actionview (= 4.2.5)
-      activejob (= 4.2.5)
-      activemodel (= 4.2.5)
-      activerecord (= 4.2.5)
-      activesupport (= 4.2.5)
+    rails (6.1.7.4)
+      actionmailer (= 6.1.7.4)
+      actionpack (= 6.1.7.4)
+      actionview (= 6.1.7.4)
+      activejob (= 6.1.7.4)
+      activemodel (= 6.1.7.4)
+      activerecord (= 6.1.7.4)
+      activesupport (= 6.1.7.4)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.5)
+      railties (= 6.1.7.4)
       sprockets-rails
     rails-deprecated_sanitizer (1.0.3)
       activesupport (>= 4.2.0.alpha)
@@ -221,9 +221,9 @@ GEM
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    railties (4.2.5)
-      actionpack (= 4.2.5)
-      activesupport (= 4.2.5)
+    railties (6.1.7.4)
+      actionpack (= 6.1.7.4)
+      activesupport (= 6.1.7.4)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rake (11.1.2)
@@ -364,7 +364,7 @@ DEPENDENCIES
   lingq
   puma
   rack-ssl (= 1.0.0)
-  rails (= 4.2.5)
+  rails (= 6.1.7.4)
   sinatra (= 1.1.4)
   spree (= 3.0.7)
   spring

From 0cecf9bd5661855f2aab567b1c5c22111fc02e41 Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Fri, 24 Nov 2023 18:10:24 +0530
Subject: [PATCH 3/9] Update Gemfile.lock

---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 3362cd3..a731311 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -27,7 +27,7 @@ GEM
       activesupport (>= 3.2.14, < 5.0.0)
       builder (>= 2.1.2, < 4.0.0)
       i18n (>= 0.6.9)
-      nokogiri (~> 1.4)
+      nokogiri (~> 1.13.4)
     activemodel (6.1.7.4)
       activesupport (= 6.1.7.4)
       builder (~> 3.1)

From f8b7c7e6e8144d30866966159423c8ca32f574a7 Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Fri, 24 Nov 2023 18:11:33 +0530
Subject: [PATCH 4/9] Update Gemfile.lock

---
 Gemfile.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index a731311..ec135ee 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -174,7 +174,7 @@ GEM
     neat (1.7.4)
       bourbon (>= 4.0)
       sass (>= 3.3)
-    nokogiri (1.6.7.2)
+    nokogiri (1.13.4)
       mini_portile2 (~> 2.0.0.rc2)
     normalize-rails (3.0.3)
     orm_adapter (0.5.0)
@@ -217,7 +217,7 @@ GEM
       activesupport (>= 4.2.0.alpha)
     rails-dom-testing (1.0.7)
       activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
+      nokogiri (~> 1.13.4)
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)

From 3e01b9a9eb2eb82bf2bd27d05a8d5d62c6f51ce4 Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Wed, 29 Nov 2023 15:50:32 +0530
Subject: [PATCH 5/9] Update Gemfile.lock

---
 Gemfile.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index ec135ee..3e4c02c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -40,7 +40,7 @@ GEM
       json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
-      tzinfo (~> 1.1)
+      tzinfo (~> 1.2.10)
     acts_as_list (0.7.4)
       activerecord (>= 3.0)
     addressable (2.4.0)
@@ -334,7 +334,7 @@ GEM
       cldr-plurals-runtime-rb (~> 1.0.0)
       json
       tzinfo
-    tzinfo (1.2.2)
+    tzinfo (1.2.10)
       thread_safe (~> 0.1)
     uglifier (3.0.0)
       execjs (>= 0.3.0, < 3)

From c9e41efad298b1962a94d2a3fa35853bb6decc0f Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Wed, 10 Jan 2024 18:32:29 +0530
Subject: [PATCH 6/9] Create veracode.yml

---
 .github/workflows/veracode.yml | 59 ++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 .github/workflows/veracode.yml

diff --git a/.github/workflows/veracode.yml b/.github/workflows/veracode.yml
new file mode 100644
index 0000000..6ccbcd6
--- /dev/null
+++ b/.github/workflows/veracode.yml
@@ -0,0 +1,59 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow will initiate a Veracode Static Analysis Pipeline scan, return a results.json and convert to SARIF for upload as a code scanning alert
+
+name: Veracode Static Analysis Pipeline Scan
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "master" ]
+  schedule:
+    - cron: '28 5 * * 6'
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+permissions:
+  contents: read
+
+jobs:
+  # This workflow contains a job to build and submit pipeline scan, you will need to customize the build process accordingly and make sure the artifact you build is used as the file input to the pipeline scan file parameter
+  build-and-pipeline-scan:
+    # The type of runner that the job will run on
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    runs-on: ubuntu-latest
+    steps:
+
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it and copies all sources into ZIP file for submitting for analysis. Replace this section with your applications build steps
+    - uses: actions/checkout@v3
+      with:
+        repository: ''
+
+    - run: zip -r veracode-scan-target.zip ./
+
+    # download the Veracode Static Analysis Pipeline scan jar
+    - run: curl --silent --show-error --fail -O https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip
+    - run: unzip -o pipeline-scan-LATEST.zip
+
+    - uses: actions/setup-java@v3
+      with:
+        java-version: 8
+        distribution: 'temurin'
+    - run: java -jar pipeline-scan.jar --veracode_api_id "${{secrets.VERACODE_API_ID}}" --veracode_api_key "${{secrets.VERACODE_API_KEY}}" --fail_on_severity="Very High, High" --file veracode-scan-target.zip
+      continue-on-error: true
+    - name: Convert pipeline scan output to SARIF format
+      id: convert
+      uses: veracode/veracode-pipeline-scan-results-to-sarif@ff08ae5b45d5384cb4679932f184c013d34da9be
+      with:
+        pipeline-results-json: results.json
+    - uses: github/codeql-action/upload-sarif@v2
+      with:
+        # Path to SARIF file relative to the root of the repository
+        sarif_file: veracode-results.sarif

From 5ee39d7d480e3af4651b10f0a4e6b2ac199a31e7 Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Wed, 10 Jan 2024 18:38:53 +0530
Subject: [PATCH 7/9] Create Test

---
 Test | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 Test

diff --git a/Test b/Test
new file mode 100644
index 0000000..345e6ae
--- /dev/null
+++ b/Test
@@ -0,0 +1 @@
+Test

From 72d54a946e03dfe64251ca2508ed8c5bfe10ee48 Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Wed, 10 Jan 2024 18:49:50 +0530
Subject: [PATCH 8/9] Delete Test

---
 Test | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 Test

diff --git a/Test b/Test
deleted file mode 100644
index 345e6ae..0000000
--- a/Test
+++ /dev/null
@@ -1 +0,0 @@
-Test

From 98b9996fa25eb549888d3352c370883380da1e2f Mon Sep 17 00:00:00 2001
From: Samab1995 <141304864+Samab1995@users.noreply.github.com>
Date: Wed, 10 Jan 2024 18:59:05 +0530
Subject: [PATCH 9/9] Delete .github/workflows/veracode.yml

---
 .github/workflows/veracode.yml | 59 ----------------------------------
 1 file changed, 59 deletions(-)
 delete mode 100644 .github/workflows/veracode.yml

diff --git a/.github/workflows/veracode.yml b/.github/workflows/veracode.yml
deleted file mode 100644
index 6ccbcd6..0000000
--- a/.github/workflows/veracode.yml
+++ /dev/null
@@ -1,59 +0,0 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-# This workflow will initiate a Veracode Static Analysis Pipeline scan, return a results.json and convert to SARIF for upload as a code scanning alert
-
-name: Veracode Static Analysis Pipeline Scan
-
-on:
-  push:
-    branches: [ "master" ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ "master" ]
-  schedule:
-    - cron: '28 5 * * 6'
-
-# A workflow run is made up of one or more jobs that can run sequentially or in parallel
-permissions:
-  contents: read
-
-jobs:
-  # This workflow contains a job to build and submit pipeline scan, you will need to customize the build process accordingly and make sure the artifact you build is used as the file input to the pipeline scan file parameter
-  build-and-pipeline-scan:
-    # The type of runner that the job will run on
-    permissions:
-      contents: read # for actions/checkout to fetch code
-      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
-    runs-on: ubuntu-latest
-    steps:
-
-    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it and copies all sources into ZIP file for submitting for analysis. Replace this section with your applications build steps
-    - uses: actions/checkout@v3
-      with:
-        repository: ''
-
-    - run: zip -r veracode-scan-target.zip ./
-
-    # download the Veracode Static Analysis Pipeline scan jar
-    - run: curl --silent --show-error --fail -O https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip
-    - run: unzip -o pipeline-scan-LATEST.zip
-
-    - uses: actions/setup-java@v3
-      with:
-        java-version: 8
-        distribution: 'temurin'
-    - run: java -jar pipeline-scan.jar --veracode_api_id "${{secrets.VERACODE_API_ID}}" --veracode_api_key "${{secrets.VERACODE_API_KEY}}" --fail_on_severity="Very High, High" --file veracode-scan-target.zip
-      continue-on-error: true
-    - name: Convert pipeline scan output to SARIF format
-      id: convert
-      uses: veracode/veracode-pipeline-scan-results-to-sarif@ff08ae5b45d5384cb4679932f184c013d34da9be
-      with:
-        pipeline-results-json: results.json
-    - uses: github/codeql-action/upload-sarif@v2
-      with:
-        # Path to SARIF file relative to the root of the repository
-        sarif_file: veracode-results.sarif