Switch to GitHub Actions and add brakeman and bundler-audit

.github/workflows/rails.yml

@@ -0,0 +1,61 @@
+# This workflow uses actions that are not certified by GitHub.  They are
+# provided by a third-party and are governed by separate terms of service,
+# privacy policy, and support documentation.
+#
+# This workflow will install a prebuilt Ruby version, install dependencies, and
+# run tests and linters.
+name: "Ruby on Rails CI"
+on:
+  push:
+    branches: ["master"]
+  pull_request:
+    branches: ["master"]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:11-alpine
+        ports:
+          - "5432:5432"
+        env:
+          POSTGRES_DB: stockaid_test
+          POSTGRES_USER: rails
+          POSTGRES_PASSWORD: password
+    env:
+      DATABASE_URL: "postgres://rails:password@localhost:5432/stockaid_test"
+      RAILS_ENV: test
+      STOCKAID_SECRET_KEY_BASE: f152b24044a9dd45656eea8a30f7d7df367497dc4fb53e563425db71c43dc0f959d4d6e62ed54811c6b925db0237a1e16ea9ce1103019ac329660afe40634ead
+      STOCKAID_SITE_NAME: GitHubActionsStockAid
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install Ruby and gems
+        uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+      - name: Set up database schema
+        run: bin/rails db:schema:load
+      - name: Precompile assets
+        run: bin/rake assets:precompile
+      - name: Run tests
+        run: bin/rake spec
+
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Install Ruby and gems
+        uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+      - name: Generate binstubs
+        run: bundle binstubs bundler-audit brakeman rubocop
+      - name: Security audit dependencies
+        run: bin/bundler-audit --update
+      - name: Security audit application code
+        run: bin/brakeman -q -w2
+      - name: Lint Ruby files
+        run: bin/rubocop --parallel

Gemfile

@@ -32,13 +32,15 @@ gem "spreadsheet", "~> 1.1", ">= 1.1.2"
 gem "stateful_enum"
 
 group :development, :test do
+  gem "brakeman", require: false
+  gem "bundler-audit", require: false
   gem "capybara"
   gem "dotenv"
   gem "pry-byebug"
   gem "pry-rails"
   gem "rails-controller-testing"
   gem "rspec-rails", "~> 6.0"
-  gem "rubocop"
+  gem "rubocop", require: false
   gem "sdoc", group: :doc
 end
 

Gemfile.lock

@@ -93,7 +93,12 @@ GEM
     bootstrap-sass (3.4.1)
       autoprefixer-rails (>= 5.2.1)
       sassc (>= 2.0.0)
+    brakeman (6.2.2)
+      racc
     builder (3.3.0)
+    bundler-audit (0.9.2)
+      bundler (>= 1.2.0, < 3)
+      thor (~> 1.0)
     byebug (11.1.3)
     capybara (3.40.0)
       addressable
@@ -499,6 +504,8 @@ DEPENDENCIES
   bootsnap
   bootstrap-datepicker-rails
   bootstrap-sass (~> 3.4.1)
+  brakeman
+  bundler-audit
   byebug
   capybara
   chartkick

Rakefile

@@ -3,13 +3,4 @@
 
 require File.expand_path("../config/application", __FILE__)
 
-# Temp Fix from: https://stackoverflow.com/questions/35893584/nomethoderror-undefined-method-last-comment-after-upgrading-to-rake-11
-module TempFixForRakeLastComment
-  def last_comment
-    last_description
-  end
-end
-Rake::Application.send :include, TempFixForRakeLastComment
-# End Temp Fix
-
 Rails.application.load_tasks