From 1b58586f703f1cbecece17cab974f276bf16f2f2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Mar 2026 10:18:03 -0500 Subject: [PATCH 1/6] Bump minimatch from 3.1.2 to 3.1.5 (#1986) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index c8c2797af..86ac60cdd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5579,9 +5579,9 @@ "license": "MIT" }, "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz", + "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==", "dev": true, "license": "ISC", "dependencies": { From 48af0cb3845be143fe5fe88009617747e27456bb Mon Sep 17 00:00:00 2001 From: Shelley Nason Date: Tue, 3 Mar 2026 11:01:07 -0500 Subject: [PATCH 2/6] Potential fix for code scanning alert no. 43: Workflow does not contain permissions (#1987) Signed-off-by: Shelley Nason Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/build-widget.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-widget.yml b/.github/workflows/build-widget.yml index b8d5c9ec1..2327c29f6 100644 --- a/.github/workflows/build-widget.yml +++ b/.github/workflows/build-widget.yml @@ -14,6 +14,8 @@ on: jobs: build-widget: + permissions: + contents: read runs-on: ubuntu-22.04 steps: - name: Checkout From d175af395c7cd0a854286fb7cf7a5e1d394bae17 Mon Sep 17 00:00:00 2001 From: Shelley Nason Date: Tue, 3 Mar 2026 13:02:07 -0500 Subject: [PATCH 3/6] Upgrade to most recent version of new-relic. (#1989) --- Gemfile.lock | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index ea566967d..ba212441b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -356,7 +356,8 @@ GEM timeout net-smtp (0.5.1) net-protocol - newrelic_rpm (9.21.0) + newrelic_rpm (10.2.0) + logger nio4r (2.7.4) nokogiri (1.19.1-aarch64-linux-gnu) racc (~> 1.4) From 0d605302ef51695f92eda4ae2d3a86072592dbf6 Mon Sep 17 00:00:00 2001 From: Shelley Nason Date: Thu, 5 Mar 2026 19:04:46 -0500 Subject: [PATCH 4/6] Speed up loading of recent_responses table in admin dashboard (#1988) * Speed up loading of recent_responses table in admin dashboard * Add integration test for admin dashboard recent responses table. --- app/controllers/admin/site_controller.rb | 8 +++-- .../admin/_recent_responses.html.erb | 2 +- spec/features/admin/dashboard_spec.rb | 30 +++++++++++++++++++ 3 files changed, 36 insertions(+), 4 deletions(-) diff --git a/app/controllers/admin/site_controller.rb b/app/controllers/admin/site_controller.rb index 6334cc44b..999cbca8d 100644 --- a/app/controllers/admin/site_controller.rb +++ b/app/controllers/admin/site_controller.rb @@ -12,7 +12,6 @@ def index @response_groups = Submission.group('date(created_at)').count.sort.last(@days_since.days) @user_groups = User.group('date(created_at)').count.sort.last(@days_since.days) @inactive_user_groups = User.where(inactive: true).group('date(updated_at)').count.sort.last(@days_since.days) - todays_submissions = Submission.where('created_at > ?', Time.zone.now - @days_since.days) # Add in 0 count days to fetched analytics @dates.each do |date| @@ -24,8 +23,11 @@ def index @inactive_user_groups = @inactive_user_groups.sort @response_groups = @response_groups.sort - form_ids = todays_submissions.collect(&:form_id).uniq - @recent_forms = Form.includes(:organization).find(form_ids) + @recent_forms = Form.includes(:organization) + .joins(:submissions) + .where("submissions.created_at > ?", Time.zone.now - @days_since.days) + .select("forms.*", "count(distinct submissions.id) as recent_submissions_count") + .group("forms.id") end def a11_v2_collections; end diff --git a/app/views/components/admin/_recent_responses.html.erb b/app/views/components/admin/_recent_responses.html.erb index 6388a2492..b95bbc002 100644 --- a/app/views/components/admin/_recent_responses.html.erb +++ b/app/views/components/admin/_recent_responses.html.erb @@ -23,7 +23,7 @@ <%= link_to form.name, admin_form_path(form) %> - ?", Time.now - days_since.days).count %>"> + <%= number_with_delimiter(c) %> diff --git a/spec/features/admin/dashboard_spec.rb b/spec/features/admin/dashboard_spec.rb index 5afe8624d..f1d294cb7 100644 --- a/spec/features/admin/dashboard_spec.rb +++ b/spec/features/admin/dashboard_spec.rb @@ -142,6 +142,36 @@ end end end + + describe 'recent responses' do + let(:recent_form) { FactoryBot.create(:form, :open_ended_form, organization:) } + let(:older_form) { FactoryBot.create(:form, :recruiter, organization:) } + let!(:recent_form_responses) { + FactoryBot.create_list(:submission, 5, form: recent_form, created_at: 5.days.ago) do |submission, i| + submission.update(created_at: 1.days.ago) if i < 2 + end + } + let!(:older_form_responses) { + FactoryBot.create_list(:submission, 3, form: older_form, created_at: 5.days.ago) + } + + before do + visit admin_dashboard_path + end + + it 'contains a "Data collected over past 3 days" table' do + expect(page).to have_content('Data collected over past 3 days') + table = page.find('#recent-responses table') + expect(table).to be_present + + # 1 form with recent responses, 2 recent responses + rows = table.all('tbody tr') + expect(rows.count).to eq(1) + first_row_cells = rows.first.all('td') + expect(first_row_cells[1].text).to eq('Open-ended Test form') + expect(first_row_cells[2].text).to eq('2') + end + end end # Note: From ce81d1bc489a2619ec6daf5e2aff6bf6a87f89f2 Mon Sep 17 00:00:00 2001 From: Shelley Nason Date: Thu, 5 Mar 2026 19:09:10 -0500 Subject: [PATCH 5/6] Log warning when submission deletion fails. (#1992) --- .../admin/submissions_controller.rb | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/app/controllers/admin/submissions_controller.rb b/app/controllers/admin/submissions_controller.rb index 95b013e62..efa5c11da 100644 --- a/app/controllers/admin/submissions_controller.rb +++ b/app/controllers/admin/submissions_controller.rb @@ -186,25 +186,30 @@ def unmark def delete ensure_form_manager(form: @form) - Event.log_event(Event.names[:response_deleted], 'Submission', @submission.id, "Submission #{@submission.id} undeleted at #{DateTime.now}", current_user.id) - @submission.update(deleted: true, deleted_at: Time.now) + if @submission.update(deleted: true, deleted_at: Time.now) + Event.log_event(Event.names[:response_deleted], 'Submission', @submission.id, "Submission #{@submission.id} deleted at #{DateTime.now}", current_user.id) + else + Rails.logger.warn("Failed to delete submission: #{@submission.errors.full_messages.join(', ')}") + end end def destroy ensure_form_manager(form: @form) - Event.log_event(Event.names[:response_deleted], 'Submission', @submission.id, "Submission #{@submission.id} undeleted at #{DateTime.now}", current_user.id) - @submission.update(deleted: true, deleted_at: Time.now) - - respond_to do |format| - format.js { render :destroy } + if @submission.update(deleted: true, deleted_at: Time.now) + Event.log_event(Event.names[:response_deleted], 'Submission', @submission.id, "Submission #{@submission.id} deleted at #{DateTime.now}", current_user.id) + respond_to do |format| + format.js { render :destroy } + end + else + Rails.logger.warn("Failed to delete submission: #{@submission.errors.full_messages.join(', ')}") end end def undelete ensure_form_manager(form: @form) - Event.log_event(Event.names[:response_undeleted], 'Submission', @submission.id, "Submission #{@submission.id} deleted at #{DateTime.now}", current_user.id) + Event.log_event(Event.names[:response_undeleted], 'Submission', @submission.id, "Submission #{@submission.id} undeleted at #{DateTime.now}", current_user.id) @submission.update(deleted: false, deleted_at: nil) end From d5d50c6a0bfdba4aa1ecb6756d534b956a1e2382 Mon Sep 17 00:00:00 2001 From: Shelley Nason Date: Fri, 6 Mar 2026 10:49:42 -0500 Subject: [PATCH 6/6] Send new relic logs to stdout (#1994) --- config/newrelic.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/config/newrelic.yml b/config/newrelic.yml index fe4e0607f..20e42fdcd 100644 --- a/config/newrelic.yml +++ b/config/newrelic.yml @@ -20,6 +20,7 @@ common: &default_settings # Logging level for log/newrelic_agent.log log_level: info + log_file_path: STDOUT # Environment-specific settings are in this section. # RAILS_ENV or RACK_ENV (as appropriate) is used to determine the environment.