From 86b9635d06047db3c081111046788b94200c9c08 Mon Sep 17 00:00:00 2001
From: Brian Kelly <polymonic@gmail.com>
Date: Fri, 2 Aug 2024 14:58:40 -0500
Subject: [PATCH 1/5] Update rexml gem to address DoS vulnerabilities (#347)

---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 6182119a..3f285088 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -420,7 +420,7 @@ GEM
       actionpack (>= 5.2)
       railties (>= 5.2)
     retriable (3.1.2)
-    rexml (3.3.2)
+    rexml (3.3.4)
       strscan
     rgeo (3.0.0)
     rgeo-geojson (2.1.1)

From bc4edda876078847310f8098edc7d4b032a9dda4 Mon Sep 17 00:00:00 2001
From: Brian Kelly <polymonic@gmail.com>
Date: Fri, 2 Aug 2024 15:03:13 -0500
Subject: [PATCH 2/5] Adds details about running tests to the README (#349)

---
 README.md | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/README.md b/README.md
index cd0f3ad7..a546492f 100644
--- a/README.md
+++ b/README.md
@@ -62,3 +62,29 @@ If the `mysql2` gem fails to install and complains about not finding `zstd` you
 ```bash
 gem install mysql2 -v '0.5.6' -- --with-opt-dir=$(brew --prefix openssl) --with-ldflags=-L/opt/homebrew/opt/zstd/lib
 ```
+
+### Running the Test Suite
+
+To run the full test suite use the following command:
+
+```bash
+$ bundle exec rake ci
+```
+
+This command will start up Solr with a `sdr-core-test` core and then run the full test suite.
+
+#### Running Individual Specs
+
+Some specs (like feature specs) require a `sdr-core-test` core set up in Solr. This is automatically done when running the full test suite using the command above, but for running individual specs you'll need to start it up manually. You can do that using the following command:
+
+```bash
+$ bundle exec rake sdr:test
+```
+
+Then, in another terminal window (or your IDE), run the individual spec.
+
+Note: You'll know this step is necessary if an individual spec fails with an error like the following:
+
+```plaintext
+Blacklight::Exceptions::ECONNREFUSED: Connection refused - Unable to connect to Solr instance using #<RSolr::Client:0x0000000117d5e1a8 @uri=#<URI::HTTP http://127.0.0.1:8983/solr/sdr-core-test/>
+```

From ef0348d97c122d33a787b90abc01558c4e7350a3 Mon Sep 17 00:00:00 2001
From: Brian Kelly <polymonic@gmail.com>
Date: Mon, 5 Aug 2024 09:43:53 -0500
Subject: [PATCH 3/5] Switch to bundler-audit configuration file (#350)

---
 .bundler-audit.yml       | 4 ++++
 .github/workflows/ci.yml | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)
 create mode 100644 .bundler-audit.yml

diff --git a/.bundler-audit.yml b/.bundler-audit.yml
new file mode 100644
index 00000000..2014fde0
--- /dev/null
+++ b/.bundler-audit.yml
@@ -0,0 +1,4 @@
+---
+ignore:
+  - CVE-2015-9284 # Temporarily ignore Omniauth vulnerability
+  - CVE-2024-6531 # No fix for this yet
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ab2eca17..0860019b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -29,4 +29,4 @@ jobs:
         bundle exec rake db:schema:load
         bundle exec rake ci
     - name: Audit gems
-      run: bundle exec bundle-audit check --ignore CVE-2015-9284 # tempoarily ignore omniauth vulnerability
+      run: bundle exec bundle-audit check

From d1101310d236ff8af08b684ff1038b3f1c942f71 Mon Sep 17 00:00:00 2001
From: Brian Kelly <polymonic@gmail.com>
Date: Mon, 5 Aug 2024 11:28:56 -0500
Subject: [PATCH 4/5] Add large directories to Rubocop's ignore list (#351)

---
 .rubocop.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.rubocop.yml b/.rubocop.yml
index 40087c74..1fd39522 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -12,6 +12,9 @@ AllCops:
     - 'vendor/**/*'
     - 'Vagrantfile'
     - 'app/helpers/geoblacklight_helper.rb'
+    - 'coverage/**/*'
+    - 'log/**/*'
+    - 'tmp/**/*'
   NewCops: enable
 
 Style/Documentation:

From a573b8a9cf96736414d02a40334dd6e4e9eb061c Mon Sep 17 00:00:00 2001
From: Brian Kelly <polymonic@gmail.com>
Date: Mon, 5 Aug 2024 11:29:20 -0500
Subject: [PATCH 5/5] Adds Rake tasks to easily load NYU data locally (#352)

---
 README.md          | 18 ++++++++++++++++++
 lib/tasks/sdr.rake | 20 ++++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/README.md b/README.md
index a546492f..2e6e0684 100644
--- a/README.md
+++ b/README.md
@@ -88,3 +88,21 @@ Note: You'll know this step is necessary if an individual spec fails with an err
 ```plaintext
 Blacklight::Exceptions::ECONNREFUSED: Connection refused - Unable to connect to Solr instance using #<RSolr::Client:0x0000000117d5e1a8 @uri=#<URI::HTTP http://127.0.0.1:8983/solr/sdr-core-test/>
 ```
+
+### Loading NYU Data Locally
+
+First, start up the Rails app if it's not already running:
+
+```bash
+$ bundle exec rake sdr:server
+```
+
+This will ensure Solr is up and running.
+
+Then in another terminal run the following Rake task:
+
+```bash
+$ bundle exec rake sdr:load_nyu_data
+```
+
+Once completed, head to <http://localhost:3000/?search_field=all_fields> and you should have a lot more data to work with.
diff --git a/lib/tasks/sdr.rake b/lib/tasks/sdr.rake
index 63d6a90f..b64c0a07 100644
--- a/lib/tasks/sdr.rake
+++ b/lib/tasks/sdr.rake
@@ -78,4 +78,24 @@ namespace :sdr do
       end
     end
   end
+
+  desc 'Clone and index NYU data for local development'
+  task load_nyu_data: :environment do
+    exit unless Rails.env.development?
+
+    puts 'Removing existing edu.nyu repo...'
+    FileUtils.rm_rf('tmp/opengeometadata/edu.nyu')
+
+    puts 'Cloning edu.nyu repository...'
+    system 'bundle exec sdr-cli clone --repo=edu.nyu'
+
+    puts 'Deleting Solr index...'
+    Blacklight.default_index.connection.delete_by_query '*:*'
+    Blacklight.default_index.connection.commit
+
+    puts 'Indexing edu.nyu Aardvark files...'
+    system "bundle exec sdr-cli index --directory=\"tmp/opengeometadata/edu.nyu/metadata-aardvark/**/*.json\" --solr_url=\"#{Settings.SOLR_URL}\""
+
+    puts 'Done!'
+  end
 end