[Snyk] Fix for 3 vulnerabilities

.github/workflows/command_shell_acceptance.yml

@@ -63,21 +63,23 @@ jobs:
       fail-fast: false
       matrix:
         os:
-          - windows-2019
-          - ubuntu-20.04
+          - windows-2022
+          - ubuntu-latest
         ruby:
-          - '3.2'
+          - '3.4'
         include:
           # Powershell
-          - { command_shell: { name: powershell }, os: windows-2019 }
-          - { command_shell: { name: powershell }, os: windows-2022 }
+          - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2022 }
+          - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2025 }
 
           # Linux
-          - { command_shell: { name: linux }, os: ubuntu-20.04 }
+          - { command_shell: { name: linux }, ruby: '3.4', os: ubuntu-latest }
 
           # CMD
-          - { command_shell: { name: cmd }, os: windows-2019 }
-          - { command_shell: { name: cmd }, os: windows-2022 }
+          - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2022 }
+
+          # TODO: Tests currently fail:
+          # - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2025 }
 
     runs-on: ${{ matrix.os }}
 
@@ -126,10 +128,16 @@ jobs:
         with:
           path: metasploit-framework
 
-      - name: Setup Ruby
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
+      - name: Setup '${{ matrix.ruby }}' Ruby
+        # Skip for now to ensure CI passes on Windows server 2025 powershell tests
+        #env:
+        #  BUNDLE_FORCE_RUBY_PLATFORM: true
+        uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c
         with:
           ruby-version: ${{ matrix.ruby }}
           bundler-cache: true
@@ -175,13 +183,19 @@ jobs:
         if: always()
         run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         if: always()
         env:
           BUNDLE_FORCE_RUBY_PLATFORM: true
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '${{ matrix.ruby }}'
+          # use the default version from the .ruby-version file
+          ruby-version: '.ruby-version'
           bundler-cache: true
           cache-version: 4
 

.github/workflows/docs.yml

@@ -45,6 +45,11 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         uses: ruby/setup-ruby@v1
         with:

.github/workflows/ldap_acceptance.yml

@@ -33,6 +33,8 @@ on:
       - 'metsploit-framework.gemspec'
       - 'Gemfile.lock'
       - '**/**ldap**'
+      - 'lib/metasploit/framework/tcp/**'
+      - 'lib/metasploit/framework/login_scanner/**'
       - 'spec/acceptance/**'
       - 'spec/support/acceptance/**'
       - 'spec/acceptance_spec_helper.rb'
@@ -72,6 +74,11 @@ jobs:
           docker compose build
           docker compose up --wait -d
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         env:
           # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
@@ -121,6 +128,11 @@ jobs:
         if: always()
         run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         if: always()
         env:

.github/workflows/mssql_acceptance.yml

@@ -82,6 +82,11 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         env:
           # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
@@ -138,6 +143,11 @@ jobs:
         if: always()
         run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         if: always()
         env:

.github/workflows/mysql_acceptance.yml

@@ -80,6 +80,11 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         env:
           # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
@@ -137,6 +142,11 @@ jobs:
         if: always()
         run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         if: always()
         env:

.github/workflows/postgres_acceptance.yml

@@ -33,6 +33,8 @@ on:
       - 'metsploit-framework.gemspec'
       - 'Gemfile.lock'
       - '**/**postgres**'
+      - 'lib/metasploit/framework/tcp/**'
+      - 'lib/metasploit/framework/login_scanner/**'
       - 'spec/acceptance/**'
       - 'spec/support/acceptance/**'
       - 'spec/acceptance_spec_helper.rb'
@@ -82,6 +84,11 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         env:
           # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
@@ -139,6 +146,11 @@ jobs:
         if: always()
         run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
 
+      # https://github.com/orgs/community/discussions/26952
+      - name: Support longpaths
+        if: runner.os == 'Windows'
+        run: git config --system core.longpaths true
+
       - name: Setup Ruby
         if: always()
         env:

.github/workflows/shared_gem_verify.yml

@@ -0,0 +1,69 @@
+name: Shared Gem Verify
+on:
+  workflow_call:
+    inputs:
+      test_commands:
+        description: 'Test commands'
+        required: false
+        default: "bundle exec rspec"
+        type: string
+      dependencies:
+        description: 'Array of system dependencies to install'
+        required: false
+        default: "[]"
+        type: string
+
+jobs:
+  test:
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 40
+
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - '3.2'
+          - '3.3'
+          - '3.4'
+        os:
+          - ubuntu-22.04
+          - ubuntu-24.04
+          - ubuntu-latest
+          - windows-2022
+          - windows-2025
+          - macos-13
+
+    env:
+      RAILS_ENV: test
+
+    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
+    steps:
+      - name: Install system dependencies
+        if: ${{ inputs.dependencies != '[]' && !contains(matrix.os, 'macos') && !contains(matrix.os, 'windows') }}
+        run: |
+          dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]')
+          for dep in $dependencies; do
+            sudo apt-get -y --no-install-recommends install "$dep"
+          done
+        shell: bash
+
+      - name: Install system dependencies (Windows)
+        if: ${{ contains(matrix.os, 'windows') && inputs.dependencies != '[]' }}
+        run: |
+          $dependencies = (echo '${{ inputs.dependencies }}' | jq -r '.[]')
+          foreach ($dep in $dependencies) {
+            choco install $dep -y
+          }
+        shell: pwsh
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+
+      - name: Test
+        run: ${{ inputs.test_commands }}

.github/workflows/shared_gem_verify_rails.yml

@@ -0,0 +1,90 @@
+name: Shared Gem Verify Rails/PostgreSQL
+on:
+  workflow_call:
+    inputs:
+      test_commands:
+        description: 'Test commands'
+        required: false
+        default: "bundle exec rspec"
+        type: string
+      dependencies:
+        description: 'Array of system dependencies to install'
+        required: false
+        default: "[]"
+        type: string
+
+jobs:
+  test:
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 40
+
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - '3.2'
+          - '3.3'
+          - '3.4'
+        rails:
+          - '~> 7.0.0'
+          - '~> 7.1.0'
+          - '~> 7.2.0'
+        postgres:
+          - '9.6'
+          - '16.8'
+        os:
+          - ubuntu-latest
+
+    env:
+      RAILS_ENV: test
+
+    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - Rails ${{ matrix.rails }} - PostgreSQL ${{ matrix.postgres }}
+    steps:
+      - name: Install system dependencies
+        run: |
+          dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]')
+          for dep in $dependencies; do
+            sudo apt-get -y --no-install-recommends install "$dep"
+          done
+        shell: bash
+
+      - name: Set up PostgreSQL service
+        run: |
+          docker run --name postgres -d -p 5432:5432 \
+            -e POSTGRES_USER=postgres \
+            -e POSTGRES_PASSWORD=postgres \
+            --health-cmd="pg_isready" \
+            --health-interval="10s" \
+            --health-timeout="5s" \
+            --health-retries=5 \
+            postgres:${{ matrix.postgres }}
+
+      - name: Wait for PostgreSQL to be healthy
+        run: |
+          docker exec postgres sh -c 'until pg_isready -U postgres; do echo waiting for postgres; sleep 2; done; echo postgres is ready'
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+
+      - name: Update Rails version
+        run: |
+          # Add the gem explicitly if it doesn't exist
+          if ! grep -q "gem ['\"]rails['\"]" Gemfile; then
+            echo 'gem "rails"' >> Gemfile          
+          fi
+
+          # Ensure the gem is on the latest version
+          ruby -pi -e "gsub(/gem ['\"]rails['\"](, *['\"].*['\"])?/, \"gem 'rails', '${{ matrix.rails }}'\")" Gemfile
+          bundle update
+          bundle install
+          bundle show rails
+        shell: bash
+
+      - name: Test
+        run: ${{ inputs.test_commands }}