DMPRoadmap · aaronskiba · Oct 7, 2025 · Oct 2, 2025 · Oct 2, 2025 · Oct 2, 2025
diff --git a/.github/workflows/brakeman.yml b/.github/workflows/brakeman.yml
@@ -1,23 +1,23 @@
 name: Brakeman
 
 on:
-  pull_request:
+  push:
     branches:
-      master
+      - main
+      - next-release/*
 
 jobs:
   brakeman:
-
     runs-on: ubuntu-24.04
 
     steps:
-    - uses: actions/checkout@v2
+      - uses: actions/checkout@v2
 
-    # Will run Brakeman checks on dependencies
-    #   https://github.com/marketplace/actions/brakeman-action
-    - name: Brakeman
-      uses: artplan1/brakeman-action@v1.2.1
-      with:
-        flags: "--color"
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      # Will run Brakeman checks on dependencies
+      #   https://github.com/marketplace/actions/brakeman-action
+      - name: Brakeman
+        uses: artplan1/brakeman-action@v1.2.1
+        with:
+          flags: "--color"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/danger.yml b/.github/workflows/danger.yml
@@ -18,7 +18,6 @@ jobs:
     - name: 'Install Ruby'
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: ${{ env.RUBY_VERSION }}
 
     - name: 'Bundle Install'
       run: |

diff --git a/.github/workflows/mysql.yml b/.github/workflows/mysql.yml
@@ -19,7 +19,6 @@ jobs:
     # Install Ruby and run bundler
     - uses: ruby/setup-ruby@v1
       with:
-        ruby-version: '3.0'
         bundler-cache: true
 
     # Install Node

diff --git a/.github/workflows/postgres.yml b/.github/workflows/postgres.yml
@@ -1,6 +1,6 @@
 name: Tests - PostgreSQL
 
-on: [pull_request]
+on: [push, pull_request]
 
 jobs:
   postgresql:
@@ -16,7 +16,7 @@ jobs:
           # variable to bypass this changes:
           # https://github.com/docker-library/postgres/issues/681
           POSTGRES_HOST_AUTH_METHOD: trust
-        ports: ['5432:5432']
+        ports: ["5432:5432"]
         options: >-
           --health-cmd pg_isready
           --health-interval 10s
@@ -30,87 +30,86 @@ jobs:
       DISABLE_SPRING: 1
 
     steps:
-    # Checkout the repo
-    - uses: actions/checkout@v3
-
-    # Install Ruby and run bundler
-    - uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: '3.0'
-        bundler-cache: true
-
-    ## - run: echo 'NODE_OPTIONS="--openssl-legacy-provider"' >> $GITHUB_ENV
-    ## /home/runner/runners/2.301.1/externals/node12/bin/node: --openssl-legacy-provider is not allowed in NODE_OPTIONS
-
-    # Install Node
-    - uses: actions/setup-node@v3
-      with:
-        node-version: 18
-        cache: 'yarn'
-
-    # Install the Postgres developer packages
-    - name: 'Install Postgresql Packages'
-      run: |
-        sudo apt-get update
-        sudo apt-get install libpq-dev
-
-    # Install ImageMagick (for `identify` command)
-    - name: 'Install ImageMagick'
-      run: |
-        sudo apt-get install -y imagemagick
-
-    # Copy all of the example configs over
-    - name: 'Setup Default Configuration'
-      run: |
-        cp config/database.yml.sample config/database.yml
-        cp config/initializers/contact_us.rb.example config/initializers/contact_us.rb
-        cp config/initializers/wicked_pdf.rb.example config/initializers/wicked_pdf.rb
-        cp .env.postgresql .env
-
-    # Stub out the Rails credentials file so that we can start the Rails app
-    - name: 'Setup Credentials'
-      run: |
-        # generate a default credential file and key
-        EDITOR="sh -c 'echo \"$(cat config/credentials.yml.postgresql)\" > \$1' --" bundle exec rails credentials:edit
-
-    # Set the path to the wkhtmltopdf executable
-    - name: 'Determine wkhtmltopdf location'
-      run: echo "WICKED_PDF_PATH=`bundle exec which wkhtmltopdf`" >> $GITHUB_ENV
-
-    # Run yarn install for JS dependencies
-    - name: 'Yarn Install'
-      run: |
-        yarn install
-
-    # TEMPORARY WORKAROUND FOR THE FOLLOWING ISSUE: https://github.com/DMPRoadmap/roadmap/issues/3485
-    # Remove this once our tests are compatible with the new version of Chrome
-    # Source: https://github.com/teamcapybara/capybara/issues/2800#issuecomment-2731100953
-    - name: Remove image-bundled Chrome
-      run: sudo apt-get purge google-chrome-stable
-    - name: Setup stable Chrome
-      uses: browser-actions/setup-chrome@v1
-      with:
-        chrome-version: 128
-        install-chromedriver: true
-        install-dependencies: true
-
-    # Initialize the DB
-    - name: 'Setup Test DB'
-      run: |
-        bundle exec rails db:setup
-        bundle exec rails db:migrate
-
-    # Prebuild the CSS, JS and image assets
-    - name: 'Compile Assets'
-      run: bundle exec rails assets:precompile
-
-    # Run  the unit and functional tests
-    - name: 'Run Rspec Unit and Functional Tests'
-      run: |
-        bundle exec rspec spec/models/ spec/policies/ spec/services/ spec/helpers/
-        bundle exec rspec spec/controllers/ spec/presenters/ spec/requests/ spec/views
-        bundle exec rspec spec/mixins/
-
-    # Run the time consuming integration tests (using Chrome headless browser)
-    - name: 'Run Integration Tests'
-      run: bundle exec rspec spec/features/
+      # Checkout the repo
+      - uses: actions/checkout@v3
+
+      # Install Ruby and run bundler
+      - uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+
+      ## - run: echo 'NODE_OPTIONS="--openssl-legacy-provider"' >> $GITHUB_ENV
+      ## /home/runner/runners/2.301.1/externals/node12/bin/node: --openssl-legacy-provider is not allowed in NODE_OPTIONS
+
+      # Install Node
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "yarn"
+
+      # Install the Postgres developer packages
+      - name: "Install Postgresql Packages"
+        run: |
+          sudo apt-get update
+          sudo apt-get install libpq-dev
+
+      # Install ImageMagick (for `identify` command)
+      - name: "Install ImageMagick"
+        run: |
+          sudo apt-get install -y imagemagick
+
+      # Copy all of the example configs over
+      - name: "Setup Default Configuration"
+        run: |
+          cp config/database.yml.sample config/database.yml
+          cp config/initializers/contact_us.rb.example config/initializers/contact_us.rb
+          cp config/initializers/wicked_pdf.rb.example config/initializers/wicked_pdf.rb
+          cp .env.postgresql .env
+
+      # Stub out the Rails credentials file so that we can start the Rails app
+      - name: "Setup Credentials"
+        run: |
+          # generate a default credential file and key
+          EDITOR="sh -c 'echo \"$(cat config/credentials.yml.postgresql)\" > \$1' --" bundle exec rails credentials:edit
+
+      # Set the path to the wkhtmltopdf executable
+      - name: "Determine wkhtmltopdf location"
+        run: echo "WICKED_PDF_PATH=`bundle exec which wkhtmltopdf`" >> $GITHUB_ENV
+
+      # Run yarn install for JS dependencies
+      - name: "Yarn Install"
+        run: |
+          yarn install
+
+      # TEMPORARY WORKAROUND FOR THE FOLLOWING ISSUE: https://github.com/DMPRoadmap/roadmap/issues/3485
+      # Remove this once our tests are compatible with the new version of Chrome
+      # Source: https://github.com/teamcapybara/capybara/issues/2800#issuecomment-2731100953
+      - name: Remove image-bundled Chrome
+        run: sudo apt-get purge google-chrome-stable
+      - name: Setup stable Chrome
+        uses: browser-actions/setup-chrome@v1
+        with:
+          chrome-version: 128
+          install-chromedriver: true
+          install-dependencies: true
+
+      # Initialize the DB
+      - name: "Setup Test DB"
+        run: |
+          bundle exec rails db:setup
+          bundle exec rails db:migrate
+
+      # Prebuild the CSS, JS and image assets
+      - name: "Compile Assets"
+        run: bundle exec rails assets:precompile
+
+      # Run  the unit and functional tests
+      - name: "Run Rspec Unit and Functional Tests"
+        run: |
+          bundle exec rspec spec/models/ spec/policies/ spec/services/ spec/helpers/
+          bundle exec rspec spec/controllers/ spec/presenters/ spec/requests/ spec/views
+          bundle exec rspec spec/mixins/
+
+      # Run the time consuming integration tests (using Chrome headless browser)
+      - name: "Run Integration Tests"
+        run: bundle exec rspec spec/features/
diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml
@@ -13,7 +13,6 @@ jobs:
     # Install Ruby and run bundler
     - uses: ruby/setup-ruby@v1
       with:
-        ruby-version: '3.0'
         bundler-cache: true
 
     # Run the Rubocop linter checks

diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,3 @@
-# Ignore rbenv files
-.ruby-version
-
 # Ignore bundler config
 /.bundle
 

diff --git a/.ruby-version b/.ruby-version
@@ -0,0 +1 @@
+3.1.4
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## v5.0.2
+- Bump Ruby to v3.1.4 and use `.ruby-version` in CI [#3566](https://github.com/DMPRoadmap/roadmap/pull/3566)
+- Enable session timeout after 90 minutes of inactivity [#3568](https://github.com/DMPRoadmap/roadmap/pull/3568)
+- Validate CSV Separator [#3569](https://github.com/DMPRoadmap/roadmap/pull/3569)
+- Fix rendering of `confirm_merge` partial [#3567](https://github.com/DMPRoadmap/roadmap/pull/3567)
+- Improve CI configuration [#3551](https://github.com/DMPRoadmap/roadmap/issues/3551)
+
 ## v5.0.1
 - Updated seeds.rb file for identifier_schemes to include context value and removed logo_url and idenitifier_prefix for Shibboleth (as it was causing issues with SSO). [#3525](https://github.com/DMPRoadmap/roadmap/pull/3525)
 - Adjustments to style of select tags and plan download layout [#3509](https://github.com/DMPRoadmap/roadmap/pull/3509)

diff --git a/Gemfile b/Gemfile
@@ -2,7 +2,7 @@
 
 source 'https://rubygems.org'
 
-ruby '>= 3.0'
+ruby '3.1.4'
 
 # ===========#
 # CORE RAILS #

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -210,7 +210,8 @@ GEM
       faraday (>= 0.8)
     faraday-net_http (3.4.0)
       net-http (>= 0.5.0)
-    ffi (1.17.1)
+    ffi (1.17.1-arm64-darwin)
+    ffi (1.17.1-x86_64-linux-gnu)
     flag_shih_tzu (0.3.23)
     fog-aws (3.30.0)
       base64 (~> 0.2.0)
@@ -696,7 +697,7 @@ DEPENDENCIES
   yard-tomdoc
 
 RUBY VERSION
-   ruby 3.0.4p208
+   ruby 3.1.4p223
 
 BUNDLED WITH
    2.4.17
diff --git a/README.md b/README.md
@@ -1,10 +1,12 @@
 ## DMP Roadmap
 
-[![Actions Status](https://github.com/DMPRoadmap/roadmap/workflows/Brakeman/badge.svg)](https://github.com/DMPRoadmap/roadmap/actions)
-[![Actions Status](https://github.com/DMPRoadmap/roadmap/workflows/Rubocop/badge.svg)](https://github.com/DMPRoadmap/roadmap/actions)
-[![Actions Status](https://github.com/DMPRoadmap/roadmap/workflows/ESLint/badge.svg)](https://github.com/DMPRoadmap/roadmap/actions)
-[![Actions Status](https://github.com/DMPRoadmap/roadmap/workflows/Tests%20-%20PostgreSQL/badge.svg)](https://github.com/DMPRoadmap/roadmap/actions)
-[![Actions Status](https://github.com/DMPRoadmap/roadmap/workflows/Tests%20-%20MySQL/badge.svg)](https://github.com/DMPRoadmap/roadmap/actions)
+[![Actions Status](https://github.com/DMPRoadmap/roadmap/actions/workflows/brakeman.yml/badge.svg?branch=main)](https://github.com/DMPRoadmap/roadmap/actions/workflows/brakeman.yml)
+[![Actions Status](https://github.com/DMPRoadmap/roadmap/actions/workflows/rubocop.yml/badge.svg?branch=main)](https://github.com/DMPRoadmap/roadmap/actions/workflows/rubocop.yml)
+[![Actions Status](https://github.com/DMPRoadmap/roadmap/actions/workflows/eslint.yml/badge.svg?branch=main)](https://github.com/DMPRoadmap/roadmap/actions/workflows/eslint.yml)
+[![Actions Status](https://github.com/DMPRoadmap/roadmap/actions/workflows/postgres.yml/badge.svg?branch=main)](https://github.com/DMPRoadmap/roadmap/actions/workflows/postgres.yml)
+[![Actions Status](https://github.com/DMPRoadmap/roadmap/actions/workflows/danger.yml/badge.svg?branch=main)](https://github.com/DMPRoadmap/roadmap/actions/workflows/danger.yml)
+
+<!-- [![Actions Status](https://github.com/DMPRoadmap/roadmap/actions/workflows/mysql.yml/badge.svg?branch=main)](https://github.com/DMPRoadmap/roadmap/actions/mysql.yml) -->
 
 DMP Roadmap is a Data Management Planning tool. Management and development of DMP Roadmap is jointly provided by the Digital Curation Centre (DCC), http://www.dcc.ac.uk/, and the University of California Curation Center (UC3), http://www.cdlib.org/services/uc3/.
 

diff --git a/app/controllers/plans_controller.rb b/app/controllers/plans_controller.rb
@@ -193,7 +193,8 @@ def show
     @default_orgs = Org.default_orgs
     @all_ggs_grouped_by_org.each do |org, ggs|
       # @default_orgs and already selected guidance groups are important.
-      if (@default_orgs.include?(org) || (ggs & @selected_guidance_groups).any?) && !@important_ggs.include?([org, ggs])
+      if (@default_orgs.include?(org) || ggs.intersect?(@selected_guidance_groups)) && !@important_ggs.include?([org,
+                                                                                                                 ggs])
         @important_ggs << [org, ggs]
       end
     end

diff --git a/app/controllers/super_admin/users_controller.rb b/app/controllers/super_admin/users_controller.rb
@@ -91,7 +91,7 @@ def search
       # WHAT TO RETURN!?!?!
       if @users.present? # found a user, or Users, submit for merge
         render json: {
-          form: render_to_string(partial: 'super_admin/users/confirm_merge.html.erb')
+          form: render_to_string(partial: 'confirm_merge')
         }
       else # NO USER, re-render w/error?
         flash.now[:alert] = 'Unable to find user'

diff --git a/app/controllers/usage_controller.rb b/app/controllers/usage_controller.rb
@@ -151,9 +151,14 @@ def parse_filtered
     params[:filtered].present? && params[:filtered] == 'true'
   end
 
-  # set the csv separator or default to comma
+  # This sets the csv separator
+  # Ensures separator is either a comma or a safe separator
   def sep_param
-    params['sep'] || ','
+    safe_csv_separators = Rails.configuration.x.application.csv_separators
+    sep = params['sep'].to_s
+    return sep if safe_csv_separators.include?(sep)
+
+    ','
   end
 
   def min_max_dates(args:)

diff --git a/app/models/user.rb b/app/models/user.rb
@@ -63,9 +63,9 @@ class User < ApplicationRecord
   # Devise
   #   Include default devise modules. Others available are:
   #   :token_authenticatable, :confirmable,
-  #   :lockable, :timeoutable and :omniauthable
+  #   :lockable and :omniauthable
   devise :invitable, :database_authenticatable, :registerable, :recoverable,
-         :rememberable, :trackable, :validatable, :omniauthable,
+         :rememberable, :trackable, :validatable, :omniauthable, :timeoutable,
          omniauth_providers: %i[shibboleth orcid]
 
   # default user language to the default language

diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -172,7 +172,7 @@
   # ==> Configuration for :timeoutable
   # The time you want to timeout the user session without activity. After this
   # time the user will be asked for credentials again. Default is 30 minutes.
-  config.timeout_in = 3.hours
+  config.timeout_in = 90.minutes
 
   # If true, expires auth token on session timeout.
   # config.expire_auth_token_on_timeout = false