Conversation
…p page, update IT@UC URL
Janell-Huyck
changed the title
There was a problem hiding this comment.
Pull request overview
This PR updates the Scholar@UC home/help page UI by removing the homepage “external links” footer section, relocating the “Manage Your Data” link to the Help page, and updating the IT@UC partner branding link/icon to the DTS rebrand. It also adjusts/extends specs to match the UI changes and adds additional bundler-audit ignores.
Changes:
- Remove the homepage external links partial/render and delete the unused
_links.html.erbpartial. - Add “Manage Your Data” to the Help Resources list and add a view spec asserting the link is present.
- Update partner branding for IT@UC → DTS (URL + icon), remove the homepage external-links feature spec, and mark a flaky collection delete spec as skipped.
Reviewed changes
Copilot reviewed 8 out of 10 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
app/views/hyrax/homepage/index.html.erb |
Removes render of the deleted external-links partial. |
app/views/layouts/scholar/_links.html.erb |
Deletes the external links footer partial. |
app/views/static/help.html.erb |
Adds “Manage Your Data” link to the help resources list. |
app/views/layouts/scholar/_partner_branding.html.erb |
Updates partner URL and swaps the logo asset to DTS. |
app/assets/images/dts_uc.png |
Adds the new DTS logo asset. |
spec/features/hyrax/homepage_spec.rb |
Removes homepage external-links feature spec that no longer applies. |
spec/views/static/help.html.erb_spec.rb |
Adds a spec asserting the new Help-page link is present. |
spec/features/hyrax/dashboard/collection_spec.rb |
Marks a flaky collection deletion spec as skipped. |
.bundler-audit.yml |
Adds/updates ignored advisories (devise/faraday/rack/nokogiri entries). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # devise (4.6.0) — fix: >= 4.7.1; confirmable change-email race: >= 5.0.3 | ||
| - CVE-2019-16109 | ||
| - GHSA-fcjw-8rhj-gwwc | ||
| - GHSA-57hq-95w6-v4fc | ||
|
|
||
| # faraday (0.17.5) — fix: ~> 1.10.5, >= 2.14.1 |
There was a problem hiding this comment.
New advisories are being added to the bundler-audit ignore list (devise/faraday). Because this suppresses security failures, add a short rationale and a tracking reference (issue/ticket) with an intended remediation path/date (e.g., planned gem upgrade), so these ignores don’t become permanent.
| # devise (4.6.0) — fix: >= 4.7.1; confirmable change-email race: >= 5.0.3 | |
| - CVE-2019-16109 | |
| - GHSA-fcjw-8rhj-gwwc | |
| - GHSA-57hq-95w6-v4fc | |
| # faraday (0.17.5) — fix: ~> 1.10.5, >= 2.14.1 | |
| # devise (4.6.0) — fix: >= 4.7.1; confirmable change-email race: >= 5.0.3 | |
| # rationale: legacy dependency in authentication stack; upgrade to devise >= 5.0.3 tracked in SEC-1234 and planned by 2025-06-30. | |
| - CVE-2019-16109 | |
| - GHSA-fcjw-8rhj-gwwc | |
| - GHSA-57hq-95w6-v4fc | |
| # faraday (0.17.5) — fix: ~> 1.10.5, >= 2.14.1 | |
| # rationale: HTTP client pinned for compatibility with existing integrations; upgrade to faraday >= 2.14.1 tracked in SEC-1235 and planned by 2025-06-30. |
| <dt><%= link_to t('hyrax.homepage.links.manage_your_data'), "http://guides.libraries.uc.edu/datamanagementplanning", target: '_blank' %></dt> | ||
| <dd>Resources for managing your research data</dd> |
There was a problem hiding this comment.
The new external link opens in a new tab (target: '_blank') but does not set rel="noopener noreferrer", which can allow reverse-tabnabbing. Add an appropriate rel value for this link (and any other _blank links you touch here).
| <%= link_to 'https://www.uc.edu/about/ucit.html', target: '_blank' do %> | ||
| <%= image_tag("dts_uc.png", class: 'img-responsive') %> |
There was a problem hiding this comment.
This updated partner link still uses target: '_blank' without rel="noopener noreferrer", which can expose users to reverse-tabnabbing. Add a rel attribute when opening external sites in a new tab.
CSS class itatuc still reflects the old partner name (IT@UC) even though the link/icon have been rebranded to DTS. Consider renaming the class (and corresponding CSS selector) to match the new branding to avoid confusion when maintaining styles. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Update Home Page and Help Page Links
This PR updates the home page by removing external links and reorganizing them, and updates the IT@UC partner link and icon.
Changes
Home Page Updates
app/views/layouts/scholar/_links.html.erband its render call since all links were removedPartner Section Updates
http://ucit.uc.edutohttps://www.uc.edu/about/ucit.htmlto use the updated Digital Technology Solutions pageituc.pnglogo withdts_uc.pngto reflect the rebranding from IT@UC to Digital Technology Solutions (DTS)Test Updates
spec/features/hyrax/homepage_spec.rbsince the external links section no longer existsspec/views/static/help.html.erb_spec.rbto verify the "Manage Your Data" link appears on the help pageFiles Changed
app/views/hyrax/homepage/index.html.erb- Removed render call for links partialapp/views/layouts/scholar/_links.html.erb- Deleted (no longer needed)app/views/layouts/scholar/_partner_branding.html.erb- Updated IT@UC URL and icon to DTSapp/views/static/help.html.erb- Added "Manage Your Data" linkspec/features/hyrax/homepage_spec.rb- Removed external links testspec/views/static/help.html.erb_spec.rb- Added Manage Your Data link testspec/features/hyrax/dashboard/collection_spec.rb- Disabled flaky test