Bump bootstrap from 4.5.3 to 5.0.1

Bumps [bootstrap](https://github.com/twbs/bootstrap-rubygem) from 4.5.3 to 5.0.1.
- [Release notes](https://github.com/twbs/bootstrap-rubygem/releases)
- [Changelog](https://github.com/twbs/bootstrap-rubygem/blob/master/CHANGELOG.md)
- [Commits](https://github.com/twbs/bootstrap-rubygem/compare/v4.5.3...v5.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Gemfile

@@ -39,7 +39,7 @@ gem 'sdoc', '~> 2.1.0',          group: :doc
 gem 'web-console', '~> 4.1.0', group: :development
 gem 'listen', '~> 3.5.1', group: :development
 
-gem 'bootstrap', '~> 4.5.3'
+gem 'bootstrap', '~> 5.0.1'
 gem "bootstrap_form", "~> 4.5"
 gem 'font-awesome-sass', '~> 5.15.1'
 
@@ -52,6 +52,7 @@ gem 'will_paginate-bootstrap4', '~> 0.2.2'
 
 gem 'devise', '~> 4.8.0'
 gem 'omniauth'
+gem 'omniauth-rails_csrf_protection'
 gem 'omniauth-github'
 
 # Use ActiveModel has_secure_password

Gemfile.lock

@@ -62,15 +62,15 @@ GEM
       zeitwerk (~> 2.3)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    autoprefixer-rails (10.0.2.0)
-      execjs
+    autoprefixer-rails (10.2.5.0)
+      execjs (< 2.8.0)
     bcrypt (3.1.16)
     bindex (0.8.1)
     bootsnap (1.7.5)
       msgpack (~> 1.0)
-    bootstrap (4.5.3)
+    bootstrap (5.0.1)
       autoprefixer-rails (>= 9.1.0)
-      popper_js (>= 1.14.3, < 2)
+      popper_js (>= 2.9.2, < 3)
       sassc-rails (>= 2.0.0)
     bootstrap_form (4.5.0)
       actionpack (>= 5.2)
@@ -97,8 +97,15 @@ GEM
     diffy (3.4.0)
     erubi (1.10.0)
     execjs (2.7.0)
-    faraday (1.0.0)
+    faraday (1.4.1)
+      faraday-excon (~> 1.1)
+      faraday-net_http (~> 1.0)
+      faraday-net_http_persistent (~> 1.1)
       multipart-post (>= 1.2, < 3)
+      ruby2_keywords (>= 0.0.4)
+    faraday-excon (1.1.0)
+    faraday-net_http (1.0.1)
+    faraday-net_http_persistent (1.1.0)
     ffi (1.15.0)
     font-awesome-sass (5.15.1)
       sassc (>= 1.11)
@@ -114,7 +121,7 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
-    jwt (2.2.1)
+    jwt (2.2.3)
     listen (3.5.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
@@ -129,36 +136,42 @@ GEM
     mini_portile2 (2.5.1)
     minitest (5.14.4)
     msgpack (1.4.2)
-    multi_json (1.14.1)
+    multi_json (1.15.0)
     multi_xml (0.6.0)
     multipart-post (2.1.1)
     mysql2 (0.5.3)
     nio4r (2.5.7)
-    nokogiri (1.11.4)
+    nokogiri (1.11.5)
       mini_portile2 (~> 2.5.0)
       racc (~> 1.4)
-    oauth2 (1.4.3)
+    oauth2 (1.4.7)
       faraday (>= 0.8, < 2.0)
       jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
-    omniauth (1.9.1)
+    omniauth (2.0.4)
       hashie (>= 3.4.6)
       rack (>= 1.6.2, < 3)
-    omniauth-github (1.4.0)
-      omniauth (~> 1.5)
-      omniauth-oauth2 (>= 1.4.0, < 2.0)
-    omniauth-oauth2 (1.6.0)
-      oauth2 (~> 1.1)
-      omniauth (~> 1.9)
+      rack-protection
+    omniauth-github (2.0.0)
+      omniauth (~> 2.0)
+      omniauth-oauth2 (~> 1.7.1)
+    omniauth-oauth2 (1.7.1)
+      oauth2 (~> 1.4)
+      omniauth (>= 1.9, < 3)
+    omniauth-rails_csrf_protection (1.0.0)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
     orm_adapter (0.5.0)
-    popper_js (1.16.0)
+    popper_js (2.9.2)
     public_suffix (4.0.6)
     puma (5.3.1)
       nio4r (~> 2.0)
     racc (1.5.2)
     rack (2.2.3)
+    rack-protection (2.1.0)
+      rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails (6.1.3.2)
@@ -203,6 +216,7 @@ GEM
       actionpack (>= 5.0)
       railties (>= 5.0)
     rexml (3.2.5)
+    ruby2_keywords (0.0.4)
     sassc (2.4.0)
       ffi (~> 1.9)
     sassc-rails (2.1.2)
@@ -254,7 +268,7 @@ PLATFORMS
 
 DEPENDENCIES
   bootsnap
-  bootstrap (~> 4.5.3)
+  bootstrap (~> 5.0.1)
   bootstrap_form (~> 4.5)
   coffee-rails (~> 5.0.0)
   devise (~> 4.8.0)
@@ -267,6 +281,7 @@ DEPENDENCIES
   mysql2 (~> 0.5.2)
   omniauth
   omniauth-github
+  omniauth-rails_csrf_protection
   puma (~> 5.0)
   rails (= 6.1.3.2)
   rails-controller-testing

app/views/layouts/_header.html.erb

@@ -32,9 +32,9 @@
           <% else %>
             <li class="nav-item">
               <% if Rails.env.development? %>
-                <%= link_to t('application.sign_in_with_github'), user_developer_omniauth_authorize_path, class: 'nav-link' %>
+                <%= link_to t('application.sign_in_with_github'), user_developer_omniauth_authorize_path, method: :post, class: 'nav-link' %>
               <% else %>
-                <%= link_to t('application.sign_in_with_github'), user_github_omniauth_authorize_path, class: 'nav-link' %>
+                <%= link_to t('application.sign_in_with_github'), user_github_omniauth_authorize_path, method: :post, class: 'nav-link' %>
               <% end %>
             </li>
           <% end %>

test/integration/translator_flow_test.rb

@@ -8,7 +8,7 @@ class TranslatorFlowTest < ActionDispatch::IntegrationTest
   end
 
   test "can login via github" do
-    get '/users/auth/github'
+    post '/users/auth/github'
     assert_response :redirect
     follow_redirect!
     follow_redirect!