RubyGems - active_cipher_storage - Versions diffs - 1.0.0 - Mend

active_cipher_storage 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +24 -0
data/CONTRIBUTING.md +46 -0
data/LICENSE +21 -0
data/README.md +644 -0
data/SECURITY.md +35 -0
data/active_cipher_storage.gemspec +55 -0
data/lib/active_cipher_storage/adapters/active_storage_service.rb +129 -0
data/lib/active_cipher_storage/adapters/s3_adapter.rb +252 -0
data/lib/active_cipher_storage/blob_metadata.rb +84 -0
data/lib/active_cipher_storage/cipher.rb +97 -0
data/lib/active_cipher_storage/configuration.rb +57 -0
data/lib/active_cipher_storage/engine.rb +29 -0
data/lib/active_cipher_storage/errors.rb +31 -0
data/lib/active_cipher_storage/format.rb +126 -0
data/lib/active_cipher_storage/key_rotation.rb +121 -0
data/lib/active_cipher_storage/key_utils.rb +12 -0
data/lib/active_cipher_storage/multipart_upload.rb +190 -0
data/lib/active_cipher_storage/providers/aws_kms_provider.rb +90 -0
data/lib/active_cipher_storage/providers/base.rb +38 -0
data/lib/active_cipher_storage/providers/env_provider.rb +122 -0
data/lib/active_cipher_storage/stream_cipher.rb +102 -0
data/lib/active_cipher_storage/version.rb +3 -0
data/lib/active_cipher_storage.rb +43 -0
data/lib/active_storage/service/active_cipher_storage_service.rb +10 -0
metadata +224 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 561cba3b474dd5c35b19324c325216fe452e2670e1d1bea42f719f368331672a
+  data.tar.gz: 9e776a018104013b07e2da60e18eeb7ead76d2fa37d0bce929f0fe3b0cfab11f
+SHA512:
+  metadata.gz: a9da8b50775c261cd00047bc1af09f57aad8523e672e4c70e544ca49ce3166294778c53fdbd55a9c89fb2ff16aeb6d8b3cdb8bce5403261701c685f8895be74e
+  data.tar.gz: 23f93a25b27f7a6bad2a233ffebe0134b0a513426931cbaf2f70beec923b8152d2beff878017403da5305c1119cf3707281f22699d03d459a0c476912e197366

data/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,24 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [Unreleased]
+## [1.0.0] - 2026-04-25
+### Added
+- Initial public ActiveCipherStorage gem release.
+- Transparent Rails Active Storage encryption service.
+- Direct S3 encrypted upload, download, streaming, and multipart support.
+- Backend-managed encrypted multipart uploads for frontend chunk upload flows.
+- AES-256-GCM envelope encryption with self-describing payload headers.
+- Environment-variable and AWS KMS providers, plus a custom provider interface.
+- Header-only key rotation for re-wrapping encrypted DEKs.
+- Unit and integration coverage for crypto, providers, Active Storage, S3, multipart upload, streaming, metadata, and key rotation.
+[Unreleased]: https://github.com/codebyjass/active-cipher-storage/compare/v1.0.0...HEAD
+[1.0.0]: https://github.com/codebyjass/active-cipher-storage/releases/tag/v1.0.0

data/CONTRIBUTING.md ADDED Viewed

@@ -0,0 +1,46 @@
+# Contributing
+Thanks for your interest in contributing to ActiveCipherStorage.
+This gem handles encryption and storage, so changes should be small, well-tested, and conservative. Prefer clear behavior and strong tests over clever abstractions.
+## Development Setup
+```bash
+git clone https://github.com/codebyjass/active-cipher-storage.git
+cd active-cipher-storage
+bundle install
+bundle exec rspec
+```
+The test suite uses in-memory fakes for Active Storage and S3. You do not need AWS credentials to run the tests.
+## Before Opening a Pull Request
+- Run `bundle exec rspec`.
+- Add or update specs for behavior changes.
+- Keep public APIs backward-compatible unless the change is clearly marked as breaking.
+- Do not commit secrets, credentials, `.env` files, local coverage output, or generated gems.
+- Update `README.md` and `CHANGELOG.md` when user-facing behavior changes.
+## Testing Expectations
+Use focused tests for:
+- Encryption format compatibility.
+- Authentication and tamper failures.
+- Large-file chunk boundaries.
+- Active Storage legacy plaintext fallback.
+- S3 multipart and streaming behavior.
+- Provider error handling.
+- Key rotation behavior.
+Security-sensitive fixes should include a regression test that fails without the fix.
+## Security Changes
+Please do not open public issues for vulnerabilities. Follow `SECURITY.md` instead.
+## Code of Conduct
+Be respectful and constructive. Assume good intent, keep feedback specific, and help keep the project welcoming for maintainers and contributors.

data/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Jaspreet Singh
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.