RubyGems - asherah - Versions diffs - 0.5.2-x86_64-darwin → 0.7.0-x86_64-darwin - Mend

asherah 0.5.2-x86_64-darwin → 0.7.0-x86_64-darwin

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml +4 -4
data/.env.secrets.example +9 -0
data/.rubocop.yml +84 -12
data/CHANGELOG.md +14 -0
data/Gemfile +4 -4
data/README.md +2 -0
data/Rakefile +1 -1
data/asherah.gemspec +1 -1
data/ext/asherah/checksums.yml +5 -5
data/lib/asherah/config.rb +4 -5
data/lib/asherah/native/libasherah-x64.dylib +0 -0
data/lib/asherah/version.rb +1 -1
data/lib/asherah.rb +10 -2
metadata +5 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f5d3b1f9b8f1f8051e5b7ee0f805d61273c8804a7d056e31d1ac570f06486b73
-  data.tar.gz: bee529ad2fa3da6b426e08cb831c91780d755c5b837bb26aa1026fd4ed3a318b
+  metadata.gz: 67d0ddf5cdcdb3832e11c7fd8e179b42942559d816ef025999fa04a34d2dc29b
+  data.tar.gz: 91bec2d92493b084819fe22a3593e0a5fcf1b9c876679227e7cbbe70c21de859
 SHA512:
-  metadata.gz: aae9133b9d00ad4016ddeec260a3d44319dc31026a8572c0cbbdc2a9cb8dcaf199024de2c2de47d7a317aaf959efc911a5b68150ee0e2aa2501b87b8d66b99ce
-  data.tar.gz: 2caa417a48458a30d164899b61e44a43acbcdbb21c8dfca6fed9bbf0f6ac1bfd8a0fb8dca72fba3a5e6444311aafae2a9a45c426fe5b4d6304a1ab8eb6510ab6
+  metadata.gz: 804fcc3aef5504bae82fa29e3a793e320b28393c76d8dff7844bf5d96205abc2f2f130859a2ffb98840fb2066ca62af9641985aab340802aa736b3d13dc38fd8
+  data.tar.gz: 6dc7162a35f715b88a6573ac4e6f64e5554123bb9f5ec878033ab03445f5c2fabf53a28d5f8d9d2d755d3bfdb73d0839b20b1a22d2bd9124bab2a94d48b30b18

data/.env.secrets.example ADDED Viewed

@@ -0,0 +1,9 @@
+# Example secrets file for KMS integration tests
+# Copy this file to .env.secrets and fill in actual values
+#
+# IMPORTANT: Never commit .env.secrets to version control
+# The .env.secrets file is already in .gitignore
+# AWS KMS Key ARN for integration tests (optional)
+# Only needed if running spec/kms_spec.rb
+# KMS_KEY_ARN=arn:aws:kms:us-west-2:123456789012:key/12345678-1234-1234-1234-123456789012

data/.rubocop.yml CHANGED Viewed

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.5
+  TargetRubyVersion: 2.7
   NewCops: enable
   SuggestExtensions: false
   Exclude:
@@ -9,29 +9,101 @@ AllCops:
 Layout/LineLength:
   Max: 120
+# Metrics cops with reasonable limits
 Metrics/BlockLength:
-  Enabled: false
+  Max: 25
+  Exclude:
+    - 'spec/**/*'
+    - '*.gemspec'
+    - 'Rakefile'
 Metrics/MethodLength:
-  Enabled: false
+  Max: 15
+  Exclude:
+    - 'spec/**/*'
+    - 'tasks/**/*'
+Metrics/AbcSize:
+  Max: 20
+  Exclude:
+    - 'spec/**/*'
+    - 'tasks/**/*'
+Metrics/CyclomaticComplexity:
+  Max: 10
+  Exclude:
+    - 'spec/**/*'
+Metrics/PerceivedComplexity:
+  Max: 10
+  Exclude:
+    - 'spec/**/*'
+Metrics/ClassLength:
+  Max: 150
+  Exclude:
+    - 'spec/**/*'
+Metrics/ModuleLength:
+  Max: 150
+  Exclude:
+    - 'spec/**/*'
+# Style cops that were disabled but should be enabled
 Style/WordArray:
-  Enabled: false
+  MinSize: 3
+  EnforcedStyle: brackets
 Style/SymbolArray:
-  Enabled: false
+  MinSize: 3
+  EnforcedStyle: brackets
 Style/MultilineBlockChain:
-  Enabled: false
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
 Style/BlockDelimiters:
-  Enabled: false
-Metrics/AbcSize:
-  Enabled: false
+  EnforcedStyle: semantic
+  FunctionalMethods:
+    - let
+    - let!
+    - subject
+    - before
+    - after
+  Exclude:
+    - 'asherah.gemspec'
+    - 'ext/asherah/native_file.rb'
 Style/GuardClause:
-  Enabled: false
+  MinBodyLength: 3
+  Exclude:
+    - 'ext/asherah/native_file.rb'
+# Naming cop adjustment
 Naming/AccessorMethodName:
-  Enabled: false
+  Exclude:
+    - 'lib/asherah.rb' # set_env is intentionally named
+# Documentation cops
+Style/Documentation:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'features/**/*'
+Style/DocumentationMethod:
+  Enabled: false # YARD comments are optional
+# Additional cops for code quality
+Lint/UnusedMethodArgument:
+  Enabled: true
+Lint/UnusedBlockArgument:
+  Enabled: true
+Security/Eval:
+  Enabled: true
+Security/JSONLoad:
+  Enabled: true

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,19 @@
 ## [Unreleased]
+## [0.7.0] - 2025-08-15
+- Fix memory leak risks in buffer management
+- Fix inconsistent NotInitialized error handling across all methods
+- Fix overly permissive RuboCop configuration
+- Add Dependabot configuration for automated dependency updates
+- Update dependencies and Github actions
+- Update Go version to 1.24 for cross-language tests
+## [0.6.0] - 2025-03-19
+- Upgrade to use asherah-cobhan v0.4.35
+- Requires minimum GLIBC 2.32 version
 ## [0.5.2] - 2024-01-15
 - Upgrade to use asherah-cobhan v0.4.32

data/Gemfile CHANGED Viewed

@@ -5,10 +5,10 @@ source 'https://rubygems.org'
 # Specify your gem's dependencies in asherah.gemspec
 gemspec
-gem 'cucumber', '~> 7.1.0'
-gem 'dotenv', '~> 2.7.6'
+gem 'cucumber', '~> 9.2.1'
+gem 'dotenv', '~> 2.8.1'
 gem 'rake', '~> 13.0'
-gem 'rspec', '~> 3.10.0'
+gem 'rspec', '~> 3.13.1'
 gem 'rubocop', '~> 1.7'
-gem 'simplecov', '~> 0.21.2'
+gem 'simplecov', '~> 0.22.0'
 gem 'simplecov-console', '~> 0.9.1'

data/README.md CHANGED Viewed

@@ -67,6 +67,8 @@ puts decrypted_data
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+For tests requiring secrets (AWS KMS, database credentials), copy `.env.secrets.example` to `.env.secrets` and fill in the required values. The `.env.secrets` file is already in `.gitignore` to prevent accidental commits.
 To install this gem onto your local machine, run `rake install`.
 To release a new version, update the version number in `version.rb`, create and push a version tag:

data/Rakefile CHANGED Viewed

@@ -18,7 +18,7 @@ task :download do
   end
 end
-task default: %i[spec rubocop]
+task default: [:spec, :rubocop]
 task spec: :download
 desc 'Print current version'

data/asherah.gemspec CHANGED Viewed

@@ -16,7 +16,7 @@ Gem::Specification.new do |spec|
   spec.homepage = 'https://github.com/godaddy/asherah-ruby'
   spec.license = 'MIT'
-  spec.required_ruby_version = '>= 2.5.0'
+  spec.required_ruby_version = '>= 2.7.0'
   spec.metadata['homepage_uri'] = spec.homepage
   spec.metadata['source_code_uri'] = 'https://github.com/godaddy/asherah-ruby'

data/ext/asherah/checksums.yml CHANGED Viewed

@@ -1,5 +1,5 @@
-version:                v0.4.32
-libasherah-arm64.so:    0008a114d60c9b6c0e7fbc19a2e34e3527f761074bd3fe99595d7676c707f7e4
-libasherah-x64.so:      cf8bd61f76ca93457745e3c5ca28de385030e34d0d47893b870166605cf39306
-libasherah-arm64.dylib: bef8cb18177dc8b49c58a12263df0c1e3584791af212a79000f5b72344969bfd
-libasherah-x64.dylib:   b43e69d18351a59abecf3457d0e451ffd816f1f111f1c0cfd1217075fe4a8b9d
+version:                v0.4.35
+libasherah-arm64.so:    fad23a38e68e126374075adf197f0f431720aea9852deebe5f62d9240c935a66
+libasherah-x64.so:      8c52fc000df2c02fb2d1430afc3cd68e997f47f04b60d61481f8c4b201958ef8
+libasherah-arm64.dylib: 315bc41c85177a2b0c97f32e0af8e2694f393928678cbe648fdd8c16b8fe062a
+libasherah-x64.dylib:   848d3635713373e0482223087f454ff8464e36e7695e0ed19f830737288adaa9

data/lib/asherah/config.rb CHANGED Viewed

@@ -105,11 +105,10 @@ module Asherah
     end
     def validate_kms_attributes
-      if kms == 'aws'
-        raise Error::ConfigError, 'config.region_map not set' if region_map.nil?
-        raise Error::ConfigError, 'config.region_map must be a Hash' unless region_map.is_a?(Hash)
-        raise Error::ConfigError, 'config.preferred_region not set' if preferred_region.nil?
-      end
+      return unless kms == 'aws'
+      raise Error::ConfigError, 'config.region_map not set' if region_map.nil?
+      raise Error::ConfigError, 'config.region_map must be a Hash' unless region_map.is_a?(Hash)
+      raise Error::ConfigError, 'config.preferred_region not set' if preferred_region.nil?
     end
   end
 end

data/lib/asherah/native/libasherah-x64.dylib CHANGED Viewed

Binary file

data/lib/asherah/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Asherah
-  VERSION = '0.5.2'
+  VERSION = '0.7.0'
 end

data/lib/asherah.rb CHANGED Viewed

@@ -37,6 +37,8 @@ module Asherah
       result = SetEnv(env_buffer)
       Error.check_result!(result, 'SetEnv failed')
+    ensure
+      env_buffer&.free
     end
     # Configures Asherah
@@ -56,6 +58,8 @@ module Asherah
       result = SetupJson(config_buffer)
       Error.check_result!(result, 'SetupJson failed')
       @initialized = true
+    ensure
+      config_buffer&.free
     end
     # Encrypts data for a given partition_id and returns DataRowRecord in JSON format.
@@ -74,6 +78,8 @@ module Asherah
     # @param data [String]
     # @return [String], DataRowRecord in JSON format
     def encrypt(partition_id, data)
+      raise Asherah::Error::NotInitialized unless @initialized
       partition_id_buffer = string_to_cbuffer(partition_id)
       data_buffer = string_to_cbuffer(data)
       estimated_buffer_bytesize = estimate_buffer(data.bytesize, partition_id.bytesize)
@@ -84,7 +90,7 @@ module Asherah
       cbuffer_to_string(output_buffer)
     ensure
-      [partition_id_buffer, data_buffer, output_buffer].map(&:free)
+      [partition_id_buffer, data_buffer, output_buffer].compact.each(&:free)
     end
     # Decrypts a DataRowRecord in JSON format for a partition_id and returns decrypted data.
@@ -93,6 +99,8 @@ module Asherah
     # @param json [String], DataRowRecord in JSON format
     # @return [String], Decrypted data
     def decrypt(partition_id, json)
+      raise Asherah::Error::NotInitialized unless @initialized
       partition_id_buffer = string_to_cbuffer(partition_id)
       data_buffer = string_to_cbuffer(json)
       output_buffer = allocate_cbuffer(json.bytesize)
@@ -102,7 +110,7 @@ module Asherah
       cbuffer_to_string(output_buffer)
     ensure
-      [partition_id_buffer, data_buffer, output_buffer].map(&:free)
+      [partition_id_buffer, data_buffer, output_buffer].compact.each(&:free)
     end
     # Stop the Asherah instance

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: asherah
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.7.0
 platform: x86_64-darwin
 authors:
 - GoDaddy
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-01-15 00:00:00.000000000 Z
+date: 2025-08-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cobhan
@@ -35,6 +35,7 @@ extensions:
 - ext/asherah/extconf.rb
 extra_rdoc_files: []
 files:
+- ".env.secrets.example"
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
@@ -71,14 +72,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
+rubygems_version: 3.4.19
 signing_key:
 specification_version: 4
 summary: Application Layer Encryption SDK