RubyGems - asherah - Versions diffs - 0.7.0 → 0.8.1 - Mend

asherah 0.7.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cfe124753aae400175a8cfb7c174b61c48deaa36f99e8eb7a78f2aadd65c7a76
-  data.tar.gz: ce325e03fbdef5eefe8a7beb75d3b4674a8a540e4a99412be8dcf76c4e749a5a
+  metadata.gz: 9b01c42d984ec9ab0d2bb7f28e58fb1b3f534c46696a545004476d8f31f31841
+  data.tar.gz: bece06e7a7c1c9fd9c7ffe0880ec18b4fe236133af0fae47c5c62553f32c4af9
 SHA512:
-  metadata.gz: d5b49fe5bd9d160bff6869d1f7e0fa432291ee3f9c44c233b3ba00de6b948b40c270cc351876f4a53537c59f33efcd0f1d2ddf217dd5594563b20a9bf3023508
-  data.tar.gz: 209aeae029bf569eb7d30ae8854e72d20e1fc22a56b6ca7ac7319e4edc0de34318a3523f3b3e0785d59406b370c8b154cac5140fc921eaa7a08c6d217ce49c4b
+  metadata.gz: e6e509ba7fd6e7ceaddc37c1cb6a3d30d3aed1020faeadaa7ce782cdb0d2dda2632aef05dcca268f26230bb1c42dd21da660b6ec98f03b838f4d1653dc6fdd76
+  data.tar.gz: 49a54d850740147e8e19a2e0e0abb7c0b3a214ce446640a91006099926b8bea86b379ff2bd0b585cde500c01474383de30d53b18600883308dbf1eec2b2512ff

data/.rubocop.yml CHANGED Viewed

@@ -95,6 +95,9 @@ Style/Documentation:
 Style/DocumentationMethod:
   Enabled: false # YARD comments are optional
+Style/EmptyClassDefinition:
+  Enabled: false
 # Additional cops for code quality
 Lint/UnusedMethodArgument:
   Enabled: true

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,15 @@
 ## [Unreleased]
+## [0.8.1] - 2026-03-05
+- Upgrade to use asherah-cobhan v0.5.1
+- Fix buffer undersize from float truncation in estimate_buffer
+## [0.8.0] - 2026-03-04
+- Upgrade to use asherah-cobhan v0.5.0
+- Expose disable_zero_copy config option to disable zero-copy FFI input buffers
 ## [0.7.0] - 2025-08-15
 - Fix memory leak risks in buffer management

data/README.md CHANGED Viewed

@@ -69,6 +69,22 @@ After checking out the repo, run `bin/setup` to install dependencies. Then, run
 For tests requiring secrets (AWS KMS, database credentials), copy `.env.secrets.example` to `.env.secrets` and fill in the required values. The `.env.secrets` file is already in `.gitignore` to prevent accidental commits.
+### Cross-Language Tests
+Cross-language tests verify that data encrypted with the Go implementation can be decrypted with the Ruby implementation and vice versa.
+**Prerequisites:**
+- MySQL running locally
+- Go 1.24+ installed
+**Running the tests:**
+```bash
+TEST_DB_PASSWORD=pass bin/cross-language-test.sh
+```
+See `bin/cross-language-test.sh` for available environment variables and their defaults.
 To install this gem onto your local machine, run `rake install`.
 To release a new version, update the version number in `version.rb`, create and push a version tag:

data/ext/asherah/checksums.yml CHANGED Viewed

@@ -1,5 +1,5 @@
-version:                v0.4.35
-libasherah-arm64.so:    fad23a38e68e126374075adf197f0f431720aea9852deebe5f62d9240c935a66
-libasherah-x64.so:      8c52fc000df2c02fb2d1430afc3cd68e997f47f04b60d61481f8c4b201958ef8
-libasherah-arm64.dylib: 315bc41c85177a2b0c97f32e0af8e2694f393928678cbe648fdd8c16b8fe062a
-libasherah-x64.dylib:   848d3635713373e0482223087f454ff8464e36e7695e0ed19f830737288adaa9
+version:                v0.5.1
+libasherah-arm64.so:    eb1cf59da6e7006ba8044fa9b4ec471f32576f7edb1169e30f059c5f8815c044
+libasherah-x64.so:      16237a58335e86c510a20a0a6e9afa6502026e9f5fd374012db8ee9130f41eed
+libasherah-arm64.dylib: 03260e6552b7eb17b7cbe0cb6c16486bc4d17a110c1dc8ab9293cc4b678a8b80
+libasherah-x64.dylib:   df7d71223bdfc23afc29a5bf72e0294b12d632b63f135e7ac4194ec8d69c3766

data/lib/asherah/config.rb CHANGED Viewed

@@ -21,6 +21,7 @@ module Asherah
   # @attr [Integer] expire_after, The amount of time in seconds a key is considered valid
   # @attr [Integer] check_interval, The amount of time in seconds before cached keys are considered stale
   # @attr [Boolean] enable_session_caching, Enable shared session caching
+  # @attr [Boolean] disable_zero_copy, Disable zero-copy FFI input buffers to prevent use-after-free from caller runtime
   # @attr [Boolean] verbose, Enable verbose logging output
   class Config
     MAPPING = {
@@ -40,6 +41,7 @@ module Asherah
       session_cache_max_size: :SessionCacheMaxSize,
       session_cache_duration: :SessionCacheDuration,
       enable_session_caching: :EnableSessionCaching,
+      disable_zero_copy: :DisableZeroCopy,
       expire_after: :ExpireAfter,
       check_interval: :CheckInterval,
       verbose: :Verbose

data/lib/asherah/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Asherah
-  VERSION = '0.7.0'
+  VERSION = '0.8.1'
 end

data/lib/asherah.rb CHANGED Viewed

@@ -124,10 +124,12 @@ module Asherah
     private
     def estimate_buffer(data_bytesize, partition_bytesize)
+      est_data_len = (((data_bytesize + ESTIMATED_ENCRYPTION_OVERHEAD) * BASE64_OVERHEAD).to_i + 1)
       ESTIMATED_ENVELOPE_OVERHEAD +
         @intermediated_key_overhead_bytesize +
         partition_bytesize +
-        ((data_bytesize + ESTIMATED_ENCRYPTION_OVERHEAD) * BASE64_OVERHEAD)
+        est_data_len
     end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: asherah
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.1
 platform: ruby
 authors:
 - GoDaddy
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2025-08-15 00:00:00.000000000 Z
+date: 2026-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cobhan