audited 5.0.2 → 5.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5bb58e8eb5b0de02a18ac5d089ccade2913c399ec66bcbf97551fd9a9f4afb6b
-  data.tar.gz: 905621826a752e1796e0b81a7b448eec483e0ef27ce5de9f02845e0f5fd8be87
+  metadata.gz: 86131fd51439ffb0e1e16fd0b3bdd770c0cdf6de5bc8df5f234377d9ef0aeddb
+  data.tar.gz: 4729941ef95dc9e6e542eb705ac12ff4876999c61f210a50d8ef460a02d71078
 SHA512:
-  metadata.gz: 62448f486877e8a6c86505a7e5f53b805bf4f3a14cad907f83e69cd5175f43a4c3083a08ab4342bad18f5b8b1b104aa20d2d3c375ff86b7e60d48db9cbe00346
-  data.tar.gz: 4bf37e3891074e6f329961c796db27191ead60d225860d3150f310a3888ed3ab52eab1564398ce2f26ad470ba2872979dd14ee48cddf0baaa8f7cbfb63c19091
+  metadata.gz: 27d6c2bd685eaca06093e7b8352aa942b83163a09be96fade16cc39ac46502697ca264a54f7a99a4390afe6cc07fbca0d345cb4ad35d7a11d98fa8da9aa262dd
+  data.tar.gz: 615ffae5d0fe3a44ffde034ddd60a2074cdff6679b1a8d59b23adfa2fed557023ffd786516997627aaf3de7916c39666d85abd24b38b1562976678472bbc85a9

data/.github/workflows/buildlight.yml

@@ -0,0 +1,15 @@
+name: Buildlight
+
+on:
+  workflow_run:
+    workflows:
+      - CI
+    branches:
+      - main
+
+jobs:
+  webhook:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Webhook
+        uses: collectiveidea/buildlight@main

data/.github/workflows/ci.yml

@@ -4,7 +4,7 @@ on:
   pull_request:
   push:
     branches:
-    - master
+    - main
 
 jobs:
   build:
@@ -12,7 +12,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        ruby: [2.3, 2.4, 2.5, 2.6, 2.7, 3.0]
+        ruby: [2.3, 2.4, 2.5, 2.6, 2.7, 3.0, 3.1]
         appraisal:
           - rails50
           - rails51
@@ -27,6 +27,11 @@ jobs:
           - ruby: 2.3
             db: MYSQL
 
+          # PostgreSQL is segfaulting on 2.3
+          # Doesn't seem worth solving.
+          - ruby: 2.3
+            db: POSTGRES
+
           # Rails 5.0 supports Ruby 2.2-2.4
           - appraisal: rails50
             ruby: 2.5
@@ -36,6 +41,8 @@ jobs:
             ruby: 2.7
           - appraisal: rails50
             ruby: 3.0
+          - appraisal: rails50
+            ruby: 3.1
 
           # Rails 5.1 supports Ruby 2.2-2.5
           - appraisal: rails51
@@ -44,6 +51,8 @@ jobs:
             ruby: 2.7
           - appraisal: rails51
             ruby: 3.0
+          - appraisal: rails51
+            ruby: 3.1
 
           # Rails 5.2 supports Ruby 2.2-2.5
           - appraisal: rails52
@@ -52,6 +61,8 @@ jobs:
             ruby: 2.7
           - appraisal: rails52
             ruby: 3.0
+          - appraisal: rails52
+            ruby: 3.1
 
           # Rails 6.0 supports Ruby 2.5-2.7
           - appraisal: rails60
@@ -60,6 +71,8 @@ jobs:
             ruby: 2.4
           - appraisal: rails60
             ruby: 3.0
+          - appraisal: rails60
+            ruby: 3.1
 
           # Rails 6.1 supports Ruby 2.5+
           - appraisal: rails61
@@ -101,7 +114,7 @@ jobs:
         sudo /etc/init.d/mysql start
         mysql -e 'CREATE DATABASE audited_test;' -uroot -proot
         mysql -e 'SHOW DATABASES;' -uroot -proot
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Copy Gemfile
       run: sed 's/\.\././' gemfiles/${{ matrix.appraisal }}.gemfile > Gemfile
     - name: Set up Ruby ${{ matrix.ruby }}

data/Appraisals

@@ -6,6 +6,7 @@ appraise "rails50" do
   gem "mysql2", ">= 0.3.18", "< 0.6.0"
   gem "pg", ">= 0.18", "< 2.0"
   gem "sqlite3", "~> 1.3.6"
+  gem "psych", "~> 3.1"
 end
 
 appraise "rails51" do
@@ -13,13 +14,15 @@ appraise "rails51" do
   gem "mysql2", ">= 0.3.18", "< 0.6.0"
   gem "pg", ">= 0.18", "< 2.0"
   gem "sqlite3", "~> 1.3.6"
+  gem "psych", "~> 3.1"
 end
 
 appraise "rails52" do
-  gem "rails", ">= 5.2.0", "< 5.3"
+  gem "rails", ">= 5.2.8.1", "< 5.3"
   gem "mysql2", ">= 0.4.4", "< 0.6.0"
   gem "pg", ">= 0.18", "< 2.0"
   gem "sqlite3", "~> 1.3.6"
+  gem "psych", "~> 3.1"
 end
 
 appraise "rails60" do
@@ -37,7 +40,7 @@ appraise "rails61" do
 end
 
 appraise "rails70" do
-  gem "rails", ">= 7.0.0.alpha2", "< 7.1"
+  gem "rails", ">= 7.0.0", "< 7.1"
   gem "mysql2", ">= 0.4.4"
   gem "pg", ">= 1.1"
   gem "sqlite3", ">= 1.4"

data/CHANGELOG.md

@@ -1,5 +1,43 @@
 # Audited ChangeLog
 
+## 5.2.0 (2023-01-23)
+
+Improved
+
+- config.audit_class can take a string or constant - @rocket-turtle
+  Fixes overzealous change in 5.1.0 where it only took a string.
+  [#648](https://github.com/collectiveidea/audited/pull/648)
+- README link fix - @jeremiahlukus
+  [#646](https://github.com/collectiveidea/audited/pull/646)
+- Typo fix in GitHub Actions - @jdufresne
+  [#644](https://github.com/collectiveidea/audited/pull/644)
+
+## 5.1.0 (2022-12-23)
+
+Changed
+
+- config.audit_class takes a string - @simmerz
+  [#609](https://github.com/collectiveidea/audited/pull/609)
+- Filter encrypted attributes automatically - @vlad-psh
+  [#630](https://github.com/collectiveidea/audited/pull/630)
+
+Improved
+
+- README improvements - @jess, @mstroming
+  [#605](https://github.com/collectiveidea/audited/pull/605)
+  [#640](https://github.com/collectiveidea/audited/issues/640)
+- Ignore deadlocks in concurrent audit combinations - @Crammaman
+  [#621](https://github.com/collectiveidea/audited/pull/621)
+- Fix timestamped_migrations deprecation warning - @shouichi
+  [#624](https://github.com/collectiveidea/audited/pull/624)
+- Ensure audits are re-enabled after blocks - @dcorlett
+  [#632](https://github.com/collectiveidea/audited/pull/632)
+- Replace raw string where clause with query methods - @macowie
+  [#642](https://github.com/collectiveidea/audited/pull/642)
+- Test against more Ruby/Rails Versions - @enomotodev, @danielmorrison
+  [#610](https://github.com/collectiveidea/audited/pull/610)
+  [#643](https://github.com/collectiveidea/audited/pull/643)
+
 ## 5.0.2 (2021-09-16)
 
 Added
@@ -11,7 +49,7 @@ Improved
 
 - Improve loading - @mvastola
   [#592](https://github.com/collectiveidea/audited/pull/592)
-- Update README - @danirod, clement1234
+- Update README - @danirod, @clement1234
   [#596](https://github.com/collectiveidea/audited/pull/596)
   [#594](https://github.com/collectiveidea/audited/pull/594)
 

data/README.md

@@ -2,7 +2,6 @@ Audited
 [![Gem Version](https://img.shields.io/gem/v/audited.svg)](http://rubygems.org/gems/audited)
 ![Build Status](https://github.com/collectiveidea/audited/actions/workflows/ci.yml/badge.svg)
 [![Code Climate](https://codeclimate.com/github/collectiveidea/audited.svg)](https://codeclimate.com/github/collectiveidea/audited)
-[![Security](https://hakiri.io/github/collectiveidea/audited/master.svg)](https://hakiri.io/github/collectiveidea/audited/master)
 [![Ruby Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://github.com/testdouble/standard)
 =======
 
@@ -18,12 +17,13 @@ For Rails 3, use gem version 3.0 or see the [3.0-stable branch](https://github.c
 
 Audited supports and is [tested against](https://github.com/collectiveidea/audited/actions/workflows/ci.yml) the following Ruby versions:
 
-* 2.3
+* 2.3 (only tested on Sqlite due to testing issues with other DBs)
 * 2.4
 * 2.5
 * 2.6
 * 2.7
 * 3.0
+* 3.1
 
 Audited may work just fine with a Ruby version not listed above, but we can't guarantee that it will. If you'd like to maintain a Ruby that isn't listed, please let us know with a [pull request](https://github.com/collectiveidea/audited/pulls).
 
@@ -286,6 +286,7 @@ class User < ActiveRecord::Base
 end
 
 class Company < ActiveRecord::Base
+  audited
   has_many :users
   has_associated_audits
 end
@@ -314,8 +315,6 @@ If you want to audit only under specific conditions, you can provide conditional
 class User < ActiveRecord::Base
   audited if: :active?
 
-  private
-
   def active?
     last_login > 6.months.ago
   end
@@ -386,6 +385,17 @@ User.auditing_enabled = false
 end
 ```
 
+### Encrypted attributes
+
+If you're using ActiveRecord's encryption (available from Rails 7) to encrypt some attributes, Audited will automatically filter values of these attributes. No additional configuration is required. Changes to encrypted attributes will be logged as `[FILTERED]`.
+
+```ruby
+class User < ActiveRecord::Base
+  audited
+  encrypts :password
+end
+```
+
 ### Custom `Audit` model
 
 If you want to extend or modify the audit model, create a new class that
@@ -402,7 +412,7 @@ Then set it in an initializer:
 # config/initializers/audited.rb
 
 Audited.config do |config|
-  config.audit_class = CustomAudit
+  config.audit_class = "CustomAudit"
 end
 ```
 
@@ -418,7 +428,7 @@ Audited.store_synthesized_enums = true
 
 ## Support
 
-You can find documentation at: http://rdoc.info/github/collectiveidea/audited
+You can find documentation at: https://www.rubydoc.info/gems/audited
 
 Or join the [mailing list](http://groups.google.com/group/audited) to get help or offer suggestions.
 

data/gemfiles/rails50.gemfile

@@ -6,5 +6,6 @@ gem "rails", "~> 5.0.0"
 gem "mysql2", ">= 0.3.18", "< 0.6.0"
 gem "pg", ">= 0.18", "< 2.0"
 gem "sqlite3", "~> 1.3.6"
+gem "psych", "~> 3.1"
 
 gemspec name: "audited", path: "../"

data/gemfiles/rails51.gemfile

@@ -6,5 +6,6 @@ gem "rails", "~> 5.1.4"
 gem "mysql2", ">= 0.3.18", "< 0.6.0"
 gem "pg", ">= 0.18", "< 2.0"
 gem "sqlite3", "~> 1.3.6"
+gem "psych", "~> 3.1"
 
 gemspec name: "audited", path: "../"

data/gemfiles/rails52.gemfile

@@ -2,9 +2,10 @@
 
 source "https://rubygems.org"
 
-gem "rails", ">= 5.2.0", "< 5.3"
+gem "rails", ">= 5.2.8.1", "< 5.3"
 gem "mysql2", ">= 0.4.4", "< 0.6.0"
 gem "pg", ">= 0.18", "< 2.0"
 gem "sqlite3", "~> 1.3.6"
+gem "psych", "~> 3.1"
 
 gemspec name: "audited", path: "../"

data/gemfiles/rails70.gemfile

@@ -2,7 +2,7 @@
 
 source "https://rubygems.org"
 
-gem "rails", ">= 7.0.0.alpha2", "< 7.1"
+gem "rails", ">= 7.0.0", "< 7.1"
 gem "mysql2", ">= 0.4.4"
 gem "pg", ">= 1.1"
 gem "sqlite3", ">= 1.4"

data/lib/audited/audit.rb

@@ -78,14 +78,14 @@ module Audited
     # Returns a hash of the changed attributes with the new values
     def new_attributes
       (audited_changes || {}).each_with_object({}.with_indifferent_access) do |(attr, values), attrs|
-        attrs[attr] = (action == "update" ? values.last : values)
+        attrs[attr] = (action == "update") ? values.last : values
       end
     end
 
     # Returns a hash of the changed attributes with the old values
     def old_attributes
       (audited_changes || {}).each_with_object({}.with_indifferent_access) do |(attr, values), attrs|
-        attrs[attr] = (action == "update" ? values.first : values)
+        attrs[attr] = (action == "update") ? values.first : values
       end
     end
 
@@ -174,7 +174,7 @@ module Audited
       if action == "create"
         self.version = 1
       else
-        collection = Rails::VERSION::MAJOR >= 6 ? self.class.unscoped : self.class
+        collection = (Rails::VERSION::MAJOR >= 6) ? self.class.unscoped : self.class
         max = collection.auditable_finder(auditable_id, auditable_type).maximum(:version) || 0
         self.version = max + 1
       end

data/lib/audited/auditor.rb

@@ -13,7 +13,7 @@ module Audited
   #
   # See <tt>Audited::Auditor::ClassMethods#audited</tt>
   # for configuration options
-  module Auditor #:nodoc:
+  module Auditor # :nodoc:
     extend ActiveSupport::Concern
 
     CALLBACKS = [:audit_create, :audit_update, :audit_destroy]
@@ -172,14 +172,15 @@ module Audited
       # List of attributes that are audited.
       def audited_attributes
         audited_attributes = attributes.except(*self.class.non_audited_columns)
+        audited_attributes = redact_values(audited_attributes)
+        audited_attributes = filter_encrypted_attrs(audited_attributes)
         normalize_enum_changes(audited_attributes)
       end
 
       # Returns a list combined of record audits and associated audits.
       def own_and_associated_audits
-        Audited.audit_class.unscoped
-          .where("(auditable_type = :type AND auditable_id = :id) OR (associated_type = :type AND associated_id = :id)",
-            type: self.class.base_class.name, id: id)
+        Audited.audit_class.unscoped.where(auditable: self)
+          .or(Audited.audit_class.unscoped.where(associated: self))
           .order(created_at: :desc)
       end
 
@@ -190,8 +191,13 @@ module Audited
         combine_target.comment = "#{combine_target.comment}\nThis audit is the result of multiple audits being combined."
 
         transaction do
-          combine_target.save!
-          audits_to_combine.unscope(:limit).where("version < ?", combine_target.version).delete_all
+          begin
+            combine_target.save!
+            audits_to_combine.unscope(:limit).where("version < ?", combine_target.version).delete_all
+          rescue ActiveRecord::Deadlocked
+            # Ignore Deadlocks, if the same record is getting its old audits combined more than once at the same time then
+            # both combining operations will be the same. Ignoring this error allows one of the combines to go through successfully.
+          end
         end
       end
 
@@ -234,6 +240,7 @@ module Audited
           end
 
         filtered_changes = redact_values(filtered_changes)
+        filtered_changes = filter_encrypted_attrs(filtered_changes)
         filtered_changes = normalize_enum_changes(filtered_changes)
         filtered_changes.to_hash
       end
@@ -257,19 +264,36 @@ module Audited
       end
 
       def redact_values(filtered_changes)
-        [audited_options[:redacted]].flatten.compact.each do |option|
-          changes = filtered_changes[option.to_s]
-          new_value = audited_options[:redaction_value] || REDACTED
-          values = if changes.is_a? Array
-            changes.map { new_value }
-          else
-            new_value
-          end
-          hash = {option.to_s => values}
-          filtered_changes.merge!(hash)
+        filter_attr_values(
+          audited_changes: filtered_changes,
+          attrs: Array(audited_options[:redacted]).map(&:to_s),
+          placeholder: audited_options[:redaction_value] || REDACTED
+        )
+      end
+
+      def filter_encrypted_attrs(filtered_changes)
+        filter_attr_values(
+          audited_changes: filtered_changes,
+          attrs: respond_to?(:encrypted_attributes) ? Array(encrypted_attributes).map(&:to_s) : []
+        )
+      end
+
+      # Replace values for given attrs to a placeholder and return modified hash
+      #
+      # @param audited_changes [Hash] Hash of changes to be saved to audited version record
+      # @param attrs [Array<String>] Array of attrs, values of which will be replaced to placeholder value
+      # @param placeholder [String] Placeholder to replace original attr values
+      def filter_attr_values(audited_changes: {}, attrs: [], placeholder: "[FILTERED]")
+        attrs.each do |attr|
+          next unless audited_changes.key?(attr)
+
+          changes = audited_changes[attr]
+          values = changes.is_a?(Array) ? changes.map { placeholder } : placeholder
+
+          audited_changes[attr] = values
         end
 
-        filtered_changes
+        audited_changes
       end
 
       def rails_below?(rails_version)
@@ -290,20 +314,20 @@ module Audited
 
       def audit_create
         write_audit(action: "create", audited_changes: audited_attributes,
-                    comment: audit_comment)
+          comment: audit_comment)
       end
 
       def audit_update
         unless (changes = audited_changes).empty? && (audit_comment.blank? || audited_options[:update_with_comment_only] == false)
           write_audit(action: "update", audited_changes: changes,
-                      comment: audit_comment)
+            comment: audit_comment)
         end
       end
 
       def audit_destroy
         unless new_record?
           write_audit(action: "destroy", audited_changes: audited_attributes,
-                      comment: audit_comment)
+            comment: audit_comment)
         end
       end
 
@@ -397,7 +421,7 @@ module Audited
       #   end
       #
       def without_auditing
-        auditing_was_enabled = auditing_enabled
+        auditing_was_enabled = class_auditing_enabled
         disable_auditing
         yield
       ensure
@@ -411,7 +435,7 @@ module Audited
       #   end
       #
       def with_auditing
-        auditing_was_enabled = auditing_enabled
+        auditing_was_enabled = class_auditing_enabled
         enable_auditing
         yield
       ensure
@@ -435,7 +459,7 @@ module Audited
       end
 
       def auditing_enabled
-        Audited.store.fetch("#{table_name}_auditing_enabled", true) && Audited.auditing_enabled
+        class_auditing_enabled && Audited.auditing_enabled
       end
 
       def auditing_enabled=(val)
@@ -466,6 +490,10 @@ module Audited
           default_ignored_attributes
         end
       end
+
+      def class_auditing_enabled
+        Audited.store.fetch("#{table_name}_auditing_enabled", true)
+      end
     end
   end
 end

data/lib/audited/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Audited
-  VERSION = "5.0.2"
+  VERSION = "5.2.0"
 end

data/lib/audited.rb

@@ -13,9 +13,16 @@ module Audited
     attr_writer :audit_class
 
     def audit_class
-      @audit_class ||= Audit
+      # The audit_class is set as String in the initializer. It can not be constantized during initialization and must
+      # be constantized at runtime. See https://github.com/collectiveidea/audited/issues/608
+      @audit_class = @audit_class.safe_constantize if @audit_class.is_a?(String)
+      @audit_class ||= Audited::Audit
     end
 
+    # remove audit_model in next major version it was only shortly present in 5.1.0
+    alias_method :audit_model, :audit_class
+    deprecate audit_model: "use Audited.audit_class instead of Audited.audit_model. This method will be removed."
+
     def store
       current_store_value = Thread.current.thread_variable_get(:audited_store)
 

data/lib/generators/audited/migration.rb

@@ -4,14 +4,22 @@ module Audited
   module Generators
     module Migration
       # Implement the required interface for Rails::Generators::Migration.
-      def next_migration_number(dirname) #:nodoc:
+      def next_migration_number(dirname) # :nodoc:
         next_migration_number = current_migration_number(dirname) + 1
-        if ::ActiveRecord::Base.timestamped_migrations
+        if timestamped_migrations?
           [Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
         else
           "%.3d" % next_migration_number
         end
       end
+
+      private
+
+      def timestamped_migrations?
+        (Rails.version >= "7.0") ?
+          ::ActiveRecord.timestamped_migrations :
+          ::ActiveRecord::Base.timestamped_migrations
+      end
     end
   end
 end

data/spec/audited/audit_spec.rb

@@ -37,7 +37,7 @@ describe Audited::Audit do
 
     context "when a custom audit class is configured" do
       it "should be used in place of #{described_class}" do
-        Audited.config { |config| config.audit_class = CustomAudit }
+        Audited.config { |config| config.audit_class = "CustomAudit" }
         TempModel1.audited
 
         record = TempModel1.create

data/spec/audited/auditor_spec.rb

@@ -234,6 +234,14 @@ describe Audited::Auditor do
       expect(user.audits.last.audited_changes["password"]).to eq(["My", "Custom", "Value", 7])
     end
 
+    if ::ActiveRecord::VERSION::MAJOR >= 7
+      it "should filter encrypted attributes" do
+        user = Models::ActiveRecord::UserWithEncryptedPassword.create(password: "password")
+        user.save
+        expect(user.audits.last.audited_changes["password"]).to eq("[FILTERED]")
+      end
+    end
+
     if ActiveRecord::Base.connection.adapter_name == "PostgreSQL"
       describe "'json' and 'jsonb' audited_changes column type" do
         let(:migrations_path) { SPEC_ROOT.join("support/active_record/postgres") }
@@ -272,11 +280,11 @@ describe Audited::Auditor do
       yesterday = 1.day.ago
 
       u = Models::ActiveRecord::NoAttributeProtectionUser.new(name: "name",
-                                                              username: "username",
-                                                              password: "password",
-                                                              activated: true,
-                                                              suspended_at: yesterday,
-                                                              logins: 2)
+        username: "username",
+        password: "password",
+        activated: true,
+        suspended_at: yesterday,
+        logins: 2)
 
       expect(u.name).to eq("name")
       expect(u.username).to eq("username")
@@ -814,6 +822,15 @@ describe Audited::Auditor do
       }.to_not change(Audited::Audit, :count)
     end
 
+    context "when global audits are disabled" do
+      it "should re-enable class audits after #without_auditing block" do
+        Audited.auditing_enabled = false
+        Models::ActiveRecord::User.without_auditing {}
+        Audited.auditing_enabled = true
+        expect(Models::ActiveRecord::User.auditing_enabled).to eql(true)
+      end
+    end
+
     it "should reset auditing status even it raises an exception" do
       begin
         Models::ActiveRecord::User.without_auditing { raise }
@@ -884,6 +901,15 @@ describe Audited::Auditor do
       }.to change(Audited::Audit, :count).by(1)
     end
 
+    context "when global audits are disabled" do
+      it "should re-enable class audits after #with_auditing block" do
+        Audited.auditing_enabled = false
+        Models::ActiveRecord::User.with_auditing {}
+        Audited.auditing_enabled = true
+        expect(Models::ActiveRecord::User.auditing_enabled).to eql(true)
+      end
+    end
+
     it "should reset auditing status even it raises an exception" do
       Models::ActiveRecord::User.disable_auditing
       begin

data/spec/rails_app/config/application.rb

@@ -4,6 +4,12 @@ module RailsApp
   class Application < Rails::Application
     config.root = File.expand_path("../../", __FILE__)
     config.i18n.enforce_available_locales = true
+
+    if !Rails.version.start_with?("5.0") && !Rails.version.start_with?("5.1") && config.active_record.respond_to?(:yaml_column_permitted_classes=)
+      config.active_record.yaml_column_permitted_classes =
+        %w[String Symbol Integer NilClass Float Time Date FalseClass Hash Array DateTime TrueClass BigDecimal
+          ActiveSupport::TimeWithZone ActiveSupport::TimeZone ActiveSupport::HashWithIndifferentAccess]
+    end
   end
 end
 

data/spec/rails_app/config/environments/test.rb

@@ -44,4 +44,9 @@ RailsApp::Application.configure do
 
   # Raises error for missing translations
   # config.action_view.raise_on_missing_translations = true
+
+  if ::ActiveRecord::VERSION::MAJOR >= 7
+    config.active_record.encryption.key_derivation_salt = SecureRandom.hex
+    config.active_record.encryption.primary_key = SecureRandom.hex
+  end
 end

data/spec/support/active_record/models.rb

@@ -41,6 +41,14 @@ module Models
       audited redacted: :password, redaction_value: ["My", "Custom", "Value", 7]
     end
 
+    if ::ActiveRecord::VERSION::MAJOR >= 7
+      class UserWithEncryptedPassword < ::ActiveRecord::Base
+        self.table_name = :users
+        audited
+        encrypts :password
+      end
+    end
+
     class CommentRequiredUser < ::ActiveRecord::Base
       self.table_name = :users
       audited except: :password, comment_required: true

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: audited
 version: !ruby/object:Gem::Version
-  version: 5.0.2
+  version: 5.2.0
 platform: ruby
 authors:
 - Brandon Keepers
@@ -13,7 +13,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-16 00:00:00.000000000 Z
+date: 2023-01-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -115,16 +115,16 @@ dependencies:
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.3.6
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.3.6
 - !ruby/object:Gem::Dependency
   name: mysql2
   requirement: !ruby/object:Gem::Requirement
@@ -165,6 +165,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/buildlight.yml"
 - ".github/workflows/ci.yml"
 - ".gitignore"
 - ".standard.yml"
@@ -251,7 +252,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: Log all changes to your models