auth-sanitizer 0.1.4 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 134e152d645296157cf025d9f20f4b025c2d08c93e73309112d6a7e7a9f785c3
4
- data.tar.gz: 379cd508b6292e2c1185a5ac698f6f0d641c5f3bd5a9ea7163021cb07afa4544
3
+ metadata.gz: 633789bb7c954fcea43d081527da59affeb9e4859773ccb94ba98b6a5dc767c5
4
+ data.tar.gz: dd4f09c0461cee4cc31ee4900771e34c5349f2a7cb43028c582753cd055d5c7d
5
5
  SHA512:
6
- metadata.gz: d2e89fd515ca049f65513c2ebc298734059633723277ae406d00d930323aa4b16ed4107e18e89e794e8baf2068724abc9ca0397b986f1724c700308165d7bea1
7
- data.tar.gz: d744e2ee6178191389e5ed202e9013114bd939de28c73323cad589afb6175a4b38045356b911523d54865c262a3c8a3beb05d91fc7e9b96fb44de477a7bc62f1
6
+ metadata.gz: bde13e5621861e7361f273917922ece5353a87178addca4b835b00d879c30aea7dd3fe1b8e16db3bd88dde05a1164d52c19bde07ca7785d7de45bed7e0660bba
7
+ data.tar.gz: 463eecc6672abdaadc05b0d8c0b22e8ab0a05793265fdfe76ac3ccd4d49bf26b1b4bd9b7011ac23cfeee69c1d8e2eeb55f8f82546cc0e7a7eb651b95d870eb52
checksums.yaml.gz.sig CHANGED
Binary file
data/CHANGELOG.md CHANGED
@@ -30,6 +30,62 @@ Please file a bug if you notice a violation of semantic versioning.
30
30
 
31
31
  ### Security
32
32
 
33
+ ## [0.2.1] - 2026-06-06
34
+
35
+ - TAG: [v0.2.1][0.2.1t]
36
+ - COVERAGE: 100.00% -- 145/145 lines in 6 files
37
+ - BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
38
+ - 84.62% documented
39
+
40
+ ### Fixed
41
+
42
+ - Removed the duplicate RBS declaration for `Auth::Sanitizer::VERSION`, fixing
43
+ `RBS::DuplicatedDeclarationError` in downstream projects.
44
+ - Fixed the README support table to list Ruby 2.3 as supported but untested,
45
+ matching the current runtime support and CI policy.
46
+
47
+ ## [0.2.0] - 2026-06-04
48
+
49
+ - TAG: [v0.2.0][0.2.0t]
50
+ - COVERAGE: 100.00% -- 145/145 lines in 6 files
51
+ - BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
52
+ - 84.62% documented
53
+
54
+ ### Changed
55
+
56
+ - Changed `FilteredAttributes#inspect` to redact narrow patterns from
57
+ `super.inspect` instead of rebuilding object inspect output, preserving host
58
+ inspect behavior.
59
+
60
+ ### Fixed
61
+
62
+ - Redacted configured attributes inside standard Ruby hash inspect fragments,
63
+ including nested attribute hashes.
64
+
65
+ ## [0.1.5] - 2026-06-03
66
+
67
+ - TAG: [v0.1.5][0.1.5t]
68
+ - COVERAGE: 100.00% -- 138/138 lines in 6 files
69
+ - BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
70
+ - 84.62% documented
71
+
72
+ ### Added
73
+
74
+ - Added `VersionGem::Basic` helpers to `Auth::Sanitizer::Version`.
75
+
76
+ ### Changed
77
+
78
+ - Refreshed generated package metadata, support documentation, CI workflows,
79
+ and development dependency floors from the current kettle-jem template.
80
+ - Documented that CI workflows and appraisals now target MRI Ruby 2.4+ while
81
+ runtime compatibility remains MRI Ruby 2.2+.
82
+
83
+ ### Fixed
84
+
85
+ - Prevented isolated loader namespace leakage on Ruby 2.5 and older TruffleRuby runtimes.
86
+ - Protected the custom gemspec version loader from templating rewrites so
87
+ version detection does not define top-level `Auth` on older Rubies.
88
+
33
89
  ## [0.1.4] - 2026-05-21
34
90
 
35
91
  - TAG: [v0.1.4][0.1.4t]
@@ -95,7 +151,13 @@ Please file a bug if you notice a violation of semantic versioning.
95
151
 
96
152
  - Initial release
97
153
 
98
- [Unreleased]: https://github.com//ruby-oauth/auth-sanitizer/compare/v0.1.4...HEAD
154
+ [Unreleased]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.2.1...HEAD
155
+ [0.2.1]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.2.0...v0.2.1
156
+ [0.2.1t]: https://github.com/ruby-oauth/auth-sanitizer/releases/tag/v0.2.1
157
+ [0.2.0]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.1.5...v0.2.0
158
+ [0.2.0t]: https://github.com/ruby-oauth/auth-sanitizer/releases/tag/v0.2.0
159
+ [0.1.5]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.1.4...v0.1.5
160
+ [0.1.5t]: https://github.com/ruby-oauth/auth-sanitizer/releases/tag/v0.1.5
99
161
  [0.1.4]: https://github.com//ruby-oauth/auth-sanitizer/compare/v0.1.3...v0.1.4
100
162
  [0.1.4t]: https://github.com//ruby-oauth/auth-sanitizer/releases/tag/v0.1.4
101
163
  [0.1.3]: https://github.com//ruby-oauth/auth-sanitizer/compare/v0.1.2...v0.1.3
data/CITATION.cff CHANGED
@@ -7,7 +7,7 @@ type: software
7
7
  authors:
8
8
  - given-names: "Peter H."
9
9
  family-names: "Boling"
10
- email: "floss@glatzo.com"
10
+ email: "floss@galtzo.com"
11
11
  affiliation: "galtzo.com"
12
12
  orcid: 'https://orcid.org/0009-0008-8519-441X'
13
13
  identifiers:
data/CODE_OF_CONDUCT.md CHANGED
@@ -71,11 +71,6 @@ reporter of any incident.
71
71
  Community leaders will follow these Community Impact Guidelines in determining
72
72
  the consequences for any action they deem in violation of this Code of Conduct:
73
73
 
74
- * Participants will be tolerant of opposing views.
75
- * Participants must ensure that their language and actions are free of personal attacks and disparaging personal remarks.
76
- * When interpreting the words and actions of others, participants should always assume good intentions.
77
- * Behaviour which can be reasonably considered harassment will not be tolerated.
78
-
79
74
  ### 1. Correction
80
75
 
81
76
  **Community Impact**: Use of inappropriate language or other behavior deemed
data/CONTRIBUTING.md CHANGED
@@ -8,19 +8,27 @@ To submit a patch, please fork the project, create a patch with tests, and send
8
8
 
9
9
  Remember to [![Keep A Changelog][📗keep-changelog-img]][📗keep-changelog] if you make changes.
10
10
 
11
+ ## Developer Certificate of Origin
12
+
13
+ In order to protect users of this project, we require all contributors to comply with the
14
+ [Developer Certificate of Origin](https://developercertificate.org/).
15
+ This ensures that all contributions are properly licensed and attributed.
16
+
11
17
  ## Help out!
12
18
 
13
- Take a look at the `reek` list which is the file called `REEK` and find something to improve.
19
+ Take a look at the open issues and pull requests, or use the gem and find something to improve.
14
20
 
15
21
  Follow these instructions:
16
22
 
17
- 1. Fork the repository
18
- 2. Create a feature branch (`git checkout -b my-new-feature`)
19
- 3. Make some fixes.
20
- 4. Commit changes (`git commit -am 'Added some feature'`)
21
- 5. Push to the branch (`git push origin my-new-feature`)
22
- 6. Make sure to add tests for it. This is important, so it doesn't break in a future release.
23
- 7. Create new Pull Request.
23
+ 1. Join the Discord: [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite]
24
+ 2. Fork the repository
25
+ 3. Create your feature branch (`git checkout -b my-new-feature`)
26
+ 4. Make some fixes.
27
+ 5. Commit your changes (`git commit -am 'Added some feature'`)
28
+ 6. Push to the branch (`git push origin my-new-feature`)
29
+ 7. Make sure to add tests for it. This is important, so it doesn't break in a future release.
30
+ 8. Create new Pull Request.
31
+ 9. Announce it in the channel for this org in the [Discord][✉️discord-invite]!
24
32
 
25
33
  ## Executables vs Rake tasks
26
34
 
@@ -42,6 +50,22 @@ There are many Rake tasks available as well. You can see them by running:
42
50
  bin/rake -T
43
51
  ```
44
52
 
53
+ ## Code quality checks
54
+
55
+ Run the Reek task when you want a smell check that fails on current findings:
56
+
57
+ ```shell
58
+ bin/rake reek
59
+ ```
60
+
61
+ Refresh the checked-in `REEK` backlog through the rake task, not by redirecting
62
+ the raw `reek` executable output. The rake task uses the project bundle and
63
+ avoids stale generated binstubs shadowing the Reek gem executable:
64
+
65
+ ```shell
66
+ bin/rake reek:update
67
+ ```
68
+
45
69
  ## Environment Variables for Local Development
46
70
 
47
71
  Below are the primary environment variables recognized by stone_checksums (and its integrated tools). Unless otherwise noted, set boolean values to the string "true" to enable.
@@ -78,11 +102,32 @@ Git hooks and commit message helpers (exe/kettle-commit-msg)
78
102
  - GIT_HOOK_FOOTER_SENTINEL: Required when footer append is enabled — a unique first-line sentinel to prevent duplicates
79
103
  - GIT_HOOK_FOOTER_APPEND_DEBUG: Extra debug output in the footer template (true/false)
80
104
 
105
+ Git diff driver setup
106
+ - Local setup writes repository `.gitattributes` entries and local Git `diff.smorg-*` command config so this checkout uses StructuredMerge semantic diffs.
107
+ - Global setup registers `diff.smorg-*` commands once in the user Git config; use it when you work across several StructuredMerge-enabled repositories.
108
+ - Include-file setup writes `.git/smorg/config` and includes it from local Git config, keeping command registrations out of the repository files.
109
+ - Git hosting forges generally ignore external diff drivers, so pull request views may still show raw textual diffs even when local `git diff` uses semantic drivers.
110
+
111
+ ```console
112
+ K_JEM_TEMPLATING=true bundle exec kettle-jem install
113
+ ```
114
+
115
+ Troubleshooting Git diffs
116
+ - Use `git diff --no-ext-diff` to compare against Git's built-in diff output.
117
+ - Use `git diff --no-textconv` when a textconv projection obscures the raw file bytes you need to inspect.
118
+ - If Git reports a missing `smorg-*` executable, rerun `bundle install` and the setup command above, then check `git config --local --get-regexp '^diff\.smorg-'`.
119
+ - To remove managed local entries, run `K_JEM_TEMPLATING=true bundle exec kettle-jem install --undo`; remove global command registrations with `git config --global --unset-all diff.smorg-ruby.command`.
120
+
81
121
  For a quick starting point, this repository’s `mise.toml` defines the shared defaults, and `.env.local` can override them locally. Copy `.env.local.example` to `.env.local`, use `KEY=value` lines, and either activate `mise` in your shell or run commands through `mise exec -C /path/to/project -- ...`.
82
122
 
83
123
  ## Appraisals
84
124
 
85
125
  From time to time the [appraisal2][🚎appraisal2] gemfiles in `gemfiles/` will need to be updated.
126
+ Generated appraisal and CI workflow floors are controlled by `ruby.test_minimum`
127
+ in `.structuredmerge/kettle-jem.yml`; this project was templated with `ruby.test_minimum: 2.4`.
128
+ That value describes the lowest Ruby version expected to run the test/development
129
+ toolchain, and it may be higher than the gemspec runtime floor.
130
+
86
131
  They are created and updated with the commands:
87
132
 
88
133
  ```console
@@ -97,22 +142,20 @@ bin/rake appraisal:reset
97
142
 
98
143
  When adding an appraisal to CI, check the [runner tool cache][🏃‍♂️runner-tool-cache] to see which runner to use.
99
144
 
100
- ## The Reek List
101
-
102
- Take a look at the `reek` list which is the file called `REEK` and find something to improve.
145
+ ## Run Tests
103
146
 
104
- To refresh the `reek` list:
147
+ Run tests via `kettle-test` (provided by `kettle-test`). It runs RSpec, writes the full log to
148
+ `tmp/kettle-test/rspec-TIMESTAMP.log`, and prints a compact highlight block with timing, seed,
149
+ pass/fail count, failing example list, and SimpleCov coverage percentages.
105
150
 
106
151
  ```console
107
- bundle exec reek > REEK
152
+ bundle exec kettle-test
108
153
  ```
109
154
 
110
- ## Run Tests
111
-
112
- To run all tests
155
+ For targeted runs, disable the hard coverage threshold to avoid false failures:
113
156
 
114
157
  ```console
115
- bundle exec rake test
158
+ K_SOUP_COV_MIN_HARD=false bundle exec kettle-test spec/path/to/spec.rb
116
159
  ```
117
160
 
118
161
  ### Spec organization (required)
@@ -183,33 +226,34 @@ NOTE: To build without signing the gem set `SKIP_GEM_SIGNING` to any value in th
183
226
  1. Run `bin/setup && bin/rake` as a "test, coverage, & linting" sanity check
184
227
  2. Update the version number in `version.rb`, and ensure `CHANGELOG.md` reflects changes
185
228
  3. Run `bin/setup && bin/rake` again as a secondary check, and to update `Gemfile.lock`
186
- 4. Run `git commit -am "🔖 Prepare release v<VERSION>"` to commit the changes
187
- 5. Run `git push` to trigger the final CI pipeline before release, and merge PRs
229
+ 4. Run `bin/rake yard` to regenerate the docs site using the canonical docs task
230
+ 5. Run `git commit -am "🔖 Prepare release v<VERSION>"` to commit the changes
231
+ 6. Run `git push` to trigger the final CI pipeline before release, and merge PRs
188
232
  - NOTE: Remember to [check the build][🧪build].
189
- 6. Run `export GIT_TRUNK_BRANCH_NAME="$(git remote show origin | grep 'HEAD branch' | cut -d ' ' -f5)" && echo $GIT_TRUNK_BRANCH_NAME`
190
- 7. Run `git checkout $GIT_TRUNK_BRANCH_NAME`
191
- 8. Run `git pull origin $GIT_TRUNK_BRANCH_NAME` to ensure latest trunk code
192
- 9. Optional for older Bundler (< 2.7.0): Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use the same timestamp and generate the same checksums
233
+ 7. Run `export GIT_TRUNK_BRANCH_NAME="$(git remote show origin | grep 'HEAD branch' | cut -d ' ' -f5)" && echo $GIT_TRUNK_BRANCH_NAME`
234
+ 8. Run `git checkout $GIT_TRUNK_BRANCH_NAME`
235
+ 9. Run `git pull origin $GIT_TRUNK_BRANCH_NAME` to ensure latest trunk code
236
+ 10. Optional for older Bundler (< 2.7.0): Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use the same timestamp and generate the same checksums
193
237
  - If your Bundler is >= 2.7.0, you can skip this; builds are reproducible by default.
194
238
  - Run `export SOURCE_DATE_EPOCH=$EPOCHSECONDS && echo $SOURCE_DATE_EPOCH`
195
239
  - If the echo above has no output, then it didn't work.
196
240
  - Note: `zsh/datetime` module is needed, if running `zsh`.
197
241
  - In older versions of `bash` you can use `date +%s` instead, i.e. `export SOURCE_DATE_EPOCH=$(date +%s) && echo $SOURCE_DATE_EPOCH`
198
- 10. Run `bundle exec rake build`
199
- 11. Run `bin/gem_checksums` (more context [1][🔒️rubygems-checksums-pr], [2][🔒️rubygems-guides-pr])
242
+ 11. Run `bundle exec rake build`
243
+ 12. Run `bin/gem_checksums` (more context [1][🔒️rubygems-checksums-pr], [2][🔒️rubygems-guides-pr])
200
244
  to create SHA-256 and SHA-512 checksums. This functionality is provided by the `stone_checksums`
201
245
  [gem][💎stone_checksums].
202
246
  - The script automatically commits but does not push the checksums
203
- 12. Sanity check the SHA256, comparing with the output from the `bin/gem_checksums` command:
247
+ 13. Sanity check the SHA256, comparing with the output from the `bin/gem_checksums` command:
204
248
  - `sha256sum pkg/<gem name>-<version>.gem`
205
- 13. Run `bundle exec rake release` which will create a git tag for the version,
249
+ 14. Run `bundle exec rake release` which will create a git tag for the version,
206
250
  push git commits and tags, and push the `.gem` file to the gem host configured in the gemspec.
207
251
 
208
- [📜src-gl]: https://gitlab.com/ruby-oauth/auth-sanitizer/
252
+ [📜src-gl]: https://gitlab.com/ruby-oauth/auth-sanitizer
209
253
  [📜src-cb]: https://codeberg.org/ruby-oauth/auth-sanitizer
210
254
  [📜src-gh]: https://github.com/ruby-oauth/auth-sanitizer
211
255
  [🧪build]: https://github.com/ruby-oauth/auth-sanitizer/actions
212
- [🤝conduct]: https://gitlab.com/ruby-oauth/auth-sanitizer/-/blob/main/CODE_OF_CONDUCT.md
256
+ [🤝conduct]: https://github.com/ruby-oauth/auth-sanitizer/blob/main/CODE_OF_CONDUCT.md
213
257
  [🖐contrib-rocks]: https://contrib.rocks
214
258
  [🖐contributors]: https://github.com/ruby-oauth/auth-sanitizer/graphs/contributors
215
259
  [🚎contributors-gl]: https://gitlab.com/ruby-oauth/auth-sanitizer/-/graphs/main
@@ -225,3 +269,4 @@ NOTE: To build without signing the gem set `SKIP_GEM_SIGNING` to any value in th
225
269
  [📌major-versions-not-sacred]: https://tom.preston-werner.com/2022/05/23/major-version-numbers-are-not-sacred.html
226
270
  [🚎appraisal2]: https://github.com/appraisal-rb/appraisal2
227
271
  [🏃‍♂️runner-tool-cache]: https://github.com/ruby/ruby-builder/releases/tag/toolcache
272
+ [✉️discord-invite]: https://discord.gg/3qme4XHNKN
data/FUNDING.md CHANGED
File without changes
data/LICENSE.md ADDED
@@ -0,0 +1,10 @@
1
+ # License
2
+
3
+ This project is made available under the following license.
4
+ Choose the option that best fits your use case:
5
+
6
+ - [MIT](MIT.md)
7
+
8
+ ## Copyright Notice
9
+
10
+ - Copyright (c) 2026 Peter H. Boling