auth-sanitizer 0.1.4 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/CHANGELOG.md +63 -1
- data/CITATION.cff +1 -1
- data/CODE_OF_CONDUCT.md +0 -5
- data/CONTRIBUTING.md +74 -29
- data/FUNDING.md +0 -0
- data/LICENSE.md +10 -0
- data/README.md +136 -123
- data/RUBOCOP.md +0 -0
- data/SECURITY.md +1 -4
- data/certs/pboling.pem +27 -0
- data/lib/auth/sanitizer/core.rb +0 -0
- data/lib/auth/sanitizer/filtered_attributes.rb +27 -9
- data/lib/auth/sanitizer/sanitized_logger.rb +3 -3
- data/lib/auth/sanitizer/thing_filter.rb +0 -0
- data/lib/auth/sanitizer/version.rb +1 -1
- data/lib/auth/sanitizer.rb +6 -0
- data/lib/auth_sanitizer/loader.rb +27 -1
- data/sig/auth/sanitizer/version.rbs +8 -0
- data/sig/auth/sanitizer.rbs +0 -7
- data.tar.gz.sig +0 -0
- metadata +55 -27
- metadata.gz.sig +0 -0
- data/REEK +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 633789bb7c954fcea43d081527da59affeb9e4859773ccb94ba98b6a5dc767c5
|
|
4
|
+
data.tar.gz: dd4f09c0461cee4cc31ee4900771e34c5349f2a7cb43028c582753cd055d5c7d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bde13e5621861e7361f273917922ece5353a87178addca4b835b00d879c30aea7dd3fe1b8e16db3bd88dde05a1164d52c19bde07ca7785d7de45bed7e0660bba
|
|
7
|
+
data.tar.gz: 463eecc6672abdaadc05b0d8c0b22e8ab0a05793265fdfe76ac3ccd4d49bf26b1b4bd9b7011ac23cfeee69c1d8e2eeb55f8f82546cc0e7a7eb651b95d870eb52
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data/CHANGELOG.md
CHANGED
|
@@ -30,6 +30,62 @@ Please file a bug if you notice a violation of semantic versioning.
|
|
|
30
30
|
|
|
31
31
|
### Security
|
|
32
32
|
|
|
33
|
+
## [0.2.1] - 2026-06-06
|
|
34
|
+
|
|
35
|
+
- TAG: [v0.2.1][0.2.1t]
|
|
36
|
+
- COVERAGE: 100.00% -- 145/145 lines in 6 files
|
|
37
|
+
- BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
|
|
38
|
+
- 84.62% documented
|
|
39
|
+
|
|
40
|
+
### Fixed
|
|
41
|
+
|
|
42
|
+
- Removed the duplicate RBS declaration for `Auth::Sanitizer::VERSION`, fixing
|
|
43
|
+
`RBS::DuplicatedDeclarationError` in downstream projects.
|
|
44
|
+
- Fixed the README support table to list Ruby 2.3 as supported but untested,
|
|
45
|
+
matching the current runtime support and CI policy.
|
|
46
|
+
|
|
47
|
+
## [0.2.0] - 2026-06-04
|
|
48
|
+
|
|
49
|
+
- TAG: [v0.2.0][0.2.0t]
|
|
50
|
+
- COVERAGE: 100.00% -- 145/145 lines in 6 files
|
|
51
|
+
- BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
|
|
52
|
+
- 84.62% documented
|
|
53
|
+
|
|
54
|
+
### Changed
|
|
55
|
+
|
|
56
|
+
- Changed `FilteredAttributes#inspect` to redact narrow patterns from
|
|
57
|
+
`super.inspect` instead of rebuilding object inspect output, preserving host
|
|
58
|
+
inspect behavior.
|
|
59
|
+
|
|
60
|
+
### Fixed
|
|
61
|
+
|
|
62
|
+
- Redacted configured attributes inside standard Ruby hash inspect fragments,
|
|
63
|
+
including nested attribute hashes.
|
|
64
|
+
|
|
65
|
+
## [0.1.5] - 2026-06-03
|
|
66
|
+
|
|
67
|
+
- TAG: [v0.1.5][0.1.5t]
|
|
68
|
+
- COVERAGE: 100.00% -- 138/138 lines in 6 files
|
|
69
|
+
- BRANCH COVERAGE: 100.00% -- 28/28 branches in 6 files
|
|
70
|
+
- 84.62% documented
|
|
71
|
+
|
|
72
|
+
### Added
|
|
73
|
+
|
|
74
|
+
- Added `VersionGem::Basic` helpers to `Auth::Sanitizer::Version`.
|
|
75
|
+
|
|
76
|
+
### Changed
|
|
77
|
+
|
|
78
|
+
- Refreshed generated package metadata, support documentation, CI workflows,
|
|
79
|
+
and development dependency floors from the current kettle-jem template.
|
|
80
|
+
- Documented that CI workflows and appraisals now target MRI Ruby 2.4+ while
|
|
81
|
+
runtime compatibility remains MRI Ruby 2.2+.
|
|
82
|
+
|
|
83
|
+
### Fixed
|
|
84
|
+
|
|
85
|
+
- Prevented isolated loader namespace leakage on Ruby 2.5 and older TruffleRuby runtimes.
|
|
86
|
+
- Protected the custom gemspec version loader from templating rewrites so
|
|
87
|
+
version detection does not define top-level `Auth` on older Rubies.
|
|
88
|
+
|
|
33
89
|
## [0.1.4] - 2026-05-21
|
|
34
90
|
|
|
35
91
|
- TAG: [v0.1.4][0.1.4t]
|
|
@@ -95,7 +151,13 @@ Please file a bug if you notice a violation of semantic versioning.
|
|
|
95
151
|
|
|
96
152
|
- Initial release
|
|
97
153
|
|
|
98
|
-
[Unreleased]: https://github.com
|
|
154
|
+
[Unreleased]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.2.1...HEAD
|
|
155
|
+
[0.2.1]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.2.0...v0.2.1
|
|
156
|
+
[0.2.1t]: https://github.com/ruby-oauth/auth-sanitizer/releases/tag/v0.2.1
|
|
157
|
+
[0.2.0]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.1.5...v0.2.0
|
|
158
|
+
[0.2.0t]: https://github.com/ruby-oauth/auth-sanitizer/releases/tag/v0.2.0
|
|
159
|
+
[0.1.5]: https://github.com/ruby-oauth/auth-sanitizer/compare/v0.1.4...v0.1.5
|
|
160
|
+
[0.1.5t]: https://github.com/ruby-oauth/auth-sanitizer/releases/tag/v0.1.5
|
|
99
161
|
[0.1.4]: https://github.com//ruby-oauth/auth-sanitizer/compare/v0.1.3...v0.1.4
|
|
100
162
|
[0.1.4t]: https://github.com//ruby-oauth/auth-sanitizer/releases/tag/v0.1.4
|
|
101
163
|
[0.1.3]: https://github.com//ruby-oauth/auth-sanitizer/compare/v0.1.2...v0.1.3
|
data/CITATION.cff
CHANGED
data/CODE_OF_CONDUCT.md
CHANGED
|
@@ -71,11 +71,6 @@ reporter of any incident.
|
|
|
71
71
|
Community leaders will follow these Community Impact Guidelines in determining
|
|
72
72
|
the consequences for any action they deem in violation of this Code of Conduct:
|
|
73
73
|
|
|
74
|
-
* Participants will be tolerant of opposing views.
|
|
75
|
-
* Participants must ensure that their language and actions are free of personal attacks and disparaging personal remarks.
|
|
76
|
-
* When interpreting the words and actions of others, participants should always assume good intentions.
|
|
77
|
-
* Behaviour which can be reasonably considered harassment will not be tolerated.
|
|
78
|
-
|
|
79
74
|
### 1. Correction
|
|
80
75
|
|
|
81
76
|
**Community Impact**: Use of inappropriate language or other behavior deemed
|
data/CONTRIBUTING.md
CHANGED
|
@@ -8,19 +8,27 @@ To submit a patch, please fork the project, create a patch with tests, and send
|
|
|
8
8
|
|
|
9
9
|
Remember to [![Keep A Changelog][📗keep-changelog-img]][📗keep-changelog] if you make changes.
|
|
10
10
|
|
|
11
|
+
## Developer Certificate of Origin
|
|
12
|
+
|
|
13
|
+
In order to protect users of this project, we require all contributors to comply with the
|
|
14
|
+
[Developer Certificate of Origin](https://developercertificate.org/).
|
|
15
|
+
This ensures that all contributions are properly licensed and attributed.
|
|
16
|
+
|
|
11
17
|
## Help out!
|
|
12
18
|
|
|
13
|
-
Take a look at the
|
|
19
|
+
Take a look at the open issues and pull requests, or use the gem and find something to improve.
|
|
14
20
|
|
|
15
21
|
Follow these instructions:
|
|
16
22
|
|
|
17
|
-
1.
|
|
18
|
-
2.
|
|
19
|
-
3.
|
|
20
|
-
4.
|
|
21
|
-
5.
|
|
22
|
-
6.
|
|
23
|
-
7.
|
|
23
|
+
1. Join the Discord: [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite]
|
|
24
|
+
2. Fork the repository
|
|
25
|
+
3. Create your feature branch (`git checkout -b my-new-feature`)
|
|
26
|
+
4. Make some fixes.
|
|
27
|
+
5. Commit your changes (`git commit -am 'Added some feature'`)
|
|
28
|
+
6. Push to the branch (`git push origin my-new-feature`)
|
|
29
|
+
7. Make sure to add tests for it. This is important, so it doesn't break in a future release.
|
|
30
|
+
8. Create new Pull Request.
|
|
31
|
+
9. Announce it in the channel for this org in the [Discord][✉️discord-invite]!
|
|
24
32
|
|
|
25
33
|
## Executables vs Rake tasks
|
|
26
34
|
|
|
@@ -42,6 +50,22 @@ There are many Rake tasks available as well. You can see them by running:
|
|
|
42
50
|
bin/rake -T
|
|
43
51
|
```
|
|
44
52
|
|
|
53
|
+
## Code quality checks
|
|
54
|
+
|
|
55
|
+
Run the Reek task when you want a smell check that fails on current findings:
|
|
56
|
+
|
|
57
|
+
```shell
|
|
58
|
+
bin/rake reek
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
Refresh the checked-in `REEK` backlog through the rake task, not by redirecting
|
|
62
|
+
the raw `reek` executable output. The rake task uses the project bundle and
|
|
63
|
+
avoids stale generated binstubs shadowing the Reek gem executable:
|
|
64
|
+
|
|
65
|
+
```shell
|
|
66
|
+
bin/rake reek:update
|
|
67
|
+
```
|
|
68
|
+
|
|
45
69
|
## Environment Variables for Local Development
|
|
46
70
|
|
|
47
71
|
Below are the primary environment variables recognized by stone_checksums (and its integrated tools). Unless otherwise noted, set boolean values to the string "true" to enable.
|
|
@@ -78,11 +102,32 @@ Git hooks and commit message helpers (exe/kettle-commit-msg)
|
|
|
78
102
|
- GIT_HOOK_FOOTER_SENTINEL: Required when footer append is enabled — a unique first-line sentinel to prevent duplicates
|
|
79
103
|
- GIT_HOOK_FOOTER_APPEND_DEBUG: Extra debug output in the footer template (true/false)
|
|
80
104
|
|
|
105
|
+
Git diff driver setup
|
|
106
|
+
- Local setup writes repository `.gitattributes` entries and local Git `diff.smorg-*` command config so this checkout uses StructuredMerge semantic diffs.
|
|
107
|
+
- Global setup registers `diff.smorg-*` commands once in the user Git config; use it when you work across several StructuredMerge-enabled repositories.
|
|
108
|
+
- Include-file setup writes `.git/smorg/config` and includes it from local Git config, keeping command registrations out of the repository files.
|
|
109
|
+
- Git hosting forges generally ignore external diff drivers, so pull request views may still show raw textual diffs even when local `git diff` uses semantic drivers.
|
|
110
|
+
|
|
111
|
+
```console
|
|
112
|
+
K_JEM_TEMPLATING=true bundle exec kettle-jem install
|
|
113
|
+
```
|
|
114
|
+
|
|
115
|
+
Troubleshooting Git diffs
|
|
116
|
+
- Use `git diff --no-ext-diff` to compare against Git's built-in diff output.
|
|
117
|
+
- Use `git diff --no-textconv` when a textconv projection obscures the raw file bytes you need to inspect.
|
|
118
|
+
- If Git reports a missing `smorg-*` executable, rerun `bundle install` and the setup command above, then check `git config --local --get-regexp '^diff\.smorg-'`.
|
|
119
|
+
- To remove managed local entries, run `K_JEM_TEMPLATING=true bundle exec kettle-jem install --undo`; remove global command registrations with `git config --global --unset-all diff.smorg-ruby.command`.
|
|
120
|
+
|
|
81
121
|
For a quick starting point, this repository’s `mise.toml` defines the shared defaults, and `.env.local` can override them locally. Copy `.env.local.example` to `.env.local`, use `KEY=value` lines, and either activate `mise` in your shell or run commands through `mise exec -C /path/to/project -- ...`.
|
|
82
122
|
|
|
83
123
|
## Appraisals
|
|
84
124
|
|
|
85
125
|
From time to time the [appraisal2][🚎appraisal2] gemfiles in `gemfiles/` will need to be updated.
|
|
126
|
+
Generated appraisal and CI workflow floors are controlled by `ruby.test_minimum`
|
|
127
|
+
in `.structuredmerge/kettle-jem.yml`; this project was templated with `ruby.test_minimum: 2.4`.
|
|
128
|
+
That value describes the lowest Ruby version expected to run the test/development
|
|
129
|
+
toolchain, and it may be higher than the gemspec runtime floor.
|
|
130
|
+
|
|
86
131
|
They are created and updated with the commands:
|
|
87
132
|
|
|
88
133
|
```console
|
|
@@ -97,22 +142,20 @@ bin/rake appraisal:reset
|
|
|
97
142
|
|
|
98
143
|
When adding an appraisal to CI, check the [runner tool cache][🏃♂️runner-tool-cache] to see which runner to use.
|
|
99
144
|
|
|
100
|
-
##
|
|
101
|
-
|
|
102
|
-
Take a look at the `reek` list which is the file called `REEK` and find something to improve.
|
|
145
|
+
## Run Tests
|
|
103
146
|
|
|
104
|
-
|
|
147
|
+
Run tests via `kettle-test` (provided by `kettle-test`). It runs RSpec, writes the full log to
|
|
148
|
+
`tmp/kettle-test/rspec-TIMESTAMP.log`, and prints a compact highlight block with timing, seed,
|
|
149
|
+
pass/fail count, failing example list, and SimpleCov coverage percentages.
|
|
105
150
|
|
|
106
151
|
```console
|
|
107
|
-
bundle exec
|
|
152
|
+
bundle exec kettle-test
|
|
108
153
|
```
|
|
109
154
|
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
To run all tests
|
|
155
|
+
For targeted runs, disable the hard coverage threshold to avoid false failures:
|
|
113
156
|
|
|
114
157
|
```console
|
|
115
|
-
bundle exec
|
|
158
|
+
K_SOUP_COV_MIN_HARD=false bundle exec kettle-test spec/path/to/spec.rb
|
|
116
159
|
```
|
|
117
160
|
|
|
118
161
|
### Spec organization (required)
|
|
@@ -183,33 +226,34 @@ NOTE: To build without signing the gem set `SKIP_GEM_SIGNING` to any value in th
|
|
|
183
226
|
1. Run `bin/setup && bin/rake` as a "test, coverage, & linting" sanity check
|
|
184
227
|
2. Update the version number in `version.rb`, and ensure `CHANGELOG.md` reflects changes
|
|
185
228
|
3. Run `bin/setup && bin/rake` again as a secondary check, and to update `Gemfile.lock`
|
|
186
|
-
4. Run `
|
|
187
|
-
5. Run `git
|
|
229
|
+
4. Run `bin/rake yard` to regenerate the docs site using the canonical docs task
|
|
230
|
+
5. Run `git commit -am "🔖 Prepare release v<VERSION>"` to commit the changes
|
|
231
|
+
6. Run `git push` to trigger the final CI pipeline before release, and merge PRs
|
|
188
232
|
- NOTE: Remember to [check the build][🧪build].
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
233
|
+
7. Run `export GIT_TRUNK_BRANCH_NAME="$(git remote show origin | grep 'HEAD branch' | cut -d ' ' -f5)" && echo $GIT_TRUNK_BRANCH_NAME`
|
|
234
|
+
8. Run `git checkout $GIT_TRUNK_BRANCH_NAME`
|
|
235
|
+
9. Run `git pull origin $GIT_TRUNK_BRANCH_NAME` to ensure latest trunk code
|
|
236
|
+
10. Optional for older Bundler (< 2.7.0): Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use the same timestamp and generate the same checksums
|
|
193
237
|
- If your Bundler is >= 2.7.0, you can skip this; builds are reproducible by default.
|
|
194
238
|
- Run `export SOURCE_DATE_EPOCH=$EPOCHSECONDS && echo $SOURCE_DATE_EPOCH`
|
|
195
239
|
- If the echo above has no output, then it didn't work.
|
|
196
240
|
- Note: `zsh/datetime` module is needed, if running `zsh`.
|
|
197
241
|
- In older versions of `bash` you can use `date +%s` instead, i.e. `export SOURCE_DATE_EPOCH=$(date +%s) && echo $SOURCE_DATE_EPOCH`
|
|
198
|
-
|
|
199
|
-
|
|
242
|
+
11. Run `bundle exec rake build`
|
|
243
|
+
12. Run `bin/gem_checksums` (more context [1][🔒️rubygems-checksums-pr], [2][🔒️rubygems-guides-pr])
|
|
200
244
|
to create SHA-256 and SHA-512 checksums. This functionality is provided by the `stone_checksums`
|
|
201
245
|
[gem][💎stone_checksums].
|
|
202
246
|
- The script automatically commits but does not push the checksums
|
|
203
|
-
|
|
247
|
+
13. Sanity check the SHA256, comparing with the output from the `bin/gem_checksums` command:
|
|
204
248
|
- `sha256sum pkg/<gem name>-<version>.gem`
|
|
205
|
-
|
|
249
|
+
14. Run `bundle exec rake release` which will create a git tag for the version,
|
|
206
250
|
push git commits and tags, and push the `.gem` file to the gem host configured in the gemspec.
|
|
207
251
|
|
|
208
|
-
[📜src-gl]: https://gitlab.com/ruby-oauth/auth-sanitizer
|
|
252
|
+
[📜src-gl]: https://gitlab.com/ruby-oauth/auth-sanitizer
|
|
209
253
|
[📜src-cb]: https://codeberg.org/ruby-oauth/auth-sanitizer
|
|
210
254
|
[📜src-gh]: https://github.com/ruby-oauth/auth-sanitizer
|
|
211
255
|
[🧪build]: https://github.com/ruby-oauth/auth-sanitizer/actions
|
|
212
|
-
[🤝conduct]: https://
|
|
256
|
+
[🤝conduct]: https://github.com/ruby-oauth/auth-sanitizer/blob/main/CODE_OF_CONDUCT.md
|
|
213
257
|
[🖐contrib-rocks]: https://contrib.rocks
|
|
214
258
|
[🖐contributors]: https://github.com/ruby-oauth/auth-sanitizer/graphs/contributors
|
|
215
259
|
[🚎contributors-gl]: https://gitlab.com/ruby-oauth/auth-sanitizer/-/graphs/main
|
|
@@ -225,3 +269,4 @@ NOTE: To build without signing the gem set `SKIP_GEM_SIGNING` to any value in th
|
|
|
225
269
|
[📌major-versions-not-sacred]: https://tom.preston-werner.com/2022/05/23/major-version-numbers-are-not-sacred.html
|
|
226
270
|
[🚎appraisal2]: https://github.com/appraisal-rb/appraisal2
|
|
227
271
|
[🏃♂️runner-tool-cache]: https://github.com/ruby/ruby-builder/releases/tag/toolcache
|
|
272
|
+
[✉️discord-invite]: https://discord.gg/3qme4XHNKN
|
data/FUNDING.md
CHANGED
|
File without changes
|