avo 2.14.0 → 2.14.1.pre.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of avo might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +3 -1
- data/config/master.key +1 -0
- data/lib/avo/services/encryption_service.rb +15 -1
- data/lib/avo/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ea5679545bee0eb42f3d8058ac6ff039c4ab7593d2e536157e49a5e13763b40c
|
4
|
+
data.tar.gz: 6b2304ad51c51065346b19256aae5f45f18b4890daf342eee2391e50608da703
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8c6b3410b50b80ca1fd9bf50fe6411721cc2fe1e27bb300b6af49a12c2a3ae8bf846ceeff89f4865bb8669cb4c911b2bc92f252a6d76f3d72b49195c7aa0e0f2
|
7
|
+
data.tar.gz: 2ad1265017c4e2e0d20951779f4480aa51bf56ab5a7559ccc9cbe87bb85dad3d676855b4d0de51aa7d66074ac56cc5e37157a8d46f6cb6c95fbe208193444be3
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
avo (2.14.
|
4
|
+
avo (2.14.1.pre.1)
|
5
5
|
active_link_to
|
6
6
|
addressable
|
7
7
|
breadcrumbs_on_rails
|
@@ -256,6 +256,8 @@ GEM
|
|
256
256
|
nokogiri (1.13.7)
|
257
257
|
mini_portile2 (~> 2.8.0)
|
258
258
|
racc (~> 1.4)
|
259
|
+
nokogiri (1.13.7-x86_64-linux)
|
260
|
+
racc (~> 1.4)
|
259
261
|
orm_adapter (0.5.0)
|
260
262
|
pagy (5.10.1)
|
261
263
|
activesupport
|
data/config/master.key
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
2aeb23d82b909d9c6b5abb62f7058c2a
|
@@ -18,7 +18,7 @@ module Avo
|
|
18
18
|
def initialize(message:, purpose:)
|
19
19
|
@message = message
|
20
20
|
@purpose = purpose
|
21
|
-
@crypt = ActiveSupport::MessageEncryptor.new(
|
21
|
+
@crypt = ActiveSupport::MessageEncryptor.new(encryption_key)
|
22
22
|
end
|
23
23
|
|
24
24
|
def encrypt
|
@@ -28,6 +28,20 @@ module Avo
|
|
28
28
|
def decrypt
|
29
29
|
crypt.decrypt_and_verify(message, purpose: purpose)
|
30
30
|
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def encryption_key
|
35
|
+
secret_key_base[0..31]
|
36
|
+
rescue
|
37
|
+
# This will fail the decryption process.
|
38
|
+
# It's here only to keep Avo from crashing
|
39
|
+
SecureRandom.random_bytes(32)
|
40
|
+
end
|
41
|
+
|
42
|
+
def secret_key_base
|
43
|
+
Rails.application.secrets.secret_key_base || ENV['SECRET_KEY_BASE']
|
44
|
+
end
|
31
45
|
end
|
32
46
|
end
|
33
47
|
end
|
data/lib/avo/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: avo
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.14.
|
4
|
+
version: 2.14.1.pre.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Adrian Marin
|
@@ -1748,6 +1748,7 @@ files:
|
|
1748
1748
|
- config/cable.yml
|
1749
1749
|
- config/credentials.yml.enc
|
1750
1750
|
- config/initializers/pagy.rb
|
1751
|
+
- config/master.key
|
1751
1752
|
- config/routes.rb
|
1752
1753
|
- config/spring.rb
|
1753
1754
|
- db/factories.rb
|
@@ -1973,9 +1974,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
1973
1974
|
version: 2.4.0
|
1974
1975
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
1975
1976
|
requirements:
|
1976
|
-
- - "
|
1977
|
+
- - ">"
|
1977
1978
|
- !ruby/object:Gem::Version
|
1978
|
-
version:
|
1979
|
+
version: 1.3.1
|
1979
1980
|
requirements: []
|
1980
1981
|
rubygems_version: 3.3.3
|
1981
1982
|
signing_key:
|