castle_devise 0.4.3 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6843034cd0d1278d25140abc645d54dca7b8a3431829c6d7b58920ad987381a6
-  data.tar.gz: 58f4ae8fb336b3299f96b067210b788f9906efd223965c7c17143a2e2583fad3
+  metadata.gz: a64b67ee6cdd64729672a54ec1f17457a03ac36833d00fa52ea3c2c8752a4f7a
+  data.tar.gz: 56de964e966c6dd76953fffda7b5121b06883aa79b21dc680aaccd64ba94383a
 SHA512:
-  metadata.gz: 0b8f9feca618661708bf6695d3c870c54e4fd4eb747b8ea96031e8a88bcb53c7af7b52b47ce38b92cd44bb85e352b5a9a6bc1aba6a80d4218ecee6dbbe6fdd6c
-  data.tar.gz: e81f6b014851e78444088a9949746aec347a800c39487ab4cae3c0727c6568b8a2b9691f561c7366be873725ea00f0e62e9d33e2ca919193d3c758da975b116a
+  metadata.gz: 55d9047b2d6ecfca23badbd25736afa89acc132f2a6d8267eedd936f69d96c33da85a7f7ee2a7ac9e7a9a69f0e250532229d06fc22eb454a76b2a8c493233233
+  data.tar.gz: 695ed027ffff37f150a238897d98d2e68d156871895576e5f40cf287fa983964c0a36f378983e88c995080de95ba64d0f342e0e02b3c8b740a11e99d88f776fc

data/.github/workflows/lint.yml

@@ -1,21 +1,18 @@
 name: Lint
 
-on: [pull_request]
+on:
+  pull_request:
+  push:
+    branches: [main]
 
 jobs:
   standardrb:
-    name: runner / standardrb
+    name: standardrb
     runs-on: ubuntu-latest
     steps:
-      - name: Check out code
-        uses: actions/checkout@v1
-      - name: Give permissions
-        run: |
-          sudo chown -R root:root $GITHUB_WORKSPACE
-      - name: standardrb
-        uses: SennaLabs/action-standardrb@v0.0.3
+      - uses: actions/checkout@v4
+      - uses: ruby/setup-ruby@v1
         with:
-          github_token: ${{ secrets.github_token }}
-          reporter: github-pr-review # Default is github-pr-check
-          rubocop_version: 1.1.6 # note: this actually refers to standardb version, not Rubocop
-          rubocop_flags: --format progress
+          ruby-version: "3.4"
+          bundler-cache: true
+      - run: bundle exec standardrb --format progress

data/.github/workflows/specs.yml

@@ -10,31 +10,60 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        ruby: ["2.7", "3.0", "3.1", "3.2"]
-        rails: ["6.0", "6.1", "7.0"]
-
+        include:
+          # Rails 6.0
+          - ruby: "3.2"
+            rails: "6.0"
+          # Rails 6.1
+          - ruby: "3.2"
+            rails: "6.1"
+          # Rails 7.0
+          - ruby: "3.2"
+            rails: "7.0"
+          # Rails 7.1
+          - ruby: "3.2"
+            rails: "7.1"
+          - ruby: "3.3"
+            rails: "7.1"
+          # Rails 7.2
+          - ruby: "3.2"
+            rails: "7.2"
+          - ruby: "3.3"
+            rails: "7.2"
+          # Rails 8.0
+          - ruby: "3.3"
+            rails: "8.0"
+          - ruby: "3.4"
+            rails: "8.0"
+          - ruby: "4.0"
+            rails: "8.0"
+          # Rails 8.1
+          - ruby: "3.3"
+            rails: "8.1"
+          - ruby: "3.4"
+            rails: "8.1"
+          - ruby: "4.0"
+            rails: "8.1"
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up Ruby ${{ matrix.ruby }}
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: ${{ matrix.ruby }}
-    - name: Install dependencies
-      env:
-        BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
-      run: |
-        gem update --system
-        bundle config path vendor/bundle
-        bundle install
-    - name: Run specs
-      env:
-        BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
-        CASTLE_API_SECRET: ${{ secrets.CASTLE_API_SECRET }}
-      run: |
-        bundle exec rake
-    - name: Simplecov Report
-      if:
-        ${{ matrix.rails == '6.1' && matrix.ruby >= '3.0' }}
-      uses: aki77/simplecov-report-action@v1
-      with:
-        token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: actions/checkout@v4
+      - name: Set up Ruby ${{ matrix.ruby }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+      - name: Install dependencies
+        env:
+          BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
+        run: |
+          bundle config path vendor/bundle
+          bundle install
+      - name: Run specs
+        env:
+          BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.gemfile
+          CASTLE_API_SECRET: ${{ secrets.CASTLE_API_SECRET }}
+        run: |
+          bundle exec rake
+      - name: Simplecov Report
+        uses: k1LoW/octocov-action@v1
+        if: matrix.ruby == '3.4' && matrix.rails == '8.1'
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}

data/.gitignore

@@ -22,3 +22,4 @@ gemfiles/*.lock
 vendor/
 
 spec/dummy_app/log/
+spec/dummy_app/tmp/

data/.octocov.yml

@@ -0,0 +1,14 @@
+# generated by octocov init
+coverage:
+  if: true
+testExecutionTime:
+  if: true
+diff:
+  datastores:
+    - artifact://${GITHUB_REPOSITORY}
+summary:
+  if: true
+report:
+  if: is_default_branch
+  datastores:
+    - artifact://${GITHUB_REPOSITORY}

data/.standard.yml

@@ -0,0 +1,3 @@
+ignore:
+  - "gemfiles/vendor/**/*"
+  - "vendor/**/*"

data/CHANGELOG.md

@@ -2,6 +2,25 @@
 
 ## [Unreleased][main]
 
+## [0.6.0] - 2026-05-25
+- Add support for Rails 8.1
+- Add support for Devise 5
+- Allow `castle-rb` 9.x (constraint widened to `>= 7.2, < 10.0`); verified
+  against the upcoming 9.0 release — castle_devise uses only the
+  `#risk` / `#filter` / `#log` Client APIs and the `Castle::Error` /
+  `InvalidParametersError` / `InvalidRequestTokenError` classes, all of
+  which remain in 9.0.
+- Bump `castle-rb` to 9.1.0
+- Add Ruby 3.3, 3.4, and 4.0 to the CI matrix
+- Bump minimum required Ruby version to 3.2
+- Replace deprecated `ActiveSupport::Configurable` with plain Ruby attribute accessors (drops the Rails 8.2 deprecation warning)
+- Drop `appraisal` development dependency in favor of hand-maintained `gemfiles/*.gemfile`
+- Bump development Gemfile to Rails 8.1, Devise 5, sqlite3 ~> 2.1, Bundler 2.7.x
+
+## [0.5.0] - 2025-06-17
+- Throw a warning instead of an error for the `$login.failed` event when an exception is raised
+- Security fixes and dependency updates
+
 ## [0.4.3] - 2023-07-11
 - Fix an issue where we would send a `login.failed` event on any attempt of accessing a protected resource, not only when the user failed to log in specifically
 
@@ -29,7 +48,9 @@
 
 - Initial release
 
-[main]: https://github.com/castle/castle_devise/compare/v0.4.3...HEAD
+[main]: https://github.com/castle/castle_devise/compare/v0.6.0...HEAD
+[0.6.0]: https://github.com/castle/castle_devise/compare/v0.5.0...v0.6.0
+[0.5.0]: https://github.com/castle/castle_devise/compare/v0.4.3...v0.5.0
 [0.4.3]: https://github.com/castle/castle_devise/compare/v0.4.2...v0.4.3
 [0.4.2]: https://github.com/castle/castle_devise/compare/v0.4.1...v0.4.2
 [0.4.1]: https://github.com/castle/castle_devise/compare/v0.4.0...v0.4.1

data/Gemfile

@@ -7,13 +7,16 @@ gemspec
 
 gem "actionmailer"
 gem "activerecord"
+# Dev/test: track castle-rb upstream develop. Gemspec uses rubygems.
+gem "castle-rb", github: "castle/castle-ruby", branch: "develop"
 gem "byebug"
-gem "railties", "~> 7.0"
+gem "devise", "~> 5.0"
+gem "railties", "~> 8.1"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
 gem "simplecov"
+gem "sqlite3", "~> 2.1"
 gem "standard"
-gem "sqlite3"
 gem "vcr"
 gem "webmock"

data/Gemfile.lock

@@ -1,238 +1,311 @@
+GIT
+  remote: https://github.com/castle/castle-ruby.git
+  revision: 66c0523be56f5f24b8a8933dc522b5487bc77fce
+  branch: develop
+  specs:
+    castle-rb (9.1.0)
+      base64 (~> 0.2)
+
 PATH
   remote: .
   specs:
-    castle_devise (0.4.3)
-      activesupport (>= 5.0)
-      castle-rb (>= 7.2, < 8.0)
-      devise (>= 4.3.0, < 5.0)
+    castle_devise (0.6.0)
+      activesupport (>= 6.0)
+      castle-rb (>= 7.2, < 10.0)
+      devise (>= 4.3.0, < 6.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      mail (~> 2.5, >= 2.5.4)
-      net-imap
-      net-pop
-      net-smtp
-      rails-dom-testing (~> 2.0)
-    actionpack (7.0.4.3)
-      actionview (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      rack (~> 2.0, >= 2.2.0)
+    actionmailer (8.1.3)
+      actionpack (= 8.1.3)
+      actionview (= 8.1.3)
+      activejob (= 8.1.3)
+      activesupport (= 8.1.3)
+      mail (>= 2.8.0)
+      rails-dom-testing (~> 2.2)
+    actionpack (8.1.3)
+      actionview (= 8.1.3)
+      activesupport (= 8.1.3)
+      nokogiri (>= 1.8.5)
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (7.0.4.3)
-      activesupport (= 7.0.4.3)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+      useragent (~> 0.16)
+    actionview (8.1.3)
+      activesupport (= 8.1.3)
       builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.4.3)
-      activesupport (= 7.0.4.3)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activejob (8.1.3)
+      activesupport (= 8.1.3)
       globalid (>= 0.3.6)
-    activemodel (7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activerecord (7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activesupport (7.0.4.3)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+    activemodel (8.1.3)
+      activesupport (= 8.1.3)
+    activerecord (8.1.3)
+      activemodel (= 8.1.3)
+      activesupport (= 8.1.3)
+      timeout (>= 0.4.0)
+    activesupport (8.1.3)
+      base64
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
+      json
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      tzinfo (~> 2.0)
-    addressable (2.8.4)
-      public_suffix (>= 2.0.2, < 6.0)
-    appraisal (2.3.0)
-      bundler
-      rake
-      thor (>= 0.14.0)
-    ast (2.4.2)
-    bcrypt (3.1.19)
-    builder (3.2.4)
-    byebug (11.1.3)
-    castle-rb (7.2.0)
-    concurrent-ruby (1.2.2)
-    crack (0.4.5)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+      uri (>= 0.13.1)
+    addressable (2.9.0)
+      public_suffix (>= 2.0.2, < 8.0)
+    ast (2.4.3)
+    base64 (0.3.0)
+    bcrypt (3.1.22)
+    bigdecimal (4.1.2)
+    builder (3.3.0)
+    byebug (13.0.0)
+      reline (>= 0.6.0)
+    concurrent-ruby (1.3.6)
+    connection_pool (3.0.2)
+    crack (1.0.1)
+      bigdecimal
       rexml
     crass (1.0.6)
-    date (3.3.3)
-    devise (4.9.2)
+    date (3.5.1)
+    devise (5.0.4)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0)
+      railties (>= 7.0)
       responders
       warden (~> 1.2.3)
-    diff-lcs (1.5.0)
-    docile (1.4.0)
-    erubi (1.12.0)
-    globalid (1.1.0)
-      activesupport (>= 5.0)
-    hashdiff (1.0.1)
-    i18n (1.13.0)
+    diff-lcs (1.6.2)
+    docile (1.4.1)
+    drb (2.2.3)
+    erb (6.0.4)
+    erubi (1.13.1)
+    globalid (1.3.0)
+      activesupport (>= 6.1)
+    hashdiff (1.2.1)
+    i18n (1.14.8)
       concurrent-ruby (~> 1.0)
-    json (2.6.3)
-    language_server-protocol (3.17.0.3)
-    lint_roller (1.0.0)
-    loofah (2.21.3)
+    io-console (0.8.2)
+    irb (1.18.0)
+      pp (>= 0.6.0)
+      prism (>= 1.3.0)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    json (2.19.7)
+    language_server-protocol (3.17.0.5)
+    lint_roller (1.1.0)
+    logger (1.7.0)
+    loofah (2.25.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
-    mail (2.8.1)
+    mail (2.9.0)
+      logger
       mini_mime (>= 0.1.1)
       net-imap
       net-pop
       net-smtp
-    method_source (1.0.0)
-    mini_mime (1.1.2)
-    mini_portile2 (2.8.2)
-    minitest (5.18.0)
-    net-imap (0.3.4)
+    mini_mime (1.1.5)
+    minitest (6.0.6)
+      drb (~> 2.0)
+      prism (~> 1.5)
+    net-imap (0.6.4)
       date
       net-protocol
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
       timeout
-    net-smtp (0.3.3)
+    net-smtp (0.5.1)
       net-protocol
-    nokogiri (1.15.1)
-      mini_portile2 (~> 2.8.2)
+    nokogiri (1.19.3-aarch64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.19.3-aarch64-linux-musl)
       racc (~> 1.4)
-    nokogiri (1.15.1-aarch64-linux)
+    nokogiri (1.19.3-arm-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.15.1-arm64-darwin)
+    nokogiri (1.19.3-arm-linux-musl)
       racc (~> 1.4)
-    nokogiri (1.15.1-x86_64-darwin)
+    nokogiri (1.19.3-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.19.3-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.19.3-x86_64-linux-gnu)
+      racc (~> 1.4)
+    nokogiri (1.19.3-x86_64-linux-musl)
       racc (~> 1.4)
     orm_adapter (0.5.0)
-    parallel (1.23.0)
-    parser (3.2.2.1)
+    parallel (1.28.0)
+    parser (3.3.11.1)
       ast (~> 2.4.1)
-    public_suffix (5.0.1)
-    racc (1.6.2)
-    rack (2.2.7)
-    rack-test (2.1.0)
+      racc
+    pp (0.6.3)
+      prettyprint
+    prettyprint (0.2.0)
+    prism (1.9.0)
+    psych (5.3.1)
+      date
+      stringio
+    public_suffix (7.0.5)
+    racc (1.8.1)
+    rack (3.2.6)
+    rack-session (2.1.2)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0)
+    rack-test (2.2.0)
       rack (>= 1.3)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
+    rackup (2.3.1)
+      rack (>= 3)
+    rails-dom-testing (2.3.0)
+      activesupport (>= 5.0.0)
+      minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.5.0)
-      loofah (~> 2.19, >= 2.19.1)
-    railties (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      method_source
+    rails-html-sanitizer (1.7.0)
+      loofah (~> 2.25)
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
+    railties (8.1.3)
+      actionpack (= 8.1.3)
+      activesupport (= 8.1.3)
+      irb (~> 1.13)
+      rackup (>= 1.0.0)
       rake (>= 12.2)
-      thor (~> 1.0)
-      zeitwerk (~> 2.5)
+      thor (~> 1.0, >= 1.2.2)
+      tsort (>= 0.2)
+      zeitwerk (~> 2.6)
     rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.8.0)
-    responders (3.1.0)
-      actionpack (>= 5.2)
-      railties (>= 5.2)
-    rexml (3.2.5)
-    rspec (3.12.0)
-      rspec-core (~> 3.12.0)
-      rspec-expectations (~> 3.12.0)
-      rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.2)
-      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.3)
+    rake (13.4.2)
+    rdoc (7.2.0)
+      erb
+      psych (>= 4.0.0)
+      tsort
+    regexp_parser (2.12.0)
+    reline (0.6.3)
+      io-console (~> 0.5)
+    responders (3.2.0)
+      actionpack (>= 7.0)
+      railties (>= 7.0)
+    rexml (3.4.4)
+    rspec (3.13.2)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.6)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.8)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-rails (6.0.2)
-      actionpack (>= 6.1)
-      activesupport (>= 6.1)
-      railties (>= 6.1)
-      rspec-core (~> 3.12)
-      rspec-expectations (~> 3.12)
-      rspec-mocks (~> 3.12)
-      rspec-support (~> 3.12)
-    rspec-support (3.12.0)
-    rubocop (1.50.2)
+      rspec-support (~> 3.13.0)
+    rspec-rails (8.0.4)
+      actionpack (>= 7.2)
+      activesupport (>= 7.2)
+      railties (>= 7.2)
+      rspec-core (>= 3.13.0, < 5.0.0)
+      rspec-expectations (>= 3.13.0, < 5.0.0)
+      rspec-mocks (>= 3.13.0, < 5.0.0)
+      rspec-support (>= 3.13.0, < 5.0.0)
+    rspec-support (3.13.7)
+    rubocop (1.84.2)
       json (~> 2.3)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.1.0)
       parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.49.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.1)
-      parser (>= 3.2.1.0)
-    rubocop-performance (1.16.0)
-      rubocop (>= 1.7.0, < 2.0)
-      rubocop-ast (>= 0.4.0)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.49.1)
+      parser (>= 3.3.7.2)
+      prism (~> 1.7)
+    rubocop-performance (1.26.1)
+      lint_roller (~> 1.1)
+      rubocop (>= 1.75.0, < 2.0)
+      rubocop-ast (>= 1.47.1, < 2.0)
     ruby-progressbar (1.13.0)
+    securerandom (0.4.1)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-html (0.12.3)
+    simplecov-html (0.13.2)
     simplecov_json_formatter (0.1.4)
-    sqlite3 (1.6.3)
-      mini_portile2 (~> 2.8.0)
-    sqlite3 (1.6.3-aarch64-linux)
-    sqlite3 (1.6.3-arm64-darwin)
-    sqlite3 (1.6.3-x86_64-darwin)
-    standard (1.28.2)
+    sqlite3 (2.9.4-aarch64-linux-gnu)
+    sqlite3 (2.9.4-aarch64-linux-musl)
+    sqlite3 (2.9.4-arm-linux-gnu)
+    sqlite3 (2.9.4-arm-linux-musl)
+    sqlite3 (2.9.4-arm64-darwin)
+    sqlite3 (2.9.4-x86_64-darwin)
+    sqlite3 (2.9.4-x86_64-linux-gnu)
+    sqlite3 (2.9.4-x86_64-linux-musl)
+    standard (1.54.0)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.0)
-      rubocop (~> 1.50.2)
+      rubocop (~> 1.84.0)
       standard-custom (~> 1.0.0)
-      standard-performance (~> 1.0.1)
-    standard-custom (1.0.0)
-      lint_roller (~> 1.0)
-    standard-performance (1.0.1)
+      standard-performance (~> 1.8)
+    standard-custom (1.0.2)
       lint_roller (~> 1.0)
-      rubocop-performance (~> 1.16.0)
-    thor (1.2.2)
-    timeout (0.3.2)
+      rubocop (~> 1.50)
+    standard-performance (1.9.0)
+      lint_roller (~> 1.1)
+      rubocop-performance (~> 1.26.0)
+    stringio (3.2.0)
+    thor (1.5.0)
+    timeout (0.6.1)
+    tsort (0.2.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.4.2)
-    vcr (6.1.0)
+    unicode-display_width (3.2.0)
+      unicode-emoji (~> 4.1)
+    unicode-emoji (4.2.0)
+    uri (1.1.1)
+    useragent (0.16.11)
+    vcr (6.4.0)
     warden (1.2.9)
       rack (>= 2.0.9)
-    webmock (3.18.1)
+    webmock (3.26.2)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    zeitwerk (2.6.8)
+    zeitwerk (2.8.2)
 
 PLATFORMS
-  aarch64-linux
-  arm64-darwin-21
-  ruby
-  x86_64-darwin-18
-  x86_64-darwin-19
-  x86_64-darwin-20
-  x86_64-darwin-22
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
+  x86_64-darwin
+  x86_64-linux-gnu
+  x86_64-linux-musl
 
 DEPENDENCIES
   actionmailer
   activerecord
-  appraisal (~> 2.3.0)
   byebug
+  castle-rb!
   castle_devise!
-  railties (~> 7.0)
+  devise (~> 5.0)
+  railties (~> 8.1)
   rake
   rspec
   rspec-rails
   simplecov
-  sqlite3
+  sqlite3 (~> 2.1)
   standard
   vcr
   webmock
 
 BUNDLED WITH
-   2.4.12
+   2.7.2

data/README.md

@@ -1,9 +1,5 @@
 [![Gem Version](https://badge.fury.io/rb/castle_devise.svg)](https://badge.fury.io/rb/castle_devise)
 
-**Disclaimer:** CastleDevise is currently in beta. There might be some upcoming breaking changes to the gem before we stabilize the API.
-
----
-
 # CastleDevise
 
 CastleDevise is a [Devise](https://github.com/heartcombo/devise) plugin that integrates [Castle](https://castle.io).

data/bin/console

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 
 require "bundler/setup"
-require "castle/devise"
+require "castle_devise"
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.

data/castle_devise.gemspec

@@ -9,10 +9,10 @@ Gem::Specification.new do |spec|
   spec.summary = "Integrates Castle with Devise"
   spec.description = "castle_devise provides out-of-the-box protection against bot registrations and account takeover attacks."
   spec.homepage = "https://github.com/castle/castle_devise"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
+  spec.required_ruby_version = Gem::Requirement.new(">= 3.2.0")
 
-  spec.authors = ["Kacper Madej", "Dawid Libiszewski", "Johan Brissmyr"]
-  spec.email = ["kacper@castle.io"]
+  spec.authors = ["Kacper Madej", "Dawid Libiszewski", "Bartosz Knapik", "Johan Brissmyr"]
+  spec.email = ["team@castle.io"]
 
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/castle/castle_devise"
@@ -27,9 +27,7 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "activesupport", ">= 5.0"
-  spec.add_dependency "castle-rb", ">= 7.2", "< 8.0"
-  spec.add_dependency "devise", ">= 4.3.0", "< 5.0"
-
-  spec.add_development_dependency "appraisal", "~> 2.3.0"
+  spec.add_dependency "activesupport", ">= 6.0"
+  spec.add_dependency "castle-rb", ">= 7.2", "< 10.0"
+  spec.add_dependency "devise", ">= 4.3.0", "< 6.0"
 end

data/gemfiles/rails_6.0.gemfile

@@ -1,17 +1,18 @@
-# This file was generated by Appraisal
-
 source "https://rubygems.org"
 
 gem "actionmailer"
 gem "activerecord"
-gem "railties", "~> 6.0.4"
+gem "byebug"
+gem "railties", "~> 6.0"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
 gem "simplecov"
 gem "standard"
-gem "sqlite3"
+gem "sqlite3", "~> 1.7"
 gem "vcr"
 gem "webmock"
+gem "mutex_m"
+gem "logger"
 
 gemspec path: "../"

data/gemfiles/rails_6.1.gemfile

@@ -1,17 +1,18 @@
-# This file was generated by Appraisal
-
 source "https://rubygems.org"
 
 gem "actionmailer"
 gem "activerecord"
-gem "railties", "~> 6.1.4"
+gem "byebug"
+gem "railties", "~> 6.1"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
 gem "simplecov"
 gem "standard"
-gem "sqlite3"
+gem "sqlite3", "~> 1.7"
 gem "vcr"
 gem "webmock"
+gem "mutex_m"
+gem "logger"
 
 gemspec path: "../"

data/gemfiles/rails_7.0.gemfile

@@ -1,17 +1,18 @@
-# This file was generated by Appraisal
-
 source "https://rubygems.org"
 
 gem "actionmailer"
 gem "activerecord"
+gem "byebug"
 gem "railties", "~> 7.0"
 gem "rake"
 gem "rspec"
 gem "rspec-rails"
 gem "simplecov"
 gem "standard"
-gem "sqlite3"
+gem "sqlite3", "~> 1.7"
 gem "vcr"
 gem "webmock"
+gem "mutex_m"
+gem "logger"
 
 gemspec path: "../"

data/gemfiles/rails_7.1.gemfile

@@ -0,0 +1,18 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "railties", "~> 7.1"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3", "~> 1.7"
+gem "vcr"
+gem "webmock"
+gem "mutex_m"
+gem "logger"
+
+gemspec path: "../"

data/gemfiles/rails_7.2.gemfile

@@ -0,0 +1,18 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "railties", "~> 7.2"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3", "~> 1.7"
+gem "vcr"
+gem "webmock"
+gem "mutex_m"
+gem "logger"
+
+gemspec path: "../"

data/gemfiles/rails_8.0.gemfile

@@ -0,0 +1,18 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "railties", "~> 8.0.0"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3"
+gem "vcr"
+gem "webmock"
+gem "mutex_m"
+gem "logger"
+
+gemspec path: "../"

data/gemfiles/rails_8.1.gemfile

@@ -0,0 +1,17 @@
+source "https://rubygems.org"
+
+gem "actionmailer"
+gem "activerecord"
+gem "byebug"
+gem "devise", "~> 5.0"
+gem "railties", "~> 8.1.0"
+gem "rake"
+gem "rspec"
+gem "rspec-rails"
+gem "simplecov"
+gem "standard"
+gem "sqlite3"
+gem "vcr"
+gem "webmock"
+
+gemspec path: "../"

data/lib/castle_devise/configuration.rb

@@ -1,20 +1,20 @@
 # frozen_string_literal: true
 
-require "active_support/configurable"
 require "logger"
 
 module CastleDevise
-  # Configuration object using {ActiveSupport::Configurable}
+  # Plain Ruby configuration object for CastleDevise.
+  #
+  # Previously this used +ActiveSupport::Configurable+, which is deprecated
+  # and slated for removal in Rails 8.2.
   class Configuration
-    include ActiveSupport::Configurable
-
     # @!attribute api_secret
     #   @return [String] Your API secret
-    config_accessor(:api_secret)
+    attr_accessor :api_secret
 
     # @!attribute app_id
     #   @return [String] Your Castle App ID
-    config_accessor(:app_id)
+    attr_accessor :app_id
 
     # @!attribute monitoring_mode
     #   When CastleDevise is in monitoring mode, it sends requests to Castle
@@ -25,27 +25,41 @@ module CastleDevise
     #   from logging in/registering.
     #
     #   @return [true, false] whether to act on deny requests or not
-    config_accessor(:monitoring_mode) { false }
-
-    # @!attribute logger
-    #   @return [Logger] A Logger instance. You might want to use Rails.logger here.
-    config_accessor(:logger) { Logger.new("/dev/null") }
+    attr_accessor :monitoring_mode
 
     # @!attribute before_request_hooks
     #   @return [Array<Proc>] Array of procs that will get called before a request to the Castle API
-    config_accessor(:before_request_hooks) { [] }
+    attr_accessor :before_request_hooks
 
     # @!attribute after_request_hooks
     #   @return [Array<Proc>] Array of procs that will get called after a request to the Castle API
-    config_accessor(:after_request_hooks) { [] }
+    attr_accessor :after_request_hooks
+
+    attr_writer :logger, :castle_sdk_facade_class, :castle_client
+
+    def initialize
+      @monitoring_mode = false
+      @before_request_hooks = []
+      @after_request_hooks = []
+    end
+
+    # @!attribute logger
+    #   @return [Logger] A Logger instance. You might want to use Rails.logger here.
+    def logger
+      @logger ||= Logger.new(File::NULL)
+    end
 
     # @!attribute castle_sdk_facade_class
     #   @return [Class] Castle API implementation
-    config_accessor(:castle_sdk_facade_class) { ::CastleDevise::SdkFacade }
+    def castle_sdk_facade_class
+      @castle_sdk_facade_class ||= ::CastleDevise::SdkFacade
+    end
 
     # @!attribute castle_client
-    #   @return [Class] Castle SDK client
-    config_accessor(:castle_client) { ::Castle::Client.new }
+    #   @return [Castle::Client] Castle SDK client
+    def castle_client
+      @castle_client ||= ::Castle::Client.new
+    end
 
     # Adds a new before_request hook
     # @param blk [Proc]

data/lib/castle_devise/hooks/castle_protectable.rb

@@ -63,6 +63,6 @@ Warden::Manager.before_failure do |env, opts|
       context: context
     )
   rescue Castle::Error => e
-    CastleDevise.logger.error("[CastleDevise] filter($login, $failed): #{e}")
+    CastleDevise.logger.warn("[CastleDevise] filter($login, $failed): #{e}")
   end
 end

data/lib/castle_devise/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module CastleDevise
-  VERSION = "0.4.3"
+  VERSION = "0.6.0"
 end

metadata

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: castle_devise
 version: !ruby/object:Gem::Version
-  version: 0.4.3
+  version: 0.6.0
 platform: ruby
 authors:
 - Kacper Madej
 - Dawid Libiszewski
+- Bartosz Knapik
 - Johan Brissmyr
-autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-07-11 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -18,14 +18,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: castle-rb
   requirement: !ruby/object:Gem::Requirement
@@ -35,7 +35,7 @@ dependencies:
         version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.0'
+        version: '10.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -45,7 +45,7 @@ dependencies:
         version: '7.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '8.0'
+        version: '10.0'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -55,7 +55,7 @@ dependencies:
         version: 4.3.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -65,25 +65,11 @@ dependencies:
         version: 4.3.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.0'
-- !ruby/object:Gem::Dependency
-  name: appraisal
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.3.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: '6.0'
 description: castle_devise provides out-of-the-box protection against bot registrations
   and account takeover attacks.
 email:
-- kacper@castle.io
+- team@castle.io
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -91,8 +77,9 @@ files:
 - ".github/workflows/lint.yml"
 - ".github/workflows/specs.yml"
 - ".gitignore"
+- ".octocov.yml"
 - ".rspec"
-- Appraisals
+- ".standard.yml"
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
@@ -105,6 +92,10 @@ files:
 - gemfiles/rails_6.0.gemfile
 - gemfiles/rails_6.1.gemfile
 - gemfiles/rails_7.0.gemfile
+- gemfiles/rails_7.1.gemfile
+- gemfiles/rails_7.2.gemfile
+- gemfiles/rails_8.0.gemfile
+- gemfiles/rails_8.1.gemfile
 - lib/castle_devise.rb
 - lib/castle_devise/configuration.rb
 - lib/castle_devise/context.rb
@@ -125,7 +116,6 @@ metadata:
   homepage_uri: https://github.com/castle/castle_devise
   source_code_uri: https://github.com/castle/castle_devise
   changelog_uri: https://github.com/castle/castle_devise/CHANGELOG.md
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -133,15 +123,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: 3.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
-signing_key:
+rubygems_version: 4.0.8
 specification_version: 4
 summary: Integrates Castle with Devise
 test_files: []

data/Appraisals

@@ -1,11 +0,0 @@
-appraise "rails-6.0" do
-  gem "railties", "~> 6.0.4"
-end
-
-appraise "rails-6.1" do
-  gem "railties", "~> 6.1.4"
-end
-
-appraise "rails-7.0" do
-  gem "railties", "~> 7.0"
-end